Novel Verifier-Based Three-Party Protocol for Key Exchange and Authentication

Jun Han Yang; Tian Jie Cao

doi:10.4028/www.scientific.net/KEM.460-461.231

Paper Titles

Mutual Information Model of Adaptive Waveform Design
p.207

The Study of Agent-Based Distributed Computing
p.213

Design and Research of Camera Calibration System in Binocular Stereo Vision
p.219

Using NMR to Forecast the Aptness for Freezing of Pork
p.225

Novel Verifier-Based Three-Party Protocol for Key Exchange and Authentication
p.231

Dynamic Load-Balance Strategy Based on Software Aging in Web Server Cluster System
p.237

A Model Inspection Method for Products with Free-Form Surfaces
p.246

Method of Testing and Data Processing of Random Load Spectrum of Wheel Loader Transmission
p.252

Research on the Complex Adaptive Model of Learning Organizational Change
p.261

HomeKey Engineering MaterialsKey Engineering Materials Vols. 460-461Novel Verifier-Based Three-Party Protocol for Key...

Novel Verifier-Based Three-Party Protocol for Key Exchange and Authentication

Abstract:

The verifier-based key exchange protocol for three parties deals with the authenticated key agreement process between two clients with the help of a trusted server who have to store their verifiers in the server for authentication. Recently, Liu et al. proposed a key exchange protocol for three-party based on verifier authentication and claimed that their protocol could resist many familiar attacks. Unfortunately, we find out that the proposed protocol is insecure against off-line guessing attack and impersonation attack. In this paper, we conduct a detailed analysis on the flaws of Liu et al.’s protocol. In addition, a new protocol is presented with security analysis.

You might also be interested in these eBooks

Components, Packaging and Manufacturing Technology

View Preview

Info:

Periodical:

Key Engineering Materials (Volumes 460-461)

Pages:

231-236

DOI:

https://doi.org/10.4028/www.scientific.net/KEM.460-461.231

Citation:

Cite this paper

Online since:

January 2011

Authors:

Jun Han Yang, Tian Jie Cao

Keywords:

Impersonation Attack, Off-Line Guessing Attack, Password-Authenticated Key Exchange

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

Citation:

References

[1] Bellovin S M, Merritt M. Encrypted key exchange: Password-based protocols secure against dictionary attacks [C]/IEEE Symposium on Research in Security and Privacy (1992), pp.72-84.

DOI: 10.1109/risp.1992.213269

Google Scholar

[2] Gong L, Lomas M A, Needham R and Saltzer H J. Protecting poorly chosen secrets from guessing attack[J]/IEEE Journal on Selected Areas in Communications, 11(5) (1993), pp.648-656.

DOI: 10.1109/49.223865

Google Scholar

[3] Jablon D. Extended password key exchange protocols immune to dictionary attack[C]/Proceedings of the WETICE Workshop on Enterprise Security(1997), pp.248-255.

DOI: 10.1109/enabl.1997.630822

Google Scholar

[4] Lucks S. Open key exchange: How to defeat dictionary attacks without encrypting public keys[C]/Proceedings of the Security Protocol Workshop. Berlin: Springer-Verlag (1997), pp.79-90.

DOI: 10.1007/bfb0028161

Google Scholar

[5] Ding Y Horster P. Undetectable on-line password guessing attacks [J]/ACM Operating System Review, 29 (4) (1995), pp.77-86.

DOI: 10.1145/219282.219298

Google Scholar

[6] Lin C L, Sun H M, Hwang T. Three-party encrypted key exchange: Attacks and a solution [J]/ACM Operating System Review, 34 (4) (2000), pp.12-20.

DOI: 10.1145/506106.506108

Google Scholar

[7] Feng Dengguo, Xu Jing. A New Client-to-Client Password-Authenticated Key Agreement Protocol[C]/Springer-Verlag (2009), pp.63-76.

DOI: 10.1007/978-3-642-01877-0_7

Google Scholar

[8] Liu Xiumei, Zhou Fucai, Chang Guiran. Improved key exchange protocol for three-party based on verifier authentication [J]/Journal of Southeast University (English Edition), 24(3) (2008), pp.322-324.

DOI: 10.1109/cmc.2010.318

Google Scholar