This paper endeavors to present a novel framework for the generic structure of a verifier-based password authenticated Three-Party Encrypted Key Exchange (3P-EKE) protocol which yields more efficient protocol than the ones knew before. A previous framework presented by Archana and Premchand is more secured against all types of attacks like password guessing, replay, pre-play, man-in-the-middle attack etc. But unfortunately, this protocol does not solve the problem of a server compromise. These proofs help as inspiration to search for another framework. The framework we offer produces more efficient 3P-EKE protocol, and, in addition, delivers perceptive clarification about the existing attacks that do not solve in the previous framework. Moreover, it allows direct change from a class of verge private-key encryption to a hybrid (symmetric & Asymmetric) one without significant overhead.

In this modern era of digital communication even a trivial task needs to be performed over internet which is not secure. Many cryptographic algorithms existed to provide security which facilitates secure communication through internet. As these algorithms need a secret session key, it is required to interchange this key in a secure way. In two-party communication, two clients initially share a low random (entropy) password through a secure channel to establish a secret session key. But this paradigm necessitates high maintenance of passwords, since each communicating pair requires separate passwords to establish a secure session key. In three-party communication network, each communication party shares a password with the trusted third-party (server) to exchange a secret session key. The beauty of this setting is that, even a server does not know the session key. The Password Authenticated Encrypted Key Exchange (PA-EKE) protocols have attracted a lot of curiosity to authors to propose various two-party and three-party PA-EKE protocols. Security flaws in various protocols proposed by Chang-Chang, Yoon-Yoo, PSRJ and Raj et al. inspired to design a robust, computationally efficient and highly secure protocol. This paper is an attempt to propose a secure and novel Password Authenticated 3P-EKE protocol using XOR operations and analogous (parallel) message transmission. The proposed protocol is easy to design and more secured against all types of attacks like password guessing, replay, pre-play, server spoofing etc. which made this protocol special.