Check Swinburne's subscriptions for full text availabilitySearch Swinburne Research Bank
Home
List of Titles
Cryptanalysis of an improved client-to-client password-authenticated key exchange (C2C-PAKE) scheme
List of Titles
Cryptanalysis of an improved client-to-client password-authenticated key exchange (C2C-PAKE) scheme
Please use this identifier to cite or link to this item: http://hdl.handle.net/1959.3/2604
- Title
- Cryptanalysis of an improved client-to-client password-authenticated key exchange (C2C-PAKE) scheme
- Author(s)
- Goi, Bok-Min; Phan, Raphael C.
- Abstract
- Password-Authenticated Key Establishment (PAKE) protocols allow two parties, to share common secret keys in an authentic manner based on an easily memorizable password. At ICCSA 2004, an improved PAKE protocol between two clients of different realms was proposed that was claimed to be secure against attacks including the replay attack. In this paper, we cryptanalyze this protocol by showing two replay attacks that allow an attacker to falsely share a secret key with a legal client. Keywords: Password-authenticated key exchange, client-to-client, cryptanalysis, replay attack, unknown key-share.
- Publication type
- Conference paper
- Research centre
- Swinburne University of Technology. Sarawak School of Engineering
- Source
- Proceedings of the 3rd International Conference on Applied Cryptography and Network Security, 7-10 June 2005, New York, USA, pp. 33-39
- Publication year
- 2005
- Publisher
- Springer-Verlag Berlin
- ISBN
- 3 540 26223 7
- Publisher URL
- http://dx.doi.org/10.1007/11496137_3
- Copyright
- Copyright 2005
- Peer reviewed
