Cryptanalysis of a three-party password-based authenticated key exchange protocol using Weil pairing

Authors:
Debiao He;Jianhua Chen
Affiliations:
School of Mathematics and Statistics, Wuhan University, Wuhan 430072, China/ State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100049, China ...;School of Mathematics and Statistics, Wuhan University, Wuhan 430072, China
Venue:
International Journal of Electronic Security and Digital Forensics
Year:
2012

Citing 3
Cited 0

Undetectable on-line password guessing attacks

ACM SIGOPS Operating Systems Review
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
CAPTCHA: using hard AI problems for security

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques

Quantified Score

Hi-index	0.00

Visualization

Abstract

Recently, Zeng et al. proposed a three-party password-based authenticated key exchange protocol, in which two users could generate a common secret key with the help of the server. Although Zeng et al. claimed that their protocol could withstand various attacks, we point out that their protocol cannot resist impersonation attacks and undetectable online dictionary attacks. The analysis shows Zeng et al.'s protocol is insecure for practical applications.