Cryptanalysis of an improved client-to-client password-authenticated key exchange (C2C-PAKE) scheme

Phan, , RCW and Goi, , BM (2005) Cryptanalysis of an improved client-to-client password-authenticated key exchange (C2C-PAKE) scheme. APPLIED CRYPTOGRAPHY AND NETWORK SECURITY, PROCEEDINGS, 3531 . pp. 33-39. ISSN 0302-9743

Full text not available from this repository.

Abstract

Password-Authenticated Key Establishment (PAKE) protocols allow two parties, to share common secret keys in an authentic manner based on an easily memorizable password. At ICCSA 2004, an improved PAKE protocol between two clients of different realms was proposed that was claimed to be secure against attacks including the replay attack. In this paper, we cryptanalyze this protocol by showing two replay attacks that allow an attacker to falsely share a secret key with a legal client.

Item Type: Article
Subjects: Q Science > QA Mathematics > QA75.5-76.95 Electronic computers. Computer science
Divisions: Faculty of Engineering (FOE)
Depositing User: Ms Rosnani Abd Wahab
Date Deposited: 24 Aug 2011 05:37
Last Modified: 24 Aug 2011 05:37
URI: http://shdl.mmu.edu.my/id/eprint/2306

Actions (login required)

View Item View Item