Abstract
Security issues play an important role in modern communication worlds. Via distrusted networks, exchanged messages need to be encrypted by a session key for security requirements. Session keys are preferred to be generated by communication parties, and how to authenticate the other communication party is an important problem needed to be solved. In three-party encrypted key exchange (3PEKE) protocols, a special type of indirect-authenticated protocols, a trusted third party is involved to have two communication parties be able to authenticate each other and negotiate one session key. In 2008, Yoon and Yoo proposed a three-party encrypted key exchange protocol and claimed their protocol provides a more secure way for exchanging messages. Unfortunately, we find that their protocol suffers from undetectable one-line password guessing attacks. In this manuscript, we first review the important related works and show how to mount attacks on Yoon and Yoo’s 3PEKE protocol
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
