An Undetectable On-line Password Guessing Attack on Nam et al.’s Three-party Key Exchange Protocol

[[abstract]]Three-party key exchange protocol is one of the most essential cryptographic technique in the secure communication areas. In this protocol, two clients, each shares a human-memorable password, working with a trusted server, can agree a secure session key. Recently, Lu and Cao proposed a new simple three-party key exchange (S-3PAKE) protocol and claimed that it is not only very simple and efficient, but also can survive against various known attacks. However, Nam et al. pointed out that S-3PAKE is vulnerable to both off-line password guessing attack and undetectable on-line password guessing attack. Based on their finding, Nam et al. proposed an improved method to resolve this weakness. They further claimed that so far no off-line password guessing attack has been successful against their proposed protocol. In this paper, we demonstrate that Nam et al.’s improved protocol, unfortunately, is still vulnerable to an undetectable on-line password guessing attack. We therefore propose a simple and powerful method to address this issue. Which results in an improved three-party key exchange protocol that can protect against an undetectable on-line password guessing attack

Efficient Three Party Key Exchange Protocol

Key exchange protocols allow two or more parties communicating over a public network to establish a common secret key called a session key. In 1976, Diffie and Hellman proposed the first practical key exchange (DH key exchange) protocol. In 2005, Abdalla and Pointcheval suggested a new variation of the computational DH assumption called chosen based computational Diffie Hellman (CCDH) and presented simple password based authenticated key exchange protocols. Since then several three party password authenticated key agreement protocols have been proposed In 2007, Lu and Cao proposed a simple 3 party authenticated key exchange (S-3PAKE) protocol. Kim and Koi found that this protocol cannot resist undetectable online password guessing attack and gave fixed STPKE' protocol as a countermeasure using exclusive-or operation. Recently, Tallapally and Padmavathy found that STPKE' is still vulnerable to undetectable online password guessing attack and gave a modified STPKE' protocol. Unfortunately, we find that, although modified STPKE' protocol can resist undetectable online password guessing attack but it is vulnerable to man in the middle attack. Also, we propose and analyze an efficient protocol against all the known attacks

Security of Group Key Exchange Protocols with Different Passwords

Password-based authenticated group key exchange protocols allow group users to jointly share a session key based on a human-memorizable password. In this paper, we present an undetectable online dictionary attack on N-EKE-D, a recent provably secure protocol designed to explicitly resist this type of attack. Thus, our result contradicts the design goal. We also give a simple attack on the key indistinguishability of N-EKE-D and two N-EKE-M variants that exploits the definition of partnering in their security model