Mobility

Provable Password-Authenticated Key Exchange Protocol Against Imposter Attack on Ad Hoc Networks

Download Now Free registration required

Executive Summary

In wireless ad hoc networks environment, Bellovin and Merritt first developed a password-based Encrypted Key Exchange (EKE) protocol against offline dictionary attacks using both symmetric and public-key cryptography independent of the Public Key Infrastructure (PKI). In this paper, the authors first discover that there exist some weaknesses in EKE protocol that is subjected to imposter attacks based on the analysis result of BAN logic that they apply in EKE protocol. In order to remedy the flaws, they propose an improved scheme - Provable Password-Authenticated Key Exchange (PPAKE) protocol that generates the session key's time-stamp, and verifies the authenticity of public key against imposter attack without online trusted third parties.

  • Format: PDF
  • Size: 603.54 KB