Efficient and secure three-party authenticated key exchange protocol for mobile environments

Yang and Chang (2009) proposed a three-party authenticated key exchange protocol for securing communications in mobile-commerce environments. Their protocol reduces computation and communication costs by employing elliptic curve cryptosystems. However, Tan (2010) pointed out that Yang and Chang (2009)’s protocol cannot withstand impersonation and parallel attacks, and further proposed an enhanced protocol to resist these attacks. This paper demonstrates that Tan (2010)’s approach still suffers from impersonation attacks, and presents an efficient and secure three-party authenticated key exchange protocol to overcome shown weaknesses.     

Robust biometric-based three-party authenticated key establishment protocols

This paper proposes secure and efficient biometric-based three-party authenticated key establishment (B3AKE) protocols to minimize the computation costs of each participant and fit three-party communication. The proposed B3AKE protocols adopts a three-factor authentication mechanism which uses biometric, token, and passwords for users unlike the related protocols. In addition, the proposed B3AKE protocols are composed of four sub-protocols, which are registration, biometric-based three-party authenticated key transport, biometric-based three-party authenticated key agreement (B3AKA), and password update. In order to exploit the key block size, speed, and security jointly, the proposed B3AKA protocol is based on symmetric key cryptosystems and elliptic curve cryptography. As a result, the proposed B3AKE protocols not only are secure against well-known cryptographical attacks but also provide perfect forward secrecy. Furthermore, the number of rounds is smaller by one round than the related protocols and the asymmetric key encryption/decryption operations do not need to establish a session key and authenticate between two users and a server. Thus, the proposed B3AKE protocols are very useful in limited computation and communication resource environments to access remote information systems since it provides security, reliability, and efficiency.     

An novel three-party authenticated key exchange protocol using one-time key

Three-party authenticated key exchange protocol (3PAKE) is an important cryptographic technique for secure communication which allows two parties to agree a new secure session key with the help of a trusted server. In this paper, we propose a new three-party authenticated key exchange protocol which aims to achieve more efficiency with the same security level of other existing 3PAKE protocols. Security analysis and formal verification using AVISPA tools show that the proposed protocol is secure against various known attacks. Comparing with other typical 3PAKE protocols, the proposed protocol is more efficient with less computation complexity.     

具有强安全性的三方口令认证密钥交换协议

大部分口令认证密钥交换(PAKE)协议的设计者忽略了长期密钥泄露可能造成的危害.文中发现仅仅依靠口令的安全性设计可以抵抗口令泄露攻击的三方PAKE协议是不可能的,所以文中采取服务器通过公钥实现认证的方法,设计一个可以抵抗口令泄露攻击的强安全性协议,其在随机预示和理想密码模型下基于ECGDH假设具有前向安全的特性.     

一种基于身份的三方认证密钥交换协议

为了确保公共网络环境的安全通信,一种三方认证密钥交换协议得到了广泛关注。2009年,Yang等提出了一个基于椭圆曲线密码的移动电子商务环境下的有效的三方认证密钥交换协议,然而Tan指出Yang等的协议会遭受假冒攻击,1h随后提出了一种改进协议。但是,Nose指出Tm的协议不能抵抗假冒攻击和中间人攻击。为了提高安全性,作者提出了一个新的三方认证密钥交换协议。     

An efficient and authenticated key establishment scheme based on fog computing for healthcare system

Because of its closeness to users, fog computing responds faster than cloud computing. Thus, it has been deployed to various applications, such as healthcare system. Recently, to ensure the secure communication of the fog-based healthcare system, Jia et al. proposed an authenticated key agreement scheme. Moreover, in view of the high computation cost existing in Jia et al.’s scheme, Ma et al. presented an efficient one using elliptic curve cryptography. In this paper, we observe that both the two schemes may potentially risk ephemeral key compromise attacks and need improving. Therefore, to overcome this potential risk, we propose a new authenticated scheme based on Jia et al.’s scheme using elliptic curve computational Diffie-Hellman hypothesis and hash functions. Additionally, we provide provable security under the adopted adversarial model and ProVerif simulation, and also analyze the performance in terms of computation and communication costs by comparisons. The analysis results show that the improved scheme resists the common attacks, reduces computation overhead, and has a certain significance.     

标准模型下高效的三方口令认证密钥交换协议

三方口令认证密钥交换协议允许两个分别与服务器共享不同口令的用户在服务器的协助下建立共享的会话密钥,从而实现了用户间端到端的安全通信.现阶段,多数的三方口令认证密钥交换协议都是在随机预言模型下可证明安全的.但在实际应用中,利用哈希函数对随机预言函数进行实例化的时候会给随机预言模型下可证明安全的协议带来安全隐患,甚至将导致协议不安全.以基于ElGamal加密的平滑投射哈希函数为工具,在共同参考串模型下设计了一种高效的三方口令认证密钥交换协议,并且在标准模型下基于DDH假设证明了协议的安全性.与已有的同类协议相比,该协议在同等的安全假设下具有更高的计算效率和通信效率,因此更适用于大规模的端到端通信环境.     

An efficient password-based three-party authenticated multiple key exchange protocol for wireless mobile networks

With the rapid development of wireless mobile communication, the password-based three-party authenticated key exchange protocol has attracted an increasing amount of attention. To generate more session keys at one time for different applications, Li et al. proposed a password-based three-party authenticated multiple key exchange (3PAMKE) protocol for wireless mobile networks. They claimed that their protocol could withstand various attacks. In this paper, we will show Li et al.’s protocol is not secure off-line password guessing. Furthermore, we proposed an improved 3PAMKE protocol to overcome weakness in Li et al.’s protocol. Security analysis and performance analysis shows our protocol not only overcomes security weakness, but also has better performance. Therefore, our protocol is more suitable for wireless mobile networks.     

Security weakness in a three-party pairing-based protocol for password authenticated key exchange

Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. Recently, Wen et al. (H.-A. Wen, T.-F. Lee, T. Hwang, Provably secure three-party password-based authenticated key exchange protocol using Weil pairing, IEE Proceedings—Communications 152 (2) (2005) 138-143) proposed a new protocol for password-based authenticated key exchange in the three-party setting, where the clients trying to establish a common secret key do not share a password between themselves but only with a trusted server. Wen et al.’s protocol carries a claimed proof of security in a formal model of communication and adversarial capabilities. However, this work shows that the protocol for three-party key exchange is completely insecure and the claim of provable security is seriously incorrect. We conduct a detailed analysis of flaws in the protocol and its security proof, in the hope that no similar mistakes are made in the future.     

A round- and computation-efficient three-party authenticated key exchange protocol

In three-party authenticated key exchange protocols, each client shares a secret only with a trusted server with assists in generating a session key used for securely sending messages between two communication clients. Compared with two-party authenticated key exchange protocols where each pair of parties must share a secret with each other, a three-party protocol does not cause any key management problem for the parties. In the literature, mainly there exist three issues in three-party authenticated key exchange protocols are discussed that need to be further improved: (1) to reduce latency, communication steps in the protocol should be as parallel as possible; (2) as the existence of a security-sensitive table on the server side may cause the server to become compromised, the table should be removed; (3) resources required for computation should be as few as possible to avoid the protocol to become an efficiency bottleneck. In various applications over networks, a quick response is required especially by light-weight clients in the mobile e-commerce. In this paper, a round- and computation-efficient three-party authenticated key exchange protocol is proposed which fulfils all of the above mentioned requirements.     

Provably secure three-party password authenticated key exchange protocol in the standard model

Three-party password authenticated key exchange protocol is a very practical mechanism to establish secure session key through authenticating each other with the help of a trusted server. Most three-party password authenticated key exchange protocols only guarantee security in the random oracle model. However, a random oracle based cryptographic construction may be insecure when the oracle is replaced by real function. Moreover, some previous unknown attacks appear with the advance of the adversary capability. Therefore, a suitable standard model which can imitate a wider variety of attack scenarios for 3PAKE protocol is needed. Aim at resisting dictionary attack, unknown key-share attack and password-compromise impersonation attack, an expanded standard model for 3PAKE protocol is given. Meanwhile, through applying ElGamal encryption scheme and pseudorandom function, a specific three-party password authenticated key exchange protocol is proposed. The security of the proposed protocol is proven in the new standard model. The result shows that the present protocol has stronger security by comparing with other existing protocols, which covers the following security properties: (1) semantic security, (2) key privacy, (3) client-to-server authentication, (4) mutual authentication, (5) resistance to various known attacks, and (6) forward security.     

Design of a password-based authenticated key exchange protocol for SIP

The Session Initiation Protocol (SIP) is a signaling communications protocol, which has been chosen for controlling multimedia communication in 3G mobile networks. In recent years, password-based authenticated key exchange protocols are designed to provide strong authentication for SIP. In this paper, we address this problem in two-party setting where the user and server try to authenticate each other, and establish a session key using a shared password. We aim to propose a secure and anonymous authenticated key exchange protocol, which can achieve security and privacy goal without increasing computation and communication overhead. Through the analysis, we show that the proposed protocol is secure, and has computational and computational overheads comparable to related authentication protocols for SIP using elliptic curve cryptography. The proposed protocol is also provably secure in the random oracle model.     

An enhanced authenticated key agreement protocol for wireless mobile communication

With the rapid progress of wireless mobile communication, the authenticated key agreement protocol has attracted an increasing amount of attention. However, due to the limitations of bandwidth and storage of the mobile devices, most of the existing authenticated key agreement protocols are not suitable for wireless mobile communication. Quite recently, Sui et al. have presented an efficient authenticated key agreement protocol based on elliptic curves cryptography and included their protocol in 3GPP2 specifications to improve the security of A-Key distribution. However, in this paper, we show that Sui et al.'s protocol can't resist the off-line password guessing attack, and therefore present an enhanced authenticated key agreement protocol. At the same time, we also consider including our enhanced protocol in 3GPP2 specifications.     

An efficient client–client password-based authentication scheme with provable security

Recently, Tso proposed a three-party password-based authenticated key exchange (3PAKE) protocol. This protocol allows two clients to authenticate each other and establish a secure session key through a server over an insecure channel. The main security goals of such protocols are authentication and privacy. However, we show that Tso’s protocol achieves neither authentication goal nor privacy goal. In this paper, we indicate that the privacy and authentication goals of Tso’s protocol will be broken by off-line password guessing attack and impersonation attack, respectively. To overcome the weaknesses, we propose an improved 3PAKE protocol to achieve more security and performance than related protocols. The security of the proposed improved protocol is proved in random oracle model.     

Cryptanalysis of two three-party encrypted key exchange protocols

Due to the simplicity of maintaining human memorable passwords without any assistant storage device, password-based three-party encrypted key exchange (3PEKE) protocol has become one of the most promising research fields on user authentication and secure communication. In 2008, Chen et al. and Yoon and Yoo both pointed that Chang and Chang's password-based 3PEKE scheme cannot resist against undetectable on-line password guessing attacks, and then respectively proposed an improved protocol to eliminate the security vulnerability. However, based on the security analyses conducted by us, we find that both of their protocols are still vulnerable against undetectable on-line password guessing attacks. Accordingly, we develop a novel 3PEKE protocol to remedy these authentication flaws. Moreover, our proposed protocol can achieve better performance efficiency by requiring only four message transmission rounds. In conclusion, we can claim that our proposed 3PEKE protocol is more secure and efficient in comparison with the protocols proposed by Chen et al. and Yoon and Yoo.     

Provably secure three-party password-based authenticated key exchange protocol

A three-party password-based authenticated key exchange (3PAKE) protocol is a useful mechanism to establish a secure session key in a network. However, most current 3PAKE protocols only achieve “heuristic” security; the underlying hardness assumptions of these protocols are not perfect. We propose a 3PAKE protocol which is provably secure if the Diffie–Hellman problem is computationally infeasible (the CDH assumption), even in the 3eCK model where the adversary is allowed to make more queries and have more freedom than previous models. In our formal proof, we use the trapdoor test technique introduced by Cash, Kiltz and Shoup to construct an efficient decision oracle. As far as we know, our protocol is the first provably secure 3PAKE protocol based on the CDH assumption and the first 3PAKE protocol using the trapdoor test technique for the security proof.     

强安全的基于身份认证密钥协商协议

LaM acchia等提出了扩展的Canetti-K raw czyk(eCK)安全模型,该模型涵盖了认证密钥协商协议的所有安全特性.鉴于目前大多数基于身份的认证密钥协商协议在eCK模型中是不安全的,利用椭圆曲线加法群构造了一个eCK模型中安全的基于身份认证密钥协商协议.和其它的协议相比,新协议的计算复杂度和通信复杂度较低.新协议提供强安全性,它的安全性证明依赖于随机预言假设和GBDH假设.     

Two ID-based authenticated schemes with key agreement for mobile environments

With the rapid development of electronic commerce transactions on mobile devices, achieving secure communications between communication parties is an important issue. The typical solutions are authenticated key agreement protocols, designed to efficiently implement secure channels for two or more parties communicating via a public network by providing them with a shared secret key, called a session key. In this paper, we propose two key agreement schemes based on elliptic curve cryptosystems suited for mobile environments. The first one is an identity-based remote mutual authentication with key agreement scheme, and it is used to establish a session key between the client and the server. In the second one, we extend the proposed two-party authentication key exchange scheme to develop an efficient three-party authenticated key agreement scheme for establishing a session key between two users with the help of a trusted server. Both our proposed schemes achieve efficiency, practicability, simplicity, and strong notions of security.     

基于口令的三方认证密钥交换协议

传统的三方认证密钥交换协议不具备前向安全性,难以抵抗不可察觉在线字典攻击。为此,研究简单三方口令认证密钥交换协议,分析其存在的安全漏洞并加以改进,提出一种基于口令的三方认证密钥交换协议。分析结果表明,与其他协议相比,该协议的执行效率和安全性较高。