Skip to main content
SpringerLink
Log in

Efficient 3-Pass Password-Based Key Exchange Protocol with Low Computational Cost for Client

  • Conference paper
Information Security and Cryptology - ICISC’99 (ICISC 1999)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1787))

Included in the following conference series:

  • 301 Accesses

Abstract

We propose the efficient password-based key exchange protocol, which resists against dictionary attack mounted by a passive or active adversary and is a 3-pass key exchange protocol, whereas existing protocols are 4-pass or more. Thus, considering network traffic, it will be able to reduce the total execution time in comparison with other several schemes. Especially, from the view point of the client’s computational cost, our protocol is suitable for mobile communications. It is because we can reduce the modular exponentiation of client (or mobile) in comparison with other several password-based protocols. Besides, the proposed scheme has the characteristics of perfect forward secrecy, and resists against a known key attack. It also offers resistance against a stolen verifier attack as A-EKE, B-SPEKE, and SRP. Finally, two parties involved in protocol are able to agree on Diffie-Hellman exponential gxy in the proposed scheme.

This work was supported by KSEF (Korea Science and Engineering Foundation) under project 97-01-13-01-05.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bellovin, S., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: IEEE Comp. Society Symp. On Research in Security and Privacy, pp. 72–84 (1992)

    Google Scholar 

  2. Bellovin, S., Merrit, M.: Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise. In: ACM Conf. Comp. And Comm. Security, pp. 244–250 (1993)

    Google Scholar 

  3. Jablon, D.: Strong password-only authenticated key exchange. ACM Comput. Commun. Rev. 20(5), 5–26 (1996)

    Article  Google Scholar 

  4. Jablon, D.: Extended password key exchange protocols. In: WETICE Workshop on Enterprise Security (1997)

    Google Scholar 

  5. Wu, T.: Secure remote password protocol. In: Internet Society Symp. Network and Distributed System Security (1998)

    Google Scholar 

  6. Kwon, T., Song, J.: Secure agreement scheme for gxy via password authentication. Electron. Lett. 35, 892–893 (1999)

    Article  Google Scholar 

  7. Nyberg, K., Rueppel, R.: A new signature scheme based on DSA giving message recovery. In: Nyberg, K., Rueppel, R. (eds.) Proc. 1st ACM Conf. On Comput. Commun. Security, November 1993, pp. 58–61 (1993)

    Google Scholar 

  8. Boyd, C., Mathuria, A.: Key Establishment Protocols for Secure Mobile Communications: A Selective Survey. In: Eiben, A.E., Bäck, T., Schoenauer, M., Schwefel, H.-P. (eds.) PPSN 1998. LNCS, vol. 1498, pp. 344–355. Springer, Heidelberg (1998)

    Google Scholar 

  9. Menezes, A.J., vanOorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography, pp. 388–397. CRC Press, Boca Raton (1996)

    Book  Google Scholar 

  10. Gong, L., Lomas, M.A., Needham, R., Saltzer, J.: Protecting poorly chosen secrets from guessing attacks. IEEE Journal on Selected Areas in Communications 11(5), 648–656 (1993)

    Article  Google Scholar 

  11. Steiner, M., Tsudik, G., Waidner, M.: Refinement and Extension of Encrypted Key Exchange. Operating Systems Review 29(3), 22–30 (1995)

    Article  Google Scholar 

  12. Anderson, R., Vaudenay, S.: Minding your p’s and q’s’. In: Kim, K.-c., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 15–25. Springer, Heidelberg (1996)

    Chapter  Google Scholar 

  13. van Oorschot, P.C., Wiener, M.J.: On Diffie-Hellman Key Agreement with Short Exponents. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 332–343. Springer, Heidelberg (1996)

    Google Scholar 

  14. Pohlig, S.C., Hellman, M.E.: An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Trans. Inform. Theory IT-24(1), 106–110 (1978)

    Google Scholar 

  15. Denning, D.E., Sacco, G.M.: Timestamps in key distribution protocols. Communications of the ACM 24(8), 533–536 (1981)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information and Communications Security Laboratory, School of Electrical and Computer Engineering, Sungkyunkwan University, 300 Chunchun-dong Jangan-gu, Suwon, Kyunggi-do, Korea

    Hyoungkyu Lee & Dongho Won

  2. Department of Coding Technology, Electronics and Telecommunications Research Institute, 161 Kajong-dong, Yusong-Gu, Taejon, Korea

    Kiwook Sohn

  3. Division of Computer Science, Electronics, and Industrial Engineering, Kangnam University, San 6-2, Kugal-ri, Gihung-up, Yongin, Kyunggi-do, Korea

    Hyoungkyu Yang

Authors
  1. Hyoungkyu Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kiwook Sohn
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hyoungkyu Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Dongho Won
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Computer Science, Yonsei University, Seoul, Korea

    JooSeok Song

Rights and permissions

Reprints and permissions

Copyright information

© 2000 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lee, H., Sohn, K., Yang, H., Won, D. (2000). Efficient 3-Pass Password-Based Key Exchange Protocol with Low Computational Cost for Client. In: Song, J. (eds) Information Security and Cryptology - ICISC’99. ICISC 1999. Lecture Notes in Computer Science, vol 1787. Springer, Berlin, Heidelberg. https://doi.org/10.1007/10719994_12

Download citation

  • DOI: https://doi.org/10.1007/10719994_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-67380-4

  • Online ISBN: 978-3-540-45568-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation