Weaknesses of a Verifier-Based Password-Authenticated Key Exchange Protocol in the Three-Party Setting

Quite recently, Li et al's suggested an efficient verifier-based password-authentication key exchange protocol via elliptic curves. In this paper, we shows that their protocol is still vulnerable to off-line dictionary attack and unknown key-share attack. Through our work, we hope the similar mistakes can be avoided in future designs.

[1]  Raphael C.-W. Phan,et al.  Cryptanalysis of simple three-party key exchange protocol (S-3PAKE) , 2008, Inf. Sci..

[2]  Kazukuni Kobara,et al.  Pretty-Simple Password-Authenticated Key-Exchange Under Standard Assumptions , 2003, IACR Cryptol. ePrint Arch..

[3]  Ian F. Blake,et al.  Elliptic curves in cryptography , 1999 .

[4]  Rudolf Lide,et al.  Finite fields , 1983 .

[5]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[6]  Kee-Young Yoo,et al.  Improvement of Lee and Lee's authenticated key agreement scheme , 2005, Appl. Math. Comput..

[7]  David Pointcheval,et al.  Simple Password-Based Encrypted Key Exchange Protocols , 2005, CT-RSA.

[8]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[9]  Burton S. Kaliski,et al.  An unknown key-share attack on the MQV key agreement protocol , 2001, ACM Trans. Inf. Syst. Secur..

[10]  David Pointcheval,et al.  Interactive Diffie-Hellman Assumptions with Applications to Password-Based Authentication , 2005, Financial Cryptography.

[11]  Kazukuni Kobara,et al.  Pretty-Simple Password-Authenticated Key-Exchange Protocol Proven to be Secure in the Standard Model , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[12]  Paulo S. L. M. Barreto,et al.  Efficient Algorithms for Pairing-Based Cryptosystems , 2002, CRYPTO.

[13]  David Pointcheval,et al.  Password-Based Authenticated Key Exchange in the Three-Party Setting , 2005, Public Key Cryptography.

[14]  Emmanuel Bresson,et al.  New Security Results on Encrypted Key Exchange , 2003, Public Key Cryptography.

[15]  Olivier Chevassut,et al.  A Simple Threshold Authenticated Key Exchange from Short Secrets , 2005, ASIACRYPT.

[16]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[17]  Colin Boyd,et al.  Protocols for Authentication and Key Establishment , 2003, Information Security and Cryptography.

[18]  Dong Hoon Lee,et al.  Efficient Password-Authenticated Key Exchange for Three-Party Secure Against Undetectable On-Line Dictionary Attacks , 2006, International Conference on Computational Science.

[19]  Olivier Chevassut,et al.  One-Time Verifier-Based Encrypted Key Exchange , 2005, Public Key Cryptography.

[20]  Tzonelih Hwang,et al.  Provably secure three-party password-based authenticated key exchange protocol using Weil pairing , 2005 .

[21]  Zhang Hua Verifier-based password-authenticated key exchange protocol for three-party , 2008 .

[22]  Colin Boyd,et al.  Examining Indistinguishability-Based Proof Models for Key Establishment Protocols , 2005, ASIACRYPT.

[23]  Patrick Horster,et al.  Undetectable on-line password guessing attacks , 1995, OPSR.

[24]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[25]  Jonathan Katz,et al.  Modeling insider attacks on group key-exchange protocols , 2005, CCS '05.

[26]  Ian F. Blake,et al.  Refinements of Miller's algorithm for computing the Weil/Tate pairing , 2006, J. Algorithms.

[27]  Gene Tsudik,et al.  Refinement and extension of encrypted key exchange , 1995, OPSR.

[28]  Steven D. Galbraith,et al.  Implementing the Tate Pairing , 2002, ANTS.