共查询到20条相似文献,搜索用时 15 毫秒
1.
Cryptanalysis of modified authenticated key agreement protocol 总被引:3,自引:0,他引:3
Wei-Chi Ku Sheng-De Wang 《Electronics letters》2000,36(21):1770-1771
Tseng [see ibid., vol. 36, no. 1, p. 48-9, 2000] addressed a weakness within and proposed a modification to the key agreement protocol presented by Seo and Sweeney [see ibid., vol. 35, no. 13, p. 1073-4, 1999]. The authors show that Tseng's modified protocol is still vulnerable to two simple attacks and describe a new enhancement to the Seo-Sweeney protocol 相似文献
2.
Cryptanalysis and improvement of ‘an improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks’ 下载免费PDF全文
Authentication schemes assure that authorised user can fraudulently obtain his/her required services from home domains. Recently, Li et al. (International Journal of Network Management, 2013; 23(5):311–324) proposed a remote user authentication scheme. They claimed that their protocol is secure against known security attacks. However, in this paper, we indicate that Li et al.'s scheme is insecure against user impersonation attack. We show that an active adversary can easily masquerade as a legitimate user without knowing the user's secret information. As a remedy, we also proposed an improved authentication scheme to overcome the security weaknesses of Li et al.'s scheme. To show the security of our scheme, we prove its security the random oracle model. The implementation results show that our improved scheme offers a reduction of 58% in computational cost and a communication cost reduction of 48% with respect to Li et al.'s scheme. Copyright © 2014 John Wiley & Sons, Ltd. 相似文献
3.
Batch Diffie-Hellman key agreement schemes are described, motivated, and analyzed for security and efficiency.
Work done at Bellcore, Morristown, NJ, U.S.A. 相似文献
4.
5.
Sung-Ming Yen 《Communications Letters, IEEE》1999,3(1):7-8
We point out that a previously proposed authentication and key distribution protocol is not secure from both the viewpoints of authentication and key distribution requirements 相似文献
6.
Cryptanalysis and improvement of an efficient authenticated key exchange protocol with tight security reduction 下载免费PDF全文
Siqi Lu Jinhua Zhao Qingfeng Cheng 《International Journal of Communication Systems》2016,29(3):567-578
The SMEN protocol, proposed by Wu and Ustaoglu in 2009, has been considered to be secure as the authors claimed, and numerous theories are proposed based on this protocol. This paper analyzes the SMEN protocol and finds that this protocol is not resistant to the session corruption attack and the key compromise impersonation attack. Then, we propose an improved protocol with tight security reduction. Our improved protocol not only avoids the above attacks but also embraces the same efficiency as the SMEN protocol in terms of exponentiation. Besides, formal analysis of the improved protocol is presented by using the formal automatic security analysis tool Scyther. Copyright © 2014 John Wiley & Sons, Ltd. 相似文献
7.
在无证书公钥密码体制下对一种多方可认证密钥协商方案进行了分析,指出该方案无法抵抗合法用户的扮演攻击和口令偶尔泄露导致的危机。分析了该方案存在漏洞的原因,并在此基础上给出一个改进的密钥协商方案。新方案引入密钥种子和口令进化机制解决了上述问题,同时消除了冗余消息,降低了用户占用的带宽。分析表明新方案的安全性更强。 相似文献
8.
9.
An ID‐based mutual authentication with key agreement protocol for multiserver environment on elliptic curve cryptosystem 下载免费PDF全文
Mutual authentication is used to validate the legitimacy of a remote login user and a server. Conventional user authentication protocols are suited to solve the privacy and security problems for the single client/server architecture environment. However, the use of computer networks and information technology has grown spectacularly. More and more network architectures are used in multi‐server environments. Recently, several authentication schemes for multi‐server environments have been proposed. However, the performance of these schemes is not suitable for applications. To improve the performance, we propose a new ID‐based mutual authentication protocols for multi‐server environment without bilinear pairings. We also show that the proposed scheme is provable secure in the random oracle model. Copyright © 2012 John Wiley & Sons, Ltd. 相似文献
10.
11.
Su Mi Lee Dong Hoon Lee 《Communications Letters, IEEE》2006,10(8):638-639
Recently, Jung (2006), proposed an efficient group key agreement protocol over authenticated channel. In this letter, we present a critique of the protocol. In particular, we show that Jung's protocol is vulnerable to attacks of malicious insiders. 相似文献
12.
Cryptanalysis and security enhancement of a robust two‐factor authentication and key agreement protocol 下载免费PDF全文
Qi Xie Na Dong Duncan S. Wong Bin Hu 《International Journal of Communication Systems》2016,29(3):478-487
Two‐factor user authentication scheme allows a user to use a smart card and a password to achieve mutual authentication and establish a session key between a server and a user. In 2012, Chen et al. showed that the scheme of Sood et al. does not achieve mutual authentication and is vulnerable to off‐line password guessing and smart card stolen attacks. They also found that another scheme proposed by Song is vulnerable to similar off‐line password guessing and smart card stolen attacks. They further proposed an improved scheme. In this paper, we first show that the improved scheme of Chen et al. still suffers from off‐line password guessing and smart card stolen attacks, does not support perfect forward secrecy, and lacks the fairness of session key establishment. We then propose a new security‐enhanced scheme and show its security and authentication using the formal verification tool ProVerif, which is based on applied pi calculus. Copyright © 2014 John Wiley & Sons, Ltd. 相似文献
13.
Authenticated key exchange protocols represent an important cryptographic mechanism that enables several parties to communicate securely over an open network. Elashry, Mu, and Susilo proposed an identity‐based authenticated key exchange (IBAKE) protocol where different parties establish secure communication by means of their public identities.The authors also introduced a new security notion for IBAKE protocols called resiliency, that is, if the secret shared key is compromised, the entities can generate another shared secret key without establishing a new session between them. They then claimed that their IBAKE protocol satisfies this security notion. We analyze the security of their protocol and prove that it has a major security flaw, which renders it insecure against an impersonation attack. We also disprove the resiliency property of their scheme by proposing an attack where an adversary can compute any shared secret key if just one secret bit is leaked. 相似文献
14.
Wireless Networks - In recent years, radio frequency identification (RFID) systems have become popular for identification. The key technology to protect the security of RFID systems is mutual... 相似文献
15.
16.
Wang Changji Yang Bo Wu Jianping 《电子科学学刊(英文版)》2005,22(5):485-489
In 1999, Seo and Sweeney proposed a simple authenticated key agreement protocol that was designed to act as a Diffie-Hellman key agreement protocol with user authentication. Various attacks on this protocol are described and enhanced in the literature. Recently, Ku and Wang proposed an improved authenticated key agreement protocol, where they asserted the protocol could withstand the existing attacks. This paper shows that Ku and Wang's protocol is still vulnerable to the modification attack and presents an improved authenticated key agreement protocol to enhance the security of Ku and Wang's protocol. The protocol has more efficient performance by replacing exponentiation operations with message authentication code operations. 相似文献
17.
Xuelei Li Qiaoyan Wen Hua Zhang Zhengping Jin 《International Journal of Network Management》2013,23(5):311-324
In this paper, we cryptanalyze Rhee et al.'s ‘Remote user authentication scheme without using smart cards’, and prove that their scheme is not completely secure against user impersonation attack. The security flaw is caused by mathematical homomorphism of the registration information. In addition, their scheme lacks key agreement procedures for generating the session key to encrypt the communication messages after mutual authentication. Furthermore, a modification is proposed to improve the security, practicability and robustness of such scheme. Firstly, we introduce elliptic curve cryptosystem to enhance the security. Secondly, in order to improve the practicability, our improvement is much more easily implemented using portable devices in global mobility networks; moreover, a synchronized clock system, traditional password table or ancillary equipment are not required in our improvement. Finally, the proposed scheme not only achieves mutual authentication, but also provides the procedure for key agreement and update of secrets for users and servers to increase the robustness. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献
18.
Bae Eun Jung 《Communications Letters, IEEE》2006,10(2):106-107
Group key agreement protocol is important for collaborative and group-oriented application. Recently, for a network that consists of devices with limited resource, group key management has become an issue for secure routing or multicast. In this letter, we present an efficient group key agreement protocol that is an improvement of the Burrnester-Desmedt algorithm. We generalize the Improvement, which doesn't need the same modulus group for discrete logarithm problem. 相似文献
19.
理论意义上安全的密钥分配协议是近几年研究的热点,已经研究多时的量子密钥分配协议也可以归结为理论意义上安全的密钥分配协议.一旦理解了它,就可以从更高的角度来理解量子密钥分配协议.它也提出了如何用经典的办法来达到量子密钥分配的安全性以及其局限性.现就理论意义上安全的密钥分配协议进行了总结. 相似文献
20.
Security analysis of an authentication and key agreement protocol for satellite communications 下载免费PDF全文
Yuanyuan Zhang Jianhua Chen Baojun Huang 《International Journal of Communication Systems》2014,27(12):4300-4306
Recently, Chang et al. proposed an authentication and key agreement protocol for satellite communications, and they claimed that their scheme could withstand various attacks. However, in this paper, we will show that their scheme is vulnerable to the denial of service attack and the impersonation attack. Moreover, we also point out that the adversary could compute the session key through the intercepted message. The analysis shows the scheme of Chang et al. is not secure for practical applications. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献