Skip to Main Content
A great part of protocols for password-based authenticated key exchange system are designed for a single- server environment where all the information about legitimate users is stored in one server. Therefore, a credential weakness is existed in this approach because the user's password is exposed if this server is ever compromised. In 2006, Yang et al. proposed a practical two-server authenticated key exchange system which split user's password into two and store them into the servers respectively. They also extended the basic two-server model to an architecture in which multiple service servers were supported by single control server, but they didn't demonstrate an adequate protocol in the extended model. In this paper, we present a protocol which is suitable for the extended model. In addition, we describe that our proposed protocol is robust against various known attacks and has a user-friendness.
Date of Conference: 21-23 Nov. 2007