2010 Volume E93.A Issue 4 Pages 850-853
This research paper points out that the gateway-oriented password-based authenticated key exchange protocol recently developed by Shim (S-GPAKE) was inefficiently and incorrectly designed to overcome an undetectable on-line password guessing attack. To resolve the computation efficiency and security problems, an optimized GPAKE protocol (O-GPAKE), which was not only secure against various security attacks, but also had considerably lower computational cost and provided mutual authentication unlike previous related protocols including the S-GPAKE protocol was proposed.