Back to Search
Start Over
Cryptanalysis of a simple three-party password-based key exchange protocol.
- Source :
-
International Journal of Communication Systems . Apr2011, Vol. 24 Issue 4, p532-542. 11p. 5 Diagrams, 3 Charts. - Publication Year :
- 2011
-
Abstract
- In order to secure communications between two clients with a trusted server's help in public network environments, a three-party authenticated key exchange (3PAKE) protocol is used to provide the transaction confidentiality and the efficiency. In 2009, Huang proposed a simple three-party password-based authenticated key exchange (HS-3PAKE) protocol without any server's public key. By analysis, Huang claimed that the proposed HS-3PAKE protocol is not only secure against various attacks, but also more efficient than previously proposed 3PAKE protocols. However, this paper demonstrates that HS-3PAKE protocol is vulnerable to undetectable online password guessing attacks and off-line password guessing attacks by any other user. Copyright © 2010 John Wiley & Sons, Ltd. In 2009, Huang proposed a simple three-party password-based authenticated key exchange (HS-3PAKE) protocol without any server's public key. By analysis, Huang claimed that the proposed HS-3PAKE protocol is not only secure against various attacks, but also more efficient than previously proposed 3PAKE protocols. However, this paper demonstrates that the HS-3PAKE protocol is vulnerable to undetectable online password guessing attacks and offline password guessing attacks by any other user. Copyright © 2010 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]
Details
- Language :
- English
- ISSN :
- 10745351
- Volume :
- 24
- Issue :
- 4
- Database :
- Academic Search Index
- Journal :
- International Journal of Communication Systems
- Publication Type :
- Academic Journal
- Accession number :
- 59628559
- Full Text :
- https://doi.org/10.1002/dac.1168