Efficient Password-Proven Key Exchange Protocol against Relay Attack on Ad Hoc Networks

In wireless ad hoc networks environment, Bellovin and Merritt first developed a password-based Encrypted Key Exchange (EKE) protocol against offline dictionary attacks using both symmetric and public-key cryptography independent of the public key infrastructure (PKI). In this paper, we first discover that there exist some weaknesses in EKE protocol that is subjected to relay attacks based on the analysis result of BAN logic that we apply in protocol. In order to remedy the flaws, we propose an improved scheme— Efficient Password-Proven Key Exchange (EPPKE) protocol that generates the session key’s timestamp against relay attack, and verifies the authenticity of public key without online trusted third parties. The proposed protocol is also proven to be secure and trustworthy by BAN logic analysis. In comparison with other schemes, our measurements show that our proposed EPPKE protocol is more safety and requires less computations cost suitable for wireless ad hoc networks.