Wireless Personal Communications

, Volume 109, Issue 3, pp 1911–1924 | Cite as

A Three-Party Dynamic Identity-Based Authenticated Key Exchange Protocol with Forward Anonymity

  • Hongfeng ZhuEmail author
  • Shuai Geng


The three-party (two clients and one server) authenticated key exchange protocols use a pre-shared password to authenticate each other, and then by the help of server to make the two clients compute a novel session key. At present, the situation of this application is very different from those considered in the conventional literatures, and the biggest two differences are that most of the former literatures cannot guarantee the user anonymity and forward anonymity. Therefore, we propose a new three-party key exchange protocol based on dynamic identity authentication with forward anonymity, so that if the server’s long-term key is compromised, user anonymity cannot be broken or the identities of the users cannot be traced, and both sides of the communication with the help of the authentication server can be mutual authentication and the establishment of a session key. Compared with the three-party key exchange protocols, our protocol is more effective in computing cost and communication cost for more suitable towards resource-constrained environment.


Dynamic identity Forward security Forward anonymous Authentication Key exchange 



This work was supported by the 2019 Liaoning Provincial Natural Science Foundation of China: “Research on privacy authentication mechanism and multi-party intelligent contract system based on blockchain technology”.


  1. 1.
    Zhao, J., & Dawu, G. (2012). Provably secure three-party password-based authenticated key exchange protocol. Information Sciences,184, 301–323.MathSciNetCrossRefGoogle Scholar
  2. 2.
    Okamoto, T. (2007). Authenticated key exchange and key encapsulation in the standard model (Vol. 4833)., Lecture notes in computer science Berlin: Springer.zbMATHGoogle Scholar
  3. 3.
    Yang, J., & Chang, C. (2009). An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Computers and Security,28, 138–143.CrossRefGoogle Scholar
  4. 4.
    Abdalla, M., Catalano, D., Chevalier, C., & Pointcheval, D. (2008). Efficient two-party password-based key exchange protocols in the UC framework (Vol. 4964, pp. 335–351)., Lecture Notes in Computer Science Berlin: Springer.zbMATHGoogle Scholar
  5. 5.
    Byun, J., Lee, D., & Lim, J. (2008). Cryptanalysis of simple three-party key exchange protocol (S-3PAKE). Information Sciences,178(13), 2849–2856.MathSciNetCrossRefGoogle Scholar
  6. 6.
    Phan, R., Yau, W., & Goi, B. (2011). A communication-efficient three-party password authenticated key exchange protocol. Information Sciences,181(1), 217–226.MathSciNetCrossRefGoogle Scholar
  7. 7.
    Yang, J., Seo, C., & Cho, J. (2007). A three-party authenticated key exchange scheme smartcard using elliptic curve cryptosystem for secure key exchange in wireless sensor network. In ISCE 2007 (pp. 1–6).Google Scholar
  8. 8.
    Das, M. L., Saxnan, A., & Gulati, V. P. (2004). A dynamic ID-based remote user authentication scheme. IEEE Transacation on Consumer Electronics,50(2), 629–631.CrossRefGoogle Scholar
  9. 9.
    Hao, F. (2010). On robust key agreement based on public key authentication (Short Paper). In International conference on financial cryptography & data security (pp. 383–390). Springer.Google Scholar
  10. 10.
    Wang, D., Ma, C., Wang, P., & Chen, Z. (2012). Robust smart card based password authentication scheme against smart card security breach. In IACR cryptology ePrint archive.Google Scholar
  11. 11.
    Lee, H., Nam, J., Kim, M., & Won, D. (2016). Forward anonymity-preserving secure remote authentication scheme. KSII Transactions on Internet and Information Systems,3(10), 1298–1310.Google Scholar
  12. 12.
    Abdalla, M., Fouque, P.-A., & Pointcheval, D. (2005). Password-based authenticated key exchange in the three-party setting (pp. 65–84)., Lecture notes in computer science Berlin: Springer.zbMATHGoogle Scholar
  13. 13.
    SK Hafizul Islam. (2014). Provably secure dynamic identity-based three-factor password authentication scheme using extended chaotic maps. Dordrecht: Springer.Google Scholar
  14. 14.
    Yi, T., Chen, H., & Wu, D. (2013). Improved password-based key exchange protocol for three-parties. Computer Applications and Software, 30(1), 313–315.Google Scholar
  15. 15.
    Lee, Y. (2012). A new dynamic ID-based user authentication scheme to resist smart card theft attack. Applied Mathematics & Information Sciences,6(2), 355–361.MathSciNetGoogle Scholar
  16. 16.
    Yang, H., Chen, J., & Zhang, Y. (2015). An improved two-party authentication key exchange protocol for mobile environment. Wireless Personal Communications, 85(3), 1399–1409. Scholar
  17. 17.
    Jeong, I. R., Katz, J., & Lee, D. H. (2004). One-round protocols for two-party authenticated key exchange. In International conference on applied cryptography and network security (pp. 220–232).Google Scholar
  18. 18.
    Lv, C., Ma, M., Li, H., Ma, J., & Zhang, Y. (2013). An novel three-party authenticated key exchange protocol using one-time key. Journal of Network and Computer Applications, 36(1), 498–503. Scholar
  19. 19.
    Tan, Z. W. (2010). A note on an enhanced three-party authentication key exchange protocol. Key Engineering Materials,439–440, 1367–1372.CrossRefGoogle Scholar
  20. 20.
    Yang, J.-H., & Cao, T.-J. (2012). Provably secure three-party password authenticated key exchange protocol in the standard model. Journal of Systems and Software, 85(2), 340–350. Scholar
  21. 21.
    Wang, H., Zhang, H., Li, J., & Xu, C. (2013). A (3, 3) visual cryptography scheme for authentication. Journal of Shenyang Normal University (Natural Science Edition),31(101(03)), 397–400.Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Software CollegeShenyang Normal UniversityShenyangChina

Personalised recommendations