{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,12]],"date-time":"2025-10-12T04:22:46Z","timestamp":1760242966874,"version":"build-2065373602"},"reference-count":50,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2015,1,27]],"date-time":"2015-01-27T00:00:00Z","timestamp":1422316800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Symmetry"],"abstract":"<jats:p>We present the first provably-secure three-party password-only authenticated key exchange (PAKE) protocol that can run in only two communication rounds. Our protocol is generic in the sense that it can be constructed from any two-party PAKE protocol. The protocol is proven secure in a variant of the widely-accepted model of Bellare, Pointcheval and Rogaway (2000) without any idealized assumptions on the cryptographic primitives used. We also investigate the security of the two-round, three-party PAKE protocol of Wang, Hu and Li (2010) and demonstrate that this protocol cannot achieve implicit key authentication in the presence of an active adversary.<\/jats:p>","DOI":"10.3390\/sym7010105","type":"journal-article","created":{"date-parts":[[2015,1,27]],"date-time":"2015-01-27T09:57:28Z","timestamp":1422352648000},"page":"105-124","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["Two-Round Password-Only Authenticated Key Exchange in the Three-Party Setting"],"prefix":"10.3390","volume":"7","author":[{"given":"Junghyun","family":"Nam","sequence":"first","affiliation":[{"name":"Department of Computer Engineering, Konkuk University, 268 Chungwondaero, Chungju, Chungcheongbukdo 380-701, Korea"}]},{"given":"Kim-Kwang","family":"Choo","sequence":"additional","affiliation":[{"name":"Information Assurance Research Group, Advanced Computing Research Centre, University of South Australia, Mawson Lakes, SA-5095, Australia"}]},{"given":"Sangchul","family":"Han","sequence":"additional","affiliation":[{"name":"Department of Computer Engineering, Konkuk University, 268 Chungwondaero, Chungju, Chungcheongbukdo 380-701, Korea"}]},{"given":"Juryon","family":"Paik","sequence":"additional","affiliation":[{"name":"Department of Computer Engineering, Sungkyunkwan University, 2066 Seoburo, Suwon,Gyeonggido 440-746, Korea"}]},{"given":"Dongho","family":"Won","sequence":"additional","affiliation":[{"name":"Department of Computer Engineering, Sungkyunkwan University, 2066 Seoburo, Suwon,Gyeonggido 440-746, Korea"}]}],"member":"1968","published-online":{"date-parts":[[2015,1,27]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"28","DOI":"10.1109\/MSP.2011.150","article-title":"A research agenda acknowledging the persistence of passwords","volume":"10","author":"Hervey","year":"2012","journal-title":"IEEE Secur. Priv."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Wang, W., and Hu, L. (2006, January 11\u201313). Efficient and provably secure generic construction of three-party password-based authenticated key exchange protocols, Kolkata, India.","DOI":"10.1007\/11941378_10"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"205","DOI":"10.1109\/LCOMM.2009.081609","article-title":"An off-line dictionary attack on a simple three-party key exchange protocol","volume":"13","author":"Nam","year":"2009","journal-title":"IEEE Commun. Lett."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"1167","DOI":"10.1016\/j.csi.2009.03.002","article-title":"Cryptanalysis of two three-party encrypted key exchange protocols","volume":"31","author":"Lo","year":"2009","journal-title":"Comput. Stand. Interfaces."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"1520","DOI":"10.1002\/dac.1304","article-title":"On a simple three-party password-based key exchange protocol","volume":"24","author":"Lin","year":"2011","journal-title":"Int. J. Commun. Syst."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"83","DOI":"10.1016\/j.ins.2012.06.005","article-title":"Cryptanalysis of a communication-efficient three-party password authenticated key exchange protocol","volume":"215","author":"Wu","year":"2012","journal-title":"Inform. Sci."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Choo, K.K.R., Boyd, C., and Hitchcock, Y. (2005, January 4\u20138). Errors in computational complexity proofs for protocols, Chennai, India.","DOI":"10.1007\/11593447_34"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Choo, K.K.R., Boyd, C., and Hitchcock, Y. (2005, January 4\u20138). Examining indistinguishability-based proof models for key establishment protocols, Chennai, India.","DOI":"10.1007\/11593447_32"},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"2788","DOI":"10.1016\/j.comcom.2005.10.030","article-title":"The importance of proofs of security for key establishment protocols: Formal analysis of Jan\u2013Chen, Yang\u2013Shen\u2013Shieh, Kim\u2013Huh\u2013Hwang\u2013Lee, Lin\u2013Sun\u2013Hwang, and Yeh\u2013Sun protocols","volume":"29","author":"Choo","year":"2006","journal-title":"Comput. Commun."},{"key":"ref_10","unstructured":"Bellare, M., and Rogaway, P. (1993, January 22\u201326). Entity authentication and key distribution, Santa Barbara, CA, USA."},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Abdalla, M., Fouque, P., and Pointcheval, D. (2005, January 23\u201326). Password-based authenticated key exchange in the three-party setting, Switzerland.","DOI":"10.1007\/978-3-540-30580-4_6"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1049\/ip-ifs:20055073","article-title":"Password-based authenticated key exchange in the three-party setting","volume":"153","author":"Abdalla","year":"2006","journal-title":"IEE Proc. Inform. Secur."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"497","DOI":"10.1109\/4234.974498","article-title":"Three-party encrypted key exchange without server public-keys","volume":"5","author":"Lin","year":"2001","journal-title":"IEEE Commun. Lett."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"571","DOI":"10.1016\/j.cose.2004.06.007","article-title":"Enhanced three-party encrypted key exchange without server public keys","volume":"23","author":"Lee","year":"2004","journal-title":"Comput. Secur."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Patrick,, A.S., and Yung,, M. (2005). Financial Cryptography and Data Security, Springer.","DOI":"10.1007\/b137875"},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"138","DOI":"10.1049\/ip-com:20045087","article-title":"Provably secure three-party password-based authenticated key exchange protocol using Weil pairing","volume":"152","author":"Wen","year":"2005","journal-title":"IEE Proc. Commun."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"94","DOI":"10.1016\/j.cose.2006.08.005","article-title":"Simple three-party key exchange protocol","volume":"26","author":"Lu","year":"2007","journal-title":"Comput. Secur."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"220","DOI":"10.1016\/j.ins.2007.08.004","article-title":"Three weaknesses in a simple three-party key exchange protocol","volume":"178","author":"Chung","year":"2008","journal-title":"Inform. Sci."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1016\/j.cose.2008.03.001","article-title":"Cryptanalysis of simple three-party key exchange protocol","volume":"27","author":"Guo","year":"2008","journal-title":"Comput. Secur."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"107","DOI":"10.1016\/j.compeleceng.2008.05.007","article-title":"Enhanced password-based simple three-party key exchange protocol","volume":"35","author":"Kim","year":"2009","journal-title":"Comput. Electr. Eng."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"857","DOI":"10.1002\/dac.1002","article-title":"A simple three-party password-based key exchange protocol","volume":"22","author":"Huang","year":"2009","journal-title":"Int. J. Commun. Syst."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Dongna, E., Cheng, Q., and Ma, C. (2009, January 11\u201313). Password authenticated key exchange based on RSA in the three-party settings, Guangzhou, China.","DOI":"10.1007\/978-3-642-04642-1_15"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"1702","DOI":"10.1016\/j.ins.2010.01.005","article-title":"Simple password-based three-party authenticated key exchange without server public keys","volume":"180","author":"Lee","year":"2010","journal-title":"Inform. Sci."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Wang, W., Hu, L., and Li, Y. (2010, January 20\u201324). How to construct secure and efficient three-party password-based authenticated key exchange protocols, Shanghai, China.","DOI":"10.1007\/978-3-642-21518-6_16"},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"217","DOI":"10.1016\/j.ins.2010.08.032","article-title":"A communication-efficient three-party password authenticated key exchange protocol","volume":"181","author":"Chang","year":"2011","journal-title":"Inform. Sci."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"1364","DOI":"10.1016\/j.ins.2006.09.001","article-title":"Security weakness in a three-party pairing-based protocol for password authenticated key exchange","volume":"177","author":"Nam","year":"2007","journal-title":"Inform. Sci."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"2849","DOI":"10.1016\/j.ins.2008.02.008","article-title":"Cryptanalysis of simple three-party key exchange protocol (S-3PAKE)","volume":"178","author":"Phan","year":"2008","journal-title":"Inform. Sci."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"532","DOI":"10.1002\/dac.1168","article-title":"Cryptanalysis of a simple three-party password-based key exchange protocol","volume":"24","author":"Yoon","year":"2011","journal-title":"Int. J. Commun. Syst."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"1175","DOI":"10.1016\/j.mcm.2012.10.019","article-title":"Re-attack on a three-party password-based authenticated key exchange protocol","volume":"57","author":"Liang","year":"2013","journal-title":"Math. Comput. Model."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"242","DOI":"10.1016\/j.ins.2013.03.010","article-title":"Provably secure three party encrypted key exchange scheme with explicit authentication","volume":"238","author":"Tsai","year":"2013","journal-title":"Inform. Sci."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Nam, J., Choo, K.K.R., Park, M., Paik, J., and Won, D. (2014). On the security of a simple three-party key exchange protocol without server\u2019s public keys. Sci. World J, 479534:1\u2013479534:7.","DOI":"10.1155\/2014\/479534"},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Nam, J., Choo, K.K.R., Paik, J., and Won, D. (2015). An offline dictionary attack against Abdalla and Pointcheval\u2019s key exchange in the password-only three-party setting. IEICE Trans. Fundam. Electr. Commun. Comput. Sci., in press.","DOI":"10.1587\/transfun.E98.A.424"},{"key":"ref_33","unstructured":"Szydlo, M. (March, January 27). A note on Chosen-Basis Decisional Diffie-Hellman assumptions, Anguilla, British West Indies."},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Yoneyama, K. (2008, January 14\u201317). Efficient and strongly secure password-based server aided key exchange, Kharagpur, India.","DOI":"10.2197\/ipsjjip.17.202"},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"310","DOI":"10.1016\/j.ins.2011.07.015","article-title":"Provably secure three-party password-based authenticated key exchange protocol","volume":"184","author":"Zhao","year":"2012","journal-title":"Inform. Sci."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"12","DOI":"10.1145\/506106.506108","article-title":"Three-party encrypted key exchange: Attacks and a solution","volume":"34","author":"Lin","year":"2000","journal-title":"ACM SIGOPS Oper. Syst. Rev."},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"471","DOI":"10.1016\/j.csi.2003.12.001","article-title":"A novel three-party encrypted key exchange protocol","volume":"26","author":"Chang","year":"2004","journal-title":"Comput. Stand. Interfaces."},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"95","DOI":"10.1016\/j.csi.2007.08.010","article-title":"Security enhancement for a three-party encrypted key exchange protocol against undetectable on-line password guessing attacks","volume":"30","author":"Chen","year":"2008","journal-title":"Comput. Stand. Interfaces."},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"309","DOI":"10.1016\/j.csi.2007.08.018","article-title":"Improving the novel three-party encrypted key exchange protocol","volume":"30","author":"Yoon","year":"2008","journal-title":"Comput. Stand. Interfaces."},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"646","DOI":"10.1093\/comjnl\/bxn070","article-title":"Provably secure password-based three-party key exchange with optimal message steps","volume":"52","author":"Chien","year":"2009","journal-title":"Comput. J"},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"504","DOI":"10.1002\/dac.1172","article-title":"Efficient three-party password-based key exchange scheme","volume":"24","author":"Lou","year":"2011","journal-title":"Int. J. Commun. Syst."},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"340","DOI":"10.1016\/j.jss.2011.08.024","article-title":"Provably secure three-party password authenticated key exchange protocol in the standard model","volume":"85","author":"Yang","year":"2012","journal-title":"J. Syst. Softw."},{"key":"ref_43","first-page":"573","article-title":"A computation-efficient three-party encrypted key exchange protocol","volume":"6","author":"Lee","year":"2012","journal-title":"Appl. Math. Inform. Sci."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"674","DOI":"10.1002\/dac.1362","article-title":"Cryptanalysis and enhancements of efficient three-party password-based key exchange scheme","volume":"26","author":"Wu","year":"2013","journal-title":"Int. J. Commun. Syst."},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Bellare, M., Pointcheval, D., and Rogaway, P. (2000, January 14\u201318). Authenticated key exchange secure against dictionary attacks, Bruges, Belgium.","DOI":"10.1007\/3-540-45539-6_11"},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Abdalla, M., and Pointcheval, D. (2005, January 14\u201318). Simple password-based encrypted key exchange protocols, San Francisco, CA, USA.","DOI":"10.1007\/978-3-540-30574-3_14"},{"key":"ref_47","doi-asserted-by":"crossref","unstructured":"Katz, J., and Vaikuntanathan, V. (2011, January 28\u201330). Round-optimal password-based authenticated key exchange, Providence, RI, USA.","DOI":"10.1007\/978-3-642-19571-6_18"},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"591","DOI":"10.1093\/comjnl\/bxm019","article-title":"A proof of revised Yahalom protocol in the Bellare and Rogaway (1993) model","volume":"50","author":"Choo","year":"2007","journal-title":"Comput. J"},{"key":"ref_49","unstructured":"Bellare, M., and Rogaway, P. (, January May). Provably secure session key distribution\u2014The three party case, Las Vegas, NV, USA."},{"key":"ref_50","doi-asserted-by":"crossref","first-page":"270","DOI":"10.1016\/0022-0000(84)90070-9","article-title":"Probabilistic encryption","volume":"28","author":"Goldwasser","year":"1984","journal-title":"J. Comput. Syst. Sci."}],"container-title":["Symmetry"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-8994\/7\/1\/105\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T20:42:03Z","timestamp":1760215323000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-8994\/7\/1\/105"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,1,27]]},"references-count":50,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2015,3]]}},"alternative-id":["sym7010105"],"URL":"https:\/\/doi.org\/10.3390\/sym7010105","relation":{},"ISSN":["2073-8994"],"issn-type":[{"type":"electronic","value":"2073-8994"}],"subject":[],"published":{"date-parts":[[2015,1,27]]}}}