Recently, Abdalla et al. proposed a new gateway-oriented password-based
authenticated key exchange (GPAKE) protocol among a client, a gateway, and an
authentication server, where each client shares a human-memorable password with
a trusted server so that they can resort to the server for authentication when
want to establish a shared session key with the gateway. In the letter, we show
that a malicious client of GPAKE is still able to gain information of password
by performing an undetectable on-line password guessing attack and can not
provide the implicit key confirmation. At last, we present a countermeasure to
against the attack.