Browse > Article
http://dx.doi.org/10.13089/JKIISC.2008.18.6A.179

Cryptanalysis of an Efficient RSA-Based Password-Authenticate Key Exchange Protocol against Dictionary Attack  

Youn, Taek-Young (Korea University)
Park, Young-Ho (Sejong Cyber University)
Ryu, Heui-Su (Gyeongin National University of Education)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.18, no.6A, 2008 , pp. 179-183 More about this Journal
Abstract
Recently, an efficient password-authenticated key exchange protocol based on RSA has been proposed by Park et al. with formal security proof. In this letter, we analyze their protocol, and show that it is not secure against an active adversary who performs a dictionary attack. Moreover, we analyze the performance of the proposed attack and show that the attack is a threatening attack against the protocol.
Keywords
Cryptanalysis; Key Exchange; Password; RSA;
Citations & Related Records
연도 인용수 순위
  • Reference
1 S. M. Bellovin, M. Merritt, "Encrypted key exchange: password-based protocols secure against dictinary attacks", In Proc. of 1992 IEEE Symposium on Research in Security and Privacy, IEEE Computer Society, pp. 72-84, 1992
2 P. MacKenzie, S. Patel, and R. Swaminathan, "Password-Authenticated Key Exchange Based on RSA", in Proc. of ASIACRYPT 2000, LNCS 1976, pp. 599-613, Springer-Verlag, 2000
3 S. Park, J. Nam, S. Kim, D. Won, "Efficient Password-Authenticated Key Exchange Based on RSA", in Proc. of CT-RSA 2007, Springer- Verlag, LNCS 4377, pp. 309-323, Springer- Verlag, 2007
4 D. S. Wong, A. H. Chan, and F. Zhu, "More Efficient Password Authenticated Key Exchange Based on RSA", in Proc. of INDOCRYPT 2003, LNCS 2904, pp. 375-387. Springer-Verlag, 2003
5 F. Zhu, D. S. Wong, A. H. Chan, and R. Ye, "Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks", in Proc. of ISC 2002, LNCS 2433, pp. 150-161. Springer-Verlag, 2002
6 M. Zhang, "New Approaches to Password Authenticated Key Exchange based on RSA", in Proc. of ASIACRYPT 2004, LNCS 3329, pp. 230-244. Springer-Verlag, 2004
7 M. Zhang, "Further Analysis of Password Authenticated Key Exchange Protocol based on RSA for Imbalanced Wireless Networks", in Proc. of ISC 2004, LNCS 3225, pp. 13-24. Springer-Verlag, 2004
8 S. Patel, "Number Theoretic Attacks on Secure Password Schemes", in Proc. of IEEE Symposium on Security and Privacy, pp. 236-247, IEEE Computer Society, 1997
9 D. Catalano, D. Pointcheval, and T. Pornin, "Trapdoor Hard-to-Invert Group Isomorphisms and Their Application to Password-based Authentication", Journal of Cryptology, Vol.20, Number 1, pp. 115-149, Springer-Verlag, 2007   DOI
10 M. Bellare, D. Pointcheval, and P. Rogaway, "Authenticated key exchange secure against dictionary attack", in Proc. of Eurocrypt 2000, LNCS 1807, pp. 139-155. Springer-Verlag, 2000
11 F. Bao, "Security Analysis of a Password Authenticated Key Exchange Protocol", in Proc. of ISC 2003, LNCS 2851, pp. 208-217, Springer-Verlag, 2003