| In recent years, password-authenticated key exchange protocols have received widely concerned. A password is shared between client and server in the password-authenticated key exchange protocol, no other secret is shared between clients. Clients who participate in the execution of the protocol authenticate each other by their own password. The participants share a common session key with the help of the server. There is no need for high cost public key infrastructure. With the advantage of high efficiency, low cost and convenience, PAKE has a broad prospect.In ICICS02, a cross-realm client-to-client password-authenticated key exchange protocol was first proposed by Byun et al. Subsequently, a suit of improved protocols were proposed. But these improved protocols are all incurs vulnerability to the password-compromise impersonation attack. We propose an improved cross-realm C2C-PAKE protocol.In group-oriented communication, we propose a cross-realm group PAKE protocol using different passwords.And it enables two groups in different realms to agree on a common group session key with the help of servers.Joux first presented a three-party key exchange protocol using bilinear pairing. Due to lack of authentication, Joux's protocol was susceptible to the man-in-middle attacks. Since then, many improved protocols have been proposed, which adopt off-line mode. Before the threshold of the protocol, participants got the certificates containing their public keys, whose keys are exchanged by digital certificates. In this paper, we present a three-party password-based authenticated key exchange protocol using Weil pairing, which adopts on-line mode. Compared with Lim et al.'s protocol, our protocol highly reduces the computing time and storage cost of verifying the certificates of the parties. In the end, we simulate and test the password-authenticated two server key exchange protocol in the paper. |
PDF Full Text Request