Three-party encrypted key exchange: attacks and a solution
ACM SIGOPS Operating Systems Review
Password-Authenticated Key Exchange between Clients with Different Passwords
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Password-Authenticated Key Exchange Based on RSA
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Number theoretic attacks on secure password schemes
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
EC2C-PAKA: An efficient client-to-client password-authenticated key agreement
Information Sciences: an International Journal
Electronic Notes in Theoretical Computer Science (ENTCS)
IWDW '07 Proceedings of the 6th International Workshop on Digital Watermarking
A New Client-to-Client Password-Authenticated Key Agreement Protocol
IWCC '09 Proceedings of the 2nd International Workshop on Coding and Cryptology
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
AAECC'07 Proceedings of the 17th international conference on Applied algebra, algebraic algorithms and error-correcting codes
Cross-realm password-based server aided key exchange
WISA'10 Proceedings of the 11th international conference on Information security applications
Cryptanalysis of two provably secure cross-realm C2C-PAKE protocols
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Password-based group key exchange secure against insider guessing attacks
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Efficient and provably secure client-to-client password-based key exchange protocol
APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
Secure cross-realm C2C-PAKE protocol
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
Constant-Round password-based group key generation for multi-layer ad-hoc networks
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
On the analysis and design of a family tree of smart card based user authentication schemes
UIC'07 Proceedings of the 4th international conference on Ubiquitous Intelligence and Computing
| Hi-index | 0.00 |
Password-Authenticated Key Establishment (PAKE) protocols allow two parties, to share common secret keys in an authentic manner based on an easily memorizable password. At ICCSA 2004, an improved PAKE protocol between two clients of different realms was proposed that was claimed to be secure against attacks including the replay attack. In this paper, we cryptanalyze this protocol by showing two replay attacks that allow an attacker to falsely share a secret key with a legal client.