Design an efficient three-party authenticated key exchange protocol in the cloud environment

With the emergence of cloud computing, conventional threeparty authenticated key exchange (3PAKE) protocols face two common problems; one is that the server and users are not in the same domain, and therefore, the shared authenticated keys may be unknowingly compromised. The other problem is these protocols require higher on-line computation cost and on-line communication cost during session key agreement, which can create excessive overhead for cloud clients using devices with low computational capacity. This paper proposes a novel protocol based on the self-verified token pair scheme employed by Chen et al. The proposed protocol does not require that the authenticated keys be stored in clouds to achieve user authentication. Furthermore, it overcomes the security threats existing in the protocol developed by Chen et al. and improves the performance in session key agreement to make it suitable for 3PAKE in cloud environments.