Weakness in a RSA-based password authenticated key exchange protocol

Authors:
Taek-Young Youn;Young-Ho Park;Changhan Kim;Jongin Lim
Affiliations:
Graduate School of Information Management and Security, Korea University, Seoul, Republic of Korea;Department of Information Security Systems, Sejong Cyber University, Seoul, Republic of Korea;School of Computer Engineering, Semyeong University, Jechon, Republic of Korea;Graduate School of Information Management and Security, Korea University, Seoul, Republic of Korea
Venue:
Information Processing Letters
Year:
2008

Citing 6
Cited 0

Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks

ISC '02 Proceedings of the 5th International Conference on Information Security
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Number theoretic attacks on secure password schemes

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Trapdoor Hard-to-Invert Group Isomorphisms and Their Application to Password-Based Authentication

Journal of Cryptology
Authenticated key exchange secure against dictionary attacks

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Efficient password-authenticated key exchange based on RSA

CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology

Quantified Score

Hi-index	0.89

Visualization

Abstract

Recently, an efficient password-authenticated key exchange protocol based on RSA has been proposed by Park et al. with formal security proof. In this letter, we analyze their protocol, and show that, unfortunately, it is insecure against an adversary who performs a dictionary attack.