2013 Volume E96.A Issue 9 Pages 1864-1871
In this paper, we point out that Yoon et al.'s gateway-oriented password-based authenticated key exchange (GPAKE) protocol is inefficiently and incorrectly designed to overcome the undetectable on-line dictionary attack. To remedy these problems, we propose a new GPAKE protocol and prove its security in the random oracle model. Performance analysis demonstrates that our protocol is more secure and efficient than previous protocols.