Cryptanalysis and improvement of password authenticated key exchange scheme between clients with different passwords

Jeeyeon Kim; Seungjoo Kim; Jin Kwak; Dongho Won

doi:10.1007/978-3-540-24707-4_102

Cryptanalysis and improvement of password authenticated key exchange scheme between clients with different passwords

Jeeyeon Kim, Seungjoo Kim, Jin Kwak, Dongho Won

Research output: Contribution to journal › Article › peer-review

39 Citations (Scopus)

Abstract

In ICICS'02, Byun et al. presented a new client to client password-authenticated key exchange(C2C-PAKE) protocol in a crossrealm setting. In their paper, they argued that their C2C-PAKE protocol is secure against the Denning-Sacco attack of an insider adversary. In this paper, we show that, contrary to their arguments, the C2C-PAKE protocol is vulnerable to the Denning-Sacco attack by an insider adversary. And we also present the modified protocol to solve this problem.

Original language	English
Pages (from-to)	895-902
Number of pages	8
Journal	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	3043
DOIs	https://doi.org/10.1007/978-3-540-24707-4_102
Publication status	Published - 2004
Externally published	Yes

ASJC Scopus subject areas

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/978-3-540-24707-4_102

Cite this

Cryptanalysis and improvement of password authenticated key exchange scheme between clients with different passwords. / Kim, Jeeyeon; Kim, Seungjoo; Kwak, Jin et al.

In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 3043, 2004, p. 895-902.

Research output: Contribution to journal › Article › peer-review

@article{3676575458144a99a2f73ebfca6bb50b,

title = "Cryptanalysis and improvement of password authenticated key exchange scheme between clients with different passwords",

abstract = "In ICICS'02, Byun et al. presented a new client to client password-authenticated key exchange(C2C-PAKE) protocol in a crossrealm setting. In their paper, they argued that their C2C-PAKE protocol is secure against the Denning-Sacco attack of an insider adversary. In this paper, we show that, contrary to their arguments, the C2C-PAKE protocol is vulnerable to the Denning-Sacco attack by an insider adversary. And we also present the modified protocol to solve this problem.",

author = "Jeeyeon Kim and Seungjoo Kim and Jin Kwak and Dongho Won",

year = "2004",

doi = "10.1007/978-3-540-24707-4_102",

language = "English",

volume = "3043",

pages = "895--902",

journal = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

issn = "0302-9743",

publisher = "Springer Verlag",

}

TY - JOUR

T1 - Cryptanalysis and improvement of password authenticated key exchange scheme between clients with different passwords

AU - Kim, Jeeyeon

AU - Kim, Seungjoo

AU - Kwak, Jin

AU - Won, Dongho

PY - 2004

Y1 - 2004

N2 - In ICICS'02, Byun et al. presented a new client to client password-authenticated key exchange(C2C-PAKE) protocol in a crossrealm setting. In their paper, they argued that their C2C-PAKE protocol is secure against the Denning-Sacco attack of an insider adversary. In this paper, we show that, contrary to their arguments, the C2C-PAKE protocol is vulnerable to the Denning-Sacco attack by an insider adversary. And we also present the modified protocol to solve this problem.

AB - In ICICS'02, Byun et al. presented a new client to client password-authenticated key exchange(C2C-PAKE) protocol in a crossrealm setting. In their paper, they argued that their C2C-PAKE protocol is secure against the Denning-Sacco attack of an insider adversary. In this paper, we show that, contrary to their arguments, the C2C-PAKE protocol is vulnerable to the Denning-Sacco attack by an insider adversary. And we also present the modified protocol to solve this problem.

UR - http://www.scopus.com/inward/record.url?scp=35048854202&partnerID=8YFLogxK

U2 - 10.1007/978-3-540-24707-4_102

DO - 10.1007/978-3-540-24707-4_102

M3 - Article

AN - SCOPUS:35048854202

VL - 3043

SP - 895

EP - 902

JO - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

JF - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SN - 0302-9743

ER -

Cryptanalysis and improvement of password authenticated key exchange scheme between clients with different passwords

Abstract

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this