Title :
A New C2C-PAKE Protocol in Cross-Realm Setting
Author :
Liu Xiu-mei ; Zhou Fu-cai ; Chang Gui-Ran
Author_Institution :
Comput. Center, Northeastern Univ., Shenyang
Abstract :
Most existing cross-realm client-to-client (C2C) key exchange protocols are based on password authentication, which are vulnerable to password guessing attacks. Sun et al. and Lee et al. have proposed three-party key exchange protocols respectively, which achieve higher security through verifier authentication instead of password authentication. However, their key exchange protocols can only be used in single-server C2C setting. In this paper, we propose a new cross-realm C2C-PAKE protocol, which is based on verifier authentication, and enable two clients to agree on a common session key with assistance of two servers in different realms. The protocol is shown to be resistant against various attacks including password guessing attacks and server compromise attack.
Keywords :
authorisation; cryptographic protocols; private key cryptography; C2C-PAKE protocol; client-to-client key exchange; cross-realm setting; key exchange protocols; password guessing attacks; security; server compromise attack; verifier authentication; Authentication; Electronic mail; Information science; Information technology; Multimedia computing; Protocols; Public key; Resists; Security; Sun; cross-realm; key exchange; password-authentication; verifier-based;
Conference_Titel :
MultiMedia and Information Technology, 2008. MMIT '08. International Conference on
Conference_Location :
Three Gorges
Print_ISBN :
978-0-7695-3556-2
DOI :
10.1109/MMIT.2008.83
