By Topic

Cryptanalysis and improvement on three-party protocols for password authenticated key exchange

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Baoyuan Kang ; Computer Science and Software Institution, Tianjin Polytechnic University, China ; Jinguang Han

Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. In 1995, Steiner et al. proposed a password-based authentication key exchange protocol for three-party, where the two clients trying to establish a common secret key do not share a password between themselves but only with a trusted server. Recently, Hung-Min Sun et al. proposed a attack on Steiner et al.'s protocol, and proposed a new key agreement protocol for three-party. They claimed their protocol prevented all kind of attacks. However, In this paper, we show that Hung-Min Sun et al.'s protocol is insecure. Furthermore, a new improved protocol is proposed.

Published in:

2010 2nd International Conference on Education Technology and Computer  (Volume:5 )

Date of Conference:

22-24 June 2010