论文信息 - Efficient verifier-based key agreement protocol for three parties without server's public key

Efficient verifier-based key agreement protocol for three parties without server's public key

So far, there have been several key agreement protocols for three-parties, in which two clients establish a common session key through a authentication server. Most of those protocols require to use server's public key to prevent password guessing attacks. However, because clients need to verify and safely keep the server's public key, the protocols may not be practical for some environments. This paper proposes a new efficient verifier-based key agreement protocol for three parties which does not require server's public key. The proposed protocol is resistant against various attacks and provides the perfect forward secrecy.

[1] Hung-Min Sun,et al. Three-party encrypted key exchange: attacks and a solution , 2000, OPSR.

[2] Hung-Min Sun,et al. Secure key agreement protocols for three-party against guessing attacks , 2005, J. Syst. Softw..

[3] Patrick Horster,et al. Undetectable on-line password guessing attacks , 1995, OPSR.

[4] Chin-Chen Chang,et al. A novel three-party encrypted key exchange protocol , 2004, Comput. Stand. Interfaces.

[5] Steven M. Bellovin,et al. Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[6] Russell Impagliazzo,et al. Limits on the provable consequences of one-way permutations , 1988, STOC '89.

[7] Hung-Min Sun,et al. Three-party encrypted key exchange without server public-keys , 2001, IEEE Communications Letters.

[8] Gene Tsudik,et al. Refinement and extension of encrypted key exchange , 1995, OPSR.