Security analysis and improvements of a universal construction for a round-optimal password authenticated key exchange protocol Online publication date: Fri, 04-Mar-2022
by Hongfeng Zhu; Xintong Wang; Yeh-Cheng Chen; Xueying Wang
International Journal of Information and Computer Security (IJICS), Vol. 17, No. 1/2, 2022
Abstract: Authenticated key exchange (AKE) protocols enable two parties to generate a shared, cryptographically strong key while communicating over an insecure network under the complete control of an adversary. Recently, Jonathan et al presents two PAKE protocols which make the communication reduce to one-round. At the same time Jonathan's protocols achieve the mutual authentication and agreement the session key by constructing smooth projective hash functions. However Jonathan's two protocols are subjected to key compromise impersonation (KCI) attack. Based on these motivations, this paper firstly put forwards a framework one-round PAKE protocols. And then we propose a provably secure and flexible one-round PAKE scheme based on chaotic maps. Compared with Jonathan's two protocols, the results show that our one-round PAKE scheme can not only refrain from consuming modular exponential computing and scalar multiplication, but is also robust to resist various attacks, especially for KCI attack. Finally, we also give the provable security of our scheme.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Information and Computer Security (IJICS):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook