| Article ID: | iaor20131344 |
| Volume: | 57 |
| Issue: | 5-6 |
| Start Page Number: | 1175 |
| End Page Number: | 1183 |
| Publication Date: | Mar 2013 |
| Journal: | Mathematical and Computer Modelling |
| Authors: | Liang Haiquan, Hu Jingtai, Wu Shuhua |
| Keywords: | communications, transportation: rail |
A password based authenticated key exchange protocol is of practical usefulness in the protection of sharing of urban rail train sensor monitoring data. However, many password‐based protocols in the literature were not secure. Recently, Huang presented a simple and efficient three‐party password‐based authenticated key exchange protocol. However, Yoon et al. found it had some security weaknesses. In this paper, we further show it has another critical security weakness, which opens door to a partition attack (offline dictionary attack). Thereafter we propose an enhanced protocol that can defeat the attacks described (including Yoon et al.’s attacks) and yet is reasonably efficient. Furthermore, our protocol can resist against the stolen‐verifier attacks and achieve the provable security.