Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2004.11C.3.277

Password-based Authenticated Key Agreement Protocol Secure Against Advanced Modification Attack  

Kwak, Jin (성균관대학교 대학원 정보통신공학부)
Oh, Soo-Hyun (호서대학교 컴퓨터공학부)
Yang, Hyung-Kyu (강남대학교 컴퓨터미디어공학부)
Won, Dong-Ho (성균관대학교 정보통신공학부)
Publication Information
The KIPS Transactions:PartC / v.11C, no.3, 2004 , pp. 277-286 More about this Journal
Abstract
Password-based mechanism is widely used methods for user authentication. Password-based mechanisms are using memorable passwords(weak ferrets), therefore Password-based mechanism are vulnerable to the password guessing attack. To overcome this problem, man password-based authenticated key exchange protocols have been proposed to resist password guessing attacks. Recently, Seo-Sweeny proposed password-based Simple Authenticated Key Agreement(SAKA) protocol. In this paper, first, we will examine the SAKA and authenticated key agreement protocols, and then we will show that the proposed simple authenticated key agreement protocols are still insecure against Advanced Modification Attack. And we propose a password-based Simple Authenticated Key Agreement Protocol secure against Advanced Modification Attack.
Keywords
Password-Based; Simple Authentication; Key Agreement Protocol; Key Confirmation; Advanced Modification Attack;
Citations & Related Records
연도 인용수 순위
  • Reference
1 M. Bellare, D. Pointcheval and P. Rogaway, 'Authenticated Key Exchange secure against Dictionary Attacks,' Eurocrypt 00, pp.139-155, 2000
2 Y. M. Tseng, 'Weakness in simple authen-ticated key agreement protocol,' Electronics Letters, Vol.36, No.1, pp.48-49, 2000   DOI   ScienceOn
3 I. C. Lin, C. C. Chang;M. S. Hwang, 'Security enhancement for the simple authentication key agreement algorithm,' 24th Annual International Computer Software and Application Conference, pp.113-115, 2000   DOI
4 W. Diffie and M. E. Hellman, 'New Directions in cryptography,' IEEE Transaction on Information Theory, IT-22, 6, pp.644-654, 1976   DOI
5 S. Bellovin and M. Meritt, 'Encrypted key exchange : password-based protocols secure against dictionary attacks,' IEEE Symposium on Research in Security and Privacy, pp.72-84, 1992   DOI
6 R. Rivest, A. Shamir and L. Adleman, 'A method of obtaining digital signature and public key cryptosystem,' ACM Communication, Vol.21, No.2, pp.120-126, 1978   DOI   ScienceOn
7 T. ElGamal, 'A public key crytosystem and a signature scheme based on discrete logarithms,' IEEE Transaction on Information Theory, Vol.31, pp.469-472, 1985   DOI
8 S. Bellovin and M. Meritt, 'Augmented encrypted key exchange : a password-based protocol secure against dictionary attacks and password-file compromised,' ACM Conf. on Computer and Communications Security, pp.244-250, 1993   DOI
9 M. Boyarsky, 'Public-key cryptography and password protocols : the multi user case,' ACM Conf. on Computer and Communications Security, 1999   DOI
10 V. Boyko, P. MacKenzie and S. Patel, 'Provably secure password authenticated key exchange using Diffie-Hellman,' Eurocrypt 00, pp. 156-171, 2000
11 W. C. Ku and Wang, 'Cryptanaysis of modified authenticated key agreement protocol,' Electronics Letters, Vol.36, No.21, pp.1770-1771, 2000   DOI   ScienceOn
12 D. H. Seo and P. Sweeny, 'Simple authenticated key agreement algorithm,' Electronics Letters, Vol.35, No.13, pp.1073-1074, 1999   DOI   ScienceOn