scholarly journals An Authenticated Key Agreement Protocol Using Isogenies Between Elliptic Curves

2011 ◽  
Vol 6 (2) ◽  
pp. 258 ◽  
Author(s):  
Debiao He ◽  
Jianhua Chen ◽  
Jin Hu
Keyword(s):  
Key Agreement ◽  
Quantum Computer ◽  
Impersonation Attack ◽  
Authenticated Key Agreement ◽  
Session Key ◽  
Quantum Register ◽  
Public Key Cryptosystems ◽  
Key Agreement Protocol ◽  
Security Properties ◽  
Key Compromise Impersonation

All the current public-key cryptosystems will become insecure when size of a quantum register is sufficient. An authenticated key agreement protocol, which is against the attack of quantum computer, is proposed. The proposed protocol can provide the security properties known session key security, forward security, resistance to key-compromise impersonation attack and to unknown key-share attack, key control. We also prove its security in a widely accepted model.

scholarly journals Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

2014 ◽  
Vol 2014 ◽  
pp. 1-15 ◽  
Author(s):  
Younsung Choi ◽  
Junghyun Nam ◽  
Donghoon Lee ◽  
Jiye Kim ◽  
Jaewook Jung ◽  
...  
Keyword(s):  
Key Agreement ◽  
User Authentication ◽  
Mutual Authentication ◽  
Smart Cards ◽  
Security Requirements ◽  
Impersonation Attack ◽  
Single Server ◽  
Authenticated Key Agreement ◽  
Session Key ◽  
Authentication Schemes

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

scholarly journals An anonymous SIP authenticated key agreement protocol based on elliptic curve cryptography

2021 ◽  
Vol 19 (1) ◽  
pp. 66-85
Author(s):  
Yanrong Lu ◽  
◽  
Dawei Zhao ◽  
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curve Cryptography ◽  
Key Agreement ◽  
Internet Protocol ◽  
Authentication Scheme ◽  
Simulation Tool ◽  
Authenticated Key Agreement ◽  
Key Agreement Protocol ◽  
Secure Authentication ◽  
Key Compromise Impersonation

<abstract><p>Designing a secure authentication scheme for session initial protocol (SIP) over internet protocol (VoIP) networks remains challenging. In this paper, we revisit the protocol of Zhang, Tang and Zhu (2015) and reveal that the protocol is vulnerable to key-compromise impersonation attacks. We then propose a SIP authenticated key agreement protocol (AKAP) using elliptic curve cryptography (ECC). We demonstrate the correctness of the protocol using Burrows-Abadi-Needham (BAN), and its security using the AVISPA simulation tool. We also evaluate its performance against those of Zhang, Tang and Zhu, and others.</p></abstract>

scholarly journals Security Analysis of a Lightweight Identity-Based Two-Party Authenticated Key Agreement Protocol for IIoT Environments

2021 ◽  
Vol 2021 ◽  
pp. 1-6
Author(s):  
Yuting Li ◽  
Qingfeng Cheng ◽  
Wenbo Shi
Keyword(s):  
Internet Of Things ◽  
Social Life ◽  
Key Agreement ◽  
Security Analysis ◽  
Impersonation Attack ◽  
Industrial Internet Of Things ◽  
Authenticated Key Agreement ◽  
Key Agreement Protocol ◽  
Industrial Internet ◽  
Identity Based

Internet of Things brings convenience to the social life, at the same time, putting forward higher requirements for the security of data transmission and storage. Security incidents based on industrial Internet of Things have occurred frequently recently, which should be given full consideration. The identity-based authenticated key agreement protocol can solve these security threats to a certain extent. Recently, a lightweight identity-based authenticated key agreement protocol for Industrial Internet of Things, called ID-2PAKA protocol, was claimed to achieve secure authentication and meet security properties. In this paper, we show that the ID-2PAKA protocol is insecure in identity authentication and cannot resisting ephemeral key compromise impersonation attack.

scholarly journals A New Enhanced Authentication Mechanism Using Session Key Agreement Protocol

2018 ◽  
Vol 18 (4) ◽  
pp. 61-74 ◽  
Author(s):  
S. Usha ◽  
S. Kuppuswami ◽  
M. Karthik
Keyword(s):  
Information Security ◽  
Key Agreement ◽  
Cryptographic Protocols ◽  
Personal Privacy ◽  
Session Key ◽  
Driving License ◽  
Key Agreement Protocol ◽  
Authentication Mechanism ◽  
Session Key Agreement ◽  
Security Properties

Abstract Cryptographic protocols are the backbone of information security. Unfortunately the security of several important components of these protocols can be neglected. This causes violation of personal privacy and threats to democracy. Integration of biometrics with cryptography can overcome this problem. In this paper an enhanced session key agreement protocol which uses the data derived from iris signature is suggested to improve the security of biometric based applications like e-Passport, e-Driving license, etc. The authenticity and security properties of the proposed protocol are analyzed using ProVerif tool and demonstrate it satisfies the intended properties.

scholarly journals Efficient and Secure Biometric-Based User Authenticated Key Agreement Scheme with Anonymity

2018 ◽  
Vol 2018 ◽  
pp. 1-14 ◽  
Author(s):  
Dongwoo Kang ◽  
Jaewook Jung ◽  
Hyoungshick Kim ◽  
Youngsook Lee ◽  
Dongho Won
Keyword(s):  
Key Agreement ◽  
Time Synchronization ◽  
User Authentication ◽  
Security Level ◽  
Authenticated Key Agreement ◽  
Session Key ◽  
Electronic Transactions ◽  
Security Properties ◽  
And Performance ◽  
High Possibility

At present, a number of users employ an authentication protocol so as to enjoy protected electronic transactions in wireless networks. In order to establish an efficient and robust the transaction system, numerous researches have been conducted relating to authentication protocols. Recently, Kaul and Awasthi presented an user authentication and key agreement scheme, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent two kinds of attacks, including off-line password guessing attacks and user impersonation attacks. Second, user anonymity rule cannot be upheld. Third, session key can be compromised by an attacker. Fourth, there is high possibility that the time synchronization trouble occurs. Therefore, we suggest an upgraded version of the user authenticated key agreement method that provides enhanced security. Our security and performance analysis shows that compared, to other associated protocols, our method not only improves the security level but also ensures efficiency.

Weakness and Improvement of an Efficient Key Agreement Protocol

2014 ◽  
Vol 599-601 ◽  
pp. 1816-1819
Author(s):  
Shuang Qing Liu ◽  
Liang Xia ◽  
Meng Zi Zhang ◽  
Bao Ling Xie
Keyword(s):  
Key Agreement ◽  
Original Version ◽  
Impersonation Attack ◽  
Key Agreement Protocol ◽  
Diffie Hellman ◽  
Key Compromise Impersonation

Xiao and Li proposed protocol XKAS and claimed it to be an efficient and secure two-party authenticated Diffie-Hellman key agreement protocol. In this letter, we show that the protocol is vulne- rable to a key-compromise impersonation attack. We also proposed XKAS+, which can withstand such attacks. The new protocol enjoys this property at the expense of a slight increase in computational workload with respect to the original version.

scholarly journals A Lightweight Authenticated Key Agreement Protocol Using Fog Nodes in Social Internet of Vehicles

2021 ◽  
Vol 2021 ◽  
pp. 1-14
Author(s):  
Tsu-Yang Wu ◽  
Xinglan Guo ◽  
Lei Yang ◽  
Qian Meng ◽  
Chien-Ming Chen
Keyword(s):  
Key Agreement ◽  
Formal Analysis ◽  
Fog Computing ◽  
Mutual Authentication ◽  
The Internet ◽  
Time Data ◽  
Authenticated Key Agreement ◽  
Session Key ◽  
Internet Of Vehicles ◽  
Key Agreement Protocol

Recently, there has been rapid growth in the Internet of things, the Internet of vehicles, fog computing, and social Internet of vehicles SIoV , which can generate large amounts of real-time data. Now, researchers have begun applying fog computing to the SIoV to reduce the computing pressure on cloud servers. However, there are still security challenges in SIoV . In this paper, we propose a lightweight and authenticated key agreement protocol based on fog nodes in SIoV . The protocol completes the mutual authentication between entities and generates the session key for subsequent communication. Through a formal analysis of the Burrows–Abadi–Needham (BAN) logic, real-oracle random (ROR) model, and ProVerif, the security, validity, and correctness of the proposed protocol are demonstrated. In addition, informal security analysis shows that our proposed protocol can resist known security attacks. We also evaluate the performance of the proposed protocol and show that it achieves better performance in terms of computing power and communication cost.

scholarly journals Pragmatic authenticated key agreement for IEEE Std 802.15.6

2021 ◽  
Author(s):  
Haibat Khan ◽  
Benjamin Dowling ◽  
Keith M. Martin
Keyword(s):  
Elliptic Curve ◽  
Key Agreement ◽  
Security And Privacy ◽  
Authenticated Key Agreement ◽  
Body Area ◽  
Security Vulnerabilities ◽  
Key Agreement Protocol ◽  
Privacy Model ◽  
Security Properties ◽  
Agreement Protocols

AbstractThe IEEE Std 802.15.6 is the latest international standard for Wireless Body Area Networks. The security of communication in this standard is based upon four elliptic-curve-based key agreement protocols. These protocols have been shown to exhibit serious security vulnerabilities but surprisingly, do not provision any privacy guarantees. To date, no suitable key agreement protocol has been proposed which fulfills all the requisite objectives for IEEE Std 802.15.6. In this paper, two key agreement protocols are presented which, in addition to being efficient and provisioning advance security properties, also offer the essential privacy attributes of anonymity and unlinkability. We develop a formal security and privacy model in an appropriate complexity-theoretic framework and prove the proposed protocols secure in this model.

scholarly journals A Provably Secure and Lightweight Identity-Based Two-Party Authenticated Key Agreement Protocol for Vehicular Ad Hoc Networks

2019 ◽  
Vol 2019 ◽  
pp. 1-13
Author(s):  
Quanrun Li ◽  
Ching-Fang Hsu ◽  
Kim-Kwang Raymond Choo ◽  
Debiao He
Keyword(s):  
Ad Hoc Networks ◽  
Key Agreement ◽  
Ad Hoc ◽  
Smart Cities ◽  
Authenticated Key Agreement ◽  
Session Key ◽  
Key Agreement Protocol ◽  
Identity Based ◽  
Hoc Networks ◽  
Agreement Protocols

As an important part of smart cities, vehicle ad hoc networks (VANETs) have attracted much attention from both industry and academia. In a VANET, generating a secure session key to facilitate subsequent data-in-transit transfer between two or more vehicles is crucial, which can be achieved by using an authenticated key agreement protocol. However, most of the existing identity-based two-party authenticated key agreement protocols have significant computational requirements or are known to be insecure. Thus, in this paper, a secure and efficient identity-based two-party authenticated key agreement protocol is presented by us. This protocol does not involve complex bilinear pairing computations and can generate a valid session key in two rounds. The security of the proposed protocol is proved in the eCK model which has better capability to describe a protocol’s security than the famous CK model, and it has been widely used in the security proof of ID-based key agreement protocols currently. Additionally, we also evaluate its performance for potential utility in a VANET.

Sign in / Sign up

Export Citation Format

Share Document