A Simple Balanced Password-Authenticated Key Agreement Protocol

Password authentication protocols have been broadly deployed in client/server communication settings for its convenient usage and low costs of deployment. Nowadays peer-to-peer networks become increasingly popular, where the role of principals is symmetric (balanced), i.e. each principal acts not only as a client but also as a server. In this setting a robust and simple password authentication protocol is highly desired, since PKIs (Public Key Infrastructures) are not always available for authentication. In this paper, we present a simple password-authenticated key agreement protocol for the use in peer-to-peer communication paradigms. It fulfills the security requirements on password authentication protocols, and is resilient to passive and active attacks as well as dictionary attacks. The proposed scheme is more efficient than the well established protocols due to its simple design concept.