Security

A Secure Protocol for Three-Party Authenticated Key Exchange With Provable Belief

Free registration required

Executive Summary

Three-Party Authenticated Key Exchange (3PAKE) protocol is an important cryptographic mechanism in which two clients can request the session key for communicating with each other and one trusted server takes the responsibility for authenticating users and key agreements. In 2007, Lu and Cao proposed a simple 3PAKE protocol. Nevertheless, the authors find that it is vulnerable to the o -line password guessing attack and the impersonation attack. They therefore propose a novel version using smart cards to withstand more malicious attacks. They also give a formal correctness analysis of mutual authentication to their scheme using BAN authentication logic. What is more, they make detail discussions for highlighting that their proposed scheme can prevent several malicious attacks and is more efficient than other related works.

  • Format: PDF
  • Size: 413.72 KB