Cryptanalysis of the n-party encrypted Diffie-Hellman key exchange using different passwords
We consider the security of the n-party EKE-U and EKEM protocols proposed by Byun and Lee at ACNS '05. We show that EKE-U is vulnerable to an impersonation attack, offline dictionary attack and undetectable online dictionary attack. Surprisingly, even the strengthened variant recently proposed...
| Main Authors: | , |
|---|---|
| Format: | Book Section |
| Language: | English |
| Published: |
Springer Berlin Heidelberg
2006
|
| Subjects: | |
| Online Access: | http://shdl.mmu.edu.my/2022/ http://shdl.mmu.edu.my/2022/1/Cryptanalysis%20of%20the%20n-party%20encrypted%20Diffie-Hellman%20key%20exchange%20using%20different%20passwords.pdf |
| Summary: | We consider the security of the n-party EKE-U and EKEM protocols proposed by Byun and Lee at ACNS '05. We show that EKE-U is vulnerable to an impersonation attack, offline dictionary attack and undetectable online dictionary attack. Surprisingly, even the strengthened variant recently proposed by the same designers to counter an insider offline dictionary attack by Tang and Chen, is equally vulnerable. We also show that both the original and strengthened EKE-M variants do not provide key privacy, a criterion desired by truly contributory key exchange schemes and recently formalized by Abdalla et al. We discuss ways to protect EKE-U against our attacks and argue that the strengthened EKE-U scheme shows the most potential as a provably secure n-party PAKE. |
|---|