An novel three-party authenticated key exchange protocol using one-time key

Three-party authenticated key exchange protocol (3PAKE) is an important cryptographic technique for secure communication which allows two parties to agree a new secure session key with the help of a trusted server. In this paper, we propose a new three-party authenticated key exchange protocol which aims to achieve more efficiency with the same security level of other existing 3PAKE protocols. Security analysis and formal verification using AVISPA tools show that the proposed protocol is secure against various known attacks. Comparing with other typical 3PAKE protocols, the proposed protocol is more efficient with less computation complexity.     

Simple password-based three-party authenticated key exchange without server public keys

Password-based three-party authenticated key exchange protocols are extremely important to secure communications and are now extensively adopted in network communications. These protocols allow users to communicate securely over public networks simply by using easy-to-remember passwords. In considering authentication between a server and user, this study categorizes password-based three-party authenticated key exchange protocols into explicit server authentication and implicit server authentication. The former must achieve mutual authentication between a server and users while executing the protocol, while the latter only achieves authentication among users. This study presents two novel, simple and efficient three-party authenticated key exchange protocols. One protocol provides explicit server authentication, and the other provides implicit server authentication. The proposed protocols do not require server public keys. Additionally, both protocols have proven secure in the random oracle model. Compared with existing protocols, the proposed protocols are more efficient and provide greater security.     

Provably secure three-party password-based authenticated key exchange protocol

A three-party password-based authenticated key exchange (3PAKE) protocol is a useful mechanism to establish a secure session key in a network. However, most current 3PAKE protocols only achieve “heuristic” security; the underlying hardness assumptions of these protocols are not perfect. We propose a 3PAKE protocol which is provably secure if the Diffie–Hellman problem is computationally infeasible (the CDH assumption), even in the 3eCK model where the adversary is allowed to make more queries and have more freedom than previous models. In our formal proof, we use the trapdoor test technique introduced by Cash, Kiltz and Shoup to construct an efficient decision oracle. As far as we know, our protocol is the first provably secure 3PAKE protocol based on the CDH assumption and the first 3PAKE protocol using the trapdoor test technique for the security proof.     

New identity-based three-party authenticated key agreement protocol with provable security

Key agreement allows multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. In the recent years, several identity-based (ID-based) authenticated key agreement protocols have been proposed and most of them broken. In this paper, we formalize the security model of ID-based authenticated tripartite key agreement protocol and propose a provably secure ID-based authenticated key agreement protocol for three parties with formal security proof under the computational Diffie–Hellman assumption. Experimental results by using the AVISPA tool show that the proposed protocol is secure against various malicious attacks.     

强安全的基于身份认证密钥协商协议

LaM acchia等提出了扩展的Canetti-K raw czyk(eCK)安全模型,该模型涵盖了认证密钥协商协议的所有安全特性.鉴于目前大多数基于身份的认证密钥协商协议在eCK模型中是不安全的,利用椭圆曲线加法群构造了一个eCK模型中安全的基于身份认证密钥协商协议.和其它的协议相比,新协议的计算复杂度和通信复杂度较低.新协议提供强安全性,它的安全性证明依赖于随机预言假设和GBDH假设.     

标准模型下隐私保护的多因素密钥交换协议

多因素认证密钥交换协议融合多种不同的认证因素来实现强安全的身份认证和访问控制,在具有高级别安全应用需求的移动泛在服务中具有巨大的应用潜力.现阶段多因素协议的研究成果还不丰富,并且已有协议都是在随机预言模型下可证明安全的.以两方口令认证密钥交换协议、鲁棒的模糊提取器以及签名方案为基本组件提出了一个标准模型下可证明安全的多因素协议.本文的协议中服务器不知道用户的生物模板,因此实现了对生物信息的隐私保护.与已有的随机预言模型下的多因素协议相比,本文的协议在满足更高安全性的同时具有更高的计算效率和通信效率,因此更满足高级别安全的移动泛在服务的应用需求.     

标准模型下高效的三方口令认证密钥交换协议

三方口令认证密钥交换协议允许两个分别与服务器共享不同口令的用户在服务器的协助下建立共享的会话密钥,从而实现了用户间端到端的安全通信.现阶段,多数的三方口令认证密钥交换协议都是在随机预言模型下可证明安全的.但在实际应用中,利用哈希函数对随机预言函数进行实例化的时候会给随机预言模型下可证明安全的协议带来安全隐患,甚至将导致协议不安全.以基于ElGamal加密的平滑投射哈希函数为工具,在共同参考串模型下设计了一种高效的三方口令认证密钥交换协议,并且在标准模型下基于DDH假设证明了协议的安全性.与已有的同类协议相比,该协议在同等的安全假设下具有更高的计算效率和通信效率,因此更适用于大规模的端到端通信环境.     

适用于双方频繁通信的密钥交换协议

首先对以前提出的一个高效的基于验证元的三方密钥交换协议进行了安全性分析,指出了它容易受到服务器密钥泄露攻击等安全威胁,且缺乏前向安全性;并以此为基础,针对大多数现存的基于验证元的3PAKE协议均难以抵御服务器密钥泄露攻击的现状,提出了一个新的3PAKE协议。通过安全性分析,证明了新协议比原协议更安全,能够抵御各种已知的攻击,且与现有的大多数同类协议相比具有更高的效率。     

Efficient and provably secure password-based group key agreement protocol

This paper considers the issue on authenticated group key agreement protocol among n users broadcasting communication over an insecure public network. Many authenticated group Diffie-Hellman key agreement protocols have been proposed to meet the challenges. However, existing protocols are either limited by the use of public key infrastructure or by their scalability, requiring O(n) rounds. To overcome these disadvantages, we propose an efficient password-based group key agreement protocol resistant to the dictionary attacks by adding password-authentication services to a non-authenticated multi-party key agreement protocol proposed by Horng. The proposed protocol is very efficient since it only requires constant rounds to agree upon a session key, and each user broadcasts a constant number of messages and only requires four exponentiations. Under the Decisional Diffie-Hellman assumption, we will show the proposed protocol is provably secure in both the ideal-cipher model and the random-oracle model.     

Provably secure authenticated key exchange protocol under the CDH assumption

Constructing a secure key exchange protocol is one of the most challenging problems in information security. We propose a provably secure two-round two-party authenticated key exchange (2AKE) protocol based on the well-studied CDH assumption in eCK model to provide the strongest definition of security for key exchange protocol when using the matching session to define the partnership. The underlying hardness assumption (CDH assumption) of our protocol is weaker than these of four other provably secure 2AKE protocols in CK model or eCK model and the computational cost of our protocol is reasonable. We also present a three-round variant of our protocol to realize key conformation.     

完美前向安全的基于身份认证密钥协商方案

现有的基于身份的一轮认证密钥协商方案没能实现强的完美前向性.采用强不可伪造的签名算法对临时公钥进行签名,提出一种改进的基于身份认证密钥协商方案.首先,对Boneh和Boyen提出的强不可伪造的短签名方案进行改造,提出一种强不可伪造的基于身份签名方案;然后,将新签名方案与Ni等人提出的eCK安全的基于身份一轮认证密钥协商方案相结合,提出新的密钥协商方案.进一步,为了实现新方案的可证明安全性,在对比分析eCK-PFS模型和eCK模型的基础上,融合现有安全模型,定义了基于身份认证密钥协商方案分析的强安全模型ID-eCK-PFS.在ID-eCK-PFS模型下,通过安全性规约,证明了新提出的基于身份认证密钥协商方案实现了强安全性,包括抗密钥泄露伪装、抗临时秘密泄露和完美前向安全性等.     

Design of a password-based authenticated key exchange protocol for SIP

The Session Initiation Protocol (SIP) is a signaling communications protocol, which has been chosen for controlling multimedia communication in 3G mobile networks. In recent years, password-based authenticated key exchange protocols are designed to provide strong authentication for SIP. In this paper, we address this problem in two-party setting where the user and server try to authenticate each other, and establish a session key using a shared password. We aim to propose a secure and anonymous authenticated key exchange protocol, which can achieve security and privacy goal without increasing computation and communication overhead. Through the analysis, we show that the proposed protocol is secure, and has computational and computational overheads comparable to related authentication protocols for SIP using elliptic curve cryptography. The proposed protocol is also provably secure in the random oracle model.     

Provable security of a pairing-free one-pass authenticated key establishment protocol for wireless sensor networks

Designing efficient as well as secure cryptographic protocols for resource-constrained applications is a challenging task. In this paper, we formally analyze the security of an efficient one-pass authenticated key establishment protocol, the 1P-AKE protocol, which is primarily proposed for resource-constrained sensor nodes devices in wireless sensor networks (WSNs). In contrast to the existing identity-based one-pass key establishment protocols, the 1P-AKE protocol does not require any bilinear pairing computation in order to establish a key. This feature makes it really attractive for resource-constrained application environments, such as WSNs, where pairing computations are too expensive. We show that in the random oracle model, the 1P-AKE protocol is a secure authenticated one-pass key establishment protocol under the computational Diffie–Hellman assumption. The performance of the 1P-AKE protocol is also discussed and compared with the existing relevant protocols.     

Escrowable identity-based authenticated key agreement protocol with strong security

Escrowable identity-based authenticated key agreement protocols are welcome in certain closed groups applications, where audit trail is a legal requirement. In this paper, we present a strongly secure one-round escrowable identity-based two-party authenticated key agreement protocol, which captures all basic desirable security properties including perfect forward secrecy, ephemeral secrets reveal resistance and so on, and is provably secure in the extended Canetti–Krawczyk (eCK) model. We show that the security of the protocol can be reduced to the standard computational bilinear Diffie–Hellman assumption in the random oracle model. Assuming that no adversary can obtain the master private key for the escrow mode, our scheme is secure as long as each party has at least one uncompromised secret. To the best of our knowledge, our scheme is the first escrowable identity-based authenticated key agreement protocol provably secure in the eCK model.     

高效的基于身份的认证密钥协商协议

王圣宝等(王圣宝,曹珍富,董晓蕾.标准模型下可证安全的身份基认证密钥协商协议.计算机学报,2007,30(10):1842-1854)提出的标准模型下可证明安全的基于身份的认证密钥协商协议不具有私钥产生中心(PKG)前向安全性。针对该安全缺陷,提出了一种新的基于身份的认证密钥协商协议,协议中给出了一种利用用户私钥和临时秘密信息联合计算共享秘密的方法,并在标准模型下证明了协议的安全性。与已有协议相比,新协议具有较高的执行效率。同时提出了一种PKG与用户共同协商私钥的方法,即用户的私钥由用户产生的部分秘密信息以及PKG的系统主密钥共同生成,从而有效解决了基于身份的认证密钥协商协议的PKG前向安全性问题。     

理想格上的多阶段认证密钥交换协议

现有的格基认证密钥交换协议普遍基于Bellare-Rogaway等单阶段模型,忽略了实际通信场景中会话密钥建立的阶段分离。针对这一问题,基于MSKE模型提出了一种格基多阶段认证密钥交换协议。该方案使用预共享的口令进行认证,并使用Peikert误差消除机制结合服务器静态密钥实现多阶段密钥协商。分析表明,该方案整体只引入少量计算开销,实现了双向认证、二阶会话密钥完美前向保密、抗量子攻击等特性,在MSKE模型下满足KD-2FS-M安全等级,是一种简单高效的后量子多阶段密钥交换协议。     

可证明安全的基于身份的认证密钥协商协议

提出了一种具有私钥产生中心(private key generator,PKG)前向安全性的基于身份的认证密钥协商协议,协议中给出了一种利用用户双方的长期私钥和临时私钥联合计算共享密钥的方法.在标准模型下证明了协议的安全性,并且分析得出,即使攻击者能够同时获得双方的临时私钥或同时获得双方的长期私钥,共享密钥仍然是安全的.性能分析表明,该协议较好地平衡了计算复杂度和安全性这两个协议评价指标.     

An efficient three-party authenticated key exchange protocol using elliptic curve cryptography for mobile-commerce environments

For secure communications in public network environments, various three-party authenticated key exchange (3PAKE) protocols are proposed to provide the transaction confidentiality and efficiency. In 2008, Chen et al. proposed a round-efficient 3PAKE protocol to provide the computation and communication efficiency for user authentication and session key exchange. However, we discover that the computation costs and communication loads of their protocol are still high so that it cannot be applied to mobile communications. Therefore, we propose an efficient three-party authenticated key exchange protocol based upon elliptic curve cryptography for mobile-commerce environments. Because the elliptic curve cryptography is used, the proposed 3PAKE protocol has low computation costs and light communication loads. Compared with Chen et al.’s protocol, the proposed protocol is more suitable and practical for mobile-commerce environments.     

Secure lightweight password authenticated key exchange for heterogeneous wireless sensor networks

Several three-party password authenticated key exchange (3-PAKE) protocols have recently been proposed for heterogeneous wireless sensor networks (HWSN). These are efficient and designed to address security concerns in ad-hoc sensor network applications for a global Internet of Things framework, where a user may request access to sensitive information collected by resource-constrained sensors in clusters managed by gateway nodes. In this paper we first analyze three recently proposed 3-PAKE protocols and discuss their vulnerabilities. Then, based on Radio Frequency Identification technologies we propose a novel 3-PAKE protocol for HWSN applications, with two extensions for additional security features, that is provably secure, efficient and flexible.     

A secure anonymous routing protocol with authenticated key exchange for ad hoc networks

Anonymity and authenticated key exchange should be paid much more attention in secure mobile ad hoc routing protocols, especially in privacy-vital environment. However, as far as we know, few papers on secure routing protocols have addressed both the anonymity and authenticated key exchange. Therefore, in this paper, we present a new secure anonymous routing protocol with authenticated key exchange for ad hoc networks. In comparison with other previous secure routing protocols, our proposed protocol not only provides the anonymity to the route from the source to the destination, but also integrates the authenticated key exchange into the routing algorithm.