Authenticated key exchange protocols resistant to password guessing attacks

Research output: Contribution to journalArticlepeer-review

22 Citations (Scopus)


A user-chosen password is not appropriate for a shared secret by which an authenticated key exchange protocol is operated. This is because users choose their passwords so that they can be easily memorised and can be typed using an alphabetic keyboard or a numeric keypad. Therefore, the password becomes a weak secret which is vulnerable to guessing attacks. However, users prefer to utilise the short easily memorised passwords. Several protocols, which are resistant to guessing attacks, have been developed to overcome this problem. However, they are inefficient in terms of the computation and communication costs. As a more practical solution, the authors propose new authenticated key exchange protocols by reducing the number of random numbers, cipher operations, and protocol steps. To achieve this goal, they deliberately use a one-time pad and a strong oneway hash function in their protocols.

Original languageEnglish
Pages (from-to)304-308
Number of pages5
JournalIEE Proceedings: Communications
Issue number5
Publication statusPublished - 1998

All Science Journal Classification (ASJC) codes

  • Electrical and Electronic Engineering


Dive into the research topics of 'Authenticated key exchange protocols resistant to password guessing attacks'. Together they form a unique fingerprint.

Cite this