Novel Verifier-Based Three-Party Protocol for Key Exchange and Authentication
The verifier-based key exchange protocol for three parties deals with the authenticated key agreement process between two clients with the help of a trusted server who have to store their verifiers in the server for authentication. Recently, Liu et al. proposed a key exchange protocol for three-party based on verifier authentication and claimed that their protocol could resist many familiar attacks. Unfortunately, we find out that the proposed protocol is insecure against off-line guessing attack and impersonation attack. In this paper, we conduct a detailed analysis on the flaws of Liu et al.’s protocol. In addition, a new protocol is presented with security analysis.
J. H. Yang and T. J. Cao, "Novel Verifier-Based Three-Party Protocol for Key Exchange and Authentication", Key Engineering Materials, Vols. 460-461, pp. 231-236, 2011