By Topic

Cryptanalysis of some client-to-client password-authenticated key exchange protocols

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Xiaobiao Li ; State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, 100876, China ; Qiaoyan Wen

The cross-domain client-to-client password-authenticated key exchange (C2C-PAKE) protocols allow two client entities from different domains to establish a shared common session key based on their passwords. Most existing schemes make an improvement based on the prototype of the C2C-PAKE protocol proposed by Byun2007. Recently, Feng et al and Liu et al respectively proposed an efficient C2C-PAKE protocol which was based on the public key mechanism. In this paper, by cryptanalysis on these schemes, we find that the above protocols are easy to suffer from some unknown key share attacks, and furthermore, we search out the reasons that cause these situations happened and give some suggestions to improve these situations.

Published in:

Broadband Network and Multimedia Technology (IC-BNMT), 2010 3rd IEEE International Conference on

Date of Conference:

26-28 Oct. 2010