Cryptanalysis and Improvement of Password Authenticated Key Exchange Scheme between Clients with Different Passwords

  • Jeeyeon Kim
  • Seungjoo Kim
  • Jin Kwak
  • Dongho Won
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3043)


In ICICS’02, Byun et al. presented a new client to client password-authenticated key exchange(C2C-PAKE) protocol in a cross-realm setting. In their paper, they argued that their C2C-PAKE protocol is secure against the Denning-Sacco attack of an insider adversary. In this paper, we show that, contrary to their arguments, the C2C-PAKE protocol is vulnerable to the Denning-Sacco attack by an insider adversary. And we also present the modified protocol to solve this problem.


Replay Attack Dictionary Attack Perfect Forward Secrecy Malicious Server Middle Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  2. 2.
    Bellovin, S., Merrit, M.: Encrypted key exchange: password based protocols secure against dictionary attacks. In: Proceedings of the Symposium on Security and Privacy, pp. 72–84 (1992)Google Scholar
  3. 3.
    Boyko, V., MacKenzie, P., Patel, S.: Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  4. 4.
    Byun, J.W., Jeong, I.R., Lee, D.H., Park, C.S.: Password-Authenticated Key Exchange between Clients with Different Passwords. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 134–146. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  5. 5.
    Chen, L.: A Weakness of the Password-Autenticated Key Agreement between Clients with Different Passwords Scheme. In: The document was being circulated for considertaion at the 27th the SC27/WG2 meeting in Paris, France, 2003-10-20/24 (2003)Google Scholar
  6. 6.
    Denning, D., Sacco, G.: Timestamps in key distribution protocols. Communications of the ACM 24(8), 533–536 (1981)CrossRefGoogle Scholar
  7. 7.
    Goldreich, O., Lindell, Y.: Session-Key Generation Using Human Passwords Only. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 408–432. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Katz, J., Ostrovsky, R., Yung, M.: Efficient Password-Authenticated key exchange Using Human-Memorable Passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Steiner, M., Tsudik, G., Waider, M.: Refinement and extension of encrypted key exchange. ACM Operation Sys. Review 29(3), 22–30 (1995)CrossRefGoogle Scholar
  10. 10.
    Wu, T.: Secure Remote Password Protocol. In: Proceedings of the Internet Society Network and Distributed System Security Symposium, pp. 97–111 (1998)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Jeeyeon Kim
    • 1
  • Seungjoo Kim
    • 2
  • Jin Kwak
    • 2
  • Dongho Won
    • 2
  1. 1.KISA (Korea Information Security Agency)SeoulKorea
  2. 2.Sungkyunkwan UniversityKyunggi-DoKorea

Personalised recommendations