首页    期刊浏览 2024年12月01日 星期日
登录注册

文章基本信息

  • 标题:An Enhanced and Secure Three-Party Password-based Authenticated Key Exchange Protocol without Using Server's Public-Keys and Symmetric Cryptosystems
  • 本地全文:下载
  • 作者:M. S. Farash ; M. A. Attari
  • 期刊名称:Public Policy And Administration
  • 印刷版ISSN:2029-2872
  • 出版年度:2014
  • 卷号:43
  • 期号:2
  • 页码:143-150
  • DOI:10.5755/j01.itc.43.2.3790
  • 语种:English
  • 出版社:Kaunas University of Technology
  • 摘要:Password-based authenticated key exchange protocol is a type of authenticated key exchange protocols which enables two or more communication entities, who only share weak, low-entropy and easily memorable passwords, to authenticate each other and establish a high-entropy secret session key. In 2012, Tallapally proposed an enhanced three-party password-based authenticated key exchange protocol to overcome the weaknesses of Huang’s scheme. However, in this paper, we indicate that the Tallapally’s scheme not only is still vulnerable to undetectable online password guessing attack, but also is insecure against off-line password guessing attack. Therefore, we propose a more secure and efficient scheme to overcome the security flaws.
  • 关键词:Password-based key exchange protocol;Password guessing attack;Client-server authentication
国家哲学社会科学文献中心版权所有