한국통신학회논문지 (The Journal of Korean Institute of Communications and Information Sciences)

  • 제38C권7호
  • /
  • Pages.595-604
  • /
  • 2013
  • /
  • 1226-4717(pISSN)
  • /
  • 2287-3880(eISSN)
한국통신학회 (The Korean Institute of Commucations and Information Sciences)
권호 표지
DOI QR코드

DOI QR Code

개선된 두 참여자간 식별자 기반 인증된 키 동의 프로토콜

Improved Two-Party ID-Based Authenticated Key Agreement Protocol

  • 투고 : 2013.03.26
  • 심사 : 2013.06.28
  • 발행 : 2013.07.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

공개된 네트워크 상에서 통신하는 두 참여자를 위한 안전한 인증된 키 동의 프로토콜(AKA)을 고안하는 것은 중요한 연구이다. McCullagh등은 단일 도메인과 두 개의 도메인을 위해 사용될 수 있는 제 3자 키 기탁(escrow)과 제 3자 키기탁이 필요없는 두가지 속성을 지원하는 두 참여자간 식별자 기반 인증된 키동의 프로토콜을 제안하였다. 본 논문은 McCullagh등의 두 개의 도메인을 위한 프토토콜이 가장 공격(masquerading attack)에 취약함으로서 주장하는 보안을 만족하지 않음을 보인다. McCullag등의 기법에 존재하는 가장 공격은 충분한 개체 인증과 무결성 보증의 부족 때문에 발생한다. McCullagh등의 프로토콜 문제점을 해결하기 위해서 인증절차에 서명 원리가 포함된 효율적인 검증가능한 키 동의 프로토콜을 제안한다.

Devising a secure authenticated key agreement (AKA) protocol for two entities communicating over an open network is a matter of current research. McCullagh et al. proposed a new two-party identity-based AKA protocol supporting both key escrow and key escrow-less property instantiated by either in a single domain or over two distinct domains. In this paper, we show that their protocol over two distinct domains suffers from masquerading attack and therefore does not satisfy the claimed security. The attack is made possible due to the lack of sufficient authentication of entity and integrity assurance in the protocol. We then propose an efficient verifiable key agreement protocol by including signature primitive in the authentication procedure to solve the problem of McCullagh et al.'s protocol.

키워드

참고문헌

  1. L. Law, A. Menezes, M. Qu, J. Solinas, and S. Vanstone, "An efficient protocol for authenticated key agreement," Designs, Codes and Cryptography, vol. 28, no. 2, pp. 119-134, Mar. 2003. https://doi.org/10.1023/A:1022595222606
  2. J. Qiuyan, K. Lee, and D. Won, "Cryptanalysis of a secure remote user authentication scheme," J. Korea Inform. Commun. Soc. (KICS), vol. 37C, no. 8, pp. 697-702, Aug. 2012. https://doi.org/10.7840/kics.2012.37C.8.697
  3. H.-J. Seo and H.-W. Kim, "User authentication method on VANET environment," J. Korea Inform. Commun. Soc. (KICS), vol. 37C, no. 7, pp. 576-583, July 2012. https://doi.org/10.7840/KICS.2012.37.7C.576
  4. W. Diffie and M. E. Hellman, "New directions in cryptography," IEEE Trans. Inform. Theory, vol. 22, no. 6, pp. 644-654, Nov. 1976. https://doi.org/10.1109/TIT.1976.1055638
  5. D. Hankerson, A. Menezes, and S. Vanstone, Guide to elliptic curve cryptography, Springer-Verlag, 2004.
  6. A. Shamir, "Identity-based cryptosystems signature schemes," Lecture Notes in Computer Science, vol. 196, pp. 47-53, August 1985.
  7. D. Boneh and M. Franklin, "Identity-based encryption from the Weil pairing," Lecture Notes in Computer Science, vol. 2139, pp. 213-229, August 2001.
  8. N. P. Smart, "Identity-based authenticated key agreement protocol based on Weil pairing," IEEE Electron. Lett., vol. 38, no. 13, pp. 630-632, June 2002. https://doi.org/10.1049/el:20020387
  9. K. Shim, "Efficient ID-based authenticated key agreement protocol based on Weil pairing," IEEE Electron. Lett., vol. 39, no. 8, pp. 653-654, Apr. 2003. https://doi.org/10.1049/el:20030448
  10. L. Chen and C. Kudla, "Identity based authenticated key agreement protocols from pairings," in Proc. 16th IEEE Comput. Security Found. Workshop 2002, pp. 219-233, Pacific Grove, U.S.A., June-July 2003.
  11. H.-M. Sun and B.-T. Hsieh, "Security analysis of Shim's authenticated key agreement protocols from pairings," Cryptology ePrint Archive: Report 2003/113, [Online], Available: http://eprint.iacr.org/2003/113/.
  12. E.-K. Ryu, E.-J. Yoon, and K.-Y. Yoo, "An efficient ID-based authenticated key agreement protocol from pairings," Lecture Notes in Computer Science, vol. 3042, pp. 1458-1463, August 2004.
  13. C. Boyd and K. K. R. Choo, "Security of two-party identity-based key agreement," Lecture Notes in Computer Science, vol. 3715, pp. 229-243, Sep. 2005.
  14. N. McCullagh and P. S. L. M. Barreto, "A new two-party identity-based authenticated key agreement," in Proc. Int. Conf. Topics Cryptology (CT-RSA '05), pp. 262-274, San Francisco, U.S.A., Feb. 2005.
  15. G. Xie, "Cryptanalysis of Noel McCullagh and Paulo S. L. M. Barreto's two-party identity-based key agreement," Cryptology ePrint Archive: Report 2004/308, [Online], Available: http://eprint.iacr.org/2004/308/.
  16. P. Kumar and H. Lee, "Security issues in healthcare application using wireless medical sensor network: a survey," Sensors, vol. 12, no. 1, pp. 55-91, Jan. 2012. https://doi.org/10.1109/JSEN.2011.2119477
  17. J. Hoffstein, J. Pipher, and J. H. Silverman, An introduction to mathematical cryptography, Springer, 2008.v
  18. D. Merfert, "Bilinear Pairings in Cryptography," M.S. Thesis, Radboud Universitiet Nijmegen, Netherlands, 2009.
  19. X. Cao, W. Kou, and X. Du, "A pairing-free identity-based authenticated key agreement protocol with minimal message exchange," Inform. Sci., vol. 180, no. 15, pp. 2895-2903, Aug. 2010. https://doi.org/10.1016/j.ins.2010.04.002
  20. G. Frey, M. Muller, and H. Ruck, "The Tate pairing and the discrete logarithm applied to elliptic curves cryptosystems," IEEE Trans. Inform. Theory, vol. 45, no. 5, pp. 1717-1719, July 1999. https://doi.org/10.1109/18.771254
  21. T. F. Vallent, S.-W. Lee, E.-J. Yoon, and H. Kim, "Cryptanalysis and remedy of two-party identity-based authenticated key agreement protocol," in Proc. KICS Winter Conf. 2013, pp. 120-121, Yongpyeong, Korea, Jan. 2013.
  22. R. W. Zhu, G. Yang, and D. S. Wong, "An efficient identity-based key exchange protocol with KGS forward secrecy for low-power device," Theoretical Computer Science, vol. 378, no. 2, pp. 198-207, June 2007. https://doi.org/10.1016/j.tcs.2007.02.021