Abstract
Client-to-Client Password-Authenticated Key Exchange (C2C-PAKE) protocols allow two clients establish a common session key based on their passwords. In a secure C2C-PAKE protocol, there is no computationally bounded adversary learns anything about session keys shared between two clients. Especially a participating server should not learn anything about session keys. Server- compromise impersonation resilience is another desirable security property for a C2C-PAKE protocol. It means that compromising the password verifier of any client A should not enable outside adversary to share session key with A. Recently, Kwon and Lee proposed four C2C-PAKE protocols in the three-party setting, and Zhu et al. proposed a C2C-PAKE protocol in the cross-realm setting. All the proposed protocols are claimed to resist server compromise. However, in this paper, we show that Kwon and Lee’s protocols and Zhu et al’s protocol exist server compromise attacks, and a malicious server can mount man-in-themiddle attacks and can eavesdrop the communication between the two clients.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
