You are looking at a specific version 20131024:081130 of this paper.
See the latest version.
Paper 2013/666
An Offline Dictionary Attack against a Three-Party Key Exchange Protocol
Junghyun Nam and Kim-Kwang Raymond Choo and Juryon Paik and Dongho Won
Abstract
Despite all the research efforts made so far, the design of protocols for password-authenticated key exchange (PAKE) still remains a non-trivial task. One of the major challenges in designing such protocols is to protect low-entropy passwords from the notorious dictionary attacks. In this work, we revisit Abdalla and Pointcheval's three-party PAKE protocol presented in Financial Cryptography 2005, and demonstrate that the protocol is vulnerable to an off-line dictionary attack whereby a malicious client can find out the passwords of other clients.
Metadata
- Available format(s)
- Publication info
- Preprint. MINOR revision.
- Keywords
- Password-authenticated key exchange (PAKE)three-party key exchangepassworddictionary attack.
- Contact author(s)
- jhnam @ kku ac kr
- History
- 2013-10-24: received
- Short URL
- https://ia.cr/2013/666
- License
-
CC BY