Efficient verifier-based password-authenticated key exchange in the three-party setting

Jeong Ok Kwon, ik rae Jeong, Kouichi Sakurai, Dong Hoon Lee

Research output: Contribution to journalArticle

23 Citations (Scopus)

Abstract

In the last few years, researchers have extensively studied the password-authenticated key exchange (PAKE) in the three-party setting. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. Some verifier-based PAKE schemes in the three-party setting have been suggested to solve the server compromise problem. Unfortunately, the protocols are vulnerable to an off-line dictionary attack. In this paper, we present an efficient verifier-based PAKE protocol for three-parties that is secure against known-key attacks and provides forward secrecy. To the best of our knowledge, the proposed protocol is the first secure three-party verifier-based PAKE protocol in the literature.

Original languageEnglish
Pages (from-to)513-520
Number of pages8
JournalComputer Standards and Interfaces
Volume29
Issue number5
DOIs
Publication statusPublished - 2007 Jul 1

Fingerprint

dictionary
compromise
Network protocols
secrecy
Glossaries
Servers
literature
Attack
Compromise

Keywords

  • Cryptology
  • Dictionary attack
  • Password-authenticated key exchange
  • Verifier-based

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Software
  • Information Systems and Management

Cite this

Efficient verifier-based password-authenticated key exchange in the three-party setting. / Kwon, Jeong Ok; Jeong, ik rae; Sakurai, Kouichi; Lee, Dong Hoon.

In: Computer Standards and Interfaces, Vol. 29, No. 5, 01.07.2007, p. 513-520.

Research output: Contribution to journalArticle

@article{2f0d43f518264dd08ed2055cddc0bfa9,
title = "Efficient verifier-based password-authenticated key exchange in the three-party setting",
abstract = "In the last few years, researchers have extensively studied the password-authenticated key exchange (PAKE) in the three-party setting. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. Some verifier-based PAKE schemes in the three-party setting have been suggested to solve the server compromise problem. Unfortunately, the protocols are vulnerable to an off-line dictionary attack. In this paper, we present an efficient verifier-based PAKE protocol for three-parties that is secure against known-key attacks and provides forward secrecy. To the best of our knowledge, the proposed protocol is the first secure three-party verifier-based PAKE protocol in the literature.",
keywords = "Cryptology, Dictionary attack, Password-authenticated key exchange, Verifier-based",
author = "Kwon, {Jeong Ok} and Jeong, {ik rae} and Kouichi Sakurai and Lee, {Dong Hoon}",
year = "2007",
month = "7",
day = "1",
doi = "10.1016/j.csi.2006.12.002",
language = "English",
volume = "29",
pages = "513--520",
journal = "Computer Standards and Interfaces",
issn = "0920-5489",
publisher = "Elsevier",
number = "5",

}

TY - JOUR

T1 - Efficient verifier-based password-authenticated key exchange in the three-party setting

AU - Kwon, Jeong Ok

AU - Jeong, ik rae

AU - Sakurai, Kouichi

AU - Lee, Dong Hoon

PY - 2007/7/1

Y1 - 2007/7/1

N2 - In the last few years, researchers have extensively studied the password-authenticated key exchange (PAKE) in the three-party setting. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. Some verifier-based PAKE schemes in the three-party setting have been suggested to solve the server compromise problem. Unfortunately, the protocols are vulnerable to an off-line dictionary attack. In this paper, we present an efficient verifier-based PAKE protocol for three-parties that is secure against known-key attacks and provides forward secrecy. To the best of our knowledge, the proposed protocol is the first secure three-party verifier-based PAKE protocol in the literature.

AB - In the last few years, researchers have extensively studied the password-authenticated key exchange (PAKE) in the three-party setting. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. Some verifier-based PAKE schemes in the three-party setting have been suggested to solve the server compromise problem. Unfortunately, the protocols are vulnerable to an off-line dictionary attack. In this paper, we present an efficient verifier-based PAKE protocol for three-parties that is secure against known-key attacks and provides forward secrecy. To the best of our knowledge, the proposed protocol is the first secure three-party verifier-based PAKE protocol in the literature.

KW - Cryptology

KW - Dictionary attack

KW - Password-authenticated key exchange

KW - Verifier-based

UR - http://www.scopus.com/inward/record.url?scp=34248672528&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34248672528&partnerID=8YFLogxK

U2 - 10.1016/j.csi.2006.12.002

DO - 10.1016/j.csi.2006.12.002

M3 - Article

VL - 29

SP - 513

EP - 520

JO - Computer Standards and Interfaces

JF - Computer Standards and Interfaces

SN - 0920-5489

IS - 5

ER -