You are looking at a specific version 20100202:092937 of this paper. See the latest version.

Paper 2010/052

Cryptanalysis and Improvement of a New Gateway-Oriented Password-Based Authenticated Key Exchange Protocol

FuShan Wei and QingFeng Cheng and ChuanGui Ma

Abstract

Abdalla et al. proposed the first gateway-oriented password-based authenticated key exchange (GPAKE) protocol. The security goal of GPAKE is to securely establish a session key between the client and the gateway by the help of the authentication server without revealing any information of the password to the gateway. However, Byun et al. showed that the original GPAKE protocol was suspectable to an undetectable on-line dictionary attack by a malicious gateway. Recently, Abdalla et al. presented a new variant of the original GPAKE protocol to resist Byun et al.'s attack. In this letter, we show that the new GPAKE protocol is still vulnerable to another simple but powerful undetectable on-line dictionary attack. We then make a suggestion for improvement.

Metadata
Available format(s)
-- withdrawn --
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
authenticated key exchangepasswordundetectable on-line dictionary attack
Contact author(s)
weifs831020 @ 163 com
History
2010-02-02: withdrawn
2010-02-01: received
See all versions
Short URL
https://ia.cr/2010/052
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.