Verifier-Based Three-Party Password-Authenticated Key Exchange with Forward Security

The password-based authenticated key exchange (PAKE) protocol in the three-party setting allows two clients communicating over a public network to establish a common session key with the help of a server. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. In this paper, we propose a new provably verifier-based three-party PAKE protocol to solve the server compromise problem and off-line dictionary attack problem. The security of the proposed scheme has been proven in the random oracle model tinder the gap Diffie-Hellman intractability assumption. The proposed protocol is efficient both in computational cost and in communication cost when compared with previous solutions.