Journal of Information Technology Services (한국IT서비스학회지)

Korea Society of IT Services (한국IT서비스학회)
권호 표지

A Study on the User Authentication and Key Exchange Service for Group Environment

그룹 환경의 사용자 인증 및 키 교환 서비스 프로토콜 연구

  • 변진욱 (평택대학교 정보통신학과) ;
  • 이수미 (금융보안연구원) ;
  • 이동훈 (고려대학교 정보경영공학전문대학원)
  • Published : 2009.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

Over the years a password has been used as a popular authentication method between a client and a server because of its easy-to-memorize property. But, most password-based authentication services have focused on a same password authentication scheme which provides an authentication and key exchange between a client and a server with the same password. With rapid change of communication environments in the fields such as mobile networks, home networking, etc., the end-to-end security allowing users to hold different password is considered as one of main concerns. In this paper, we consider a new authentication service of how each client with different own password is able to authenticate each other, which is a quite new service paradigm among the existing services. This new service can be used in the current or next generation network environment where a mobile user in cell A wants to establish a secure end-to-end channel with users in ceil B, C, and D using only their memorable passwords. This end-to-end security service minimizes the interferences from the operator controlled by network components. To achieve this end-to-end security, we propose an authentication and key exchange service for group users in different realm, and analyze its security in a formal way. We also discuss a generic construction with the existing authentication schemes.

Keywords

References

  1. 김승희, 신경철, 제동국, 강숙양, 배정숙, 김재호, 박세권, 류승완, 유비쿼터스 정보화 사회에서 차세대 이동통신 융합서비스 제공을 위한 핵심 기술적 이슈 및 서비스 개발 프레임워크, 한국IT서비스학회지, 제7권, 제3호(2008), pp.215-237
  2. Abdalla, M. and D. Pointcheval, "Interactive Diffie-Hellman Assumptions With Applications to Password-Based Authentication", In Proceedings of FC 2005, LNCS Vol.3570(2005), pp.341-356
  3. M. Abdalla, P. Fouque, and D. Pointcheval, "Password-Based Authenticated Key Exchange in the Three-Party Setting", In Proceedings of PKC 2005, LNCS Vol.3386(2005), pp.65-84
  4. Asokan, N. and P. Ginzboorg, "Key agreement in Ad-hoc networks", Computer Communications, Vol.23, No.17(2000), pp.1627-1637 https://doi.org/10.1016/S0140-3664(00)00249-8
  5. M. Boyarsky, "Public-Key Cryptography and Password Protocols:The Multi-User Case", ACM Conference on Computer and Communications Security, 1999, pp.63-72
  6. Byun, J. W. and D. H. Lee, "N-party Encrypted Diffie-Hellman Key Exchange Using Different Passwords", In Proc. of ACNS 2005, LNCS Vol.3531(2005), pp.75-90
  7. Blake-Wilson, S. and A. Menezes, "Authenticated Diffie-Hellman Key Agreement Protocols", SAC 1998, LNCS 1556, 1999, pp.339-361
  8. Bellare and Rogaway, "Provably secure session key distribution-the three party case", ACM symposium in theory of computing, 1995
  9. Kim, H., D. Lee, and J. Lim, "Constant-Round Authenticated Group Key Exchange for Dynamic Groups", In Proceedings of Asiacrypt 2004, LNCS Vol.3329(2004), pp.245-259
  10. Jeong, I., J. Katz, and D. Lee, 'One-Round Protocols for Two-Party Authenticated Key Exchange', In Proceedings of ACNS 2004, LNCS Vol.3089(2004), pp.220-232 https://doi.org/10.1007/978-3-540-24852-1_16
  11. Bresson, E., O. Chevassut, D. Pointcheval, and J. J. Quisquater, "Provably authenticated group diffie-hellman key exchange", In proceedings of 8th ACM Conference on Computer and Communications Security, 2001, pp.255-264 https://doi.org/10.1145/501983.502018
  12. Bresson, E., O. Chevassut, and D. Pointcheval, "Group diffie-hellman key exchange secure against dictionary attacks", In proceedings of Asiacrypt 2002, LNCS Vol.2501(2002), pp.497-514
  13. Bresson, E., O. Chevassut, and D. Pointcheval, "Dynamic group diffie-hellman key exchange under standard assumptions", In proceedings of Eurocrypt 2002, LNCS Vol.2332(2002), pp.321-336
  14. Bresson, E., O. Chevassut, D. Pointcheval, and J. J. Quisquater, "Provably authenticated group diffie-hellman key exchange in the dynamic case", In proceedings of Asiacrypt 2001, LNCS Vol.2248(2001), pp.290-309
  15. Bellare, M., D. Pointcheval, and P. Rogaway, "Authenticated key exchange secure against dictionary attacks", In proceedings of Eurocrypt 2000, LNCS Vol.1807(2000), pp.139-155 https://doi.org/10.1007/3-540-45539-6
  16. Bellare, M. and P. Rogaway, "Random oracles are practical : a paradigm for designing efficient protocols", In proceedings of the First ACM Conference on Computer and Communications Security, ACM, 1995
  17. Bellare, M. and P. Rogaway, "Entity authentication and key distribution", In proceedings of Crypto 1993, LNCS Vol.773(1994), pp.232-249 https://doi.org/10.1007/3-540-48329-2_21
  18. Bellovin, S. and M. Merrit, "Encrypted key exchange : password based protocols secure against dictionary attacks", In proceedings of the Symposium on Security and Privacy, IEEE, 1992, pp.72-84 https://doi.org/10.1109/RISP.1992.213269
  19. Boneh, D. and M. Franklin, "Identity-based encryption from the Weil pairing", Proc. of Crypto 2001, LNCS 2139, 2001, pp.213-229 https://doi.org/10.1007/3-540-44647-8_13
  20. Byun, J. W., I. R. Jeong, D. H. Lee, and C. Park, "Password-Authenticated Key Exchange between Clients with Different Passwords", In Proceedings of ICICS 2002, LNCS Vol.2513(2002), pp.134-146
  21. Byun, J. W. and D. H. Lee, "N-party Encrypted Diffie-Hellman Key Exchange Using Different Passwords", In proceedings of ACNS05', LNCS Vol.3531(2005), pp.75-90
  22. Ding, Y. and P. Horster, 'Undetectable on-line password guessing attacks', In ACM Operating Systems Review, Vol.29, No.4(1995), pp.77-86 https://doi.org/10.1145/219282.219298
  23. Goldreich, O. and Y. Lindell, "Session-key generation using human passwords only", In proceedings of Crypto 2001, LNCS Vol.2139(2001), pp.408-432
  24. Halevi, S. and H. Krawczyk, "Public-key cryptography and password protcols", In proceedings ACM Conference on Computer and Communications Security, ACM press, 1999, pp.63-72
  25. Kim, J., S. Kim, J. Kwak, and D. Won, "Cryptoanalysis and improvements of password authenticated key exchange scheme between clients with different passwords", In Proceedings of ICCSA 2004, LNCS Vol.3044(2004), pp.895-902
  26. Lin, C., H. Sun, and T. Hwang, "Three-party encrypted key exchange : attacks and a solution", In ACM Operating Systems Review, Vol.34, No.4(2000), pp.12-20 https://doi.org/10.1145/506106.506108
  27. Lin, Chun-Li., Hung-Min Sun, M. Steiner, and Tzonelih Hwang, "Three-party Encrypted Key Exchange Without Server Public-Keys", IEEE Communications Letters}, Vol.5, No.12(2001), pp.497-499 https://doi.org/10.1109/4234.974498
  28. Phan, R. C.-W., and B. Goi, "Cryptanalysis of an Improved Client-to-Client Password-authenticated Key Exchange (C2C-PAKE) Scheme", In proceedings of ACNS 2005, LNCS Vol.3531(2005), p.33?9 https://doi.org/10.1007/b137093
  29. Steiner, M., G. Tsudik, and M. Waider,"Refinement and extension of encrypted key exchange", In ACM Operation Sys. Review,Vol.29, No.3(1995), pp.22-30 https://doi.org/10.1145/206826.206834
  30. Wang, S., J. Wang, and M. Xu, "Weakness of a password-authenticated key exchange protocol between clients with different passwords", In Proceedings of ACNS 2004, LNCS Vol.3089(2004), pp.414-425 https://doi.org/10.1007/978-3-540-24852-1_30