Secure and efficient password-based authenticated key exchange protocol for two-server architecture

Ho Lee Jun; Hoon Lee Dong

doi:10.1109/ICCIT.2007.4420564

Secure and efficient password-based authenticated key exchange protocol for two-server architecture

Ho Lee Jun, Hoon Lee Dong

School of Cybersecurity

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

7 Citations (Scopus)

Abstract

A great part of protocols for password-based authenticated key exchange system are designed for a single-server environment where all the information about legitimate users is stored in one server. Therefore, a credential weakness is existed in this approach because the user's password is exposed if this server is ever compromised. In 2006, Yang et al. proposed a practical two-server authenticated key exchange system which split user's password into two and store them into the servers respectively. They also extended the basic two-server model to an architecture in which multiple service servers were supported by single control server, but they didn 't demonstrate an adequate protocol in the extended model. In this paper, we present a protocol which is suitable for the extended model. In addition, we describe that our proposed protocol is robust against various known attacks and has a user-friendness.

Original language	English
Title of host publication	2007 International Conference on Convergence Information Technology, ICCIT 2007
Pages	2102-2107
Number of pages	6
DOIs	https://doi.org/10.1109/ICCIT.2007.4420564
Publication status	Published - 2007
Event	2nd International Conference on Convergent Information Technology, ICCIT 07 - Gyongju, Korea, Republic of Duration: 2007 Nov 21 → 2007 Nov 23

Publication series

Name	2007 International Conference on Convergence Information Technology, ICCIT 2007

Other

Other	2nd International Conference on Convergent Information Technology, ICCIT 07
Country/Territory	Korea, Republic of
City	Gyongju
Period	07/11/21 → 07/11/23

ASJC Scopus subject areas

Computer Networks and Communications
Communication
Information Systems and Management

Access to Document

10.1109/ICCIT.2007.4420564

Cite this

Jun, H. L., & Dong, H. L. (2007). Secure and efficient password-based authenticated key exchange protocol for two-server architecture. In 2007 International Conference on Convergence Information Technology, ICCIT 2007 (pp. 2102-2107). [4420564] (2007 International Conference on Convergence Information Technology, ICCIT 2007). https://doi.org/10.1109/ICCIT.2007.4420564

Secure and efficient password-based authenticated key exchange protocol for two-server architecture. / Jun, Ho Lee; Dong, Hoon Lee.

2007 International Conference on Convergence Information Technology, ICCIT 2007. 2007. p. 2102-2107 4420564 (2007 International Conference on Convergence Information Technology, ICCIT 2007).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Jun, HL & Dong, HL 2007, Secure and efficient password-based authenticated key exchange protocol for two-server architecture. in 2007 International Conference on Convergence Information Technology, ICCIT 2007., 4420564, 2007 International Conference on Convergence Information Technology, ICCIT 2007, pp. 2102-2107, 2nd International Conference on Convergent Information Technology, ICCIT 07, Gyongju, Korea, Republic of, 07/11/21. https://doi.org/10.1109/ICCIT.2007.4420564

@inproceedings{78543b86cc4743ee848b6e85fbccbe7e,

title = "Secure and efficient password-based authenticated key exchange protocol for two-server architecture",

abstract = "A great part of protocols for password-based authenticated key exchange system are designed for a single-server environment where all the information about legitimate users is stored in one server. Therefore, a credential weakness is existed in this approach because the user's password is exposed if this server is ever compromised. In 2006, Yang et al. proposed a practical two-server authenticated key exchange system which split user's password into two and store them into the servers respectively. They also extended the basic two-server model to an architecture in which multiple service servers were supported by single control server, but they didn 't demonstrate an adequate protocol in the extended model. In this paper, we present a protocol which is suitable for the extended model. In addition, we describe that our proposed protocol is robust against various known attacks and has a user-friendness.",

author = "Jun, {Ho Lee} and Dong, {Hoon Lee}",

year = "2007",

doi = "10.1109/ICCIT.2007.4420564",

language = "English",

isbn = "0769530389",

series = "2007 International Conference on Convergence Information Technology, ICCIT 2007",

pages = "2102--2107",

booktitle = "2007 International Conference on Convergence Information Technology, ICCIT 2007",

note = "2nd International Conference on Convergent Information Technology, ICCIT 07 ; Conference date: 21-11-2007 Through 23-11-2007",

}

TY - GEN

T1 - Secure and efficient password-based authenticated key exchange protocol for two-server architecture

AU - Jun, Ho Lee

AU - Dong, Hoon Lee

PY - 2007

Y1 - 2007

N2 - A great part of protocols for password-based authenticated key exchange system are designed for a single-server environment where all the information about legitimate users is stored in one server. Therefore, a credential weakness is existed in this approach because the user's password is exposed if this server is ever compromised. In 2006, Yang et al. proposed a practical two-server authenticated key exchange system which split user's password into two and store them into the servers respectively. They also extended the basic two-server model to an architecture in which multiple service servers were supported by single control server, but they didn 't demonstrate an adequate protocol in the extended model. In this paper, we present a protocol which is suitable for the extended model. In addition, we describe that our proposed protocol is robust against various known attacks and has a user-friendness.

AB - A great part of protocols for password-based authenticated key exchange system are designed for a single-server environment where all the information about legitimate users is stored in one server. Therefore, a credential weakness is existed in this approach because the user's password is exposed if this server is ever compromised. In 2006, Yang et al. proposed a practical two-server authenticated key exchange system which split user's password into two and store them into the servers respectively. They also extended the basic two-server model to an architecture in which multiple service servers were supported by single control server, but they didn 't demonstrate an adequate protocol in the extended model. In this paper, we present a protocol which is suitable for the extended model. In addition, we describe that our proposed protocol is robust against various known attacks and has a user-friendness.

UR - http://www.scopus.com/inward/record.url?scp=49049114057&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=49049114057&partnerID=8YFLogxK

U2 - 10.1109/ICCIT.2007.4420564

DO - 10.1109/ICCIT.2007.4420564

M3 - Conference contribution

AN - SCOPUS:49049114057

SN - 0769530389

SN - 9780769530383

T3 - 2007 International Conference on Convergence Information Technology, ICCIT 2007

SP - 2102

EP - 2107

BT - 2007 International Conference on Convergence Information Technology, ICCIT 2007

T2 - 2nd International Conference on Convergent Information Technology, ICCIT 07

Y2 - 21 November 2007 through 23 November 2007

ER -

Secure and efficient password-based authenticated key exchange protocol for two-server architecture

Abstract

Publication series

Other

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this