An off-line dictionary attack on a simple three-party key exchange protocol

Key exchange protocols allow two or more parties communicating over a public network to establish a common secret key called a session key. Due to their significance in building a secure communication channel, a number of key exchange protocols have been suggested over the years for a variety of settings. Among these is the so-called S-3PAKE protocol proposed by Lu and Cao for password-authenticated key exchange in the three-party setting. In the current work, we are concerned with the password security of the S-3PAKE protocol. We first show that S-3PAKE is vulnerable to an off-line dictionary attack in which an attacker exhaustively enumerates all possible passwords in an off-line manner to determine the correct one. We then figure out how to eliminate the security vulnerability of S-3PAKE.

[1]  Zhenfu Cao,et al.  Simple three-party key exchange protocol , 2007, Comput. Secur..

[2]  B. Clifford Neuman,et al.  Kerberos: An Authentication Service for Open Network Systems , 1988, USENIX Winter.

[3]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[4]  David Pointcheval,et al.  Interactive Diffie-Hellman Assumptions with Applications to Password-Based Authentication , 2005, Financial Cryptography.

[5]  Wei-Chi Ku,et al.  Three weaknesses in a simple three-party key exchange protocol , 2008, Inf. Sci..

[6]  David Pointcheval,et al.  Simple Password-Based Encrypted Key Exchange Protocols , 2005, CT-RSA.

[7]  Raphael C.-W. Phan,et al.  Cryptanalysis of simple three-party key exchange protocol (S-3PAKE) , 2008, Inf. Sci..

[8]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[9]  Gene Tsudik,et al.  Refinement and extension of encrypted key exchange , 1995, OPSR.

[10]  Zhoujun Li,et al.  Cryptanalysis of simple three-party key exchange protocol , 2008, Comput. Secur..

[11]  Sarvar Patel,et al.  Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman , 2000, EUROCRYPT.

[12]  David Pointcheval,et al.  Password-Based Authenticated Key Exchange in the Three-Party Setting , 2005, Public Key Cryptography.

[13]  Hung-Min Sun,et al.  Three-party encrypted key exchange without server public-keys , 2001, IEEE Communications Letters.

[14]  Rafail Ostrovsky,et al.  Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords , 2001, EUROCRYPT.