Home   >   CSC-OpenAccess Library   >    Manuscript Information
A Novel Secure Key Agreement Protocol using Trusted Third Party.
Sairam Kulkarni, Debashih Jena, Sanjay Kumar Jena
Pages - 11 - 18     |    Revised - 15-06-2007     |    Published - 30-06-2007
Volume - 1   Issue - 1    |    Publication Date - June 2007  Table of Contents
Key Agreement, Diffie-Hellman, Online guessing attacks, Dictionary attacks
In the past, several key agreement protocols are proposed on password based mechanism. These protocols are vulnerable to dictionary attacks. Storing plain text version of password on server is not secure always. In this paper we utilize the service of a trusted third party, i.e., the Key Distribution server (KDS) for key agreement between the hosts. Now-a-days in large working environments two party key agreement protocols are being rarely used. In this proposed scheme, instead of storing plain text version of password we store one way hash of the password at the server. Every host and server agree upon family of commutative one-way hash functions, using which host authentication is done when a host applies for session key with KDS. Host establishes one time key with server using which server authentication is done. Due to this man-in-the middle attacks are defeated. The proposed protocol is based on Diffie-Hellman key exchange protocol.
CITED BY (4)  
1 YungCheng, L. E. E., HSIEH, Y., & PeiJu, L. E. E. (2011). Improvement on the Password Authenticated Three-Party Key Agreement Protocol. Journal of Computational Information Systems, 7(1), 42-48.
2 Y. C. Lee, Y. Hsieh and P. Lee, “Improvement on the Password Authenticated Three-Party Key Agreement Protocol”, Journal of Computational Information Systems, 7(1), pp. 42-48, 2011
3 Raghuvamshi, A., & Premchand, P. Cryptanalysis of Verifier-Based Password Authenticated Key Agreement Protocol for Three Parties. Research Journal of Recent Sciences ______________________________________________________________ ISSN, 2277, 2502.
4 Shaban, D. N., Ibrahim, M. H., & Nossair, Z. B. enhanced verifier-based password authenticated key agreement protocol for three-parties.
1 Google Scholar 
2 Academic Journals Database 
3 ScientificCommons 
4 Academic Index 
5 CiteSeerX 
6 refSeek 
7 iSEEK 
8 Socol@r  
9 ResearchGATE 
10 Libsearch 
11 Bielefeld Academic Search Engine (BASE) 
12 OpenJ-Gate 
13 Scribd 
14 WorldCat 
15 SlideShare 
17 PdfSR 
18 Google Books 
Bellare Mihir, Rogaway Phillip. "Provably Secure Session Key Distribution-The Three Party Case". In Proceedings of the 27th annual ACM symposium on Theory of computing STOC '95, ACM Press, May 1995
C. L. Lin, H. M. Sun, and Hwang, “Three-Party Encrypted Key Exchange: Attacks And A Solution”. ACM Operating System Review, vol. 34, no. 4, pp. 12–20, October 2000
L. Gong, M. A. Lomas, R. M. Needham, and J. H. Saltzer, “Protecting Poorly Chose Secrets From Guessing Attacks”. SELECTED AREAS IN COMMUNICATIONS, vol. 11, no. 5, pp. 648–656, June 1993
M. Steiner, G. Tsudik, and M. Waidner, “Refinement And Extension Of Encrypted Key Exchange”. ACM Operating System Review, vol. 29, no. 3, pp. 22–30, 1995
M. Strangio, “An Optimal Round Two-Party Password-Authenticated Key Agreement Protocol”. In The First International Conference on Availability, Reliability and Security, p. 8, April 2006
Mel H.X.,Baker Doris.M. and Burnett Steve. “Cryptography Decrypted”, Addison- Wesley, (2004)
Menezes A.,Oorschot P. van and Vanstone S. "Handbook of Applied Cryptography”, CRC Press, (1996)
S. Bellovin and M. Merritt, “Augmented Encrypted Key Exchange: A Password Based Protocols Secure Against Dictionary Attacks And Password File Compromise”. In 1st ACM Conf. on Computer and Communications Security. ACM Press, pp. 244–250, December 1993
S. Bellovin and M. Merritt, “Encrypted Key Exchange: Password Based Protocols Secure Against Dictionary Attacks”. In Proceedings IEEE Symposium on Research in Security and Privacy, pp. 72–84, 1992
Schneier Bruce. “Applied Cryptography: Protocols and Algorithms”, John Wiley and Sons, (1994)
Stallings Williams. “Cryptography and Network Security”, 3rd Edition, Pearson Educa- tion, (2004)
T. Gene and H. Van, “On Simple and Secure Key Distribution”. In Proceedings of the 1st ACM conference on Computer and communications security CCS 93. ACM Press, pp. 49–57, December 1993s
W. Diffie and M. Hellman, “New Directions In Cryptography”. IEEE Transactions on Information Theory IT-11, pp. 644–654, November 1976
Y. Her-Tyan and S. Hung-Min, “Simple Authenticated Key Agreement Protocol Resistant To Password Guessing Attacks”, ACM SIGOPS Operating Systems Review, vol. 36, no. 4, pp. 14–22, October 2002
Mr. Sairam Kulkarni
- India
Assistant Professor Debashih Jena
- India
Professor Sanjay Kumar Jena
- India