Efficient verifier-based authenticated key agreement protocol for three parties

Authenticated key agreement protocols for three parties enable two clients to establish a secure communication channel through an authentication server. Generally speaking, there are two approaches to achieve this purpose. One is to issue a common session key for both clients by the key distribution center (KDC). The other is to use public key cryptosystems and the encrypted key exchange (EKE) protocol to encrypt the transmitted messages and then further derive a common session key. Recently, lots of researches on authenticated key agreement protocol for three parties use the server's public key to ensure the security of transmitted messages. Yet, the approach obviously has some drawbacks, such as increasing the cost of key management for each client. Hence, the demand for secure protocols without the server's public key comes out. In this paper, we propose an efficient verifier-based authenticated key agreement for three parties. The proposed protocol can resist the password guessing attack and other existential attacks. Moreover, compared with previous works, the proposed one also has lower computational costs.