论文信息 - Breaking an improved password authenticated key exchange protocol for imbalanced wireless networks

Breaking an improved password authenticated key exchange protocol for imbalanced wireless networks

Yeh et al. (2003) proposed a password-authenticated key exchange protocol which is claimed to be an improvement of Zhu et al.'s (2002) password-authenticated key exchange protocol to defend against the so-called undetectable on-line password guessing attack. In this paper, we show that the improved protocol of Yeh et al. is insecure. In fact, an adversary can recover the password, off-line, by executing a single run of the improved protocol. We also point out the misconception of the so-called undetectable on-line password guessing attack.

Muxiang Zhang

[1] Feng Zhu,et al. Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks , 2002, ISC.

[2] Chou Chen Yang,et al. Cryptanalysis of Improvement of Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks , 2005, IEICE Trans. Commun..

[3] Steven M. Bellovin,et al. Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[4] Thomas D. Wu. A Real-World Analysis of Kerberos Password Security , 1999, NDSS.

[5] Stefan Lucks,et al. Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys , 1997, Security Protocols Workshop.

[6] Jerome H. Saltzer,et al. Reducing risks from poorly chosen keys , 1989, SOSP '89.

[7] Feng Bao,et al. Security Analysis of a Password Authenticated Key Exchange Protocol , 2003, ISC.

[8] Muxiang Zhang,et al. Further Analysis of Password Authenticated Key Exchange Protocol Based on RSA for Imbalanced Wireless Networks , 2004, ISC.

[9] Philip MacKenzie,et al. On the Security of the SPEKE Password-Authenticated Key Exchange Protocol , 2001, IACR Cryptol. ePrint Arch..

[10] David P. Jablon. Strong password-only authenticated key exchange , 1996, CCRV.