{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,10,30]],"date-time":"2023-10-30T06:44:45Z","timestamp":1698648285195},"reference-count":18,"publisher":"Wiley","issue":"3","license":[{"start":{"date-parts":[[2011,3,30]],"date-time":"2011-03-30T00:00:00Z","timestamp":1301443200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/http\/onlinelibrary.wiley.com\/termsAndConditions#vor"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security Comm Networks"],"published-print":{"date-parts":[[2012,3]]},"abstract":"<jats:title>ABSTRACT<\/jats:title><jats:p>Recently, Tzung\u2010Her Chen, Wei\u2010Bin Lee, and Hsing\u2010Bai Chen (CLC) proposed a new three\u2010party password\u2010based authenticated key exchange (3PAKE) protocol. This CLC protocol needs not store the security\u2010sensitive table on the server side, which reduces the danger of the server being compromised; also, it has the advantage in terms of the round efficiency and computational cost. However, we find that the leakage of values <jats:italic>V<\/jats:italic><jats:sub>A<\/jats:sub> and <jats:italic>V<\/jats:italic><jats:sub>B<\/jats:sub> in the CLC protocol will make a man\u2010in\u2010the\u2010middle attack feasible in practice. On the basis of this finding, we present a modified 3PAKE protocol called I\u2010CLC protocol, which is essentially an improved CLC protocol. I\u2010CLC can resist attacks available, including the man\u2010in\u2010the\u2010middle attack that we mentioned on the initial CLC protocol. Meanwhile, the new protocol allows that the participants choose their own passwords by themselves; additionally, the computation cost of I\u2010CLC is lower than that of CLC protocol. Copyright \u00a9 2011 John Wiley &amp; Sons, Ltd.<\/jats:p>","DOI":"10.1002\/sec.316","type":"journal-article","created":{"date-parts":[[2011,3,30]],"date-time":"2011-03-30T09:09:39Z","timestamp":1301476179000},"page":"273-278","source":"Crossref","is-referenced-by-count":4,"title":["Security analysis and enhancement for three\u2010party password\u2010based authenticated key exchange protocol"],"prefix":"10.1002","volume":"5","author":[{"given":"Jianjie","family":"Zhao","sequence":"first","affiliation":[{"name":"School of Information Security Engineering Shanghai Jiao Tong University  Shanghai 200240 China"}]},{"given":"Dawu","family":"Gu","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering Shanghai Jiao Tong University  Shanghai 200240 China"}]},{"given":"Lei","family":"Zhang","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering Shanghai Jiao Tong University  Shanghai 200240 China"}]}],"member":"311","published-online":{"date-parts":[[2011,3,30]]},"reference":[{"key":"e_1_2_9_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-24852-1_16"},{"key":"e_1_2_9_3_1","doi-asserted-by":"publisher","DOI":"10.1007\/11535218_33"},{"key":"e_1_2_9_4_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2008.11.008"},{"key":"e_1_2_9_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-76900-2_29"},{"key":"e_1_2_9_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10623-007-9159-1"},{"key":"e_1_2_9_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/RISP.1992.213269"},{"key":"e_1_2_9_8_1","first-page":"236","article-title":"Number theoretic attacks on secure password schemes","author":"Patel S","year":"1997","journal-title":"IEEE Symposium on Security and Privacy"},{"key":"e_1_2_9_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-79263-5_22"},{"key":"e_1_2_9_10_1","series-title":"Lecture Notes in Computer Science","first-page":"29","volume-title":"SCN 2002","author":"Katz J","year":"2002"},{"key":"e_1_2_9_11_1","doi-asserted-by":"publisher","DOI":"10.1007\/11909033_8"},{"key":"e_1_2_9_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/206826.206834"},{"key":"e_1_2_9_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/4234.974498"},{"key":"e_1_2_9_14_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.csi.2003.12.001"},{"key":"e_1_2_9_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2004.06.007"},{"key":"e_1_2_9_16_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.amc.2004.06.129"},{"key":"e_1_2_9_17_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2007.11.720"},{"key":"e_1_2_9_18_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jcss.2005.10.001"},{"key":"e_1_2_9_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/TCE.2004.1277863"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/api.wiley.com\/onlinelibrary\/tdm\/v1\/articles\/10.1002%2Fsec.316","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/onlinelibrary.wiley.com\/doi\/pdf\/10.1002\/sec.316","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,10,30]],"date-time":"2023-10-30T00:53:42Z","timestamp":1698627222000},"score":1,"resource":{"primary":{"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/onlinelibrary.wiley.com\/doi\/10.1002\/sec.316"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011,3,30]]},"references-count":18,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2012,3]]}},"alternative-id":["10.1002\/sec.316"],"URL":"https:\/\/summer-heart-0930.chufeiyun1688.workers.dev:443\/https\/doi.org\/10.1002\/sec.316","archive":["Portico"],"relation":{},"ISSN":["1939-0114","1939-0122"],"issn-type":[{"value":"1939-0114","type":"print"},{"value":"1939-0122","type":"electronic"}],"subject":[],"published":{"date-parts":[[2011,3,30]]}}}