Cryptanalysis of Improvement of Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks
Summary :
In 2002, Zhu et al. proposed a password-based authenticated key exchange protocol based on RSA. Zhu et al. claimed the protocol is efficient for the low-power devices in wireless networks. Unfortunately, Yeh et al. pointed out that Zhu et al.'s protocol was weak against undetectable on-line password guessing attack. Not only that, Zhu et al.'s protocol does not achieve explicit key authentication. At the same time, Yeh et al. proposed an improved method. However, in this paper, we shall point out that Yeh et al.'s improvement is vulnerable to the off-line password guessing attack. At the same time, we shall propose a solution to resist the above attack.
- Publication
- IEICE TRANSACTIONS on Communications Vol.E88-B No.11 pp.4370-4372
- Publication Date
- 2005/11/01
- Publicized
- Online ISSN
- DOI
- 10.1093/ietcom/e88-b.11.4370
- Type of Manuscript
- LETTER
- Category
- Fundamental Theories for Communications
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Chou-Chen YANG, Ren-Chiun WANG, "Cryptanalysis of Improvement of Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks" in IEICE TRANSACTIONS on Communications,
vol. E88-B, no. 11, pp. 4370-4372, November 2005, doi: 10.1093/ietcom/e88-b.11.4370.
Abstract: In 2002, Zhu et al. proposed a password-based authenticated key exchange protocol based on RSA. Zhu et al. claimed the protocol is efficient for the low-power devices in wireless networks. Unfortunately, Yeh et al. pointed out that Zhu et al.'s protocol was weak against undetectable on-line password guessing attack. Not only that, Zhu et al.'s protocol does not achieve explicit key authentication. At the same time, Yeh et al. proposed an improved method. However, in this paper, we shall point out that Yeh et al.'s improvement is vulnerable to the off-line password guessing attack. At the same time, we shall propose a solution to resist the above attack.
URL: https://global.ieice.org/en_transactions/communications/10.1093/ietcom/e88-b.11.4370/_p
Copy
@ARTICLE{e88-b_11_4370,
author={Chou-Chen YANG, Ren-Chiun WANG, },
journal={IEICE TRANSACTIONS on Communications},
title={Cryptanalysis of Improvement of Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks},
year={2005},
volume={E88-B},
number={11},
pages={4370-4372},
abstract={In 2002, Zhu et al. proposed a password-based authenticated key exchange protocol based on RSA. Zhu et al. claimed the protocol is efficient for the low-power devices in wireless networks. Unfortunately, Yeh et al. pointed out that Zhu et al.'s protocol was weak against undetectable on-line password guessing attack. Not only that, Zhu et al.'s protocol does not achieve explicit key authentication. At the same time, Yeh et al. proposed an improved method. However, in this paper, we shall point out that Yeh et al.'s improvement is vulnerable to the off-line password guessing attack. At the same time, we shall propose a solution to resist the above attack.},
keywords={},
doi={10.1093/ietcom/e88-b.11.4370},
ISSN={},
month={November},}
Copy
TY - JOUR
TI - Cryptanalysis of Improvement of Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks
T2 - IEICE TRANSACTIONS on Communications
SP - 4370
EP - 4372
AU - Chou-Chen YANG
AU - Ren-Chiun WANG
PY - 2005
DO - 10.1093/ietcom/e88-b.11.4370
JO - IEICE TRANSACTIONS on Communications
SN -
VL - E88-B
IS - 11
JA - IEICE TRANSACTIONS on Communications
Y1 - November 2005
AB - In 2002, Zhu et al. proposed a password-based authenticated key exchange protocol based on RSA. Zhu et al. claimed the protocol is efficient for the low-power devices in wireless networks. Unfortunately, Yeh et al. pointed out that Zhu et al.'s protocol was weak against undetectable on-line password guessing attack. Not only that, Zhu et al.'s protocol does not achieve explicit key authentication. At the same time, Yeh et al. proposed an improved method. However, in this paper, we shall point out that Yeh et al.'s improvement is vulnerable to the off-line password guessing attack. At the same time, we shall propose a solution to resist the above attack.
ER -
English
