• Title/Summary/Keyword: Key Exchange/Agreement

Search Result 47, Processing Time 0.024 seconds

Pairwise Key Agreement Protocols Using Randomness Re-use Technique (난수 재사용 기법을 이용한 다중 키 교환 프로토콜)

  • Jeong, Ik-Rae;Lee, Dong-Hoon
    • The KIPS Transactions:PartC
    • /
    • v.12C no.7 s.103
    • /
    • pp.949-958
    • /
    • 2005
  • In the paper we study key agreement schemes when a party needs to establish a session key with each of several parties, thus having multiple session keys. This situation can be represented by a graph, tailed a key graph, where a vertex represents a party and an edge represents a relation between two parties sharing a session key. graphs to establish all session keys corresponding to all edges in a key graph simultaneously in a single session. A key agreement protocol of a key graph is a natural extension of a two-party key agreement protocol. We propose a new key exchange model for key graphs which is an extension of a two-party key exchange model. using the so-called randomness re-use technique which re-uses random values to make session keys for different sessions, we suggest two efficient key agreement protocols for key graphs based on the decisional Diffie-Hellman assumption, and prove their securities in the key exchange model of key graphs. Our first scheme requires only a single round and provides key independence. Our second scheme requires two rounds and provides forward secrecy. Both are proven secure In the standard model. The suggested protocols are the first pairwise key agreement protocols and more efficient than a simple scheme which uses a two-party key exchange for each necessary key. Suppose that a user makes a session key with n other users, respectively. The simple scheme's computational cost and the length of the transmitted messages are increased by a factor of n. The suggested protocols's computational cost also depends on n, but the length of the transmitted messages are constant.

An Enhancement of Simple Authenticated Key Agreement Protocol (개선된 '간단한 인증키 동의 (Simple Authenticated Key Agreement)'프로토콜)

  • Kim Young-Sin;Kim Yoon-Jeong;Hwang Jun
    • Journal of Internet Computing and Services
    • /
    • v.4 no.6
    • /
    • pp.95-102
    • /
    • 2003
  • The Diffle-Hellman Key Exchange scheme can produce a common session key between the two communicators, but its problem is that it makes a man-in-the middle attack possible. To solve problems like these, several protocols have been put forward, and the Simple Authenticated Key Agreement (SAKA) Protocol is among them. This protocol has been suggested by Seo-Sweeney, Tseng, and Ku-Wang, respectively, In this paper, we will put forward a new protocol that has been improved from all the original protocols mentioned above, but is still safe and quick to use, While the existing protocol divides the common session key production stage and the verification stage, the protocol suggested in this paper takes care of both of those stages simultaneously, therefore improving the processing performance.

  • PDF

Performance Analysis of Key Exchange Protocols on ETSI Standard (ETSI 표준 키 교환 프로토콜의 성능 분석)

  • Lee, Young-Seok;Choi, Hoon
    • The Journal of Korea Institute of Information, Electronics, and Communication Technology
    • /
    • v.8 no.6
    • /
    • pp.520-527
    • /
    • 2015
  • The key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, key confirmation, and key freshness. In this paper, we present the security functions in ETSI(European Telecommunications Standards Institute), and analyze the specification of the security primitives and the key exchange protocols for the authenticated key agreement between RCST(Return Channel Satellite Terminal) and NCC(Network Control Centre). ETSI key exchange protocols consists of Main Key Exchange, Quick Key Exchange, and Explicit Key Exchange. We analyse the pros and cons of key exchange protocols based on performance analysis and performance evaluation.

Password-Based Key Exchange Protocols for Cross-Realm (Cross-Realm 환경에서 패스워드기반 키교환 프로토콜)

  • Lee, Young Sook
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.5 no.4
    • /
    • pp.139-150
    • /
    • 2009
  • Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. There have been many protocols proposed over the years for password authenticated key exchange in the three-party scenario, in which two clients attempt to establish a secret key interacting with one same authentication server. However, little has been done for password authenticated key exchange in the more general and realistic four-party setting, where two clients trying to establish a secret key are registered with different authentication servers. In fact, the recent protocol by Yeh and Sun seems to be the only password authenticated key exchange protocol in the four-party setting. But, the Yeh-Sun protocol adopts the so called "hybrid model", in which each client needs not only to remember a password shared with the server but also to store and manage the server's public key. In some sense, this hybrid approach obviates the reason for considering password authenticated protocols in the first place; it is difficult for humans to securely manage long cryptographic keys. In this work, we introduce a key agreement protocol and a key distribution protocol, respectively, that requires each client only to remember a password shared with its authentication server.

Secure Authenticated key Exchange Protocol using Signcryption Scheme (Signcryption을 이용한 안전한 인증된 키 교환 프로토콜 연구)

  • Kim Rack-Hyun;Youm Heung-Youl
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.16 no.4
    • /
    • pp.139-146
    • /
    • 2006
  • A Signcryption proposed by Yuliang Zheng in 1997 is a hybrid public key primitive that combines a digital signature and a encryption. It provides more efficient method than a straightforward composition of an signature scheme with a encryption scheme. In a mobile communication environment, the authenticated key agreement protocol should be designed to have lower computational complexity and memory requirements. The password-based authenticated key exchange protocol is to authenticate a client and a server using an easily memorable password. This paper proposes an secure Authenticated Key Exchange protocol using Signcryption scheme. In Addition we also show that it is secure and a more efficient that other exiting authenticated key exchange protocol.

EAP Using Split Password-based Authenticated Key Agreement Protocol for IEEE Std 802.1x User Authentication (IEEE Std 802.1x 사용자 인증을 위한 분할된 패스워드 인증 기반 EAP)

  • Ryu, Jong-Ho;Seo, Dong-Il;Youm, Heung-Youl
    • Journal of Internet Computing and Services
    • /
    • v.6 no.5
    • /
    • pp.27-43
    • /
    • 2005
  • EAP provides authentication for each entity based on IEEE Std 802.1x Wireless lAN and RADIUS/DIAMETER protocol, and it uses certificate, dual scheme(e.g., password and token) with the authentication method. The password-based authentication scheme for authenticated key exchange is the most widely-used user authentication method due to various advantages, such as human-memorable simplicity, convenience, mobility, A specific hardware device is also unnecessary, This paper discusses user authentication via public networks and proposes the Split Password-based Authenticated Key Exchange (SPAKE), which is ideal for both authenticating users and exchanging session keys when using a subsequent secure communication over untrusted network, And then we provides EAP authentication framework EAP-SPAKE by using it.

  • PDF

Efficient password-based key exchange protocol (효율적인 패스워드 기반 키 분배 프로토콜)

  • Won, Dong-Kyu;Ahn, Gi-Bum;Kwak, Jin;Won, Dong-Ho
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2003.11c
    • /
    • pp.1759-1762
    • /
    • 2003
  • 최근 키 분배 프로토콜과는 다르게 하드웨어에 암호키를 저장하여 사용하는 것과 달리, 사용자가 기억할 수 있는 길이의 패스워드(password)를 사용해 서버와의 인증과 키 교환을 동시에 수행하는 패스워드 기반 키 분배 프로토콜이 제안되고 있다. 본 논문에서는 이러한 패스워드 기반의 키 분배 프로토콜 중 BPKA(Balanced Password-authenticated Key Agreement)에 속하는 DH-EKE(Diffie-Hellman Encrypted Key Exchange), PAK(Password-Authenticated Key exchange), SPEKE(Simple Password Exponential Key Exchange) 프로토콜을 비교 분석하고, 이를 바탕으로 기존의 BPKA 프로토콜에 비해 적은 연산량을 가지면서 사용자와 서버가 각기 다른 정보를 갖는 패스워드-검증자 기반 프로토콜을 제안한다. 본 논문에서 제안하는 패스워드 기반 키 분배 프로토콜의 안전성 분석을 위해 Active Impersonation 과 Forward Secrecy, Off-line dictionary attack, Man-in-the -middle Attack 등의 공격모델을 적용하였다.

  • PDF

Analysis on Zhou et al.'s ID-Based Authenticated Group Key Agreement To Exchange Secure Contents among Group Users (그룹 사용자간 안전한 콘텐츠 전송을 위한 Zhou의 ID-기반의 인증된 그룹 키 교환 프로토콜 분석)

  • Choi, Jae-Tark;Kwon, Jeong-Ok;Yoon, Seok-Koo
    • Journal of Broadcast Engineering
    • /
    • v.13 no.1
    • /
    • pp.79-85
    • /
    • 2008
  • An authenticated group key agreement protocol allows a group of parties communicating over an insecure network to share a common secret key. In this paper, we show that Zhou et al.'s ID-based authenticated group key agreement schemes do not provide forward secrecy.

An efficient Authentication and Key Agreement Protocol in Mobile Systems (이동 시스템에서의 효율적인 인증 및 키 교환 프로토콜)

  • 최영근;김순자
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.11 no.2
    • /
    • pp.73-82
    • /
    • 2001
  • In this paper we propose an efficient authentication and key agreement protocol which has been designed specifically for use with low powered computationally weak equipment such as Cellular phone and PDA(Personal Digital Assistant). Imple-menting the protocol based on the Rabin cryptosystem provides the efficiency requirements for mobile communications including minimum number of passes and low computational lead. The paper outlines the new protocol, examines it s various aspects, and compares them to those representative authentication and key agreement protocols.

Efficient Password-based Key Exchange Protocol for Two users Registered in a Server (동일 서버를 사용하는 두 사용자간 효율적인 패스워드 기반의 키 교환 프로토콜)

  • Shin Seong-chul;Lee Sung-woon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.6
    • /
    • pp.127-133
    • /
    • 2005
  • This paper presents a password-based key exchange protocol to guarantee secure communications for two users registered in a sever. In this protocol, the server is only responsible for the legality of the users but does not how the session key agreed between them. The protocol can resist the various attacks including server compromise attack and provide the perfect forward secrecy. The proposed protocol is efficient in terms of computation cost because of not employing the sewer's public key.