posted on 2009-12-17, 09:59authored byRaphael C.-W. Phan
Password-based authenticated group key exchange protocols allow group users to jointly share a session key based on a human-memorizable password. In this paper, we present an undetectable online dictionary attack on N-EKE-D, a recent provably secure protocol designed to explicitly resist this type of attack. Thus, our result contradicts the design goal. We also give a simple attack on the key indistinguishability of N-EKE-D and two N-EKE-M variants that exploits the definition of partnering in their security model.
History
School
Mechanical, Electrical and Manufacturing Engineering
Citation
PHAN, R.C.-W., 2009. Security of group key exchange protocols with different passwords. IN: International Conference on Advanced Information Networking and Applications Workshops, (WAINA '09), Bradford, 26-29 May, pp. 147-152