On the Security of Some Password-Based Key Agreement Schemes

  • Qiang Tang
  • Chris J. Mitchell
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3802)


In this paper we show that three potential security vulnerabilities exist in the strong password-only authenticated key exchange scheme due to Jablon. Two standardised schemes based on Jablon’s scheme, namely the first password-based key agreement mechanism in ISO/IEC FCD 11770-4 and the scheme BPKAS-SPEKE in IEEE P1363.2 also suffer from some of these security vulnerabilities. We further show that other password-based key agreement mechanisms, including those in ISO/IEC FCD 11770-4 and IEEE P1363.2, also suffer from these security vulnerabilities. Finally, we propose means to remove these security vulnerabilities.


Security Vulnerability Protocol Execution Dictionary Attack Protocol Instance Online Dictionary Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bellovin, S., Merritt, M.: Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks. In: SP 1992: Proceedings of the 1992 IEEE Symposium on Security and Privacy, pp. 72–84. IEEE Computer Society, Los Alamitos (1992)CrossRefGoogle Scholar
  2. 2.
    Jablon, D.: Strong Password-Only Authenticated Key Exchange. Computer Communication Review 26, 5–26 (1996)CrossRefGoogle Scholar
  3. 3.
    Jablon, D.: Extended Password Key Exchange Protocols Immune to Dictionary Attack. In: Proceedings of the WETICE 1997 Workshop on Enterprise Security, pp. 248–255 (1997)Google Scholar
  4. 4.
    Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  5. 5.
    Abdalla, M., Chevassut, O., Pointcheval, D.: One-Time Verifier-Based Encrypted Key Exchange. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 47–64. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  6. 6.
    International Organization for Standardization. ISO/IEC FCD 11770–4, Information technology — Security techniques — Key management — Part 4: Mechanisms based on weak secrets (2004)Google Scholar
  7. 7.
    Institute of Electrical and Electronics Engineers, Inc. IEEE P1363.2 draft D20, Standard Specifications for Password-Based Public-Key Cryptographic Techniques (2005)Google Scholar
  8. 8.
    Lomas, T., Gong, L., Saltzer, J., Needham, R.: Reducing risks from poorly chosen keys. ACM SIGOPS Operating Systems Review 23, 14–18 (1989)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Qiang Tang
    • 1
  • Chris J. Mitchell
    • 1
  1. 1.Information Security GroupRoyal Holloway, University of LondonEgham, SurreyUK

Personalised recommendations