Abstract
In ICICS'02, Byun et al. presented a new client to client password-authenticated key exchange(C2C-PAKE) protocol in a crossrealm setting. In their paper, they argued that their C2C-PAKE protocol is secure against the Denning-Sacco attack of an insider adversary. In this paper, we show that, contrary to their arguments, the C2C-PAKE protocol is vulnerable to the Denning-Sacco attack by an insider adversary. And we also present the modified protocol to solve this problem.
| Original language | English |
|---|---|
| Pages (from-to) | 895-902 |
| Number of pages | 8 |
| Journal | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| Volume | 3043 |
| Publication status | Published - 2004 Dec 1 |
| Externally published | Yes |
Fingerprint
ASJC Scopus subject areas
- Computer Science(all)
- Biochemistry, Genetics and Molecular Biology(all)
- Theoretical Computer Science
Cite this
Cryptanalysis and improvement of password authenticated key exchange scheme between clients with different passwords. / Kim, Jeeyeon; Kim, Seung-Joo; Kwak, Jin; Won, Dongho.
In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 3043, 01.12.2004, p. 895-902.Research output: Contribution to journal › Article
}
TY - JOUR
T1 - Cryptanalysis and improvement of password authenticated key exchange scheme between clients with different passwords
AU - Kim, Jeeyeon
AU - Kim, Seung-Joo
AU - Kwak, Jin
AU - Won, Dongho
PY - 2004/12/1
Y1 - 2004/12/1
N2 - In ICICS'02, Byun et al. presented a new client to client password-authenticated key exchange(C2C-PAKE) protocol in a crossrealm setting. In their paper, they argued that their C2C-PAKE protocol is secure against the Denning-Sacco attack of an insider adversary. In this paper, we show that, contrary to their arguments, the C2C-PAKE protocol is vulnerable to the Denning-Sacco attack by an insider adversary. And we also present the modified protocol to solve this problem.
AB - In ICICS'02, Byun et al. presented a new client to client password-authenticated key exchange(C2C-PAKE) protocol in a crossrealm setting. In their paper, they argued that their C2C-PAKE protocol is secure against the Denning-Sacco attack of an insider adversary. In this paper, we show that, contrary to their arguments, the C2C-PAKE protocol is vulnerable to the Denning-Sacco attack by an insider adversary. And we also present the modified protocol to solve this problem.
UR - http://www.scopus.com/inward/record.url?scp=35048854202&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=35048854202&partnerID=8YFLogxK
M3 - Article
AN - SCOPUS:35048854202
VL - 3043
SP - 895
EP - 902
JO - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
JF - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SN - 0302-9743
ER -