A hard-core predicate for all one-way functions
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Limits on the provable consequences of one-way permutations
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Refinement and extension of encrypted key exchange
ACM SIGOPS Operating Systems Review
Undetectable on-line password guessing attacks
ACM SIGOPS Operating Systems Review
Three-party encrypted key exchange: attacks and a solution
ACM SIGOPS Operating Systems Review
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Many-to-One Trapdoor Functions and Their Ralation to Public-Key Cryptosystems
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Secure key agreement protocols for three-party against guessing attacks
Journal of Systems and Software - Special issue: Software engineering education and training
Protecting poorly chosen secrets from guessing attacks
IEEE Journal on Selected Areas in Communications
Cryptanalysis of two three-party encrypted key exchange protocols
Computer Standards & Interfaces
An novel three-party authenticated key exchange protocol using one-time key
Journal of Network and Computer Applications
Two ID-based authenticated schemes with key agreement for mobile environments
The Journal of Supercomputing
An undetectable on-line password guessing attack on Nam et al.'s three-party key exchange protocol
Journal of Computational Methods in Sciences and Engineering
Hi-index | 0.00 |
In 2004, Chang and Chang proposed a three-party encrypted key exchange (ECC-3PEKE) protocol without using the server's public keys. They claimed that their proposed ECC-3PEKE protocol is secure, efficient, and practical. Unlike their claims, the ECC-3PEKE protocol, however, is still susceptible to undetectable on-line password guessing attacks. Accordingly, the current paper demonstrates the vulnerability of Chang-Chang's ECC-3PEKE protocol regarding undetectable on-line password guessing attacks and than presents an enhancement to resolve such security problems.