Open Access Open Access  Restricted Access Subscription or Fee Access

An Efficient RR based Password-Authenticated Key Agreement Protocol

V. Jayaraj, R. Sharmila


The majority password-authenticated key agreement protocols have focused on authenticated key in agreement using shared secret code stuck between a client and a server. With the materialization of a variety of communication environments such as global network, it is necessary to construct a protected channel between clients. Cross-realm client-to-client password authenticated key agreement (C2C-PAKA) protocol can make available secure authenticated key agreement for two clients of dissimilar realms, who only share their passwords with their have possession of servers. This paper presents a new password verification and key-exchange procedure suitable for client-to-client without a server public key in different realms to agree on a common session key using dissimilar passwords over an untrusted network. We propose Rumor Riding (RR), a lightweight and non-path-based mutual inscrutability protocol for decentralized P2P systems. Employing an accidental walk mechanism, RR takes benefit of lower transparency by mainly using the symmetric cryptographic algorithm. The planned protocol’s safety procedures, simplicity, and speed make it ideal for an extensive range of real-world applications in which protected password authentication is required.


Authentication, Attacks, Cross Domain, Cryptanalysis, Password-Authenticated Key Agreement, Rumor Riding, Security.

Full Text:



X. F. Ding and C. G. Ma, “The Three-Party Password-authenticated Key Exchange Protocol with Stronger Security,” Chinese Journal of Computers, vol. 33, 2010, pp. 111-118, doi: CNKI: SUN: JSJX.0.2010- 01-013.

O. K. Jeong, I. R. Jeong, K. Sakurai, and D. H. Lee, “Efficient verifier-based password-authenticated key exchange in the three-party setting,” Computer Standards & Interfaces, vol. 29, 2007, pp. 513- 520, doi: 10.1016/j.csi.2006.12.002.

D. G. Feng and J. Xu, “A New Client-to-Client Password- Authenticated Key Agreement Protocol,” Computer Science, vol. 5557, 2009, pp. 63-76, doi: 10.1007/978-3-642-01877-0_7.

J. W. Byun, I. R. Jeong, D. H. Lee, and C. S. Park, “Password authenticated key exchange between clients with different passwords,” Proc. ICICS 2002, 2002, pp. 134-136, doi: 10.1007/3- 540-36159-6_12.

Yixue Wang, A Sort of Multi-Agent Cooperation Distributed Based Intrusion Detection System, Modem computer, 2008.

Yunfang Chen, Distributed Intrusion Detection System Key Technology Research, Lanzhou University, 2008.

J. Y. Kim, S.J. Kim, J. Kwak and D. H. Won, “Cryptanalysis and improvement of password authenticated key exchange between clients with different passwords,” Computational Science and its Applications-ICCSA 2004, Lecture Notes in Computer Science, vol. 3043, pp. 895-902, doi: 10.1007/978-3-540-24707-4_102.

E.J. Yoon and K. Y. Yoo, “A secure password-authenticated key exchange between clients with different passwords,” Advanced web and network technologies and applications, Lecture Notes in Computer Science, vol. 3842, pp. 659-663, doi: 10.1007/11610496_88.

X. M. Lui, F. C. Zhou, and G. R. Chang, “A verifier-Based Key Exchange Protocol in Cross-Realm Setting,” Proc. the 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing, April 2009, pp. 350-353, doi: 10.1109/NSWCTC.2009.304.

J. W. Byun, D. H. Lee, and J. I. Lim, “EC2C-PAKA: An efficient client-to-client password-authenticated key agreement,” Information Sciences, vol. 177, 2007, pp. 3995-4013, doi:10.1016/j.ins.2007.03.024.

X. F. Ding and C. G. Ma, “Cryptoanalysis and Improvements of Cross-Realm C2C-PAKE Protocol,” Proc. WASE International Conference on Information Engineering, July 2009, Taiyuan, China, pp: 193-196, doi:10.1109/ICIE.2009.39.

K. Yoneyama, “Cross-Realm Password-Based Server Aided Key Exchange,” Information Security Application, vol. 6513, 2011, pp. 322-336, doi: 10.1007/978-3-642-17955-6_24.

W. Jin and J. Xu, “An Efficient and Provably Secure Cross-Realm Client-to-Client Password-Authenticated Key Agreement Protocol with Smart Cards,” Proc. CANS 2009, pp. 299-314, doi: 10.1007/978- 3-642-10433-6_20.

D. Goldschlag, M. Reed, and P. Syverson, "Onion routing", Communications of the ACM, 1999.

A. Medina, A. Lakhina, I. Matta, and J. Byers, "BRITE: an approach to universal topology generation", In Proceedings of the International Workshop on Modeling, Analysis and Simulation of Computer and Telecommunications Systems (MASCOTS), 2001.

V. Scarlata, B. N. Levine, and C. Shields, "Responder anonymity and anonymous Peer-to-Peer file sharing", In Proceedings of IEEE ICNP, 2001

L. Xiao, Z. Xu and X. Zhang, "Low-Cost and Reliable Mutual Anonymity Protocols in Peer-to-Peer Networks," IEEE Trans. Parallel and Distributed Systems, vol. 14, no. 9, pp. 829-840, Sept. 2003.

M.K. Wright, M. Adler, B.N. Levine and C. Shields, "The Predecessor Attack: An Analysis of a Threat to Anonymous Communications Systems," ACM Trans. Information and System Security,vol. 7, no. 4,pp. 489-522, Nov. 2004.

J. Han, Y. Liu and J. Wang, "Rumor Riding: Anonymizing Unstructured Peer-to-Peer Systems," technical report,, 2009.

N. Bisnik and A. Abouzeid, "Modeling and Analysis of Random Walk Search Algorithms in P2P Networks," Proc. Second Int',l Workshop Hot Topics in Peer-to-Peer Systems, 2005.

S. Jiang, L. Guo, X. Zhang and H. Wang, "LightFlood: Minimizing Redundant Messages and Maximizing Scope of Peer-to-Peer Search," IEEE Trans. Parallel and Distributed Systems, vol. 19, no. 5, pp. 601-614, May 2008.


  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.