The Journal of Supercomputing

, Volume 70, Issue 1, pp 224–235 | Cite as

An efficient password-based three-party authenticated multiple key exchange protocol for wireless mobile networks

  • Hang Tu
  • Neeraj Kumar
  • Debiao He
  • Jongsung Kim
  • Changhoon Lee
Article

Abstract

With the rapid development of wireless mobile communication, the password-based three-party authenticated key exchange protocol has attracted an increasing amount of attention. To generate more session keys at one time for different applications, Li et al. proposed a password-based three-party authenticated multiple key exchange (3PAMKE) protocol for wireless mobile networks. They claimed that their protocol could withstand various attacks. In this paper, we will show Li et al.’s protocol is not secure off-line password guessing. Furthermore, we proposed an improved 3PAMKE protocol to overcome weakness in Li et al.’s protocol. Security analysis and performance analysis shows our protocol not only overcomes security weakness, but also has better performance. Therefore, our protocol is more suitable for wireless mobile networks.

Keywords

Wireless mobile networks Authenticated key exchange  Password Elliptic curve cryptography 

References

  1. 1.
    Sui A, Hui L, Yiu S, Chow K, Tsang W, Chong C, et al (2005) An improved authenticated key agreement protocol with perfect forward secrecy for wireless mobile communication. In: IEEE wireless and communications and networking conference (WCNC 2005). pp 2088–2093Google Scholar
  2. 2.
    Lu R, Cao Z, Zhu H (2007) An enhanced authenticated key agreement protocol for wireless mobile communication. Comput Stand Interfaces 29:647–52CrossRefGoogle Scholar
  3. 3.
    Pu Q (2010) Cryptanalysis of Lu et al.’s password-based authenticated key agreement protocol, 2010. In: Second international conference on multimedia and information technology. pp 215–218Google Scholar
  4. 4.
    Lo J-W, Lee C-C, Hwang M-S (2010) A secure and efficient ECC-based AKA protocol for wireless mobile communications. Int J Innovat Comput Inform Control 6(11):5249–58Google Scholar
  5. 5.
    He D (2012) Weakness in an ECC-based AKA protocol for wireless mobile communications. ETRI J 34(3):482–483CrossRefGoogle Scholar
  6. 6.
    Lin CL, Sun HM, Steiner M, Hwang T (2001) Three-party encrypted key exchange without server public-keys. IEEE Commun Lett 5(12):497–499CrossRefGoogle Scholar
  7. 7.
    Lee TF, Hwang T, Lin CL (2004) Enhanced three-party encrypted key exchange without server public keys. Comput Secur 23(7):571–577CrossRefGoogle Scholar
  8. 8.
    Lee TF, Hwang T (2010) Simple password-based three-party authenticated key exchange without server public keys. Inf Sci 180(9):1702–1714CrossRefMATHGoogle Scholar
  9. 9.
    Chang TY, Hwang MS, Yang WP (2011) A communication-efficient three-party password authenticated key exchange protocol. Inf Sci 181(1):217–226MathSciNetCrossRefGoogle Scholar
  10. 10.
    Wu S, Pu Q, Wang S, He D (2012) Cryptanalysis of a communication-efficient three-party password authenticated key exchange protocol. Inf Sci 215(1):83–96MathSciNetCrossRefMATHGoogle Scholar
  11. 11.
    Xiong H, Chen Y, Guan Z, Chen Z (2013) Finding and fixing vulnerabilities in several three-party password authenticated key exchange protocols without server public keys. Inf Sci 235(20):329–340MathSciNetCrossRefMATHGoogle Scholar
  12. 12.
    Li W, Wen Q, Su Q, Zhang H, Jin Z (2012) Password-authenticated multiple key exchange protocol for mobile applications. China Commun 9(1):64–72Google Scholar
  13. 13.
    Xiang T, Wong K, Liao X (2008) Cryptanalysis of a password authentication scheme over insecure networks. J Comput System Sci 74(5):657–661MathSciNetCrossRefMATHGoogle Scholar
  14. 14.
    He D, Wu S, Chen J (2012) Note on ’Design of improved password authentication and update scheme based on elliptic curve cryptography’. Math Comput Modell 55(3–4):1661–1664MathSciNetCrossRefMATHGoogle Scholar

Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  • Hang Tu
    • 1
  • Neeraj Kumar
    • 2
  • Debiao He
    • 3
  • Jongsung Kim
    • 4
  • Changhoon Lee
    • 5
  1. 1.School of ComputerWuhan UniversityWuhanChina
  2. 2.Department of Computer Science and EngineeringThapar UniversityPatialaIndia
  3. 3.School of Mathematics and StatisticsWuhan UniversityWuhanChina
  4. 4.Department of MathematicsKookmin UniversitySeoulKorea
  5. 5.Department of Computer Science and EngineeringSeoul National University of Science and Technology (Seoul Tech)SeoulKorea

Personalised recommendations