论文信息 - Cryptanalysis and Enhancement of Modified Gateway-Oriented Password-Based Authenticated Key Exchange Protocol

Cryptanalysis and Enhancement of Modified Gateway-Oriented Password-Based Authenticated Key Exchange Protocol

Abdalla et al. proposed a gateway-oriented password-based authenticated key exchange (GPAKE) protocol among a client, a gateway, and an authentication server, where a password is only shared between the client and the authentication server. The goal of their scheme is to securely establish a session key between the client and the gateway by the help of the authentication server without revealing any information on the password to the gateway. Recently, Byun et al. showed that Abdalla et al.'s GPAKE is insecure against undetectable on-line password guessing attacks. They also proposed a modified version to overcome the attacks. In this letter, we point out that Byun et al.'s modified GPAKE protocol is still insecure against the same attacks. We then make a suggestion for improvement.

Kyung-Ah Shim

[1] Patrick Horster,et al. Undetectable on-line password guessing attacks , 1995, OPSR.

[2] Emmanuel Bresson,et al. Group Diffie-Hellman Key Exchange Secure against Dictionary Attacks , 2002, ASIACRYPT.

[3] Mihir Bellare,et al. The Security of the Cipher Block Chaining Message Authentication Code , 2000, J. Comput. Syst. Sci..

[4] Dong Hoon Lee,et al. Security analysis and improvement of a gateway-oriented password-based authenticated key exchange protocol , 2006, IEEE Communications Letters.

[5] Olivier Chevassut,et al. A Simple Threshold Authenticated Key Exchange from Short Secrets , 2005, ASIACRYPT.

[6] David P. Jablon. Strong password-only authenticated key exchange , 1996, CCRV.

[7] Mihir Bellare,et al. Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[8] Steven M. Bellovin,et al. Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.