Previous [ 1] [ 2] [ 3] [ 4] [ 5] [ 6] [ 7] [ 8] [ 9] [ 10] [ 11]

@

Journal of Information Science and Engineering, Vol. 29 No. 2, pp. 249-265 (March 2013)


Provably Secure Gateway-Oriented Password-Based Authenticated Key Exchange Protocol Resistant to Password Guessing Attacks


HUNG-YU CHIEN1, TZONG-CHEN WU2 AND MING-KUEI YEH3
1Department of Information Management
National Chi-Nan University
Nantou, 545 Taiwan
2Department of Information Management
National Taiwan University of Science and Technology
Taipei, 106 Taiwan
3Department of Information Management
Nanya Institute of Technology
Chungli, 320 Taiwan

A Gateway-oriented Password-based Authenticated Key Exchange (GPAKE) scheme allows a client to establish an authenticated session key with a gateway via the help of an authentication server, where the client has pre-shared a password with the server. The desirable security properties of a GPAKE include session key semantic security, key privacy against servers, and password guessing attacks resistance. Abdalla et al.s scheme (Asiacrypt 2005) [1] proposed the first GPAKE scheme, and then Abdalla et al. [13] and Byun et al.s [2] had respectively proposed their improvements to enhance the security. Unfortunately, we find that all the improved schemes fail to commit the security requirements. In this paper, we point out security weaknesses of the improved scheme. To enhance the security, we propose a new GPAKE scheme, and prove its security in an enhanced model.

Keywords: security, authentication, gateway, password guessing attack, semantic security

Full Text () Retrieve PDF document (201303_04.pdf)

Received January 25, 2011; revised September 16, 2011; accepted October 4, 2011.
Communicated by Wen-Guey Tzeng.
* This work is partially supported by partially supported by National Science Council, Taiwan with project No. NSC 100-2218-E-260-260-001.