|
Cryptanalysis of three Provably Secure Password Authenticated Key Exchange Protocols in the three-party Setting
|
|
|
Maryam Saeed1, Hadi Shahriar Shahhoseini2, Ali Mackvandi3, Mohammad Reza Rezaeinezhad4, Mansour Naddafiun5
1 Iran University of Science and Technology, Iran, Email : m_saeed@vu.iust.ac.ir
2 Iran University of Science and Technology, Iran, Email : hshsh@iust.ac.ir
*3 Pishgaman Kavir Yazd, Iran, Email : mackvandi@pishgaman.com
4 Pishgaman Kavir Yazd, Iran,Email : rezaei@pishgaman.com
5 Pishgaman Kavir Yazd, Iran, Email : Naddafiun@pishgaman.com
|
|
|
|
Abstract
.Three-party Password Authenticated Key Exchange (3PAKE) protocols play a key role in providing security goals in communications. They enable two entities to share a common session key in an authentic manner based on a low entropy human-memorable password. In 2010, Lee and Hwang proposed S-IA-3PAKE and S-EA-3PAKE protocols based on the SPAKE protocol developed by Abdalla and Pointcheval. In 2011, Chang et al. presented an efficient three-party Password Authenticated Key Exchange Protocol and its parallel version based on LHL-3PAKE protocol proposed by Lee et al. In this paper, it is shown that both supposedly provably secure S-IA-3PAKE and S-EA-3PAKE protocols are vulnerable to serious threats such as Unknown Key Share (UKS) and password compromise impersonation attacks. It is also shown that the provably secure protocol of Chang et al. and its parallel version suffer from password compromise impersonation and ephemeral key compromise impersonation attacks. Indeed, our results highlight the need of more attention and precision during defining the provable security models and constructing proofs in this method, because there are still considerable gaps between what can be proven based on formal security models and what are actually secure in use.
|
|
|
|
Keywords
:
Password Authenticated Key Exchange; Cryptanalysis; Unknown Key Share attack (UKS); ephemeral key compromise impersonation attack; password compromise impersonation attack.
|
|
|
|
URL: http://dx.doi.org/10.7321/jscse.v3.n3.75
|
|
|
|
|