Cryptanalysis of some improved password-authenticated key exchange schemes

Raphael C.W. Phan, Bok Min Goi, Kah Hoong Wong

Research output: Contribution to journalArticleResearchpeer-review

2 Citations (Scopus)


Password-authenticated key exchange (PAKE) protocols allow two parties to share common secret keys in an authentic manner based on a memorizable password. In 1999, a PAKE protocol called simple authenticated key agreement (SAKA) was presented, and since then until 2004, several improved variants were presented to resist known attacks. In this paper, we present attacks on variants proposed by Kim et al. and Ku-Wang that directly cause them to fail in achieving a mutually authenticated secret key between legitimate parties. These results are devastating since achieving this is the basic security criterion that any key exchange should provide. We also show dictionary attacks on the original SAKA and all its variants. These dictionary attacks invalidate the basic security goals of these protocols since a PAKE scheme must be secure against dictionary attacks due to the low entropy of human-memorizable passwords being used.

Original languageEnglish
Pages (from-to)2822-2829
Number of pages8
JournalComputer Communications
Issue number15
Publication statusPublished - 5 Sep 2006
Externally publishedYes


  • Cryptanalysis
  • Password-authenticated key exchange
  • Replay attacks
  • Security protocols

Cite this