Browse > Article
http://dx.doi.org/10.13089/JKIISC.2013.23.3.351

On the Security of Pointcheval-Zimmer Multi-Factor Authenticated Key Exchange Protocol  

Byun, Jin Wook (Pyeongtaek University, Department of Information and Communication)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.23, no.3, 2013 , pp. 351-358 More about this Journal
Abstract
In 2008, Pointcheval and Zimmer have presented multi-factor authenticated key exchange protocol with client's secret key, password, biometrics. However, it has been found to be flawed by Hao and Clarke if an attacker has single authentication factor (password), then the attacker can deduce other authentication factors. Interestingly, its countermeasure has not been presented due to the difficulty of design and structural problem. In this paper, an efficient countermeasure is briefly presented and its security is discussed as well.
Keywords
multi-factor authenticated key exchange; authentication; biometrics; password;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 J. W. Byun, D. H. Lee, and J. I. Lim, "EC2C-PAKA: an efficient client to client password authenticated key agreement," Information Science, vol 177, no. 19, pp. 3995-4013, Oct. 2007.   DOI   ScienceOn
2 M. Bellare, D. Pointcheval, and P. Rogaway, "Authenticated key exchange secure against dictionary attacks," Advances in Cryptology Eurocrypt'00, LNCS 1807, pp. 139-155, May. 2000.
3 E. Bresson, O. Chevassut, and D. Pointcheval, "Group diffie-hellman key exchange secure against dictionary attacks," Advances in Cryptology Asiacrypt' 02, LNCS 2501, pp. 497-514, Dec. 2002.
4 S. Bellovin and M. Merrit, "Encrypted key exchange: password based protocols secure against dictionary attacks," Proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, pp.72-84, May. 1992.
5 L. Lamport, "Password authentication with insecure communication," Communications of the ACM vol. 24 no. 11 pp. 770-772, Nov. 1981   DOI   ScienceOn
6 Feng Hao and Dylan Clarke, "Security Analysis of a Multi-Factor Authenticated Key Exchange Protocol," Proceedings of Applied Cryptography and Network Security (ACNS'12), LNCS 7341, pp. 1-11. June. 2012.
7 D. PointCheval and S. Zimmer, "Multi-Factor Authenticated Key Exchange," Proceedings of Applied Cryptography and Network Security (ACNS'08), LNCS 5037, pp. 277-295, June. 2008.
8 변진욱, 정익래, 이동훈, "서로 다른 패스워드워드를 가진 사용자간의 패스워드 인증 키 교환 프로토콜," 정보보호학회논문지, 13(1), pp. 27-38, 2003년 2월
9 변진욱, "새로운 C2C-PAKA 프로토콜의 안전성 연구," 정보보호학회논문지, 22(3), pp. 473-483, 2012년 6월   과학기술학회마을