Three-party Encrypted Key Exchange Research Articles

Verifier-based Password Authenticated 3P-EKE Protocol using PCLA keys

This paper endeavors to present a novel framework for the generic structure of a verifier-based password authenticated Three-Party Encrypted Key Exchange (3P-EKE) protocol which yields more efficient protocol than the ones knew before. A previous framework presented by Archana and Premchand is more secured against all types of attacks like password guessing, replay, pre-play, man-in-the-middle attack etc. But unfortunately, this protocol does not solve the problem of a server compromise. These proofs help as inspiration to search for another framework. The framework we offer produces more efficient 3P-EKE protocol, and, in addition, delivers perceptive clarification about the existing attacks that do not solve in the previous framework. Moreover, it allows direct change from a class of verge private-key encryption to a hybrid (symmetric & Asymmetric) one without significant overhead.

Efficient three-party encrypted key exchange using trapdoor functions

Three-party encrypted key exchange (3PEKE) enables two communicating parties to securely exchange confidential and authenticated information over an insecure network via a trusted server. This investigation presents a novel efficient and secure 3PEKE protocol using a super-poly-to-one trapdoor function. The proposed protocol employs the Diffie–Hellman key exchange and adopts the technique that the clients can publicly exchange the factors for generating the session key without the help of the server to reduce the numbers of transmissions. A round-efficient version of the proposed 3PEKE protocol is also described. Compared with related approaches, the proposed protocol not only retains security requirements and possesses lower computational cost but also has fewer transmissions and realizes the lower bounds of communications. Copyright © 2013 John Wiley & Sons, Ltd.

Verifier-based computation-and communication-efficient 3EKE protocols

This paper proposes verifier-based computation-and communication-efficient three-party encrypted key exchange (VBCC3EKE) protocols to minimize the complexity of computational and communicational costs among all users and fit three-party communication environments. Compared with related verifier-based 3EKE protocols, the proposed VBCC3EKE protocols have enhanced computational and communicational efficiency. As a result, the proposed VBCC3EKE protocols are most suitable for use in various applications over distributed three-party network environments such as the Internet and mobile e-commerce.

IMPROVING TWO NOVEL THREE-PARTY ENCRYPTED KEY EXCHANGE PROTOCOLS WITH PERFECT FORWARD SECRECY

It is a crucial that password security be effective and constantly improved. The three-party encrypted key exchange (3PEKE) protocol has been used to protect passwords transmitted between users. Recently, Chang and Chang proposed a novel 3PEKE (ECC-3PEKE) protocol using a super-poly-to-one trapdoor function which demonstrates high efficiency. However, Chen et al. and Yoon et al., respectively, showed that the ECC-3PEKE protocol can not prevent undetectable on-line password guessing attacks and proposed improved protocols. Unfortunately, their improved protocols suffer from off-line password guessing attacks without perfect forward secrecy. Hence, the authors propose an improved protocol to strengthen their security.

An Improvement on A Three-Party Authentication Key Exchange Protocol Using Elliptic Curve Cryptography

The authentication key exchange protocol enables communication participants to authenticate each other and agree on the session key over an insecure public network. Recently, a three-party authentication key exchange protocol based on Elliptic curve cryptograph is proposed. In this paper, we improve the three-party encrypted key exchange protocol by bilinear maps. The proposed threeparty authentication key exchange protocol is provable secure under Computational Diffie-Hellman assumptions in the standard model. Furthermore, the novel protocol is more efficient.

A Note on an Enhanced Three-Party Authentication Key Exchange Protocol

Recently, Chen et al. proposed an efficient three-party encrypted key exchange protocol based upon Schnorr’s digital signature scheme with fewer rounds. However, J.H. Yang and C. C. Chang showed that Chen et al.’s protocol still has the high computation cost and communication cost. Moreover, Chen et al.’s protocol suffers from stolen-verifier attacks. Then J.H. Yang and C. C. Chang proposed a three-party authenticated key exchange protocol without password by using elliptic curve cryptography. Their improved protocol requires smaller transmitted message size and less communication times, which is well suitable for resource-limited environments such as mobile communication and mobile commerce. Unfortunately, we find that Yang et al.’s protocol is vulnerable to replay attacks, denial-of-Service attacks and impersonation attacks.

An Enhanced Three-Party Authentication Key Exchange Protocol for Mobile Commerce Environments

Recently, Yang et al. proposed a three-party encrypted key exchange protocol (3PAKE) which is based on Elliptic curve cryptography. Their 3PAKE protocol is efficient because it requires less computation cost and less communication cost, which is well suitable for mobile commerce environments. However, Yang et al.’s 3PAKE protocol is susceptible to parallel attacks and impersonation attacks. We presented an enhancement to resolve such security problems. Detailed analyses show that our proposed protocol is a secure 3PAKE protocol and more efficient.

Communication-efficient three-party protocols for authentication and key agreement

Encrypted key exchange (EKE) authentication approaches are very important for secure communicating over public networks. In order to solve the security weaknesses three-party EKE, Yeh et al. [H.T. Yeh, H.M. Sun, T. Hwang, Efficient three-party authentication and key agreement protocols resistant to password guessing attacks, Information Science and Engineering 19 (6) (2003) 1059–1070.] proposed two secure and efficient three-party EKE protocols. Based on the protocol developed by Yeh et al., two improved EKE protocols for authentication and key agreement are proposed in this study. The computational costs of the proposed protocols are the same as those of the protocols of Yeh et al. However, the numbers of messages in the communication are fewer than those of the protocols of Yeh et al. Furthermore, the round efficient versions of our proposed protocols are also described.

Cryptanalysis of two three-party encrypted key exchange protocols

Due to the simplicity of maintaining human memorable passwords without any assistant storage device, password-based three-party encrypted key exchange (3PEKE) protocol has become one of the most promising research fields on user authentication and secure communication. In 2008, Chen et al. and Yoon and Yoo both pointed that Chang and Chang's password-based 3PEKE scheme cannot resist against undetectable on-line password guessing attacks, and then respectively proposed an improved protocol to eliminate the security vulnerability. However, based on the security analyses conducted by us, we find that both of their protocols are still vulnerable against undetectable on-line password guessing attacks. Accordingly, we develop a novel 3PEKE protocol to remedy these authentication flaws. Moreover, our proposed protocol can achieve better performance efficiency by requiring only four message transmission rounds. In conclusion, we can claim that our proposed 3PEKE protocol is more secure and efficient in comparison with the protocols proposed by Chen et al. and Yoon and Yoo.

Provably Secure Password-Based Three-Party Key Exchange With Optimal Message Steps

A password-based three-party encrypted key exchange (3PEKE) is a protocol that enables any pair of two registered clients to establish session keys with the help of a trusted server such that each client shares only one password with the server. This approach greatly improves the scalability of key agreement protocol in distributed environments and provides great user convenience. This article proposes a new password-based 3PEKE scheme that completes its entire job in only a record low four steps, which we prove that it is optimal for password-based 3PEKE protocols. The security of the proposed scheme, as we will detail later, has been proved in the random oracle model.

Improving the novel three-party encrypted key exchange protocol

In 2004, Chang and Chang proposed a three-party encrypted key exchange (ECC-3PEKE) protocol without using the server's public keys. They claimed that their proposed ECC-3PEKE protocol is secure, efficient, and practical. Unlike their claims, the ECC-3PEKE protocol, however, is still susceptible to undetectable on-line password guessing attacks. Accordingly, the current paper demonstrates the vulnerability of Chang–Chang's ECC-3PEKE protocol regarding undetectable on-line password guessing attacks and than presents an enhancement to resolve such security problems.

Security enhancement for a three-party encrypted key exchange protocol against undetectable on-line password guessing attacks

In 1995, a potential attack, called undetectable on-line password guessing attack, on three-party encrypted key exchange (3PEKE) protocol is highlighted by Ding and Horster. Since then, this attack has been one of the main concerns for developing a secure 3 PEKE protocol. Recently, Chang and Chang proposed a password-based three-party encrypted key exchange protocol that simultaneously possesses round and computation efficiencies. However, this paper shows that their protocol is potentially vulnerable toward undetectable on-line password guessing attacks. As their protocol is currently one of the most superior of all 3PEKE approaches; it seems worthwhile and valuable to remedy this potential security problem.

The importance of proofs of security for key establishment protocols: Formal analysis of Jan–Chen, Yang–Shen–Shieh, Kim–Huh–Hwang–Lee, Lin–Sun–Hwang, and Yeh–Sun protocols

Despite the importance of proofs in assuring protocol implementers about the security properties of key establishment protocols, many protocol designers fail to provide any proof of security. Flaws detected long after the publication and/or implementation of protocols will erode the credibility of key establishment protocols. We revisit recent work of Choo, Boyd, Hitchcock, Maitland where they utilize the Bellare, Pointcheval, Rogaway (Authenticated key exchange secure against dictionary attacks, in: B. Preneel (Ed.), Advances in Cryptology – Eurocrypt 2000, Springer-Verlag, LNCS 1807/2000, pp. 139–155, 2000) computational complexity proof model in a machine specification and analysis (using an automated model checker – SHVT) for provably secure key establishment protocol analysis. We then examine several key establishment protocols without proofs of security, namely: protocols due to J.-K. Jan, Y.-H. Chen (A new efficient MAKEP for wireless communications, in: 18th International Conference on Advanced Information Networking and Applications – AINA 2004, IEEE Computer Society, pp. 347–350, 2004), W.-H. Yang, J.-C. Shen, S.-P. Shieh (Designing authentication protocols against guessing attacks. Technical Report 2(3), Institute of Information & Computing Machinery, Taiwan, 1999. http://www.iicm.org.tw/communication/c2_3/page07.doc), Y.-S. Kim, E.-N. Huh, J. Hwang, B.-W. Lee (An efficient key agreement protocol for secure authentication, in: A. Laganà, M.L. Gavrilova, V. Kumar, Y. Mun, C.J.K. Tan, O. Gervasi (Eds.), International Conference On Computational Science And Its Applications – ICCSA 2004, Springer-Verlag, LNCS 3043/2004, pp. 746-754, 2004), C.-L. Lin, H.-M. Sun, T. Hwang. (Three-party encrypted key exchange: attacks and a solution, in: A CM SIGOPS Operating Systems Review, pp. 12–20, 2000), and H.-T. Yeh, H.-M. Sun (Simple authenticated key agreement protocol resistant to password guessing attacks, in: A CM SIGOPS Operating Systems Review, 36(4), pp. 14–22, 2002). Using these protocols as case studies, we demonstrate previously unpublished flaws in these protocols. We may speculate that such errors could have been found by protocol designers if proofs of security were to be constructed, and hope this work will encourage future protocol designers to provide proofs of security.

Enhanced three-party encrypted key exchange without server public keys

This investigation proposes a secure and efficient three-party encrypted key exchange (3PEKE) protocol based on the LSSH-3PEKE protocol proposed by Lin et al. [Lin, C.-L., Sun, H.-M., Steiner, M., Hwang, T., 2001. IEEE Commun. Lett. 5 (12), 497–499]. The computational cost of the proposed protocol is equal to that of the LSSH-3PEKE protocol. However, the number of steps in communication is one fewer. A round efficient version of the same protocol is also described.

A novel three-party encrypted key exchange protocol

The passwords people can remember are usually simple or meaningful. In three-party key exchange protocols with password authentication, clients are allowed to share an easy-to-remember password with a trusted server such that two clients can communicate with each other through a common secret key without the existence of redundant keys. Such protocols are quite suitable for application when light-weight clients need secure communications. Steiner, Tsudik, and Waidner proposed a three-party protocol based on the encrypted key exchange (EKE) protocols in 1995; however, the proposed protocol suffered from off-line and undetectable on-line guessing attacks. In 2000, Lin, Sun, and Hwang proposed a secure three-party protocol with server's public keys. Because certificates are needed to verify the server's public keys to avoid impersonation attacks, this protocol is not practical for some environments. In 2001, Lin, Sun, Steiner and Hwang proposed a brand-new three-party protocol without servers' public keys. Nevertheless, more rounds are needed by using this protocol. In this paper, we propose a secure three-party EKE protocol with round efficiency.

Three-party encrypted key exchange without server public-keys

Three-party key-exchange protocols with password authentication-clients share an easy-to-remember password with a trusted server only-are very suitable for applications requiring secure communications between many light-weight clients (end users); it is simply impractical that every two clients share a common secret. Steiner, Tsudik and Waidner (1995) proposed a realization of such a three-party protocol based on the encrypted key exchange (EKE) protocols. However, their protocol was later demonstrated to be vulnerable to off-line and undetectable on-line guessing attacks. Lin, Sun and Hwang (see ACM Operating Syst. Rev., vol.34, no. 4, p.12-20, 2000) proposed a secure three-party protocol with server public-keys. However, the approach of using server public-keys is not always a satisfactory solution and is impractical for some environments. We propose a secure three-party EKE protocol without server public-keys.

Three-party encrypted key exchange

Password-based mechanism is the widely used method for authentication since it allows people to choose their own passwords without any assistant device to generate or store. However, people are used to choose easy-to-remember passwords such that guessing attacks could succeed. In 1992, Bellovin and Merritt proposed Encrypted Key Exchange (EKE) protocols for preventing guessing attacks, in which two communication parties A and B securely share a possibly weak password in advance. In large communication environments, it is inconvenient in key management that every two communication parties mutually share a secret. Three-party EKE protocols, in which all parties (clients) share their secrets with a trusted server only, are more suitable for large communication environments. In 1995, Steiner, Tsudik and Waidner proposed a realization of three-party EKE protocol which is later demonstrated that it is vulnerable to undetectable on-line guessing attacks. In this paper, We will show a new off-line guessing attack on Steiner, Tsudik and Waidners' protocol. Besides, we will also propose a new three-party EKE protocol which not only is secure against both the off-line guessing attack and undetectable on-line guessing attacks but also satisfies the security properties of perfect forward secrecy and known-key security.