Security of group key exchange protocols with different passwords
conference contributionposted on 17.12.2009, 09:59 by Raphael C.-W. Phan
Password-based authenticated group key exchange protocols allow group users to jointly share a session key based on a human-memorizable password. In this paper, we present an undetectable online dictionary attack on N-EKE-D, a recent provably secure protocol designed to explicitly resist this type of attack. Thus, our result contradicts the design goal. We also give a simple attack on the key indistinguishability of N-EKE-D and two N-EKE-M variants that exploits the definition of partnering in their security model.
- Mechanical, Electrical and Manufacturing Engineering