Loughborough University
analysis.pdf (248.45 kB)

Analysis of two pairing-based three-party password authenticated key exchange protocols

Download (248.45 kB)
conference contribution
posted on 2009-12-16, 14:53 authored by Raphael C.-W. Phan, Wei-Chuen Yau, Bok-Min Goi
Password-Authenticated Key Exchange (PAKE) protocols allow parties to share secret keys in an authentic manner based on an easily memorizable password. Recently, Nam et al. showed that a provably secure three-party password-based authenticated key exchange protocol using Weil pairing by Wen et al. is vulnerable to a man-in-the-middle attack. In doing so, Nam et al. showed the flaws in the proof of Wen et al. and described how to fix the problem so that their attack no longer works. In this paper, we show that both Wen et al. and Nam et al. variants fall to key compromise impersonation by any adversary. Our results underline the fact that although the provable security approach is necessary to designing PAKEs, gaps still exist between what can be proven and what are really secure in practice.



  • Mechanical, Electrical and Manufacturing Engineering


PHAN, R.C.-W., YAU, W. -C. and GOI, B. -M., 2009. Analysis of two pairing-based three-party password authenticated key exchange protocols. IN: Third International Conference on Network and System Security, (NSS '09), Gold Coast, QLD, 19-21 Oct., pp. 102-106




  • VoR (Version of Record)

Publication date



This is a conference paper [© IEEE]. It is also available at: http://ieeexplore.ieee.org/ Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.




  • es