• Title/Summary/Keyword: key establishment protocol

Search Result 60, Processing Time 0.023 seconds

Security Weaknesses in Harn-Lin and Dutta-Barua Protocols for Group Key Establishment

  • Nam, Jung-Hyun;Kim, Moon-Seong;Paik, Ju-Ryon;Won, Dong-Ho
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.6 no.2
    • /
    • pp.751-765
    • /
    • 2012
  • Key establishment protocols are fundamental for establishing secure communication channels over public insecure networks. Security must be given the topmost priority in the design of a key establishment protocol. In this work, we provide a security analysis on two recent key establishment protocols: Harn and Lin's group key transfer protocol and Dutta and Barua's group key agreement protocol. Our analysis shows that both the Harn-Lin protocol and the Dutta-Barua protocol have a flaw in their design and can be easily attacked. The attack we mount on the Harn-Lin protocol is a replay attack whereby a malicious user can obtain the long-term secrets of any other users. The Dutta-Barua protocol is vulnerable to an unknown key-share attack. For each of the two protocols, we present how to eliminate their security vulnerabilities. We also improve Dutta and Barua's proof of security to make it valid against unknown key share attacks.

Key Establishment and Pairing Management Protocol for Downloadable Conditional Access System Host Devices

  • Koo, Han-Seung;Kwon, O-Hyung;Lee, Soo-In
    • ETRI Journal
    • /
    • v.32 no.2
    • /
    • pp.204-213
    • /
    • 2010
  • In this paper, we investigate the possible security threats to downloadable conditional access system (DCAS) host devices. We then propose a DCAS secure micro (SM) and transport processor (TP) security protocol that counters identified security threats using a secure key establishment and pairing management scheme. The proposed protocol not only resists disclosed SM ID and TP ID threats and indirect connection between TA and TP threats, but also meets some desirable security attributes such as known key secrecy, perfect forward secrecy, key compromised impersonation, unknown key-share, and key control.

Relations among Security Models for Authenticated Key Exchange

  • Kwon, Jeong Ok;Jeong, Ik Rae
    • ETRI Journal
    • /
    • v.36 no.5
    • /
    • pp.856-864
    • /
    • 2014
  • Usually, key-establishment protocols are suggested in a security model. However, there exist several different security models in the literature defined by their respective security notions. In this paper, we study the relations between the security models of key establishment. For the chosen security models, we first show that some proven key-establishment protocols are not secure in the more restricted security models. We then suggest two compilers by which we can convert a key-establishment protocol that is secure in a specific security model into a key-establishment protocol that is still secure in a more restricted security model.

(A New Key Recovery Protocol of Wireless Authentication Key Establishment for the M-Commerce) (M-Commerce상에서 키 복구를 지원하는 무선 인증 및 키 설립 프로토콜)

  • 이용호;이임영
    • Journal of KIISE:Information Networking
    • /
    • v.30 no.3
    • /
    • pp.371-376
    • /
    • 2003
  • As Mobile Internet gets more popular, the switchover of E-Commerce to M-Commerce gets faster and many service providers offer diverse M-Commerce service by using mobile technology. Also, as M-Commerce makes rapid progress, the security protocol gets more widely recognized for its significance. In particular, WAKE(Wireless Authentication and Key Establishment) protocol carried out wirelessly is of great importance, since the user and service provider must get through to carry out the M-Commerce. Key recovery method is a part of the key management in order to provide an emergency recovery of key whenever necessary, like when the user lost the key or the cryptosystem was illegally used. The ASPeCT project first tried to support the key recovery function in WAKE Protocol Since then, a variety of WAKE Key Recovery protocols have been proposed. In this thesis, problems of WAKE Key Recovery protocols proposed so far are analyzed and new WAKE Key Recovery protocol is suggested to solve those problems.

An Inter-provider Roaming Authentication and Key Establishment Protocol Providing Anonymity in IEEE 802.16e Networks (IEEE 802.16e 네트워크에서 익명성을 제공하는 사업자간 로밍 인증 및 키 설정 프로토콜)

  • Park, Young-Man;Park, Sang-Kyu
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.31 no.11C
    • /
    • pp.1023-1029
    • /
    • 2006
  • In this Paper, we present a novel authentication and key exchange(AKE) protocol for inter-NSP(provider) roaming in IEEE 802.16e networks. The proposed protocol allows performing both user and device authentication jointly by using two different authentication credentials and Provides user anonymity and session key establishment. Also, this protocol requires only two round number message exchange between foreign network and home network.

A Comparative Analysis of EAP Authentication/Key-Establishment Protocols (EAP 인증/키설정 프로토콜 비교분석)

  • Park DongGook;Cho Kyung-Ryong
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.9 no.6
    • /
    • pp.1323-1332
    • /
    • 2005
  • EAP (Extensible authentication protocol) is a sort of general framework for authentication rather than a specific authentication protocol. An important consequence of this is that EAP can accommodate a variety of authentication/key-establishment protocols for different internet access networks possibly integrated to a common IP core network This paper tries a comparative analysis of several specific authentication/key establishment protocols for EAP, and suggest a strategic viewpoint toward the question: which one to un. In addition, we tried to make things clear about an intellectual property right issue with regard to some password-based protocols.

Certificate Issuing Protocol Supporting WAKE-KR (WAKE-KR을 지원하는 인증서 발행 프로토콜)

  • 이용호;이임영
    • Journal of Korea Multimedia Society
    • /
    • v.6 no.2
    • /
    • pp.288-300
    • /
    • 2003
  • As the importance of information security gets recognized seriously, ciphers technology gets used more. Particularly, since public key ciphers are easier to control the key than symmetric key ciphers and also digital signature is easily implemented, public key ciphers are increased used. Nowadays, public key infrastructure is established and operated to use efficiently and securely the public key ciphers. In the public key infrastructure, the user registers at the certificate authority to generate the private key and public key pair and the certificate authority issues the certificate on the public key generated. Through this certificate, key establishment between users is implemented and encryption communication becomes possible. But, control function of session key established in the public key infrastructure is not provided. In this thesis, the certificate issuing protocol to support the key recovery of the session key established during the wireless authentication and key establishment is proposed.

  • PDF

A Robust and Efficient Anonymous Authentication Protocol in VANETs

  • Jung, Chae-Duk;Sur, Chul;Park, Young-Ho;Rhee, Kyung-Hyune
    • Journal of Communications and Networks
    • /
    • v.11 no.6
    • /
    • pp.607-614
    • /
    • 2009
  • Recently, Lu et al. proposed an efficient conditional privacy preservation protocol, named ECPP, based on group signature scheme for generating anonymous certificates from roadside units (RSUs). However, ECPP does not provide unlinkability and traceability when multiple RSUs are compromised. In this paper, we make up for the limitations and propose a robust and efficient anonymous authentication protocol without loss of efficiency as compared with ECPP. Furthermore, in the proposed protocol, RSUs can issue multiple anonymous certificates to an OBU to alleviate system overheads for mutual authentication between OBUs and RSUs. In order to achieve these goals, we consider a universal re-encryption scheme and identity-based key establishment scheme as our building blocks. Several simulations are conducted to verify the efficiency and effectiveness of the proposed protocol by comparing with those of the existing ECPP.

Security Proof for a Leakage-Resilient Authenticated Key Establishment Protocol

  • Shin, Seong-Han;Kazukuni Kobara;Hideki Imai
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.4
    • /
    • pp.75-90
    • /
    • 2004
  • At Asiacrypt 2003, Shin et al., have proposed a new class for Authenticated Key Establishment (AKE) protocol named Leakage-Resilient AKE ${(LR-AKE)}^{[1]}$. The authenticity of LR-AKE is based on a user's password and his/her stored secrets in both client side and server side. In their LR-AKE protocol, no TRM(Tamper Resistant Modules) is required and leakage of the stored secrets from $.$my side does not reveal my critical information on the password. This property is useful when the following situation is considered :(1) Stored secrets may leak out ;(2) A user communicates with a lot of servers ;(3) A user remembers only one password. The other AKE protocols, such as SSL/TLS and SSH (based or PKI), Password-Authenticated Key Exchange (PAKE) and Threshold-PAKE (T-PAKE), do not satisfy that property under the above-mentioned situation since their stored secrets (or, verification data on password) in either the client or the servers contain enough information to succeed in retrieving the relatively short password with off-line exhaustive search. As of now, the LR-AKE protocol is the currently horn solution. In this paper, we prove its security of the LR-AKE protocol in the standard model. Our security analysis shows that the LR-AKE Protocol is provably secure under the assumptions that DDH (Decisional Diffie-Hellman) problem is hard and MACs are selectively unforgeable against partially chosen message attacks (which is a weaker notion than being existentially unforgeable against chosen message attacks).

Implementation of key establishment protocol using Signcryption for Secure RTP

  • Kim, Hyung-Chan;Kim, Jong-Won;Lee, Dong-Ik
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2002.10c
    • /
    • pp.439-441
    • /
    • 2002
  • Real-time Transport Protocol (RTP) is widely used in VoIP stacks charging the multimedia data delivery. Concerning with payload protection of RTP packets, Secure RTP has been discussed in IETF AVT group to provide confidentiality and authentication features using block ciphering and message authentication coding. However, Secure RTP only concentrates on payload protection. Signcryption is a good candidate for key agreement. This paper proposes a key establishment protocol using Signcryption and shows example implementation of a secure VoIP application based on Secure RTP with the proposed scheme.

  • PDF