Password Authenticated Key Exchange Protocol with Stronger Security

Aim at password compromise impersonation attack and ephemeral key compromise impersonation attack, this paper proposes a novel two-party password authenticated key exchange (PAKE) protocol with mutual authentication via analyzing two typical password authenticated key exchange protocols. The analysis shows that the improved scheme which realizes entity authentication by using public key of the server, can not only resist all known attacks, but also provide the property of the perfect forward secrecy. Furthermore, the improved protocol has stronger security through comparing with other protocols