Title: Cryptanalysis of a three-party password-based authenticated key exchange protocol using Weil pairing

Authors: Debiao He; Jianhua Chen

Addresses: School of Mathematics and Statistics, Wuhan University, Wuhan 430072, China; State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100049, China. ' School of Mathematics and Statistics, Wuhan University, Wuhan 430072, China

Abstract: Recently, Zeng et al. proposed a three-party password-based authenticated key exchange protocol, in which two users could generate a common secret key with the help of the server. Although Zeng et al. claimed that their protocol could withstand various attacks, we point out that their protocol cannot resist impersonation attacks and undetectable online dictionary attacks. The analysis shows Zeng et al.'s protocol is insecure for practical applications.

Keywords: key exchange protocols; password-based authentication; Weil pairing; impersonation attacks; online dictionary attacks; cryptanalysis; cryptography; common secret keys; electronic security.

DOI: 10.1504/IJESDF.2012.049754

International Journal of Electronic Security and Digital Forensics, 2012 Vol.4 No.4, pp.244 - 251

Received: 31 Jan 2012
Accepted: 28 Mar 2012
Published online: 19 Nov 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article