基于口令的认证密钥协商协议的安全分析与改进

对基于口令的标准模型下可证明安全的认证密钥协商协议进行安全分析,指出该协议易受反射攻击.同时给出了一个改进方案,该方案不仅弥补了原方案的缺陷,而且改善了协议的性能.最后,基于DDH假设,在标准模型下证明了协议的安全性.结果表明,改进后的协议还具有完美前向安全特性.     

基于身份的认证密钥协商协议的安全分析与改进

对基于身份的标准模型下可证明安全的认证密钥协商协议进行安全性分析,发现恶意的密钥生成中心(PKG,pfivate key generator)能计算出所有的会话密钥,即它在无会话密钥托管模式下不满足PKG前向安全性.因此,为满足无托管的要求,提出一个改进的基于身份的认证密钥协商协议,并在标准模型下证明其为安全的认证密钥协商协议.结果表明,改进后协议满足完善前向安全性和PKG前向安全性.     

Cryptanalysis and improvement of an efficient authenticated key exchange protocol with tight security reduction

The SMEN protocol, proposed by Wu and Ustaoglu in 2009, has been considered to be secure as the authors claimed, and numerous theories are proposed based on this protocol. This paper analyzes the SMEN protocol and finds that this protocol is not resistant to the session corruption attack and the key compromise impersonation attack. Then, we propose an improved protocol with tight security reduction. Our improved protocol not only avoids the above attacks but also embraces the same efficiency as the SMEN protocol in terms of exponentiation. Besides, formal analysis of the improved protocol is presented by using the formal automatic security analysis tool Scyther. Copyright © 2014 John Wiley & Sons, Ltd.     

新型组织隐藏的认证密钥交换协议

提出了一个实现组织集合交集认证策略的新型组织隐藏的密钥协商协议,2个匿名用户从属的组织集合存在交集且元素个数至少为一个门限值时可以完成一次成功的秘密认证和密钥协商,同时保证集合交集之外的组织信息机密性。新协议在随机预言机模型下可证安全,并且在计算和通信性能上仍具备一定的优势。     

一种多方可认证密钥协商方案的分析与改进

在无证书公钥密码体制下对一种多方可认证密钥协商方案进行了分析,指出该方案无法抵抗合法用户的扮演攻击和口令偶尔泄露导致的危机。分析了该方案存在漏洞的原因,并在此基础上给出一个改进的密钥协商方案。新方案引入密钥种子和口令进化机制解决了上述问题,同时消除了冗余消息,降低了用户占用的带宽。分析表明新方案的安全性更强。     

属性隐藏的基于谓词的认证密钥交换协议

针对已有基于谓词的认证密钥交换协议在隐私保护方面的不足,通过结合一个内积加密方案和NAXOS技巧,提出了一个全新的基于谓词的认证密钥交换协议。并在修改的eCK模型下,将协议的安全性归约到了GBDH假设,同时,由于继承了内积加密方案隐藏用户属性的安全性质,新协议能够防止用户敏感信息的泄露。     

一种新的适于Ad hoc网可认证密钥协商协议

提出一种新的适于Ad hoc网可认证密钥协商协议。基于签密技术。在同一逻辑步内同时实现了认证和加密功能,提高了密钥协商效率;基于身份的公钥密码系统,降低了建立和管理公钥基础设施的代价;应用椭圆曲线上双线性对,使得该协议能以短的密钥和小的计算量实现同等安全要求。与已有密钥协商协议相比,新协议计算和传输量小,带宽要求低,安全性高,适合能源和带宽受限的Ad hoc网络。     

Cryptanalysis of an identity‐based authenticated key exchange protocol

Authenticated key exchange protocols represent an important cryptographic mechanism that enables several parties to communicate securely over an open network. Elashry, Mu, and Susilo proposed an identity‐based authenticated key exchange (IBAKE) protocol where different parties establish secure communication by means of their public identities.The authors also introduced a new security notion for IBAKE protocols called resiliency, that is, if the secret shared key is compromised, the entities can generate another shared secret key without establishing a new session between them. They then claimed that their IBAKE protocol satisfies this security notion. We analyze the security of their protocol and prove that it has a major security flaw, which renders it insecure against an impersonation attack. We also disprove the resiliency property of their scheme by proposing an attack where an adversary can compute any shared secret key if just one secret bit is leaked.     

Password-based three-party authenticated key exchange protocol from lattices

Password-based three-party authenticated key exchange protocol allow clients to establish a protected session key through a server over insecure channels.Most of the existing PAKE protocols on lattices were designed for the two parties,which could not be applied to large-scale communication systems,so a novel three-party PAKE protocol from lattices was proposed.The PAKE protocol was constructed by using a splittable public-key encryption scheme and an associated approximate smooth projective Hash function,and message authentication mechanism was introduced in the protocol to resist replay attacks.Compared with the similar protocols,the new protocol reduces the number of communication round and improves the efficiency and the security of protocol applications.     

Anonymous three-factor authenticated key agreement for wireless sensor networks

Wireless Networks - Secure information exchange in wireless sensor networks (WSN) is a continuing issue since the resource-constrained sensors generally deployed over an unattended environment. To...     

传感器网络安全协议的分析和改进

分析A.Perrig提出的传感器网络安全协议套件的安全性,发现其中的节点密钥协商协议存在攻击,即攻击者可以冒充合法节点发送密钥协商请求。针对以上攻击,给出了一个改进协议。为了分析改进协议的安全性,对原始串空间理论进行了扩展,并使用扩展后的理论从保密性和认证性两个方面分析了改进协议的安全性。分析结果显示,改进后的协议是安全的。同时,对串空间理论的扩展,为其能够分析较复杂的安全协议打下了基础。     

A secure and efficient password‐authenticated group key exchange protocol for mobile ad hoc networks

Password‐authenticated group key exchange protocols enable communication parties to establish a common secret key (a session key) by only using short secret passwords. Such protocols have been receiving significant attention. This paper shows some security weaknesses in some recently proposed password‐authenticated group key exchange protocols. Furthermore, a secure and efficient password‐authenticated group key exchange protocol in mobile ad hoc networks is proposed. It only requires constant round to generate a group session key under the dynamic scenario. In other words, the overhead of key generation is independent of the size of a total group. Further, the security properties of our protocol are formally validated by a model checking tool called AVISPA. Security and performance analyses show that, compared with other related group key exchange schemes, the proposed protocol is also efficient for real‐world applications in enhancing the security over wireless communications. Copyright © 2011 John Wiley & Sons, Ltd.     

无证书两方认证密钥协商协议攻击及改进

分析了Kim等人提出的不依赖于双线性对运算的无证书两方认证密钥协商协议,指出该协议在公钥替换攻击下不满足基本伪装攻击安全性,并给出了一个具体攻击。针对该协议存在的安全性缺陷,提出了一个改进的无证书两方认证密钥协商协议。分析表明,所提出的改进协议能够有效地抵抗公钥替换攻击并满足一些必要的安全属性。     

CL-AGKA: certificateless authenticated group key agreement protocol for mobile networks

Wireless Networks - Wireless group communication has gained much popularity recently due to the increase in portable, lightweight devices. These devices are capable of performing group...     

A pairing-free identity-based authenticated group key agreement protocol for imbalanced mobile networks

The secure and reliable group communication gains popularity in imbalanced mobile networks due to the increase demand of the group-oriented applications such as teleconferences, collaborative workspaces, etc. For acquiring the group security objectives, many authenticated group key agreement (AGKA) protocols exploiting the public key infrastructure have been proposed, which require additional processing and storage space for validation of the public keys and the certificates. In addition, the most of the AGKA protocols are implemented using bilinear pairing and a map-to-point (MTP) hash function. The relative computation cost of the bilinear pairing is approximately two to three times more than the elliptic curve point multiplication (ECPM) and the MTP function has higher computation cost than an ECPM. Due to the limitation of communication bandwidth, computation ability, and storage space of the low-power mobile devices, these protocols are not suitable especially for insecure imbalanced mobile networks. To cope with the aforementioned problems, in this paper, we proposed a pairing-free identity-based authenticated group key agreement protocol using elliptic curve cryptosystem. It is found that the proposed protocol, compared with the related protocols, not only improves the computational efficiencies, but also enhances the security features.     

User-sensor mutual authenticated key establishment scheme for critical applications in wireless sensor networks

Wireless Networks - Authenticated key establishment schemes allow the participants to authenticate each other and establish a secure session key among them. These schemes play an important role in...     

AN IMPROVED AUTHENTICATED KEY AGREEMENT PROTOCOL

In 1999, Seo and Sweeney proposed a simple authenticated key agreement protocol that was designed to act as a Diffie-Hellman key agreement protocol with user authentication. Various attacks on this protocol are described and enhanced in the literature. Recently, Ku and Wang proposed an improved authenticated key agreement protocol, where they asserted the protocol could withstand the existing attacks. This paper shows that Ku and Wang＇s protocol is still vulnerable to the modification attack and presents an improved authenticated key agreement protocol to enhance the security of Ku and Wang＇s protocol. The protocol has more efficient performance by replacing exponentiation operations with message authentication code operations.     

无证书的层次认证密钥协商协议

提出了一种无证书的层次认证密钥协商协议,协议的安全性基于计算性Diffie-Hellman困难假设,并在eCK（extended Canetti–Krawczyk）模型下证明了该协议的安全性。该协议中,根PKG为多层的域PKG验证身份并生成部分私钥,域PKG为用户验证身份并生成部分私钥,私钥则由用户选定的秘密值和部分私钥共同生成。与已有协议相比,协议不含双线性映射配对运算,且具有较高的效率。     

Design of a lightweight and anonymous authenticated key agreement protocol for wireless body area networks

Wireless body area networks (WBANs) are a network designed to gather critical information about the physical conditions of patients and to exchange this information. WBANs are prone to attacks, more than other networks, because of their mobility and the public channel they use. Therefore, mutual authentication and privacy protection are critical for WBANs to prevent attackers from accessing confidential information of patients and executing undetectable physical attacks. In addition, in the authentication and key agreement process, messages should be transferred anonymously such that they are not linkable. In this paper, we first indicate that one of the most recently introduced authentication protocol is vulnerable to the wrong session key agreement attack and desynchronization attack. Second, we propose a lightweight authentication and key agreement protocol, which can withstand the well‐known attacks and provide the anonymity feature. Eventually, we analyze the security of our proposed protocol using both Automated Validation of Internet Security Protocols and Applications (AVISPA) and random oracle model and compare its performance with the related works. The results demonstrate the superiority of our proposed protocol in comparison with the other protocols.