By Topic

An Improved Password-Based Authenticated Key Agreement Scheme for Pervasive Applications

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Tsaur, M.-J. ; Grad. Inst. of Appl. Sci. & Eng., Fu Jen Catholic Univ., Taipei ; Wei-Chi Ku ; Hao-Rung Chung

Password authentication is a popular approach used for user authentication in pervasive computing environments due to its simplicity and convenience. To secure the transmission between the communicants, an authenticated shared key should be established between the communicants as the encryption key or the MAC key. Recently, Chang, Yang, and Hwang presented a password-based authenticated key agreement scheme that was claimed to be superior to similar schemes with respect to security and efficiency. In this paper, we show that their scheme is vulnerable to a denial-of-service attack. In addition, we demonstrate that their protected password change mechanism fails to provide backward secrecy. Finally, we propose an improved password-based authenticated key agreement scheme that can resist our described denial-of-service attack and can provide backward secrecy.

Published in:

Embedded and Ubiquitous Computing, 2008. EUC '08. IEEE/IFIP International Conference on  (Volume:2 )

Date of Conference:

17-20 Dec. 2008