J Supercomput DOI 10.1007/s11227-014-1273-z An efficient client–client password-based authentication scheme with provable security Mohammad Sabzinejad Farash · Mahmoud Ahmadian Attari © Springer Science+Business Media New York 2014 Abstract Recently, Tso proposed a three-party password-based authenticated key exchange (3PAKE) protocol. This protocol allows two clients to authenticate each other and establish a secure session key through a server over an insecure channel. The main security goals of such protocols are authentication and privacy. However, we show that Tso’s protocol achieves neither authentication goal nor privacy goal. In this paper, we indicate that the privacy and authentication goals of Tso’s protocol will be broken by off-line password guessing attack and impersonation attack, respectively. To overcome the weaknesses, we propose an improved 3PAKE protocol to achieve more security and performance than related protocols. The security of the proposed improved protocol is proved in random oracle model. Keywords Password-based authentication · Key exchange protocol · Off-line password guessing attack · Impersonation attack · Random oracle model 1 Introduction Authenticated key exchange (AKE) protocols (e.g., [1–10]) help communicating enti- ties, who are communicating over an insecure network, to establish a secret session key to be used for protecting their subsequent communication. Password-based authenti- cated key exchange (PAKE) protocol is a type of AKE protocols which enables two or more communication entities, who only share a weak, low-entropy and easily memo- M. S. Farash (B ) Faculty of Mathematical Sciences and Computer, Kharazmi University, Tehran, Iran e-mail: m.sabzinejad@gmail.com; sabzinejad@tmu.ac.ir; sabzinejad@khu.ac.ir M. A. Attari Faculty of Electrical and Computer Engineering, K.N. Toosi University of Technology, Tehran, Iran 123