Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Refinement and extension of encrypted key exchange
ACM SIGOPS Operating Systems Review
Undetectable on-line password guessing attacks
ACM SIGOPS Operating Systems Review
Three-party encrypted key exchange: attacks and a solution
ACM SIGOPS Operating Systems Review
A One Round Protocol for Tripartite Diffie-Hellman
ANTS-IV Proceedings of the 4th International Symposium on Algorithmic Number Theory
Optimal authentication protocols resistant to password guessing attacks
CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Password-based user authentication and key distribution protocols for client-server applications
Journal of Systems and Software
Secure key agreement protocols for three-party against guessing attacks
Journal of Systems and Software - Special issue: Software engineering education and training
Security weakness in a three-party pairing-based protocol for password authenticated key exchange
Information Sciences: an International Journal
Three weaknesses in a simple three-party key exchange protocol
Information Sciences: an International Journal
Enhanced password-based simple three-party key exchange protocol
Computers and Electrical Engineering
Communication-efficient three-party protocols for authentication and key agreement
Computers & Mathematics with Applications
Provably Secure Password-Based Three-Party Key Exchange With Optimal Message Steps
The Computer Journal
An off-line dictionary attack on a simple three-party key exchange protocol
IEEE Communications Letters
A communication-efficient three-party password authenticated key exchange protocol
Information Sciences: an International Journal
Protecting poorly chosen secrets from guessing attacks
IEEE Journal on Selected Areas in Communications
| Hi-index | 0.00 |
Three-party password-authenticated key exchange (3PAKE) protocols allow two clients to establish secure communication channels over a public network merely by sharing a human-memorable (low-entropy) password with a trusted server. In this paper, we first show that the 3PAKE protocol introduced by Chang, Hwang, and Yang is insecure against even passive attackers. Thereafter, we propose two kinds of improvement that can remedy the security flaw in their protocol. Finally, we present simulations to measure the execution time to show the efficiency of our two improvements.