Title :
Cryptanalysis and improvement on three-party protocols for password authenticated key exchange
Author :
Kang, Baoyuan ; Han, Jinguang
Author_Institution :
Comput. Sci. & Software Instn., Tianjin Polytech. Univ., Tianjin, China
Abstract :
Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. In 1995, Steiner et al. proposed a password-based authentication key exchange protocol for three-party, where the two clients trying to establish a common secret key do not share a password between themselves but only with a trusted server. Recently, Hung-Min Sun et al. proposed a attack on Steiner et al.´s protocol, and proposed a new key agreement protocol for three-party. They claimed their protocol prevented all kind of attacks. However, In this paper, we show that Hung-Min Sun et al.´s protocol is insecure. Furthermore, a new improved protocol is proposed.
Keywords :
cryptographic protocols; telecommunication channels; telecommunication security; communication channels; cryptanalysis; key agreement protocol; password authenticated key exchange; password-based protocols; public insecure networks; three-party protocols; trusted server; Authentication; Communication channels; Computer networks; Computer science; Computer science education; Cryptographic protocols; Cryptography; Educational technology; Electronic mail; Sun; authentication; cryptography; key exchange; password;
Conference_Titel :
Education Technology and Computer (ICETC), 2010 2nd International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4244-6367-1
DOI :
10.1109/ICETC.2010.5529785
