A Three-party Encrypted Key Exchange Protocol with Protected Password Authentication

摘要

In 2008, Yoon and Yoo [19] proposed a password-based 3PEKE scheme, which can improve some secure weaknesses of the password-based 3PEKE scheme [2]. However, in 2009, Lo and Yeh [14] shown that the 3PEKE scheme [19] cannot resist undetectable on-line password guessing attacks and proposed a new approach to solve this problem. Although they actually propose an improved approach, the exchange-message roles are quite different from the traditional 3PEKE schemes [2–5, 8, 10–13, 15, 17–10, 21, 22] in which the key information be exchanged between just one specific client and server. That is, a client will still act as the intermediate role who exchanges the messages flow between the other client and server. In other words, both clients [14] will exchange key information with server, individually. Therefore, we propose an approach, which is called Three-party Encrypted Key Exchange Protocol with Protected Password Authentication (3PEKE-PPA), to improve the traditional password-based 3PEKE scheme. Our scheme can achieve effective implement and resist undetectable on-line password guessing attacks.