一种多方可认证密钥协商方案的分析与改进

在无证书公钥密码体制下对一种多方可认证密钥协商方案进行了分析,指出该方案无法抵抗合法用户的扮演攻击和口令偶尔泄露导致的危机。分析了该方案存在漏洞的原因,并在此基础上给出一个改进的密钥协商方案。新方案引入密钥种子和口令进化机制解决了上述问题,同时消除了冗余消息,降低了用户占用的带宽。分析表明新方案的安全性更强。     

一种新的适于Ad hoc网可认证密钥协商协议

提出一种新的适于Ad hoc网可认证密钥协商协议。基于签密技术。在同一逻辑步内同时实现了认证和加密功能,提高了密钥协商效率;基于身份的公钥密码系统,降低了建立和管理公钥基础设施的代价;应用椭圆曲线上双线性对,使得该协议能以短的密钥和小的计算量实现同等安全要求。与已有密钥协商协议相比,新协议计算和传输量小,带宽要求低,安全性高,适合能源和带宽受限的Ad hoc网络。     

Anonymous three-factor authenticated key agreement for wireless sensor networks

Wireless Networks - Secure information exchange in wireless sensor networks (WSN) is a continuing issue since the resource-constrained sensors generally deployed over an unattended environment. To...     

无证书两方认证密钥协商协议攻击及改进

分析了Kim等人提出的不依赖于双线性对运算的无证书两方认证密钥协商协议,指出该协议在公钥替换攻击下不满足基本伪装攻击安全性,并给出了一个具体攻击。针对该协议存在的安全性缺陷,提出了一个改进的无证书两方认证密钥协商协议。分析表明,所提出的改进协议能够有效地抵抗公钥替换攻击并满足一些必要的安全属性。     

A pairing-free identity-based authenticated group key agreement protocol for imbalanced mobile networks

The secure and reliable group communication gains popularity in imbalanced mobile networks due to the increase demand of the group-oriented applications such as teleconferences, collaborative workspaces, etc. For acquiring the group security objectives, many authenticated group key agreement (AGKA) protocols exploiting the public key infrastructure have been proposed, which require additional processing and storage space for validation of the public keys and the certificates. In addition, the most of the AGKA protocols are implemented using bilinear pairing and a map-to-point (MTP) hash function. The relative computation cost of the bilinear pairing is approximately two to three times more than the elliptic curve point multiplication (ECPM) and the MTP function has higher computation cost than an ECPM. Due to the limitation of communication bandwidth, computation ability, and storage space of the low-power mobile devices, these protocols are not suitable especially for insecure imbalanced mobile networks. To cope with the aforementioned problems, in this paper, we proposed a pairing-free identity-based authenticated group key agreement protocol using elliptic curve cryptosystem. It is found that the proposed protocol, compared with the related protocols, not only improves the computational efficiencies, but also enhances the security features.     

User-sensor mutual authenticated key establishment scheme for critical applications in wireless sensor networks

Wireless Networks - Authenticated key establishment schemes allow the participants to authenticate each other and establish a secure session key among them. These schemes play an important role in...     

CAKA: a novel certificateless-based cross-domain authenticated key agreement protocol for wireless mesh networks

Due to the flexibility of wireless mesh networks (WMNs) to form the backhaul subnetworks, future generation networks may have to integrate various kinds of WMNs under possibly various administrative domains. Aiming at establishing secure access and communications among the communication entities in a multi-domain WMN environment, in this paper, we intend to address the cross-domain authentication and key agreement problem. We present a light-weight cross-domain authentication and key agreement protocol, namely CAKA, under certificateless-based public key cryptosystem. CAKA has a few attractive features. First, mutual authentication and key agreement between any pair of users from different WMN domains can be easily achieved with two-round interactions. Second, no central domain authentication server is required and fast authentication for various roaming scenarios is supported by using a repeated cross-domain algorithm. Third, no revocation and renewal of certificates and key escrow are needed. Finally, it provides relatively more security features without increasing too much overhead of computation and storage. Our analysis shows that the proposed CAKA protocol is highly efficient in terms of communication overhead and resilient to various kinds of attacks.     

Cryptanalysis of modified authenticated key agreement protocol

Tseng [see ibid., vol. 36, no. 1, p. 48-9, 2000] addressed a weakness within and proposed a modification to the key agreement protocol presented by Seo and Sweeney [see ibid., vol. 35, no. 13, p. 1073-4, 1999]. The authors show that Tseng's modified protocol is still vulnerable to two simple attacks and describe a new enhancement to the Seo-Sweeney protocol     

Password-only authenticated key establishment protocol without public key cryptography

A scenario in which a user and a server can authenticate each other and generate a strong session key through a symmetric cipher by their shared weak (low-entropy) password in an insecure channel is considered. Until now, designing a secure protocol in this scenario has been an open problem due to the offline dictionary attack. A protocol to resolve this problem is proposed. The idea is to ensure that people must participate to verify each guessed password in the offline dictionary attack. Therefore, this attack cannot succeed in a reasonable time for the proposed protocol.     

安全的认证密钥协商协议研究

对基于证书的密钥协商协议的设计与分析进行了比较深入的研究,研究内容包括：可证明安全的基于证书的密钥协商协议以及一种新的可认证密钥协商协议。主要研究成果有：介绍了密钥协商协议的概念和安全特性;提出一个新的认证密钥交换协议AKE-1。AKE-1效率较高,并且在最新的eCK07模型下是安全的,证明基于随机预言假设和CDH假设。另外,基于AKE-1,提出一轮的变体（满足只有一个实体在线）和三轮的变体（提供密钥确认属性）,以满足不同的应用。     

A note on leakage-resilient authenticated key exchange

Fathi et al. recently proposed a leakage-resilient authenticated key exchange protocol for a server-client model in mobility environment over wireless links. In the paper, we address flaws in a hash function used in the protocol. The direct use of the hash function cannot guarantee the security of the protocol. We also point out that a combination of the hash function and the RSA cryptosystem in the protocol may not work securely. To remedy these problems, we improve upon the protocol by modifying the hash function correctly.     

Identity-based authenticated key agreement protocol based on Weilpairing

An ID-based authenticated two pass key agreement protocol which makes use of the Weil pairing is presented. The protocol is described and its properties are discussed, including the ability to add key confirmation     

A novel authenticated group key agreement protocol for mobile environment

An authenticated group key agreement protocol allows a group of parties to authenticate each other and then determine a group key via an insecure network environment. In 2009, Lee et al. first adopted bilinear pairings to propose a new nonauthenticated group key agreement protocol and then extend it to an authenticated group key agreement protocol. This paper points out that the authenticated protocol of Lee et al. is vulnerable to an impersonation attack such that any adversary can masquerade as a legal node to determine a group key with the other legal nodes and the powerful node. This paper shall employ the short signature scheme of Zhang et al. to propose a new authenticated group key agreement protocol. The short signature scheme of Zhang et al. is proven to be secure against the adaptive chosen-message attacks in the random oracle model, so the proposed protocol can withstand the possible attacks. Besides, compared with the authenticated protocol of Lee et al., the proposed protocol is more secure and efficient.     

一个高效的无证书两方认证密钥协商协议

由于双线性对有高昂的计算代价,无双线性对的密码系统在近年来得到了广泛的关注。各种无双线性对的两方认证密钥协商协议在公钥密码体制(PKC)下被研究。为了克服传统公钥密码体制下复杂的证书管理问题和基于身份的密码体制固有的密钥托管问题,一些无证书认证密钥协商协议被提出。文中提出了一个安全高效的无双线性对的基于无证书的两方认证密钥协商协议,与相关的协议相比,文中的协议具有较低的计算代价。     

Analysis of the SPEKE password-authenticated key exchange protocol

In this letter, we show that for the SPEKE password-authenticated key exchange protocol, an adversary is able to test multiple possible passwords using a single impersonation attempt. In particular, when passwords are short Personal Identification Numbers (PINs), we show that a fully-constrained SPEKE is susceptible to password guessing attack. Our analysis contradicts the claim that the SPEKE protocol appears to be at least as strong as the Bellovin-Merritt EKE protocol. For EKE, an adversary can gain information about at most one possible password in each impersonation attempt.     

Security enhancement to a password-authenticated group key exchange protocol for mobile Ad-hoc networks

Group key exchange protocols allow a group of parties communicating over a public network to come up with a common secret key called a session key. Due to their critical role in building secure multicast channels, a number of group key exchange protocols have been suggested over the years for a variety of settings. Among these is the so-called NEKED protocol proposed by Byun et al. for password-authenticated group key exchange in mobile ad-hoc networks overseen by unmanned aerial vehicles. In the current work, we are concerned with improving the security of the NEKED protocol. We first show that the NEKED protocol is vulnerable not only to an attack against backward secrecy but also to an attack against password security. We then figure out how to eliminate the security vulnerabilities of NEKED.     

Analysis and improvement of a new authenticated group key agreement in a mobile environment

In 2009, Lee et al. (Ann Telecommun 64:735–744, 2009) proposed a new authenticated group key agreement protocol for imbalanced wireless networks. Their protocol based on bilinear pairing was proven the security under computational Diffie–Hellman assumption. It remedies the security weakness of Tseng’s nonauthenticated protocol that cannot ensure the validity of the transmitted messages. In this paper, the authors will show that Lee et al.’s authenticated protocol also is insecure. An adversary can impersonate any mobile users to cheat the powerful node. Furthermore, the authors propose an improvement of Lee et al.’s protocol and prove its security in the Manulis et al.’s model. The new protocol can provide mutual authentication and resist ephemeral key compromise attack via binding user’s static private key and ephemeral key.     

Privacy-preserving authenticated key agreement scheme based on biometrics for session initiation protocol

A secure key agreement scheme plays a major role in protecting communications between the users using voice over internet protocol over a public network like the internet. In this paper we present a strong security authenticated key agreement scheme for session initiation protocol (SIP) by using biometrics, passwords and smart cards. The proposed scheme realizes biometric data protection through key agreement process meanwhile achieving the verification of the biometric value on the SIP server side which is very important in designing a practical authenticated key agreement for SIP. The main merits of our proposed scheme are: (1) the SIP server does not need to maintain any password or verification table; (2) the scheme can provide user identity protection—the user’s real identity is protected by a secure symmetric encryption algorithm and the elliptic curve discrete logarithm problem, and it is transmitted in code; (3) the scheme can preserve the privacy of the user’s biometric data while the biometric matching algorithm is performed at the SIP server side, even if the server does not know the biometric data in the authentication process. Performance and security analysis shows that our proposed scheme increases efficiency significantly in comparison with other related schemes.     

Efficient ID-based authenticated key agreement protocol based on Weil pairing

The weaknesses of a recently proposed Smart's (see idid., vol. 38, no.13, p.630-632, 2002) ID-based authenticated two-pass key agreement protocol are discussed. An efficient ID-based authenticated key agreement protocol with the optimal number of evaluations of Weil pairing is proposed.