Skip to Main Content
Most existing password-based authenticated key exchange (PAKE) protocols in cross-realm setting are based on balance scheme, which is vulnerable to password guessing attacks and server compromise attack. In this paper, we propose a verifier-based PAKE protocol in cross-realm setting called VB-4PAKE, in which the client uses a plaintext version of the password, while the server stores a verifier of the password. We also show that the proposed protocol can resist various attacks including password guessing attacks and server compromise attack.
Control and Decision Conference, 2009. CCDC '09. Chinese
Date of Conference: 17-19 June 2009