TY - JOUR
T1 - Three-party Encrypted Key Exchange without server public-keys
AU - Lin, Chun Li
AU - Sun, Hung Min
AU - Steiner, Michael
AU - Hwang, Tzonelih
N1 - Funding Information:
Manuscript received February 9, 2001. The associate editor coordinating the review of this letter and approving it for publication was Dr. L. Chen. This work was supported in part by the National Science Council of the Republic of China under Contract NSC90-2213-E-006-100.
PY - 2001/12
Y1 - 2001/12
N2 - Three-party key-exchange protocols with password authentication-clients share an easy-to-remember password with a trusted server only-are very suitable for applications requiring secure communications between many light-weight clients (end users); it is simply impractical that every two clients share a common secret. In 1995, Steiner, Tsudik and Waidner proposed a realization of such a three-party protocol based on the Encrypted Key Exchange (EKE) protocols. However, their protocol was later demonstrated to be vulnerable to off-line and undetectable on-line guessing attacks. In 2000, Lin, Sun, and Hwang proposed a secure three-party protocol with server public-keys. However, the approach of using server public-keys is not always a satisfactory solution and is impractical for some environments. In this letter, we propose a secure three-party EKE protocol without server public-keys.
AB - Three-party key-exchange protocols with password authentication-clients share an easy-to-remember password with a trusted server only-are very suitable for applications requiring secure communications between many light-weight clients (end users); it is simply impractical that every two clients share a common secret. In 1995, Steiner, Tsudik and Waidner proposed a realization of such a three-party protocol based on the Encrypted Key Exchange (EKE) protocols. However, their protocol was later demonstrated to be vulnerable to off-line and undetectable on-line guessing attacks. In 2000, Lin, Sun, and Hwang proposed a secure three-party protocol with server public-keys. However, the approach of using server public-keys is not always a satisfactory solution and is impractical for some environments. In this letter, we propose a secure three-party EKE protocol without server public-keys.
UR - http://www.scopus.com/inward/record.url?scp=0035701459&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=0035701459&partnerID=8YFLogxK
U2 - 10.1109/4234.974498
DO - 10.1109/4234.974498
M3 - Article
AN - SCOPUS:0035701459
VL - 5
SP - 497
EP - 499
JO - IEEE Communications Letters
JF - IEEE Communications Letters
SN - 1089-7798
IS - 12
ER -