Secure and efficient password-based authenticated key exchange protocol for two-server architecture

Ho Lee Jun, Dong Hoon Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Citations (Scopus)

Abstract

A great part of protocols for password-based authenticated key exchange system are designed for a single-server environment where all the information about legitimate users is stored in one server. Therefore, a credential weakness is existed in this approach because the user's password is exposed if this server is ever compromised. In 2006, Yang et al. proposed a practical two-server authenticated key exchange system which split user's password into two and store them into the servers respectively. They also extended the basic two-server model to an architecture in which multiple service servers were supported by single control server, but they didn 't demonstrate an adequate protocol in the extended model. In this paper, we present a protocol which is suitable for the extended model. In addition, we describe that our proposed protocol is robust against various known attacks and has a user-friendness.

Original languageEnglish
Title of host publication2007 International Conference on Convergence Information Technology, ICCIT 2007
Pages2102-2107
Number of pages6
DOIs
Publication statusPublished - 2007 Dec 1
Event2nd International Conference on Convergent Information Technology, ICCIT 07 - Gyongju, Korea, Republic of
Duration: 2007 Nov 212007 Nov 23

Other

Other2nd International Conference on Convergent Information Technology, ICCIT 07
CountryKorea, Republic of
CityGyongju
Period07/11/2107/11/23

Fingerprint

Servers
Network protocols
Computer systems

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Communication
  • Information Systems and Management

Cite this

Jun, H. L., & Lee, D. H. (2007). Secure and efficient password-based authenticated key exchange protocol for two-server architecture. In 2007 International Conference on Convergence Information Technology, ICCIT 2007 (pp. 2102-2107). [4420564] https://doi.org/10.1109/ICCIT.2007.4420564

Secure and efficient password-based authenticated key exchange protocol for two-server architecture. / Jun, Ho Lee; Lee, Dong Hoon.

2007 International Conference on Convergence Information Technology, ICCIT 2007. 2007. p. 2102-2107 4420564.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Jun, HL & Lee, DH 2007, Secure and efficient password-based authenticated key exchange protocol for two-server architecture. in 2007 International Conference on Convergence Information Technology, ICCIT 2007., 4420564, pp. 2102-2107, 2nd International Conference on Convergent Information Technology, ICCIT 07, Gyongju, Korea, Republic of, 07/11/21. https://doi.org/10.1109/ICCIT.2007.4420564
Jun HL, Lee DH. Secure and efficient password-based authenticated key exchange protocol for two-server architecture. In 2007 International Conference on Convergence Information Technology, ICCIT 2007. 2007. p. 2102-2107. 4420564 https://doi.org/10.1109/ICCIT.2007.4420564
Jun, Ho Lee ; Lee, Dong Hoon. / Secure and efficient password-based authenticated key exchange protocol for two-server architecture. 2007 International Conference on Convergence Information Technology, ICCIT 2007. 2007. pp. 2102-2107
@inproceedings{78543b86cc4743ee848b6e85fbccbe7e,
title = "Secure and efficient password-based authenticated key exchange protocol for two-server architecture",
abstract = "A great part of protocols for password-based authenticated key exchange system are designed for a single-server environment where all the information about legitimate users is stored in one server. Therefore, a credential weakness is existed in this approach because the user's password is exposed if this server is ever compromised. In 2006, Yang et al. proposed a practical two-server authenticated key exchange system which split user's password into two and store them into the servers respectively. They also extended the basic two-server model to an architecture in which multiple service servers were supported by single control server, but they didn 't demonstrate an adequate protocol in the extended model. In this paper, we present a protocol which is suitable for the extended model. In addition, we describe that our proposed protocol is robust against various known attacks and has a user-friendness.",
author = "Jun, {Ho Lee} and Lee, {Dong Hoon}",
year = "2007",
month = "12",
day = "1",
doi = "10.1109/ICCIT.2007.4420564",
language = "English",
isbn = "0769530389",
pages = "2102--2107",
booktitle = "2007 International Conference on Convergence Information Technology, ICCIT 2007",

}

TY - GEN

T1 - Secure and efficient password-based authenticated key exchange protocol for two-server architecture

AU - Jun, Ho Lee

AU - Lee, Dong Hoon

PY - 2007/12/1

Y1 - 2007/12/1

N2 - A great part of protocols for password-based authenticated key exchange system are designed for a single-server environment where all the information about legitimate users is stored in one server. Therefore, a credential weakness is existed in this approach because the user's password is exposed if this server is ever compromised. In 2006, Yang et al. proposed a practical two-server authenticated key exchange system which split user's password into two and store them into the servers respectively. They also extended the basic two-server model to an architecture in which multiple service servers were supported by single control server, but they didn 't demonstrate an adequate protocol in the extended model. In this paper, we present a protocol which is suitable for the extended model. In addition, we describe that our proposed protocol is robust against various known attacks and has a user-friendness.

AB - A great part of protocols for password-based authenticated key exchange system are designed for a single-server environment where all the information about legitimate users is stored in one server. Therefore, a credential weakness is existed in this approach because the user's password is exposed if this server is ever compromised. In 2006, Yang et al. proposed a practical two-server authenticated key exchange system which split user's password into two and store them into the servers respectively. They also extended the basic two-server model to an architecture in which multiple service servers were supported by single control server, but they didn 't demonstrate an adequate protocol in the extended model. In this paper, we present a protocol which is suitable for the extended model. In addition, we describe that our proposed protocol is robust against various known attacks and has a user-friendness.

UR - http://www.scopus.com/inward/record.url?scp=49049114057&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=49049114057&partnerID=8YFLogxK

U2 - 10.1109/ICCIT.2007.4420564

DO - 10.1109/ICCIT.2007.4420564

M3 - Conference contribution

AN - SCOPUS:49049114057

SN - 0769530389

SN - 9780769530383

SP - 2102

EP - 2107

BT - 2007 International Conference on Convergence Information Technology, ICCIT 2007

ER -