Journal of the Korea Institute of Information and Communication Engineering (한국정보통신학회논문지)

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

Authenticated Key Exchange Protocol for the Secure and Efficient

안전하고 효율적으로 인증된 키 교환 프로토콜

  • Received : 2010.04.28
  • Accepted : 2010.05.27
  • Published : 2010.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

The Key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, Key confirmation, and Key freshness. In this paper, we propose Two authenticated key exchange protocols Two Pass EKE-E(Encrypted Key Exchange-Efficient) and Two Pass EKE-S(Encrypted Key Exchange-Secure) are introduced. A basic idea of the protocols is that a password can be represented by modular addition N, and the number of possible modular addition N representing the password is $2^N$ The Two Pass EKE-E is secure against the attacks including main-in-the-middle attack and off-line dictionary attack, and the performance is excellent so as beyond to comparison with other authenticated key exchange protocols. The Two Pass EKE-S is a slight modification of the Two Pass EKE-E. The Two Pass EKE-S provides computational in feasibility for learning the password without having performed off line dictionary attack while preserving the performance of the Two Pass EKE-E.

키 교환 방식은 안전한 암호 통신을 위하여 매우 중요하다. 키 교환 프로토콜은 안전성, 키 확신, 키 신선도 등의 요구사항을 만족해야 한다. 본 논문에서는 두 개의 인증된 키 교환 프로토콜로 EKE-E 와 EKE-S를 제안한다. 프로토콜들의 기본적인 생각은 암호가 단위 추가 N에 의하여 나타내어질 수 있는 것이고, 암호를 나타내는 가능한 단위 추가 N 수는 $2^N$ 이다. EKE-E는 main-in-the-middle 공격과 오프라인 사전 공격을 포함하고, 실행은 또 다른 것과 비교해서 우수하며 중요한 교환 프로토콜들의 신임도를 인증한다. EKE-S는 EKE-E에 대한 약간의 변형이다. EKE-S는 EKE-E의 공격을 보존하는 동안에 오프라인 사전 공격을 하지 못하고 암호를 습득하기 위하여 평가 실행 불가를 제공한다.

Keywords

References

  1. E. Bach, Algorithmic Number Theory, Volumn 1 : Efficient Algorithms, MIT Press, Cambridge, Massachusetts, 1996.
  2. M. Bellare, D. Pointcheaval, and P. Rogaway, "Authenticated key exchange secure against dictionary attacks", Advances in Cryptology Eurocrypt'00, LNCS Vol. 1807, Springer-Verlag, pp. 139-155, 2000.
  3. S. M. Bellovin and M. Merrit, "Encrypted key exchange : Password-based protocols secure against dictionary attack", In Proceedings of IEEE Security and Privacy, pp. 72-84, 1992.
  4. S. M. Bellovin and M. Merrit, "Augmented encrypted key exchange : Password-based protocol secure against dictionary attack and password file compromise", In ACM Security (CCS'93), pp. 244. 250, 1993.
  5. V. Boyko, P. MacKenzie, and S. Prenel, "Probably secure password authenticated key exchange using Diffie-Hellman", In B. Prenel, editor, Advances in Cryptology Eurocrypt'00, LNCS Vol. 1807, Springer -Verlag, pp. 156-171, 2000.
  6. O. Goldreich and Y. Lindell, "Session key generation using heman passwords only", Advances in Cryptology, Crypto'01, LNCS Vol. 2137, S[romger-Verlag, pp. 408-432, 2001.
  7. D. Jablon, "Strong password-only authenticated key exchange", ACM Computer Communication Review, ACM SIGCOMM, Vol. 26, No. 5, pp. 5-20, October 1996. https://doi.org/10.1145/242896.242897
  8. J. Katz, R. Ostrovsky, and M. Yung, "Efficient password authenticated key exchange using human memorable passwords", Advances in Cryptology Eurocrypt'01, LNCS Vol. 2045, Springer-Verlag, pp. 475-494, 2001.
  9. S. Lucks, "Open key exchange : How to defeat dictionary attacks without encrypting public keys", In Proceedings of the Workshop on Security Protocols, 1997.
  10. P. MacKenzie, S. Patal and S. Swaminathan, "Password authenticated key exchange based on RSA", Advances in Cryptology Asiacrypt'00, LNCS Vol. 1976, Springer-Verlag, pp. 599-613, 2000.
  11. S. Patal, "Number theoretic attacks on secure password schemes", In proceedings of IEEE Security and Privacy, pp. 236-247, 1997.
  12. M. Steiner, G. Tsudik, and M. Waidner, "Refinement and extension of encrypted key exchange", ACM Operating System Review, 29, pp. 22-30, 1995. https://doi.org/10.1145/206826.206834
  13. Byung-Jun Oark, Jong-Min Park, "Security in the Password-based Identification", The Korean Institute of Maritime Information & Communication Science, Vol. 5, No. 4, pp. 346-350, 2007. https://doi.org/10.1007/978-3-540-77600-0_37