Security Analysis of Two Augmented Password-Authenticated Key Exchange Protocols

Access this Article

Search this Article

Author(s)

    • SHIN SeongHan
    • Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science and Technology (AIST)
    • KOBARA Kazukuni
    • Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science and Technology (AIST)

Abstract

An augmented PAKE (Password-Authenticated Key Exchange) protocol is said to be secure against server-compromise impersonation attacks if an attacker who obtained password verification data from a server cannot impersonate a client without performing off-line dictionary attacks on the password verification data. There are two augmented PAKE protocols where the first one [12] was proposed in the IEEE Communications Letters and the second one [15] was submitted to the IEEE P1363.2 standard working group [9]. In this paper, we show that these two augmented PAKE protocols [12],[15] (claimed to be secure) are actually insecure against server-compromise impersonation attacks. More specifically, we present <i>generic</i> server-compromise impersonation attacks on these augmented PAKE protocols [12],[15].

Journal

  • IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences 93(11), 2092-2095, 2010-11-01

    The Institute of Electronics, Information and Communication Engineers

References:  21

Codes

Page Top