Browse > Article

Efficient and Secure Authenticated Key Exchange  

Park Jong-Min (School of Computer, Dongshin University)
Publication Information
Journal of information and communication convergence engineering / v.3, no.3, 2005 , pp. 163-166 More about this Journal
Abstract
The Key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, Key confirmation, and Key freshness. In this paper, Two authenticated key exchange protocols TPEKE-E(Two Pass Encrypted Key Exchange-Exchange-Efficient) and TPEKE-S(Two Pass Encrypted Key xchange-Secure) are introduced. A basic idea of the protocols is that a password can be represented by modular addition N, and the number of possible modular addition N representing the password is $2^N$. The TPEKE-E is secure against the attacks including main-in-the-middle attack and off-line dictionary attack, and the performance is excellent so as beyond to comparison with other authenticated key exchange protocols. The TPEKE-S is a slight modification of the TPEKE-E. The TPEKE-S provides computational in feasibility for learning the password without having performed off line dictionary attack while preserving the performance of the TPEKE-E.
Keywords
TPEKE-E; TPEKE-S; main-in-the­middle attack; off-line dictionary attack;
Citations & Related Records
연도 인용수 순위
  • Reference
1 M. Bellare, D. Pointcheaval, and P. Rogaway, 'Authenticated key exchange secure against dictionary attacks', Advances in Cryptology Eurocrypt'00, LNCS Vol. 1807, Springer-Verlag, pp. 139-155, 2000
2 L. Gong, 'Optimal authentication protocols resistant to password guessing attacks', In 8th IEEE Computer Security Foundations Workshop, pp. 24-29, 1995
3 L. Gong, T. M. A. Lomas, R. M. Needham, and J. H. Saltzer, 'Protecting poorly chosen secrets from guessing attacks', IEEE Journal on Selected Areas in Communications, 11(5), pp. 648-656, June 1993   DOI   ScienceOn
4 E. Bach, Algorithmic Number Theory, Volumn 1 : Efficient Algorithms, MIT Press, Cambridge, Massachusetts, 1996
5 P. MacKenzie, S. Patal and S. Swaminathan, 'Password authenticated key exchangebased on RSA', Advances in Cryptology Asiacrypt'00, LNCS Vol. 1976, Springer-Verlag, pp. 599-613, 2000
6 H. Cohen, A Course in Computational Algebraic Number Theory, Springer-Verlag, Berlin, 1993
7 H. Woll, 'Reductions among number theoretic problems, Information and Computation, Vol. 72, pp. 167-179, 1987   DOI
8 S. M. Bellovin and M. Merrit, 'Augmented encrypted key exchange : Password-based protocol secure against dictionary attack and password file compromise', In ACM Security (CCS'93), pp. 244. 250, 1993
9 S. M. Bellovin and M. Merrit, 'Encrypted key exchange : Password-based protocols secure against dictionary attack', In Proceedings of IEEE Security and Privacy, pp. 72-84, 1992
10 V. Boyko, P. MacKenzie, and S. Prenel, 'Probably secure password authenticated key exchange using Diffie-Hellman', In B. Prenel, editor, Advances in Cryptology Eurocrypt'00, LNCS Vol. 1807, Springer - Verlag, pp. 156-171, 2000   DOI   ScienceOn
11 S. Patal, 'Number theoretic attacks on secure password schemes', In proceedings of IEEE Security and Privacy, pp. 236-247, 1997   DOI
12 J. Katz, R. Ostrovsky, and M. Yung, 'Efficient password authenticated key exchange using human memorable passwords', Advances in Cryptology Eurocrypt'01, LNCS Vol. 2045, Springer-Verlag, pp. 475-494, 2001
13 M. Steiner, G. Tsudik, and M. Waidner, 'Refinement and extension of encrypted key exchange', ACM Operating System Review, 29, pp. 22-30, 1995   DOI   ScienceOn
14 O. Goldreich and Y. Lindell, 'Session key generation using heman passwords only', Advances in Cryptology, Crypto'01, LNCS Vol. 2137, Stronger-Verlag, pp. 408-432, 2001
15 D. Jablon, 'Strong password-only authenticated key exchange', ACM Computer Communication Review, ACM SIGCOMM, Vol. 26, No.5, pp. 520, October 1996
16 S. Lucks, 'Open key exchange: How to defeat dictionary attacks without encrypting public keys', In Proceedings of the Workshop on Security Protocols, 1997