Cross-Domain Password-Based Authenticated Key Exchange Revisited
The authors revisit the problem of cross-domain secure communication between two users belonging to different security domains within an open and distributed environment. Existing approaches presuppose that either the users are in possession of public key certificates issued by a trusted Certificate Authority (CA), or the associated domain authentication servers share a long-term secret key. In this paper, they propose a Four-Party password-based Authenticated Key Exchange (4PAKE) protocol that takes a different approach from previous paper. The users are not required to have public key certificates, but they simply reuse their login passwords they share with their respective domain authentication servers.