A communication-efficient three-party password authenticated key exchange protocol

Ting-Yi  Chang, Min Shiang Hwang, Wei Pang Yang

Research output: Contribution to journalArticlepeer-review

82 Citations (Scopus)


Three-party password authenticated key exchange (3PAKE) protocols allow two users (clients) to establish a session key through an authentication server over an insecure channel. Clients only share an easy-to-remember password with the trusted server. In the related literature, most schemes employ the server public keys to ensure the identities of both the servers and symmetric cryptosystems to encrypt the messages. This paper describes an efficient 3PAKE based on LHL-3PAKE proposed by Lee et al. Our 3PAKE requires neither the server public keys nor symmetric cryptosystems such as DES. The formal proof of security of our 3PAKE is based on the computational Diffie-Hellman assumption in the random oracle model along with a parallel version of the proposed 3PAKE. The comparisons have shown that our 3PAKE is more practical than other 3PAKEs.

Original languageEnglish
Pages (from-to)217-226
Number of pages10
JournalInformation Sciences
Issue number1
Publication statusPublished - 2011 Jan 1

All Science Journal Classification (ASJC) codes

  • Software
  • Control and Systems Engineering
  • Theoretical Computer Science
  • Computer Science Applications
  • Information Systems and Management
  • Artificial Intelligence

Fingerprint Dive into the research topics of 'A communication-efficient three-party password authenticated key exchange protocol'. Together they form a unique fingerprint.

Cite this