Undetectable on-line password guessing attacks
ACM SIGOPS Operating Systems Review
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
CAPTCHA: using hard AI problems for security
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Hi-index | 0.00 |
Recently, Zeng et al. proposed a three-party password-based authenticated key exchange protocol, in which two users could generate a common secret key with the help of the server. Although Zeng et al. claimed that their protocol could withstand various attacks, we point out that their protocol cannot resist impersonation attacks and undetectable online dictionary attacks. The analysis shows Zeng et al.'s protocol is insecure for practical applications.