Provably Secure High Entropy Three-Party Authenticated Key Exchange Scheme for Network Environments
In 2008, Chen et al. proposed a round, efficient, Three-Party Authenticated, Key-Exchange (3PAKE) scheme. Although the authors claimed that their scheme is superior to the previous schemes in terms of security and efficiency, later Yang and Chang pointed out that Chen et al.'s scheme can suffer from a stolen-verifier attack. Also, it fails to achieve some security requirements, such as the computational costs, and its communication loads are high. For use in mobile communication environments, Yang and Chang proposed a more efficient scheme by employing elliptical curve cryptosystems. Unfortunately, it is still a fact that Yang and Chang's scheme cannot withstand an impersonation-response attack.