On the Security of a Simple Three-Party Key Exchange Protocol without Server's Public Keys
نویسندگان
چکیده
Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot protect clients' passwords against an offline dictionary attack; and (3) the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol.
منابع مشابه
One-round and authenticated three-party multiple key exchange protocol from parings
Abastract: One round three-party authenticated key exchange protocols are extremely important to secure communications and are now extensively adopted in network communications. These protocols allow users to communicate securely over public networks simply by using easy-to-remember long-term private keys. In 2001, Harn and Lin proposed an authentication key exchange protocol in which two parti...
متن کاملA Three-Party Password Authenticated Key Exchange Protocol with Key Confirmation
Three-party authenticated key exchange protocol is an important cryptographic technique in the secure communication areas, by which any two clients can verify the ability to use a server to establish communication. Recently, researchers have begun proposing new key exchange protocols that would not require the use of server public keys, but a human-memorable password. In this paper, we propose ...
متن کاملOn the leakage-resilient key exchange
Typically, secure channels are constructed from an authenticated key exchange (AKE) protocol,which authenticates the communicating parties based on long-term public keys and establishes secretsession keys. In this paper we address the partial leakage of long-term secret keys of key exchangeprotocol participants due to various side-channel attacks. Security models for two-party authe...
متن کاملA traceable optimistic fair exchange protocol in the standard model
An Optimistic Fair Exchange (OFE) protocol is a good way for two parties to exchange their digital items in a fair way such that at the end of the protocol execution, both of them receive their items or none of them receive anything. In an OFE protocol there is a semi-trusted third party, named arbitrator, which involves in the protocol if it is necessary. But there is a security problem when a...
متن کاملDiffie-Hellman technique: extended to multiple two-party keys and one multi-party key
Diffie –Hellman technique: extended to multiple two-party keys and one multi-party key Abstract: The two-party Diffie– Hellman (DH) key-exchanging technique is extended to generate (i) multiple two-party keys and (ii) one multi-party key. The participants in the former case exchange two public keys and generate 15 shared keys. Of these, 4 keys are called base keys, because they are used to gene...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره 2014 شماره
صفحات -
تاریخ انتشار 2014