Cryptology ePrint Archive: Report 2005/269

Security Weakness in a Three-Party Password-Based Key Exchange Protocol Using Weil Pairing

Junghyun Nam, Seungjoo Kim, and Dongho Won

Abstract: Recently, Wen, Lee, and Hwang proposed a three-party password-authenticated key exchange protocol making use of the Weil pairing. The protocol was claimed to be provably secure. But despite the claim of provable security, the protocol is in fact insecure in the presence of an active adversary. We demonstrate this by presenting an attack that completely compromises the authentication mechanism of the protocol. Consequently, the proof of security for the protocol is invalidated.

Category / Keywords: cryptographic protocols / Key exchange protocol, password-based authentication, Weil pairing.

Date: received 14 Aug 2005

Contact author: jhnam at dosan skku ac kr

Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20050817:193428 (All versions of this report)

Discussion forum: Show discussion | Start new discussion