Cryptanalysis on a Three Party Key Exchange Protocol-STPKE`

Shirisha Tallapally and R Padmavathy
Volume: 6, No: 1, Page: 43 ~ 52, Year: 2010
Keywords: STPKE’ Protocol, The Proposed Protocol, Undetectable Online Password Guessing Attack
Full Text:

?In the secure communication areas, three-party authenticated key exchange protocol is an important cryptographic technique. In this protocol, two clients will share a human-memorable password with a trusted server, in which two users can generate a secure session key. On the other hand the protocol should resist all types of password guessing attacks. Recently, STPKE’ protocol has been proposed by Kim and Choi. An undetectable online password guessing attack on STPKE’ protocol is presented in the current study. An alternative protocol to overcome undetectable online password guessing attacks is proposed. The results show that the proposed protocol can resist undetectable online password guessing attacks. Additionally, it achieves the same security level with reduced random numbers and without XOR operations. The computational efficiency is improved by ? 30% for problems of size ? 2048 bits. The proposed protocol is achieving better performance efficiency and withstands password guessing attacks. The results show that the proposed protocol is secure, efficient and practical.

Article Statistics
Multiple requests among the same broswer session are counted as one view (or download).
If you mouse over a chart, a box will show the data point's value.

Cite this article
IEEE Style
S. T. R. Padmavathy, "Cryptanalysis on a Three Party Key Exchange Protocol-STPKE`," Journal of Information Processing Systems, vol. 6, no. 1, pp. 43~52, 2010. DOI: 10.3745/JIPS.2010.6.1.043.

ACM Style
Shirisha Tallapally and R Padmavathy. 2010. Cryptanalysis on a Three Party Key Exchange Protocol-STPKE`, Journal of Information Processing Systems, 6, 1, (2010), 43~52. DOI: 10.3745/JIPS.2010.6.1.043.