文章基本信息

标题：Improvement of a Three-Party Password-Based Key Exchange Protocol with Formal Verification
本地全文：下载
作者：Qi Xie ; Na Dong ; Xiao Tan 等
期刊名称：Public Policy And Administration
印刷版ISSN：2029-2872
出版年度：2013
卷号：42
期号：3
页码：231-237
DOI：10.5755/j01.itc.42.3.1905
语种：English
出版社：Kaunas University of Technology
摘要：A Three-party Password-based Authenticated Key Exchange (3PAKE) protocol allows two users to establish a secure session key over an insecure communication channel with the help of a third party, which is a trusted server. Recently, Lou and Huang proposed a 3PAKE which is efficient and suitable for running on resource-constrained devices such as smart cards and mobile phones. In this paper, we show that their scheme is vulnerable to off-line password guessing attack and partition attack. We then propose an efficient method to fix these problems. Additionally, the mutual authentication and session key secrecy of the proposed protocol are verified using a formal verification tool.
关键词：Key Exchange;Password Based Authenticated Key Exchange (PAKE);Three-Party PAKE;ProVerif