CLC number: TP393; TN929.5
On-line Access: 2024-08-27
Received: 2023-10-17
Revision Accepted: 2024-05-08
Crosschecked: 2013-04-18
Cited: 1
Clicked: 6752
Chih-ho Chou, Kuo-yu Tsai, Tzong-chen Wu, Kuo-hui Yeh. Efficient and secure three-party authenticated key exchange protocol for mobile environments[J]. Journal of Zhejiang University Science C, 2013, 14(5): 347-355.
@article{title="Efficient and secure three-party authenticated key exchange protocol for mobile environments",
author="Chih-ho Chou, Kuo-yu Tsai, Tzong-chen Wu, Kuo-hui Yeh",
journal="Journal of Zhejiang University Science C",
volume="14",
number="5",
pages="347-355",
year="2013",
publisher="Zhejiang University Press & Springer",
doi="10.1631/jzus.C1200273"
}
%0 Journal Article
%T Efficient and secure three-party authenticated key exchange protocol for mobile environments
%A Chih-ho Chou
%A Kuo-yu Tsai
%A Tzong-chen Wu
%A Kuo-hui Yeh
%J Journal of Zhejiang University SCIENCE C
%V 14
%N 5
%P 347-355
%@ 1869-1951
%D 2013
%I Zhejiang University Press & Springer
%DOI 10.1631/jzus.C1200273
TY - JOUR
T1 - Efficient and secure three-party authenticated key exchange protocol for mobile environments
A1 - Chih-ho Chou
A1 - Kuo-yu Tsai
A1 - Tzong-chen Wu
A1 - Kuo-hui Yeh
J0 - Journal of Zhejiang University Science C
VL - 14
IS - 5
SP - 347
EP - 355
%@ 1869-1951
Y1 - 2013
PB - Zhejiang University Press & Springer
ER -
DOI - 10.1631/jzus.C1200273
Abstract: Yang and Chang (2009) proposed a three-party authenticated key exchange protocol for securing communications in mobile-commerce environments. Their protocol reduces computation and communication costs by employing elliptic curve cryptosystems. However, Tan (2010) pointed out that Yang and Chang (2009)’s protocol cannot withstand impersonation and parallel attacks, and further proposed an enhanced protocol to resist these attacks. This paper demonstrates that Tan (2010)’s approach still suffers from impersonation attacks, and presents an efficient and secure three-party authenticated key exchange protocol to overcome shown weaknesses.
[1]Cagalj, M., Capkun, S., Hubaux, J.P., 2006. Key agreement in peer-to-peer wireless networks. Proc. IEEE, 94(2):467-478.
[2]Canetti, R., Krawczyk, H., 2001. Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels. Proc. Advances in Cryptology, p.453-474.
[3]Chen, T.H., Lee, W.B., Chen, H.B., 2008. A round- and computation-efficient three-party authenticated key exchange protocol. J. Syst. Softw., 81(9):1581-1590.
[4]Diffie, W., Hellman, M., 1976. New directions in cryptography. IEEE Trans. Inf. Theory, 22(6):644-654.
[5]Guo, H., Li, Z., Mu, Y., Zhang, X., 2008. Cryptanalysis of simple three party key exchange protocol. Comput. Secur., 27(1-2):16-21.
[6]Hölbl, M., Welzer, T., Brumen, B., 2010. Two proposed identity-based three-party authenticated key agreement protocols from pairings. Comput. Secur., 29(2):244-252.
[7]Knuth, D.E., 1981. The Art of Computer Programming, Volume II: Seminumerical Algorithms (2nd Ed.). Addison-Wesley, Reading, MA.
[8]Koblitz, N., 1987. Elliptic curve cryptosystem. Math. Comput., 48(177):203-209.
[9]Lee, C.C., Chang, Y.F., 2008. On security of a practical three-party key exchange protocol with round efficiency. Inf. Technol. Control, 37(4):333-335.
[10]Lee, S.W., Kim, H.S., Yoo, K.Y., 2005. Efficient verifier-based key agreement protocol for three parties without server’s public key. Appl. Math. Comput., 167(2):996-1003.
[11]Lu, R., Cao, Z., 2007. Simple three-party key exchange protocol. Comput. Secur., 26(1):94-97.
[12]Menezes, A.J., Orschot, P.C., Vanstone, S.A., 1996. Handbook of Applied Cryptography. CRC Press.
[13]Miller, V.S., 1986. Use of Elliptic Curves in Cryptography. Proc. Advances in Cryptology, p.417-426.
[14]Padmavathy, R., 2010. Improved three party EKE protocol. Inf. Technol. Control, 39(3):220-226.
[15]Schnorr, C.P., 1989. Efficient Identification and Signatures for Smart Cards. Proc. CRYPTO, p.239-252.
[16]Tan, Z., 2010. An enhanced three-party authentication key exchange protocol for mobile commerce environments. J. Commun., 5(5):436-443.
[17]Tsaur, W.J., Chou, C.H., 2005. Efficient algorithms for speeding up the computations of elliptic curve cryptosystems. Appl. Math. Comput., 168(2):1045-1064.
[18]Yang, J.H., Chang, C.C., 2009. An efficient three-party authenticated key exchange protocol using elliptic curve cryptography for mobile-commerce environments. J. Syst. Software, 82(9):1497-1502.
[19]Yoon, E.J., Yoo, K.Y., 2008. Improving the novel three-party encrypted key exchange protocol. Comput. Stand. Interf., 30(5):309-314.
Open peer comments: Debate/Discuss/Question/Opinion
<1>