An improved two-party Password Authenticated Key Exchange protocol without server´s public key

Password Authenticated Key Exchange (PAKE) protocols enable two entities to agree on a common session key based on a pre-shared human memorable password. The main security goal of these protocols is providing security against password guessing attacks. In 2003, Hitchcock et al.´s protocol is presented. In 2005, Abdalla and Pointcheval proposed SPAKE1 and SPAKE2 protocols. In this paper, it is shown that the Hitchcock et al.´s protocol is vulnerable to ephemeral key compromise impersonation, off-line dictionary and Key Compromise Impersonation (KCI) attacks while it does not satisfy the mutual authentication and forward secrecy attributes. It is also shown that SPAKE1 and SPAKE2 protocols are vulnerable to password compromise impersonation and Denial-of-Service (DoS) attacks while they do not provide the mutual authentication property. To eliminate these weaknesses, an improved two-party PAKE protocol is proposed which can provide several security attributes while it has a remarkable computational efficiency and lower number of rounds.