Download now Free registration required
In wireless ad hoc networks environment, Bellovin and Merritt first developed a password-based Encrypted Key Exchange (EKE) protocol against offline dictionary attacks using both symmetric and public-key cryptography independent of the Public Key Infrastructure (PKI). In this paper, the authors first discover that there exist some weaknesses in EKE protocol that is subjected to imposter attacks based on the analysis result of BAN logic that they apply in EKE protocol. In order to remedy the flaws, they propose an improved scheme - Provable Password-Authenticated Key Exchange (PPAKE) protocol that generates the session key's time-stamp, and verifies the authenticity of public key against imposter attack without online trusted third parties.
- Format: PDF
- Size: 603.54 KB