Abstract
In 2005, Chang et al. proposed a simple authenticated key agreement and protected password change protocol. However, Chang et al.’s schemes are still susceptible to stolen-verifier attack and Denial-of-Service attacks. Accordingly, the current paper demonstrates the vulnerability of Chang et al.’s schemes to two simple attacks and then presents an improved scheme to resolve such problems. In contrast to Chang et al.’s protected password change protocol, the proposed protected password change protocol can securely update user passwords without a complicated process, while also providing greater security.
Chapter PDF
Similar content being viewed by others
References
Diffie, W., Hellman, M.: New Directions in Cryptography. IEEE Transaction on Information Theory IT-22(6), 644–654 (1976)
Schneier, B.: Applied Cryptography-Protocols. Algorithms and Source Code in C, 2nd edn. John Wiley & Sons Inc., Chichester (1995)
Seo, D.H., Sweeney, P.: Simple Authenticated Key Agreement Algorithm. Electronics Letters 35(13), 1073–1074 (1999)
Bellovin, S., Merritt, M.: Encrypted Key Exchange: Password-based Protocols Secure Against Dictionary Attacks. In: Proc. of IEEE Conf. on Research in Security and Privacy, pp. 72–84 (1992)
Yeh, H.T., Sun, H.M.: Simple Authenticated Key Agreement Protocol resisant to Password Guessing Attacks. ACM SIGOPS Operation Systems Review 36(4), 14–22 (2002)
Kobara, K., Imai, H.: Pretty-simple Password-authenticated Key-exchange Protocol Proven to be Secure in the Standard Model. IEICE Transactions on Fundamentals E85-A(10), 2229–2237 (2002)
Chang, T.Y., Yang, W.P., Hwang, M.S.: Simple Authenticated Key Agreement and Protected Password Change Protocol. Computers & Mathematics with Applications 49(5-6), 703–714 (2005)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Lin, C.L., Hwang, T.: A Password Authentication Scheme with Secure Password Updating. Computers & Security 22(1), 68–72 (2003)
Menezes, A.J., Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptograph. CRC Press, New York (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yoon, EJ., Yoo, KY. (2005). A New Simple Authenticated Key Agreement and Protected Password Change Protocol. In: Enokido, T., Yan, L., Xiao, B., Kim, D., Dai, Y., Yang, L.T. (eds) Embedded and Ubiquitous Computing – EUC 2005 Workshops. EUC 2005. Lecture Notes in Computer Science, vol 3823. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11596042_98
Download citation
DOI: https://doi.org/10.1007/11596042_98
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30803-4
Online ISBN: 978-3-540-32296-2
eBook Packages: Computer ScienceComputer Science (R0)