• DocumentCode
    794430
  • Title

    Security analysis and improvement of a gateway-oriented password-based authenticated key exchange protocol

  • Author

    Byun, Jin Wook ; Lee, Dong Hoon ; Lim, Jong In

  • Author_Institution
    Graduate Sch. of Inf. Security, Korea Univ., Seoul
  • Volume
    10
  • Issue
    9
  • fYear
    2006
  • Firstpage
    683
  • Lastpage
    685
  • Abstract
    Recently, Abdalla et al. proposed a gateway-oriented password-based authenticated key exchange (GPAKE) protocol among a client, a gateway, and an authentication server, where a password is only shared between the client and the authentication server. The security goal of GPAKE is to securely establish a session key between the client and the gateway by the help of the authentication server without revealing any information of the password to the gateway. In the letter, we show that a malicious gateway of GPAKE is still able to gain information of password by performing an undetectable on-line password guessing attack. We also present a countermeasure against the attack
  • Keywords
    client-server systems; cryptography; message authentication; protocols; telecommunication security; GPAKE; attack. countermeasure; gateway-oriented password-based authenticated key exchange protocol; on-line password guessing attack; security analysis; Cryptography; Dictionaries; Information security; Message authentication; Natural languages; Performance gain; Protocols;
  • fLanguage
    English
  • Journal_Title
    Communications Letters, IEEE
  • Publisher
    ieee
  • ISSN
    1089-7798
  • Type

    jour

  • DOI
    10.1109/LCOMM.2006.1714545
  • Filename
    1714545
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=794430