IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Online ISSN : 1745-1337
Print ISSN : 0916-8508
Regular Section
An Offline Dictionary Attack against Abdalla and Pointcheval's Key Exchange in the Password-Only Three-Party Setting
Junghyun NAMKim-Kwang Raymond CHOOJuryon PAIKDongho WON
Author information
Keywords: security, three-party key exchange, password-only authenticated key exchange (PAKE), dictionary attack, insider attack
JOURNAL RESTRICTED ACCESS

2015 Volume E98.A Issue 1 Pages 424-427

Details
Download PDF (234K)
Download citation RIS

(compatible with EndNote, Reference Manager, ProCite, RefWorks)

BIB TEX

(compatible with BibDesk, LaTeX)

Text
How to download citation
Contact us
Abstract
Although password-only authenticated key exchange (PAKE) in the three-party setting has been widely studied in recent years, it remains a challenging area of research. A key challenge in designing three-party PAKE protocols is to prevent insider dictionary attacks, as evidenced by the flaws discovered in many published protocols. In this letter, we revisit Abdalla and Pointcheval's three-party PAKE protocol from FC 2005 and demonstrate that this protocol, named 3PAKE, is vulnerable to a previously unpublished insider offline dictionary attack. Our attack is dependant on the composition of 3PAKE and the higher-level protocol that uses the established session key.
Content from these authors
© 2015 The Institute of Electronics, Information and Communication Engineers
Previous article Next article
Favorites & Alerts

Recently viewed articles
Announcements from publisher
Share this page
feedback
 Top