Skip to Main Content
In three-party password based key exchange protocol, a client is allowed to share a human-memorable password with a trusted server such that two clients can negotiate a session key to communicate with each other secretly. Recently, many three-party password based key exchange protocols have been developed. However, these proposed schemes cannot simultaneously achieve security and efficiency. Based on elliptic curve cryptography (ECC), this article will propose a new three-party password based authenticated key exchange scheme. The proposed method not only reduces computation cost for remote users and a trusted server but also is more efficient than previously proposed schemes. It is very suitable for hardware-limited users such as mobile units or smart cards.