Cryptology ePrint Archive: Report 2012/312

Cryptanalysis of a Provably Secure Gateway-Oriented Password-Based Authenticated Key Exchange Protocol

Debiao He

Abstract: Recently, Chien et al. proposed a gateway-oriented password-based authenticated key exchange (GPAKE) protocol, through which a client and a gateway could generate a session key for future communication with the help of an authentication server. They also demonstrated that their scheme is provably secure in a formal model. However, in this letter, we will show that Chien et al.’s protocol is vulnerable to the off-line password guessing attack. To overcome the weakness, we also propose an efficient countermeasure.

Category / Keywords: cryptographic protocols / Password-based; Authenticated key exchange; Gateway; Off-line password guessing attack

Publication Info: The paper has not been published.

Date: received 1 Jun 2012

Contact author: hedebiao at 163 com

Available format(s): PDF | BibTeX Citation

Version: 20120603:214544 (All versions of this report)

Short URL: ia.cr/2012/312

Discussion forum: Show discussion | Start new discussion