• Title/Summary/Keyword: Authenticated key exchange

Search Result 76, Processing Time 0.023 seconds

Analysis on Zhou et al.'s ID-Based Authenticated Group Key Agreement To Exchange Secure Contents among Group Users (그룹 사용자간 안전한 콘텐츠 전송을 위한 Zhou의 ID-기반의 인증된 그룹 키 교환 프로토콜 분석)

  • Choi, Jae-Tark;Kwon, Jeong-Ok;Yoon, Seok-Koo
    • Journal of Broadcast Engineering
    • /
    • v.13 no.1
    • /
    • pp.79-85
    • /
    • 2008
  • An authenticated group key agreement protocol allows a group of parties communicating over an insecure network to share a common secret key. In this paper, we show that Zhou et al.'s ID-based authenticated group key agreement schemes do not provide forward secrecy.

Performance Analysis of Key Exchange Protocols on ETSI Standard (ETSI 표준 키 교환 프로토콜의 성능 분석)

  • Lee, Young-Seok;Choi, Hoon
    • The Journal of Korea Institute of Information, Electronics, and Communication Technology
    • /
    • v.8 no.6
    • /
    • pp.520-527
    • /
    • 2015
  • The key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, key confirmation, and key freshness. In this paper, we present the security functions in ETSI(European Telecommunications Standards Institute), and analyze the specification of the security primitives and the key exchange protocols for the authenticated key agreement between RCST(Return Channel Satellite Terminal) and NCC(Network Control Centre). ETSI key exchange protocols consists of Main Key Exchange, Quick Key Exchange, and Explicit Key Exchange. We analyse the pros and cons of key exchange protocols based on performance analysis and performance evaluation.

Efficient Password-based Group Key Exchange Protocol (효율적인 패스워드 기반 그룹 키 교환 프로토콜)

  • 황정연;최규영;이동훈;백종명
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.1
    • /
    • pp.59-69
    • /
    • 2004
  • Password-based authenticated group key exchange protocols provide a group of user, communicating over a public(insecure) channel and holding a common human-memorable password, with a session key to be used to construct secure multicast sessions for data integrity and confidentiality. In this paper, we present a password-based authenticated group key exchange protocol and prove the security in the random oracle model and the ideal cipher model under the intractability of the decisional Diffie-Hellman(DH) problem and computational DH problem. The protocol is scalable, i.e. constant round and with O(1) exponentiations per user, and provides forward secrecy.

A Brief Consideration on the Security of Hash-Based Authenticator (해시 기반 인증자 안전성 고찰)

  • Byun, Jin Wook
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.3
    • /
    • pp.609-612
    • /
    • 2016
  • Authenticated key exchange protocol achieves its authentication by using hash-based authenticator with input of common message and session key that agrees between participants. In the letter, we show that this approach cannot satisfy the entire security, through a recent example protocol that is proposed by Tsai et al, 2014, if the input of authenticator has been insecurely designed.

Efficient Three-Party Password Authenticated Key Exchange for Client-to-Client Applications

  • Yang, Yanjiang;Bao, Feng
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.6B
    • /
    • pp.249-257
    • /
    • 2008
  • Nowadays, client-to-client applications such as online chat (e.g. MSN) and SMS (Short Message Services) are becoming increasingly prevalent. These client-to-client applications are revolutionizing the way we communicate. Three-party PAKE (password authenticated key exchange) protocols provide a means for the two communicating parties holding passwords to establishment a secure channel between them with the help of a common server. In this paper, we propose an efficient three-party PAKE protocol for the client-to-client applications, which has much better performance than the existing generic constructions. We also show that the proposed protocol is secure in a formal security model.

Analysis on Security Vulnerability of Password-based key Exchange and Authentication Protocols (패스워드 기반 키 교환 및 인증 프로토콜의 안전성에 관한 분석)

  • Park, Choon-Sik
    • Journal of Korea Multimedia Society
    • /
    • v.11 no.10
    • /
    • pp.1403-1408
    • /
    • 2008
  • A number of three party key exchange protocols using smart card in effort to reduce server side workload and two party password based key exchange authentication protocols has been proposed. In this paper, we introduce the survey and analysis on security vulnerability of smart card based three party authenticated key exchange protocols. Furthermore, we analyze Kwak et al's password based key exchange and authentication protocols which have shown security weakness such as Shim et al's off-line password guessing attack and propose the countermeasure to deter such attack.

  • PDF

New Password-Authenticated Key Exchange Protocol based on MTI (MTI 기반의 새로운 PAK프로토콜 제안)

  • 김락현;염흥열
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2003.07a
    • /
    • pp.126-132
    • /
    • 2003
  • 본 논문에서는 PAK(Password-Authenticated Key Exchange)와 PAK-R 프로토콜 기반으로 세가지 형태의 MTI(Matsumoto, Takashima, Imai) 키 일치 프로토콜을 적용하여, 안전한 보안성 요구 조건을 만족하면서 다양한 시스템에 적용할 수 있는, 패스워드-인증 키 분배 프로토콜을 소개하고자 한다. PAK 패스워드-인증 키 프로토콜은 통신 주체의 짧은 길이의 패스워드를 이용하여 통신 주체의 식별 및 상호 인증 후, 크기가 긴 세션키를 분배하기 위한 프로토콜이다. 또한 PAK는 이미 안전한 보안성이 증명되었고,[8,9,10]이를 이용한 많은 패스워드 기반의 인증 키 분배 프로토콜이 소개되었다. 본 논문은 이미 안정성 검증이 된 키 분배 프로토콜을 이용하여 새로운 PAK 프로토콜을 제안하며, credential의 이용성을 보장하기 위한 다양한 응용에 적용될 수 있다.

  • PDF

Remark on the Security of Password Schemes (패스워드 인증 키교환 프로토콜의 안전성에 관한 고찰)

  • 이희정
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.4
    • /
    • pp.161-168
    • /
    • 2003
  • We discuss the security of two famous password authenticated key exchange protocols, EKE2 and PAK. We introduce ′insider assisted attack′ Based on this assumption we point out weakness of the security of EKE2 and PAK protocols. More precisely, when the legitimate user wants to find other user′s password, called "insider-assisted attacker", the attacker can find out many ephemeral secrets of the server and then after monitoring on line other legitimate user and snatching some messages, he can guess a valid password of the user using the previous information. Of course for this kind of attack there are some constraints. Here we present a full description of the attack and point out that on the formal model, one should be very careful in describing the adversary′s behavior.

Verifier-Based Multi-Party Password-Authenticated Key Exchange for Secure Content Transmission (그룹 사용자간 안전한 콘텐츠 전송을 위한 검증자를 이용한 패스워드 기반 다자간 키 교환 프로토콜)

  • Kwon, Jeong-Ok;Jeong, Ik-Rae;Choi, Jae-Tark;Lee, Dong-Hoon
    • Journal of Broadcast Engineering
    • /
    • v.13 no.2
    • /
    • pp.251-260
    • /
    • 2008
  • In this paper, we present two verifier-based multi-party PAKE (password-authenticated key exchange) protocols. The shared key can be used for secure content transmission. The suggested protocols are secure against server compromise attacks. Our first protocol is designed to provide forward secrecy and security against known-key attacks. The second protocol is designed to additionally provide key secrecy against the server which means that even the server can not know the session keys of the users of a group. The suggested protocols have a constant number of rounds are provably secure in the standard model. To the best of our knowledge, the proposed protocols are the first secure multi-party PAKE protocols against server compromise attacks in the literature.

Efficiency in the Password-based Authenticated Key Exchange (패스워드 기반 인증 키 공유 프로토콜에서의 효율성)

  • 황정연;홍석희;박혜영;장상운;박영호;류희수
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.12 no.6
    • /
    • pp.113-124
    • /
    • 2002
  • Proposals for a password-based authenticated key exchange protocol that have been published so far almost concentrated on the provable security. But in a real environment such as mobile one, efficiency is a critical issue as security. In this paper we discuss the efficiency of PAK which is secure in the random oracle model [l]. Among 4 hash functions in PAK the instantiation for $H_1$, which outputs a verifier of the password, has most important effect on the computational efficiency. We analyze two different methods for $H_1$ suggested in [1] and we show that $H_{lq}$ has merits in transforming to EC or XTR variants as well as in the efficiency. As an efficient variant. we propose PAK2-EC and PAK2-XTR which do not require any additional step converting a hash output into a point of elliptic curve or XTR subgroup when compared to the previous work on the PAK[2]. Finally we compare PAK2 with the password-based authenticated key exchange protocols such as SPEKE, SRP, and AMP.