论文信息 - A simple three party password based key exchange protocol

A simple three party password based key exchange protocol

The three-party password-based key exchange protocol (3PAKE) is the protocol in which two communications entities can authenticate each other and establish a session key through the assistance of an authentication server. All exsisting 3PAKE need certain encrypion system which are not suitable to some certain application such as low devices. In this paper, we propose a simple three-party password-based key exchange protocol(S3PAKE) without encrypton based on augmented password by this way that every client only shares a common password with a trusted server and any two clients can authenticate each other and negotiate a session key relying on the help of the trusted server. Compared to previous protocols, our proposed protocols are more efficient and convenient since the protocol need not encrypt passwords‥

Wen Tang

[1] Patrick Horster,et al. Undetectable on-line password guessing attacks , 1995, OPSR.

[2] Sarvar Patel,et al. Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman , 2000, EUROCRYPT.

[3] Steven M. Bellovin,et al. Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise , 1993, CCS '93.

[4] Hung-Min Sun,et al. Three-party encrypted key exchange without server public-keys , 2001, IEEE Communications Letters.

[5] Gene Tsudik,et al. Refinement and extension of encrypted key exchange , 1995, OPSR.

[6] Taekyoung Kwon,et al. Authentication and Key Agreement Via Memorable Passwords , 2001, NDSS.

[7] Steven M. Bellovin,et al. Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[8] David P. Jablon. Strong password-only authenticated key exchange , 1996, CCRV.

[9] Hung-Min Sun,et al. Three-party encrypted key exchange: attacks and a solution , 2000, OPSR.