You are looking at a specific version 20130830:130025 of this paper. See the latest version.

Paper 2013/540

On the security of a password-only authenticated three-party key exchange protocol

Junghyun Nam and Kim-Kwang Raymond Choo and Juryon Paik and Dongho Won

Abstract

This note reports major previously unpublished security vulnerabilities in the password-only authenticated three-party key exchange protocol due to Lee and Hwang (Information Sciences, 180, 1702-1714, 2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot protect clients' passwords against an offline dictionary attack; and (3) the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
Three-party key exchangeMan-in-the-middle (MITM) attackOffline dictionary attackSemantic security
Contact author(s)
jhnam @ kku ac kr
History
2013-08-30: received
Short URL
https://ia.cr/2013/540
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.