한국정보과학회논문지:시스템및이론 (Journal of KIISE:Computer Systems and Theory)

한국정보과학회 (Korean Institute of Information Scientists and Engineers)
권호 표지

OTP-EKE:원-타임-패스워드 기반의 키 고환 프로토콜

OTP-EKE: A Key Exchange Protocol based on One-Time-Password

  • 서승현 (이화여자대학교 과학기술대학원 컴퓨터학과) ;
  • 조태남 (이화여자대학교 과학기술대학원 컴퓨터학과) ;
  • 이상호 (이화여자대학교 컴퓨터학과)
  • Seo, Seung-Hyun (Dept.of Computer, Science Technology, Graduatet School of Ewah Wonan's University) ;
  • Cho, Tae-Nam (Dept.of Computer, Science Technology, Graduatet School of Ewah Wonan's University) ;
  • Lee, Sang-Ho (Dept.of Computer, Ewah Wonan's University)
  • 발행 : 2002.06.01
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

키 교환 프로토콜에서 상호 인증은 필수 요소이며, 사용자에게 편리하고 비용이 적게 드는 패스워드 기반의 인증 방식이 널리 사용되고 있다. 패스워드 기반의 프로토콜은 패스워드가 가지는 제약으로 인한 공격에 대해서 안전해야 할 뿐 아니라, 사용자의 작업량을 줄이기 위한 효율성도 매우 중요한 요건 이다. 본 논문에서는 서버와 사용자간의 인증을 제공하고 세션키를 공유하기 위한 키 교환 프로토콜 OTP-EKE(One Time Password based Encrypted Key Exchange)를 제안하였다. 키 교환을 위한 사용자 인증방식으로 패스워드 방식을 채택하였다. 특히 서버 디렉토리에 대한 공격 등에 대해서 안전도를 높이기 위하여 원-타임-패스워드 확인자와 서버의 공개 패스워드를 이용하였다. 제안한 프로토콜은 모듈라지수승 계산 횟수와 메시지 전송 횟수를 줄임으로써 효율성 향상을 보인다.

Mutual authentication is essential for key exchange protocols and password-based authentication scheme is used widely, which is convenient to users and executed on the cheap. Password-based protocol should be not only secure against attach but also efficient to reduce user's load. In this paper, we propose a new key exchange protocol, called OTP-EKE(One Time Password based Encrypted Key Exchange), to provide authentication and to share a session key between a server and a user. We choose a password-based scheme as a user authentication. Especially, we use a one-time-password verifier and server's public password to protect against attacks on server's directory. As for efficiency, we improve the performance by reducing the number of modular exponentiations and the number of rounds.

키워드

참고문헌

  1. M. Bellare, D. Jablon, H. Krawczyk, P. MacKenzie, P. Rogaway, R. Swaminathan and T. Wu,' Proposal for P1363 study group on password-based authenticated - key-exchange methods,' 2000
  2. S. Bellovin and M. Merritt, 'Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password-file compromise,' ACM Conference on Computer and Communications Security, 1993 https://doi.org/10.1145/168588.168618
  3. S. Bellovin and M. Merrit, 'Encrypted key exchange: password-based protocols secure against dictionary attacks,' IEEE Symposium on Research in Security and Privacy, 1992 https://doi.org/10.1109/RISP.1992.213269
  4. V. Boyko, P. MacKenzie and S. Patel, 'Provably secure password authenticated key exchange using Diffie-Hellman,' 'Eurocrypt 00, 2000
  5. M. Bellare and P. Rogaway, 'The AuthA protocol for password-based authenticated key exchange,' 2000, available from http://www.cs.ucdavis.edu/rogaway/papers/autha.ps
  6. W. Diffie and M. Hellman, 'New directions in cryptography, IEEE Transactions on Information Theory, Vol. 22, No. 6, 1976 https://doi.org/10.1109/TIT.1976.1055638
  7. L. Gong, T. M. A. Lomas, R. M. Needham and J. H. Saltzer, 'Protecting poorly chosen from guessing attacks,' IEEE Journal on Selected Areas in Communications, Vol. 11, No. 5, 1993 https://doi.org/10.1109/49.223865
  8. N. Haller, 'The S/KEY one-time password system,' RFC 1760, 1995
  9. S. Halevi and H. Krawczyk, 'Public-key cryptography and password protocols,' ACM Transactions on Information and System Security(TISSEC), Vol. 2, 1999 https://doi.org/10.1145/322510.322514
  10. D. Jablon, 'Extended password key exchange protocols,' WETICE Workshop on Enterprise Security, 1997
  11. D.Jablon, 'Strong password-only authenticated key exchange,' ACM Computer Communications Review, vol. 26, No. 5, 1996 https://doi.org/10.1145/242896.242897
  12. T. Kwon, 'Authentication and key agreement via memorable password,' NDSS 2001 Symposium Conference Proceedings, 2001
  13. T. Kwon, J. Song, 'Secure agreement scheme for $g^{xy}$ via password authentication,' Electronics Letters, Vol. 35, No. 11, 1999 https://doi.org/10.1049/el:19990623
  14. P. MacKenzie, S. Patel and R. Swaminathan, 'Password-authenticated key exchange based on RSA,' ASIACRYPT, 2000
  15. 박왕석, 정종필,박창섭, 이동훈,'패스워드를 이용한 인증 프로토콜들에 대한 고찰,' 통신정보보호학회 학술지 제9권 제4호, 1999
  16. D. R. Stinson, Cryptography Theory and Practice, CRC, 1995
  17. M. Steiner, G. Tsudik, M. Waidner, 'Refinement and extension of encrypted key exchange,' ACM Operating Systems Review, Vol. 29, No. 3, 1995 https://doi.org/10.1145/206826.206834
  18. T. Wu, 'Secure remote password protocol,' NDSS, 1998