This paper is concerned with the security of a three-party password-authenticated key exchange protocol presented by Abdalla and Pointcheval in FC'05. Abdalla and Pointcheval's protocol makes use of a hash function F whose outputs are elements of a cyclic group G of prime order. Such a hash function F can be constructed from a typical hash function in various ways. In this paper, we consider the case that F (.) = g h(.), where g is an arbitrary generator of G and h is a hash function such as SHA-1 and MD5. Our result is that such a construction of F immediately leads to the vulnerability of the Abdalla-Pointcheval protocol to an off-line dictionary attack. We also show how to address this weakness of the protocol. © 2013 Springer-Verlag.
CITATION STYLE
Lee, Y., & Won, D. (2013). On the use of a hash function in a 3-party password-based authenticated key exchange protocol. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7861 LNCS, pp. 730–736). https://doi.org/10.1007/978-3-642-38027-3_80
Mendeley helps you to discover research relevant for your work.