Shirisha Tallapally
2012 Information Technology and Control  
In the field of cryptography, the three-party authenticated key exchange protocol is an important tool, especially in the secure communication areas. In this protocol, two clients share a human-memorable password with a trusted server whereby the two clients receive a secure session key. Most recently, Huang proposed a simple and efficient three party password-based key exchange protocol. She claimed that the proposed protocol is secure against various attacks. However, Yoon and Yoo proved an
more » ... and Yoo proved an undetectable online password guessing attack on Huang's protocol. In the present paper, an unknown key share attack on Huang's three party PAKE protocol using undetectable online password guessing attack is demonstrated. Additionally, an alternative protocol that eliminates this attack is proposed. Moreover, the proposed protocol requires only four message transmission rounds. Keywords: Huang's three party PAKE protocol; undetectable online password guessing attack; unknown key share attack; password.
doi:10.5755/j01.itc.41.1.842 fatcat:ep6bklk5c5gxvkfgk77rntppwu