%0 Journal Article
%T Cryptanalysis and Improvement of Client-to-Client Password Authenticated Key Exchange Protocol<br>对客户到客户的口令认证密钥协商协议的密码分析和改进（英文）
%A YIN Yin
%A LI Bao
%A <br>殷胤
%A 李宝
%J 中国科学院研究生院学报
%D 2006
%I 
%X Most password-based key exchange protocols consider how to exchange a session key between a client and a server.Client-to-Client password authenticated key exchange protocol considers the scenario where two clients want to establish a session key,but they only share their passwords with their own servers. In Ref.1],Jin Wook Byun et al proposed two such protocols called cross-realm C2C-PAKE and single-server C2C-PAKE.Recently,some flaws of these two protocols are found and some improvements are suggested.In this paper,we show that the cross-realm C2C-PAKE protocol and its all improved forms are still insecure.And we also present a new cross-realm C2C-PAKE protocol which is resistant to all known attacks.
%K password
%K key exchange
%K client-to-client
%K cross realm<br>口令
%K 密钥协商
%K 客户到客户
%K 跨域
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=B5EDD921F3D863E289B22F36E70174A7007B5F5E43D63598017D41BB67247657&cid=B47B31F6349F979B&jid=67CDFDECD959936E166E0F72DE972847&aid=70A258487F634172&yid=37904DC365DD7266&vid=EA389574707BDED3&iid=B31275AF3241DB2D&sid=8225A9F184D4F1CA&eid=0018E43E61963A72&journal_id=1002-1175&journal_name=中国科学院研究生院学报&referenced_num=0&reference_num=15