Skip to main content

Multi-Factor Authenticated Key Exchange Protocol in the Three-Party Setting

  • Conference paper
Information Security and Cryptology (Inscrypt 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6584))

Included in the following conference series:

Abstract

A great deal of authenticated key exchange (AKE) protocols have been proposed in recent years. Most of them were based on 1-factor authentication. In order to increase the security for AKE protocols, various authentication means can be used together. In fact, the existing multi-factor AKE protocols provide an authenticated key exchange only between a client and a server. This paper presents a new multi-factor AKE protocol in the three-party settings (3MFAKE), in which the authentication means combine a password, a secure device, and biometric authentications. We also prove the security of the protocol in the random oracle model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Pointcheval, D., Zimmer, S.: Multi-Factor Authenticated Key Exchange. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 277–295. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  2. Bresson, E., Chevassut, O., Pointcheval, D.: Security proofs for an efficient password-based key exchange. In: Proc. of the 10th ACM Conference on Computer and Communicate Security, pp. 241–250 (2003)

    Google Scholar 

  3. Canetti, R., Halevi, S., Katz, J., Lindell, Y., MacKenzie, P.: Universally composable password-based key exchange. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 404–421. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  4. Abdalla, M., Bresson, E., Chevassut, O., Moller, B., Pointcheval, D.: Provably secure password-based authentication in TLS. In: Proc. 2006 ACM Symposium on Information, Computer and Communications Security, pp. 35–45. ACM Press, New York (2006)

    Google Scholar 

  5. Abdalla, M., Chevassut, O., Pointcheval, D.: One-time verifier-based encrypted key exchange. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 47–64. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  6. Bhargav-Spantzel, A., Squicciarini, A.C., Modi, S., Young, M., Bertino, E., Elliot, S.J.: Privacy preserving multi-factor authentication with biometrics. In: Juels, A. (ed.) Proceedings of ACM DIM 2006 Workshop, pp. 63–72. ACM Press, New York (2006)

    Google Scholar 

  7. Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Communications of the Association for Computing Machinery 21(12), 993–999 (1978)

    Article  MATH  Google Scholar 

  8. Abdalla, M., Fouque, P., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  9. Sun, H.M., Chen, B.C., Hwang, T.: Secure key agreement protocols for three-party against guessing attacks. The Journal of Systems and Software 75, 63–68 (2005)

    Article  Google Scholar 

  10. Choo, K.K.R., Boyd, C., Hitchcock, Y.: The importance of proofs of security for key establishment protocols: formal analysis of Jan-Chen, Yang-Shen-Shieh, Kim-Huh-Hwang-Lee, Lin-Sun-Hwang, and Yeh-Sun protocols. Computer Communications 29(15), 2788–2797 (2006)

    Article  Google Scholar 

  11. Lu, R., Cao, Z.: Simple three-party key exchange protocol. Computers and Security 26, 94–97 (2007)

    Article  Google Scholar 

  12. Nam, J., Lee, Y., Kim, S., Won, D.: Security weakness in a three-party pairing-based protocol for password authenticated key exchange. Information Sciences 177(6), 1364–1375 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  13. Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  14. Bellare, M., Rogaway, P.: Provably secure session key distribution-the three party case. In: Proc. of the 28th Annual ACM Symposium on Theory of Computing, pp. 57–66 (1996)

    Google Scholar 

  15. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Liu, Y., Wei, F., Ma, C. (2011). Multi-Factor Authenticated Key Exchange Protocol in the Three-Party Setting. In: Lai, X., Yung, M., Lin, D. (eds) Information Security and Cryptology. Inscrypt 2010. Lecture Notes in Computer Science, vol 6584. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21518-6_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-21518-6_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-21517-9

  • Online ISBN: 978-3-642-21518-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics