Efficient verifier-based password-authenticated key exchange in the three-party setting

Jeong Ok Kwon, Ik Rae Jeong, Kouichi Sakurai, Dong Hoon Lee

Research output: Contribution to journalReview article

24 Citations (Scopus)

Abstract

In the last few years, researchers have extensively studied the password-authenticated key exchange (PAKE) in the three-party setting. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. Some verifier-based PAKE schemes in the three-party setting have been suggested to solve the server compromise problem. Unfortunately, the protocols are vulnerable to an off-line dictionary attack. In this paper, we present an efficient verifier-based PAKE protocol for three-parties that is secure against known-key attacks and provides forward secrecy. To the best of our knowledge, the proposed protocol is the first secure three-party verifier-based PAKE protocol in the literature.

Original languageEnglish
Pages (from-to)513-520
Number of pages8
JournalComputer Standards and Interfaces
Volume29
Issue number5
DOIs
Publication statusPublished - Jul 1 2007

Fingerprint

dictionary
compromise
Network protocols
secrecy
Glossaries
Servers
literature

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Law

Cite this

Efficient verifier-based password-authenticated key exchange in the three-party setting. / Kwon, Jeong Ok; Jeong, Ik Rae; Sakurai, Kouichi; Lee, Dong Hoon.

In: Computer Standards and Interfaces, Vol. 29, No. 5, 01.07.2007, p. 513-520.

Research output: Contribution to journalReview article

Kwon, Jeong Ok ; Jeong, Ik Rae ; Sakurai, Kouichi ; Lee, Dong Hoon. / Efficient verifier-based password-authenticated key exchange in the three-party setting. In: Computer Standards and Interfaces. 2007 ; Vol. 29, No. 5. pp. 513-520.
@article{eda428a6dbdb40ebaa05cf9a03b7a9ed,
title = "Efficient verifier-based password-authenticated key exchange in the three-party setting",
abstract = "In the last few years, researchers have extensively studied the password-authenticated key exchange (PAKE) in the three-party setting. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. Some verifier-based PAKE schemes in the three-party setting have been suggested to solve the server compromise problem. Unfortunately, the protocols are vulnerable to an off-line dictionary attack. In this paper, we present an efficient verifier-based PAKE protocol for three-parties that is secure against known-key attacks and provides forward secrecy. To the best of our knowledge, the proposed protocol is the first secure three-party verifier-based PAKE protocol in the literature.",
author = "Kwon, {Jeong Ok} and Jeong, {Ik Rae} and Kouichi Sakurai and Lee, {Dong Hoon}",
year = "2007",
month = "7",
day = "1",
doi = "10.1016/j.csi.2006.12.002",
language = "English",
volume = "29",
pages = "513--520",
journal = "Computer Standards and Interfaces",
issn = "0920-5489",
publisher = "Elsevier",
number = "5",

}

TY - JOUR

T1 - Efficient verifier-based password-authenticated key exchange in the three-party setting

AU - Kwon, Jeong Ok

AU - Jeong, Ik Rae

AU - Sakurai, Kouichi

AU - Lee, Dong Hoon

PY - 2007/7/1

Y1 - 2007/7/1

N2 - In the last few years, researchers have extensively studied the password-authenticated key exchange (PAKE) in the three-party setting. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. Some verifier-based PAKE schemes in the three-party setting have been suggested to solve the server compromise problem. Unfortunately, the protocols are vulnerable to an off-line dictionary attack. In this paper, we present an efficient verifier-based PAKE protocol for three-parties that is secure against known-key attacks and provides forward secrecy. To the best of our knowledge, the proposed protocol is the first secure three-party verifier-based PAKE protocol in the literature.

AB - In the last few years, researchers have extensively studied the password-authenticated key exchange (PAKE) in the three-party setting. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. Some verifier-based PAKE schemes in the three-party setting have been suggested to solve the server compromise problem. Unfortunately, the protocols are vulnerable to an off-line dictionary attack. In this paper, we present an efficient verifier-based PAKE protocol for three-parties that is secure against known-key attacks and provides forward secrecy. To the best of our knowledge, the proposed protocol is the first secure three-party verifier-based PAKE protocol in the literature.

UR - http://www.scopus.com/inward/record.url?scp=34248672528&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34248672528&partnerID=8YFLogxK

U2 - 10.1016/j.csi.2006.12.002

DO - 10.1016/j.csi.2006.12.002

M3 - Review article

AN - SCOPUS:34248672528

VL - 29

SP - 513

EP - 520

JO - Computer Standards and Interfaces

JF - Computer Standards and Interfaces

SN - 0920-5489

IS - 5

ER -