Title :
Three-party encrypted key exchange without server public-keys
Author :
Lin, Chun-Li ; Sun, Hung-Min ; Steiner, Michael ; Hwang, Tzonelih
Author_Institution :
Dept. of Comput. Sci. & Inf. Eng., Nat. Cheng Kung Univ., Tainan, Taiwan
Abstract :
Three-party key-exchange protocols with password authentication-clients share an easy-to-remember password with a trusted server only-are very suitable for applications requiring secure communications between many light-weight clients (end users); it is simply impractical that every two clients share a common secret. Steiner, Tsudik and Waidner (1995) proposed a realization of such a three-party protocol based on the encrypted key exchange (EKE) protocols. However, their protocol was later demonstrated to be vulnerable to off-line and undetectable on-line guessing attacks. Lin, Sun and Hwang (see ACM Operating Syst. Rev., vol.34, no. 4, p.12-20, 2000) proposed a secure three-party protocol with server public-keys. However, the approach of using server public-keys is not always a satisfactory solution and is impractical for some environments. We propose a secure three-party EKE protocol without server public-keys.
Keywords :
cryptography; message authentication; protocols; telecommunication security; computational cost; off-line guessing attacks; password authentication; secure communications; three-party encrypted key exchange; three-party key-exchange protocols; undetectable on-line guessing attacks; Authentication; Computer science; Councils; Cryptography; Dictionaries; Mobile communication; Network servers; Protocols; Public key; Sun;
Journal_Title :
Communications Letters, IEEE
DOI :
10.1109/4234.974498
