×

Ephemeral-secret-leakage secure ID-based three-party authenticated key agreement protocol for mobile distributed computing environments. (English) Zbl 1423.94130

Summary: A three-party Authenticated Key Agreement (AKA) protocol in the distributed computing environment is a client that requests services from an application server through an authentication server. The authentication server is responsible for authenticating the participating entities and helping them to construct a common session key. Adopting the Key Transfer Authentication Protocol (KTAP) in such an environment, the authentication server is able to monitor the communication messages to prevent and trace network crime. However, the session key in the KTAP setting is created only by the authentication server and is vulnerable to the resilience of key control. On the other hand, with the rapid growth of network technologies, mobile devices are widely used by people to access servers in the Internet. Many AKA protocols for mobile devices have been proposed, however, most protocols are vulnerable to Ephemeral Secret Leakage (ESL) attacks which compromise the private keys of clients and the session key by an adversary from eavesdropped messages. This paper proposes a novel ESL-secure ID-based three-party AKA protocol for mobile distributed computing environments based on ESL-secure ID-based Authenticated Key Exchange (ID-AKE) protocol. The proposed protocol solves the key control problem in KTAP while retaining the advantages of preventing and tracing network crime in KTAP and also resists ESL attacks. The AVISPA tool simulation results confirm the correctness of the protocol security analysis. Furthermore, we present a parallel version of the proposed ESL-secure ID-based three-party AKA protocol that is communication-efficient.

MSC:

94A62 Authentication, digital signatures and secret sharing
94A60 Cryptography

Software:

CMQV+; AVISPA
PDFBibTeX XMLCite
Full Text: DOI

References:

[1] Wen, H.A.; Lin, C.L.; Hwang, T.; Provably secure authenticated key exchange protocols for low power computing clients; Comput. Secur.: 2006; Volume 25 ,106-113.
[2] Wong, D.S.; Chan, A.H.; Efficient and mutually authenticated key exchange for low power computing devices; Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: ; ,272-289. · Zbl 1067.94567
[3] Jakobsson, M.; Pointcheval, D.; Mutual Authentication for Low-Power Mobile Devices; Financ. Cryptogr.: 2002; Volume 2339 ,178-195. · Zbl 1051.94512
[4] Choi, K.; Hwang, J.; Lee, D.; Seo, I.; ID-based Authenticated Key Agreement for Low-Power Mobile Devices; Inf. Sec. Priv.: 2005; Volume 3574 ,494-505. · Zbl 1127.94360
[5] Chuang, Y.H.; Tseng, Y.M.; Towards generalized ID-based user authentication for mobile multi-server; Int. J. Commun. Syst.: 2012; Volume 25 ,447-460.
[6] Wu, T.Y.; Tseng, Y.M.; An efficient user authentication and key exchange protocol for mobile client-server environment; Comput. Netw.: 2010; Volume 53 ,1062-1070. · Zbl 1208.68066
[7] Tseng, Y.M.; Tseng, L.; Ephemeral-Secret-Leakage Secure ID-Based Authenticated Key Exchange Protocol for Mobile Client-Server Environments; Proceedings of the 24th Cryptology and Information Security Conference: ; .
[8] Diffie, W.; Hellman, M.E.; New directions in cryptography; IEEE Trans. Inf. Theory: 1976; Volume 22 ,644-654. · Zbl 0435.94018
[9] Tsai, C.S.; Lee, C.C.; Hwang, M.S.; Password Authentication Schemes: Current Status and Key Issues; IJINS: 2006; Volume 3 ,101-115.
[10] Shamir, A.; Identity-Based Cryptosystems and Signature Schemes; Adv. Cryptol.: 1985; Volume 5 ,47-53. · Zbl 1359.94626
[11] Boneh, D.; Franklin, M.; Identity-Based Encryption from the Weil Pairing; Proceedings of the 21st Annual International Cryptology Conference: ; ,213-229. · Zbl 1002.94023
[12] Boneh, D.; Boyen, X.; Secure Identity Based Encryption without Random Oracles; Proceedings of the 24th Annual International Cryptology Conference: ; ,443-459. · Zbl 1104.94019
[13] Waters, B.; Efficient Identity-Based Encryption without Random Oracles; Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques: ; ,114-127. · Zbl 1137.94360
[14] Gentry, C.; Practical Identity-Based Encryption without Random Oracles; Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques: ; ,445-464. · Zbl 1140.94340
[15] Joux, A.; A One Round Protocol for Tripartite Diffie-Hellman; Algorithm. Number Theory: 2000; Volume 1838 ,385-393. · Zbl 1029.94026
[16] Al-Riyami, S.; Paterson, K.; Tripartite Authenticated Key Agreement Protocols from Pairings; Proceedings of the 9th IMA International Conference: ; ,332-359. · Zbl 1123.94374
[17] Lim, M.H.; Lee, S.; Moon, S.; Cryptanalysis of Tso et al.’s ID-Based Tripartite Authenticated Key Agreement Protocol; Inf. Syst. Secur.: 2007; Volume 4812 ,64-76.
[18] Hölbl, M.; Welzer, T.; Brumen, B.; Two proposed identity-based three-party authenticated key agreement protocols from pairings; Comput. Secur.: 2010; Volume 29 ,244-252. · Zbl 1277.94055
[19] Xiong, H.; Chen, Z.; Li, F.; New identity-based three-party authenticated key agreement protocol with provable security; JNCA: 2013; Volume 36 ,927-932.
[20] Yeh, H.T.; Sun, H.M.; Password-based user authentication and key distribution protocols for client-server applications; J. Syst. Softw.: 2004; Volume 72 ,97-103.
[21] Kohl, J.T.; Neuman, B.C.; Tso, T.Y.; The evolution of the Kerberos authentication system; Distributed Open System: Washington, DC, USA 1991; ,78-94.
[22] Yeh, H.T.; Sun, H.M.; Password authenticated key exchange protocols among diverse network domains; Comput. Electr. Eng.: 2005; Volume 31 ,175-189. · Zbl 1077.68533
[23] Li, G.; Optimal authentication protocols resistant to password guessing attacks; Proceedings of the Eighth IEEE Computer Security Foundations Workshop: ; ,24-29.
[24] Kwon, T.; Kang, M.; Jung, S.; Song, J.; An Improvement of the Password-Based Authentication Protocol (K1P) on Security against Replay Attacks; IEICE Trans. Commun.: 1999; Volume 82 ,991-997.
[25] Kwon, T.; Song, J.; Authenticated key exchange protocols resistant to password guessing attacks; Commun. IEE Proc.: 1998; Volume 145 ,304-308.
[26] Chang, T.Y.; Hwang, M.S.; Yang, W.P.; A communication-efficient three-party password authenticated key exchange protocol; Inf. Sci.: 2011; Volume 181 ,217-226.
[27] Ni, L.; Chen, G.; Li, J.; Escrowable identity-based authenticated key agreement protocol with strong security; Comput. Math. Appl.: 2013; Volume 65 ,1339-1349.
[28] Chang, T.Y.; Tsai, C.J.; Lin, J.H.; A graphical-based password keystroke dynamic authentication system for touch screen handheld mobile devices; J. Syst. Softw.: 2012; Volume 85 ,1157-1165.
[29] Blake-Wilson, S.; Menezes, A.; Authenticated Diffe-Hellman Key Agreement Protocols; Proceedings of the Selected Areas in Cryptography: ; ,339-361. · Zbl 0929.68057
[30] AVISPA v1.1 User Manual; 2006; .
[31] Chen, T.H.; Lee, W.B.; Chen, H.B.; A round- and computation-efficient three-party authenticated key exchange protocol; J. Syst. Softw.: 2008; Volume 81 ,1581-1590.
[32] Metz, C.; AAA protocols: Authentication, authorization, and accounting for the Internet; IEEE Int. Comput.: 1999; Volume 3 ,75-79.
[33] Rensing, C.; Karsten, M.; Stiller, B.; AAA: A survey and a policy-based architecture and framework; IEEE Netw.: 2002; Volume 16 ,22-27.
[34] Decugis, S.; Towards a Global AAA Framework for Internet; Proceedings of the 2009 Ninth Annual International Symposium on Applications and the Internet: ; ,227-230.
[35] Dolev, D.; Yao, A.Y.; On the Security of Public Key Protocols; IEEE Inf. Theory Soc.: 1983; Volume 29 ,198-208. · Zbl 0502.94005
[36] AVISPA Web tool. Automated Validation of Internet Security Protocols and Applications; ; . · Zbl 1081.68523
[37] Scott, M.; Costigan, N.; Abdulwahab, W.; Implementing Cryptographic Pairings on Smartcards; Proceedings of the 8th International Workshop: ; ,134-147.
[38] Oliveira, L.B.; Aranha, D.F.; Gouvêa, C.P.L.; Scott, M.; Câmara, D.F.; López, J.; TinyPBC: Pairings for authenticated identity-based non-interactive key distribution in sensor networks; Comput. Commun.: 2011; Volume 34 ,485-493.
[39] Hu, L.; Dong, J.W.; Pei, D.Y.; Implementation of Cryptosystem Based on Tate Pairing; J. Comput. Sci. Technol.: 2005; Volume 20 ,264-269.
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.