Paper 2012/312

Cryptanalysis of a Provably Secure Gateway-Oriented Password-Based Authenticated Key Exchange Protocol

Debiao He

Abstract

Recently, Chien et al. proposed a gateway-oriented password-based authenticated key exchange (GPAKE) protocol, through which a client and a gateway could generate a session key for future communication with the help of an authentication server. They also demonstrated that their scheme is provably secure in a formal model. However, in this letter, we will show that Chien et al.’s protocol is vulnerable to the off-line password guessing attack. To overcome the weakness, we also propose an efficient countermeasure.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. The paper has not been published.
Keywords
Password-basedAuthenticated key exchangeGatewayOff-line password guessing attack
Contact author(s)
hedebiao @ 163 com
History
2012-06-03: received
Short URL
https://ia.cr/2012/312
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/312,
      author = {Debiao He},
      title = {Cryptanalysis of a Provably Secure Gateway-Oriented Password-Based Authenticated Key Exchange Protocol},
      howpublished = {Cryptology ePrint Archive, Paper 2012/312},
      year = {2012},
      note = {\url{https://eprint.iacr.org/2012/312}},
      url = {https://eprint.iacr.org/2012/312}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.