Cryptanalysis of simple three-party key exchange protocol (S-3PAKE)


Phan, Raphael C.-W. and Yau, Wei-Chuen and Goi, Bok-Min (2008) Cryptanalysis of simple three-party key exchange protocol (S-3PAKE). Information Sciences, 178 (13). pp. 2849-2856. ISSN 00200255

Full text not available from this repository.


Password-authenticated key exchange (PAKE) protocols allow parties to share secret keys in an authentic manner based on an easily memorizable password. Recently, Lu and Cao proposed a three-party password-authenticated key exchange protocol, so called S-3PAKE, based on ideas of the Abdalla and Pointcheval two-party SPAKE extended to three parties. S-3PAKE can be seen to have a structure alternative to that of another three-party PAKE protocol (3PAKE) by Abdalla and Pointcheval. Furthermore, a simple improvement to S-3PAKE was proposed very recently by Chung and Ku to resist the kind of attacks that applied to earlier versions of 3PAKE. In this paper, we show that S-3PAKE falls to unknown key-share attacks by any other client, and undetectable online dictionary attacks by any adversary. The latter attack equally applies to the recently improved S-3PAKE. Indeed, the provable security approach should be taken when designing PAKEs; and furthermore our results highlight that extra cautions still be exercised when defining models and constructing proofs in this direction. (c) 2008 Elsevier Inc. All rights reserved.

Item Type: Article
Subjects: T Technology > T Technology (General)
Q Science > QA Mathematics > QA71-90 Instruments and machines > QA75.5-76.95 Electronic computers. Computer science
Divisions: Faculty of Information Science and Technology (FIST)
Depositing User: Ms Suzilawati Abu Samah
Date Deposited: 24 Aug 2011 06:25
Last Modified: 24 Aug 2011 06:25


Downloads per month over past year

View ItemEdit (login required)