Weakness Analysis and Improvement of a Gateway-Oriented Password-Based Authenticated Key Exchange Protocol

Details Weakness Analysis and Improvement of a Gateway-Oriented Password-Based Authenticated Key Exchange Protocol Weakness Analysis and Improvement of a Gateway-Oriented Password-Based Authenticated Key Exchange Protocol

2010-01-18

arxiv.org/abs/1001.2945v1

Computer Science

Cryptography and Security

6 pages

Scientific paper

Recently, Abdalla et al. proposed a new gateway-oriented password-based authenticated key exchange (GPAKE) protocol among a client, a gateway, and an authentication server, where each client shares a human-memorable password with a trusted server so that they can resort to the server for authentication when want to establish a shared session key with the gateway. In the letter, we show that a malicious client of GPAKE is still able to gain information of password by performing an undetectable on-line password guessing attack and can not provide the implicit key confirmation. At last, we present a countermeasure to against the attack.

Affiliated with

Also associated with

No associations

Rating

Weakness Analysis and Improvement of a Gateway-Oriented Password-Based Authenticated Key Exchange Protocol does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with Weakness Analysis and Improvement of a Gateway-Oriented Password-Based Authenticated Key Exchange Protocol, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Weakness Analysis and Improvement of a Gateway-Oriented Password-Based Authenticated Key Exchange Protocol will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-659967