Abstract
In the last few years, researchers have extensively studied the password-authenticated key exchange (PAKE) in the three-party setting. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. Some verifier-based PAKE schemes in the three-party setting have been suggested to solve the server compromise problem. Unfortunately, the protocols are vulnerable to an off-line dictionary attack. In this paper, we present an efficient verifier-based PAKE protocol for three-parties that is secure against known-key attacks and provides forward secrecy. To the best of our knowledge, the proposed protocol is the first secure three-party verifier-based PAKE protocol in the literature.
Original language | English |
---|---|
Pages (from-to) | 513-520 |
Number of pages | 8 |
Journal | Computer Standards and Interfaces |
Volume | 29 |
Issue number | 5 |
DOIs | |
Publication status | Published - 2007 Jul |
Keywords
- Cryptology
- Dictionary attack
- Password-authenticated key exchange
- Verifier-based
ASJC Scopus subject areas
- Software
- Hardware and Architecture
- Law