In 2009, Huang (Int. J. Commun. Syst., 22, 857-862) proposed a simple and efficient three-party password-based key exchange protocol without server's public key. This work shows that the protocol could be vulnerable to an undetectable online password guessing attack. Furthermore, an improved protocol is proposed to avoid the attack.
All Science Journal Classification (ASJC) codes
- Computer Networks and Communications
- Electrical and Electronic Engineering