Open Access
Subscription Access
Cryptanalysis of Modified STPKE’ Protocol
Abstract
ABSTRACT
In 2007, Lu and Cao proposed a simple 3-party authenticated key exchange (S-3PAKE) protocol. Kim and Koi found that this protocol cannot resist undetectable online password guessing attacks and gave fixed STPKE’ protocol as a countermeasure using exclusive-or operation. Recently, Tallapally and Padmavathy found that STPKE’ is still vulnerable to undetectable online password guessing attack and gave a modified STPKE’ protocol. In this article, we show that the improvement that they claim is still vulnerable to man in the middle attack.
Keywords: Password based key exchange protocol, password guessing attacks, man in the middle attack
Full Text:
PDFRefbacks
- There are currently no refbacks.
Copyright (c) 2019 Journal of Computer Technology & Applications