Security Analysis on an Improvement of RSA-Based Password Authenticated Key Exchange

Shuhong WANG  Feng BAO  Jie WANG  

IEICE TRANSACTIONS on Communications   Vol.E88-B   No.4   pp.1641-1646
Publication Date: 2005/04/01
Online ISSN: 
DOI: 10.1093/ietcom/e88-b.4.1641
Print ISSN: 0916-8516
Type of Manuscript: LETTER
Category: Fundamental Theories for Communications
authenticated,  key exchange,  password,  RSA,  (undetectable) dictionary attack,  

Full Text: PDF>>
Buy this Article

In 2002, Zhu et al. proposed a password authenticated key exchange protocol based on RSA such that it is efficient enough to be implemented on most of the target low-power devices such as smart cards and low-power Personal Digital Assistants in imbalanced wireless networks. Recently, YEH et al. claimed that Zhu et al.'s protocol not only is insecure against undetectable on-line password guessing attack but also does not achieve explicit key authentication. Thus they presented an improved version. Unfortunately, we find that YEH et al.'s password guessing attack does not come into existence, and that their improved protocol is vulnerable to off-line dictionary attacks. In this paper we describe our observation in details, and also comment for the original protocol on how to achieve explicit key authentication as well as resist against other existent attacks.