A hard-core predicate for all one-way functions
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Limits on the provable consequences of one-way permutations
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Refinement and extension of encrypted key exchange
ACM SIGOPS Operating Systems Review
Undetectable on-line password guessing attacks
ACM SIGOPS Operating Systems Review
Three-party encrypted key exchange: attacks and a solution
ACM SIGOPS Operating Systems Review
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Many-to-One Trapdoor Functions and Their Ralation to Public-Key Cryptosystems
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Secure key agreement protocols for three-party against guessing attacks
Journal of Systems and Software - Special issue: Software engineering education and training
Security weakness in a three-party pairing-based protocol for password authenticated key exchange
Information Sciences: an International Journal
Three weaknesses in a simple three-party key exchange protocol
Information Sciences: an International Journal
Computer Standards & Interfaces
Cryptanalysis of simple three-party key exchange protocol (S-3PAKE)
Information Sciences: an International Journal
Improving the novel three-party encrypted key exchange protocol
Computer Standards & Interfaces
A round- and computation-efficient three-party authenticated key exchange protocol
Journal of Systems and Software
Two robust remote user authentication protocols using smart cards
Journal of Systems and Software
| Hi-index | 0.00 |
Due to the simplicity of maintaining human memorable passwords without any assistant storage device, password-based three-party encrypted key exchange (3PEKE) protocol has become one of the most promising research fields on user authentication and secure communication. In 2008, Chen et al. and Yoon and Yoo both pointed that Chang and Chang's password-based 3PEKE scheme cannot resist against undetectable on-line password guessing attacks, and then respectively proposed an improved protocol to eliminate the security vulnerability. However, based on the security analyses conducted by us, we find that both of their protocols are still vulnerable against undetectable on-line password guessing attacks. Accordingly, we develop a novel 3PEKE protocol to remedy these authentication flaws. Moreover, our proposed protocol can achieve better performance efficiency by requiring only four message transmission rounds. In conclusion, we can claim that our proposed 3PEKE protocol is more secure and efficient in comparison with the protocols proposed by Chen et al. and Yoon and Yoo.