CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Refinement and extension of encrypted key exchange
ACM SIGOPS Operating Systems Review
Undetectable on-line password guessing attacks
ACM SIGOPS Operating Systems Review
Strong password-only authenticated key exchange
ACM SIGCOMM Computer Communication Review
Password security: a case history
Communications of the ACM
Optimal authentication protocols resistant to password guessing attacks
CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
An Adaptable and Reliable Authentication Protocol for Communication Networks
INFOCOM '97 Proceedings of the INFOCOM '97. Sixteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Driving the Information Revolution
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Simple authenticated key agreement protocol resistant to password guessing attacks
ACM SIGOPS Operating Systems Review
Password-based user authentication and key distribution protocols for client-server applications
Journal of Systems and Software
An efficient authentication protocol for mobile satellite communication systems
ACM SIGOPS Operating Systems Review
Security weakness in a three-party pairing-based protocol for password authenticated key exchange
Information Sciences: an International Journal
EC2C-PAKA: An efficient client-to-client password-authenticated key agreement
Information Sciences: an International Journal
Communication-efficient AUTHMAC_DH protocols
Computer Standards & Interfaces
Computer Standards & Interfaces
Security design for three-party encrypted key exchange protocol using smart cards
Proceedings of the 2nd international conference on Ubiquitous information management and communication
Cryptanalysis of simple three-party key exchange protocol (S-3PAKE)
Information Sciences: an International Journal
Improving the novel three-party encrypted key exchange protocol
Computer Standards & Interfaces
A round- and computation-efficient three-party authenticated key exchange protocol
Journal of Systems and Software
Highly Efficient Password-Based Three-Party Key Exchange in Random Oracle Model
PAISI, PACCF and SOCO '08 Proceedings of the IEEE ISI 2008 PAISI, PACCF, and SOCO international workshops on Intelligence and Security Informatics
Password-Authenticated Key Exchange between Clients in a Cross-Realm Setting
NPC '08 Proceedings of the IFIP International Conference on Network and Parallel Computing
Forward Secure Password-Based Authenticated Key Distribution in the Three-Party Setting
NPC '08 Proceedings of the IFIP International Conference on Network and Parallel Computing
Password-Only Authenticated Key Exchange Between Two Agents in the Four-Party Setting
KES-AMSTA '07 Proceedings of the 1st KES International Symposium on Agent and Multi-Agent Systems: Technologies and Applications
Efficient and Strongly Secure Password-Based Server Aided Key Exchange (Extended Abstract)
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Communication-efficient three-party protocols for authentication and key agreement
Computers & Mathematics with Applications
Password-based authenticated key distribution in the three-party setting with forward security
International Journal of Communication Networks and Distributed Systems
Journal of Systems and Software
Cryptanalysis of two three-party encrypted key exchange protocols
Computer Standards & Interfaces
nPAKE+: a tree-based group password-authenticated key exchange protocol using different passwords
Journal of Computer Science and Technology
The importance of proofs of security for key establishment protocols
Computer Communications
Cryptanalysis of some improved password-authenticated key exchange schemes
Computer Communications
An efficient password authenticated key exchange protocol for imbalanced wireless networks
Computer Standards & Interfaces
Password Authenticated Key Exchange Based on RSA in the Three-Party Settings
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Simple password-based three-party authenticated key exchange without server public keys
Information Sciences: an International Journal
Three-party password authenticated key agreement resistant to server compromise
WISA'06 Proceedings of the 7th international conference on Information security applications: PartI
Token-based authenticated key establishment protocols for three-party communication
EUC'07 Proceedings of the 2007 conference on Emerging direction in embedded and ubiquitous computing
AAECC'07 Proceedings of the 17th international conference on Applied algebra, algebraic algorithms and error-correcting codes
nPAKE+: a hierarchical group password-authenticated key exchange protocol using different passwords
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Password-based tripartite key exchange protocol with forward secrecy
RSKT'08 Proceedings of the 3rd international conference on Rough sets and knowledge technology
Key establishment protocols using environmental and physiological data in wireless sensor networks
International Journal of Sensor Networks
A communication-efficient three-party password authenticated key exchange protocol
Information Sciences: an International Journal
Three-party password-based authenticated key exchange protocol based on bilinear pairings
ICICA'10 Proceedings of the First international conference on Information computing and applications
Cross-realm password-based server aided key exchange
WISA'10 Proceedings of the 11th international conference on Information security applications
Provably secure three-party password authenticated key exchange protocol in the standard model
Journal of Systems and Software
Interactive diffie-hellman assumptions with applications to password-based authentication
FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
Security analysis of password-authenticated key agreement protocols
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Efficient and provably secure client-to-client password-based key exchange protocol
APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
Password-Based authenticated key exchange in the three-party setting
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Cryptanalysis of an improved client-to-client password-authenticated key exchange (C2C-PAKE) scheme
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
N-Party encrypted diffie-hellman key exchange using different passwords
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Secure password authentication for keystroke dynamics
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part III
Threshold password-based authenticated group key exchange in gateway-oriented setting
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
An inter-domain key agreement protocol using weak passwords
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
Cryptanalysis of the n-party encrypted diffie-hellman key exchange using different passwords
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Cryptanalysis of a communication-efficient three-party password authenticated key exchange protocol
Information Sciences: an International Journal
The Journal of Supercomputing
| Hi-index | 0.00 |
Password-based mechanism is the widely used method for authentication since it allows people to choose their own passwords without any assistant device to generate or store. However, people are used to choose easy-to-remember passwords such that guessing attacks could succeed. In 1992, Bellovin and Merritt proposed Encrypted Key Exchange (EKE) protocols for preventing guessing attacks, in which two communication parties A and B securely share a possibly weak password in advance. In large communication environments, it is inconvenient in key management that every two communication parties mutually share a secret. Three-party EKE protocols, in which all parties (clients) share their secrets with a trusted server only, are more suitable for large communication environments. In 1995, Steiner, Tsudik and Waidner proposed a realization of three-party EKE protocol which is later demonstrated that it is vulnerable to undetectable on-line guessing attacks. In this paper, We will show a new off-line guessing attack on Steiner, Tsudik and Waidners' protocol. Besides, we will also propose a new three-party EKE protocol which not only is secure against both the off-line guessing attack and undetectable on-line guessing attacks but also satisfies the security properties of perfect forward secrecy and known-key security.