Refinement and extension of encrypted key exchange
ACM SIGOPS Operating Systems Review
Undetectable on-line password guessing attacks
ACM SIGOPS Operating Systems Review
Three-party encrypted key exchange: attacks and a solution
ACM SIGOPS Operating Systems Review
KryptoKnight Authentication and Key Distribution System
ESORICS '92 Proceedings of the Second European Symposium on Research in Computer Security
Many-to-One Trapdoor Functions and Their Ralation to Public-Key Cryptosystems
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Secure key agreement protocols for three-party against guessing attacks
Journal of Systems and Software - Special issue: Software engineering education and training
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
New directions in cryptography
IEEE Transactions on Information Theory
Kerberos: an authentication service for computer networks
IEEE Communications Magazine
Cryptanalysis of two three-party encrypted key exchange protocols
Computer Standards & Interfaces
A communication-efficient three-party password authenticated key exchange protocol
Information Sciences: an International Journal
Cryptanalysis of a communication-efficient three-party password authenticated key exchange protocol
Information Sciences: an International Journal
An undetectable on-line password guessing attack on Nam et al.'s three-party key exchange protocol
Journal of Computational Methods in Sciences and Engineering
Hi-index | 0.00 |
In 1995, a potential attack, called undetectable on-line password guessing attack, on three-party encrypted key exchange (3PEKE) protocol is highlighted by Ding and Horster. Since then, this attack has been one of the main concerns for developing a secure 3 PEKE protocol. Recently, Chang and Chang proposed a password-based three-party encrypted key exchange protocol that simultaneously possesses round and computation efficiencies. However, this paper shows that their protocol is potentially vulnerable toward undetectable on-line password guessing attacks. As their protocol is currently one of the most superior of all 3PEKE approaches; it seems worthwhile and valuable to remedy this potential security problem.