CFP last date
22 April 2024
Reseach Article

Cryptanalysis of C-3 PEKE Protocol

by R.Padmavathy
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 20 - Number 4
Year of Publication: 2011
Authors: R.Padmavathy

R.Padmavathy . Cryptanalysis of C-3 PEKE Protocol. International Journal of Computer Applications. 20, 4 ( April 2011), 22-31. DOI=10.5120/2421-3249

@article{ 10.5120/2421-3249,
author = { R.Padmavathy },
title = { Cryptanalysis of C-3 PEKE Protocol },
journal = { International Journal of Computer Applications },
issue_date = { April 2011 },
volume = { 20 },
number = { 4 },
month = { April },
year = { 2011 },
issn = { 0975-8887 },
pages = { 22-31 },
numpages = {9},
url = { },
doi = { 10.5120/2421-3249 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
%0 Journal Article
%1 2024-02-06T20:06:54.697037+05:30
%A R.Padmavathy
%T Cryptanalysis of C-3 PEKE Protocol
%J International Journal of Computer Applications
%@ 0975-8887
%V 20
%N 4
%P 22-31
%D 2011
%I Foundation of Computer Science (FCS), NY, USA

The key exchange protocol using passwords achieved great attention due to its simplicity and efficiency. Recently, Chang proposed a practical three-party key exchange (C-3 PEKE) protocol with round efficiency. Later, Lee and Chang presented an off-line password guessing attack on C-3 PEKE protocol. In the present paper, an impersonation-of-the initiator attack and impersonation-of-the responder attack are demonstrated on C-3 PEKE protocol using the off-line password guessing attack proposed by Lee and Chang.

  1. Abdalla, M., Chevassut, O., and Pointcheval, D. One-time verifier-based encrypted key exchange, Proc. of PKC ’05, LNCS 3386, Springer-Verlag, pp. 47–64, 2005.
  2. Abdalla, M., and Pointcheval, D. Simple Password-Based Encrypted Key Exchange Protocols, Proc. of Topics in Cryptology - CT-RSA, LNCS 3376, Springer-Verlag, pp. 191-208, 2005.
  3. Abdalla, M., and Pointcheval, D. Interactive Diffie-Hellman Assumptions with Applications to Password-based Authentication, Proceedings of the 9th International Conference on Financial Cryptography (FC’2005), Roseau, Dominica, Berlin, Germany: Springer-Verlag, pp.341-356, 2005.
  4. Abdalla, M., Fouque, P, A., Pointcheval, D. Password-based authenticated key exchange in the three-party setting, Proceedings of the 8th International Workshop on Theory and Practice in Public Key Cryptography (PKC’2005). Berlin, Germany: Springer-Verlag, 2005:65-84. Full version appeared in IEE Information Security, v 153(1), pp. 27–39, March 2006.
  5. Bellovin, S M., and Merritt, M. Encrypted key exchange: Password-based protocols secure against dictionary attacks, Proc. 1992 IEEE Symposium on Security and Privacy, pp. 72-84, May 1992.
  6. Bellare, M., Pointcheval, D., and Rogaway, P. Authenticated key exchange secure against dictionary attacks, Proceedings of the 2000 Advances in Cryptology (EUROCRYPT’2000). Berlin, Germany: Springer-Verlag, pp. 139-155, 2000.
  7. Bresson, E., Chevassut, O., and Pointcheval, D. New security results on encrypted key exchange, Proc. PKC 2004, LNCS 2947, Springer-Verlag, pp. 145-158. Mar. 2004.
  8. Chang, Y, F. A practical Three-party key exchange protocol with Round Efficiency, International Journal of Innovative Computing, Information and control, v 4(4), pp. 953-960, April 2008.
  9. Ding. Y, Horster, P. Undetectable on-line password guessing attacks, ACM Operat Syst Rev 29(4), pp.77– 86, 1995.
  10. Diffie, W., and Hellman, M. New Directions in cryptography , IEEE Transactions on Information theory, v 22 (6) , pp. 644-654, 1976.
  11. Kim and Choi. Enhanced Password-based simple three-party Key exchange protocol, Computers and Electrical Engineering, v 35(1), pp107-114, 2009.
  12. K, Kobara., and H, Imai. Pretty-simple password-authenticated key exchange under standard assumptions, IEICE Transactions, E85-A (10):pp.2229-2237, Oct. 2002. Also available at
  13. Lee., and Chang, On security of a three party key exchange protocol with round efficiency, Information technology and control, kaunas, technologija, v 37(4), pp.333-335, 2008.
  14. Lee, T, F., Hwang, T., and Lin, C, L. Enhanced three-party encrypted key exchange without server’s public keys, Computers and Security, 23(7): pp.571-577, 2004.
  15. Lee, S, W., Kim, H, S., and Yoo, K, Y. Efficient verifier-based key agreement for three parties without server’s public key, Applied Mathematics and Computation, 167(2), pp. 996-1003, 2005.
  16. Lin, C, L., Sun, H, M., Steiner, M., and Hwang T. Three-party encrypted key exchange without server’s public keys, IEEE Communications Letters, v5(12), pp. 497-499, 2001.
  17. Lin, C, L., Sun, H, M and Hwang T. Three-party encrypted key exchange attacks and a solution, ACM Operating Systems Review, 34(4), pp.12-20, 2000.
  18. Lu, R., and Cao, Z. Simple three-party key exchange protocol, Computers and Security, v 26(1), pp.94-97, 2007.
  19. Steiner, M., Tsudik, G., and Waidner, M. Refinement and extention of encrypted key exchange, ACM Operating Systems Review, v 29(3), pp 22-30, 1995.
Index Terms

Computer Science
Information Sciences


C-3 PEKE protocol off-line password guessing attack impersonation-of-the-initiator attack impersonation-of-the-responder attack