International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Security Improvement on a Password-Authenticated Group Key Exchange Protocol

Authors:
Junghyun Nam
Download:
URL: http://eprint.iacr.org/2010/427
Search ePrint
Search Google
Abstract: A group key exchange (GKE) protocol is designed to allow a group of parties communicating over a public network to establish a common secret key. As group-oriented applications gain popularity over the Internet, a number of GKE protocols have been suggested to provide those applications with a secure multicast channel. Among the many protocols is Yi et al.'s password-authenticated GKE protocol in which each participant is assumed to hold their individual password registered with a trusted server. A fundamental requirement for password-authenticated key exchange is security against off-line dictionary attacks. However, Yi et al.'s protocol fails to meet the requirement. In this work, we report this security problem with Yi et al.'s protocol and show how to solve it.
BibTeX
@misc{eprint-2010-23328,
  title={Security Improvement on a Password-Authenticated Group Key Exchange Protocol},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols / Group key exchange, password, dictionary attack, identity-based cryptography},
  url={http://eprint.iacr.org/2010/427},
  note={ jhnam@kku.ac.kr 14823 received 1 Aug 2010, withdrawn 2 Aug 2010},
  author={Junghyun Nam},
  year=2010
}