A communication-efficient three-party password authenticated key exchange protocol

Ting-Yi  Chang, Min Shiang Hwang, Wei Pang Yang

Research output: Contribution to journalArticle

72 Citations (Scopus)

Abstract

Three-party password authenticated key exchange (3PAKE) protocols allow two users (clients) to establish a session key through an authentication server over an insecure channel. Clients only share an easy-to-remember password with the trusted server. In the related literature, most schemes employ the server public keys to ensure the identities of both the servers and symmetric cryptosystems to encrypt the messages. This paper describes an efficient 3PAKE based on LHL-3PAKE proposed by Lee et al. Our 3PAKE requires neither the server public keys nor symmetric cryptosystems such as DES. The formal proof of security of our 3PAKE is based on the computational Diffie-Hellman assumption in the random oracle model along with a parallel version of the proposed 3PAKE. The comparisons have shown that our 3PAKE is more practical than other 3PAKEs.

Original languageEnglish
Pages (from-to)217-226
Number of pages10
JournalInformation Sciences
Volume181
Issue number1
DOIs
Publication statusPublished - 2011 Jan 1

Fingerprint

Authenticated Key Exchange
Password
Servers
Server
Network protocols
Communication
Cryptosystem
Public key
Cryptography
Formal Proof
Random Oracle Model
Diffie-Hellman
Authentication

All Science Journal Classification (ASJC) codes

  • Software
  • Control and Systems Engineering
  • Theoretical Computer Science
  • Computer Science Applications
  • Information Systems and Management
  • Artificial Intelligence

Cite this

Chang, Ting-Yi  ; Hwang, Min Shiang ; Yang, Wei Pang. / A communication-efficient three-party password authenticated key exchange protocol. In: Information Sciences. 2011 ; Vol. 181, No. 1. pp. 217-226.
@article{42e4888e65c948b99a629f8f4859a968,
title = "A communication-efficient three-party password authenticated key exchange protocol",
abstract = "Three-party password authenticated key exchange (3PAKE) protocols allow two users (clients) to establish a session key through an authentication server over an insecure channel. Clients only share an easy-to-remember password with the trusted server. In the related literature, most schemes employ the server public keys to ensure the identities of both the servers and symmetric cryptosystems to encrypt the messages. This paper describes an efficient 3PAKE based on LHL-3PAKE proposed by Lee et al. Our 3PAKE requires neither the server public keys nor symmetric cryptosystems such as DES. The formal proof of security of our 3PAKE is based on the computational Diffie-Hellman assumption in the random oracle model along with a parallel version of the proposed 3PAKE. The comparisons have shown that our 3PAKE is more practical than other 3PAKEs.",
author = "Ting-Yi  Chang and Hwang, {Min Shiang} and Yang, {Wei Pang}",
year = "2011",
month = "1",
day = "1",
doi = "10.1016/j.ins.2010.08.032",
language = "English",
volume = "181",
pages = "217--226",
journal = "Information Sciences",
issn = "0020-0255",
publisher = "Elsevier Inc.",
number = "1",

}

A communication-efficient three-party password authenticated key exchange protocol. / Chang, Ting-Yi ; Hwang, Min Shiang; Yang, Wei Pang.

In: Information Sciences, Vol. 181, No. 1, 01.01.2011, p. 217-226.

Research output: Contribution to journalArticle

TY - JOUR

T1 - A communication-efficient three-party password authenticated key exchange protocol

AU - Chang, Ting-Yi 

AU - Hwang, Min Shiang

AU - Yang, Wei Pang

PY - 2011/1/1

Y1 - 2011/1/1

N2 - Three-party password authenticated key exchange (3PAKE) protocols allow two users (clients) to establish a session key through an authentication server over an insecure channel. Clients only share an easy-to-remember password with the trusted server. In the related literature, most schemes employ the server public keys to ensure the identities of both the servers and symmetric cryptosystems to encrypt the messages. This paper describes an efficient 3PAKE based on LHL-3PAKE proposed by Lee et al. Our 3PAKE requires neither the server public keys nor symmetric cryptosystems such as DES. The formal proof of security of our 3PAKE is based on the computational Diffie-Hellman assumption in the random oracle model along with a parallel version of the proposed 3PAKE. The comparisons have shown that our 3PAKE is more practical than other 3PAKEs.

AB - Three-party password authenticated key exchange (3PAKE) protocols allow two users (clients) to establish a session key through an authentication server over an insecure channel. Clients only share an easy-to-remember password with the trusted server. In the related literature, most schemes employ the server public keys to ensure the identities of both the servers and symmetric cryptosystems to encrypt the messages. This paper describes an efficient 3PAKE based on LHL-3PAKE proposed by Lee et al. Our 3PAKE requires neither the server public keys nor symmetric cryptosystems such as DES. The formal proof of security of our 3PAKE is based on the computational Diffie-Hellman assumption in the random oracle model along with a parallel version of the proposed 3PAKE. The comparisons have shown that our 3PAKE is more practical than other 3PAKEs.

UR - http://www.scopus.com/inward/record.url?scp=77958095782&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=77958095782&partnerID=8YFLogxK

U2 - 10.1016/j.ins.2010.08.032

DO - 10.1016/j.ins.2010.08.032

M3 - Article

VL - 181

SP - 217

EP - 226

JO - Information Sciences

JF - Information Sciences

SN - 0020-0255

IS - 1

ER -