Efficient three-party password-based key exchange scheme

In three-party password-based key exchange protocol, a client is allowed to share a human-memorable password with a trusted server such that two clients can negotiate a session key to communicate with each other secretly. Recently, many three-party password-based key exchange protocols have been developed. However, these proposed schemes cannot simultaneously achieve security and efficiency. Based on elliptic curve cryptography (ECC), this paper will propose a new simple three-party password-based authenticated key exchange scheme. The proposed method not only reduces computation cost for remote users and a trusted server but also is more efficient than previously proposed schemes. It is better suited for resource constrained devices, such as smart cards or mobile units. Copyright (C) 2010 John Wiley & Sons, Ltd.