Title :
Cryptanalysis of some client-to-client password-authenticated key exchange protocols
Author :
Li, Xiaobiao ; Wen, Qiaoyan
Author_Institution :
State Key Lab. of Networking & Switching Technol., Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
The cross-domain client-to-client password-authenticated key exchange (C2C-PAKE) protocols allow two client entities from different domains to establish a shared common session key based on their passwords. Most existing schemes make an improvement based on the prototype of the C2C-PAKE protocol proposed by Byun2007. Recently, Feng et al and Liu et al respectively proposed an efficient C2C-PAKE protocol which was based on the public key mechanism. In this paper, by cryptanalysis on these schemes, we find that the above protocols are easy to suffer from some unknown key share attacks, and furthermore, we search out the reasons that cause these situations happened and give some suggestions to improve these situations.
Keywords :
cryptographic protocols; client-to-client password-authenticated key exchange protocols; cryptanalysis; shared common session key; Cryptography; Erbium; Protocols; Pulse width modulation; authentication; cross-domain; cryptanalysis; password-authenticated key agreement;
Conference_Titel :
Broadband Network and Multimedia Technology (IC-BNMT), 2010 3rd IEEE International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-6769-3
DOI :
10.1109/ICBNMT.2010.5705171
