Cryptanalysis and Design of a Three-Party Authenticated Key Exchange Protocol Using Smart Card
作者: Ruhul Amin , G. P. Biswas
DOI: 10.1007/S13369-015-1743-5
关键词: Security association 、 Cryptographic protocol 、 Reflection attack 、 Otway–Rees protocol 、 Authentication protocol 、 Wide Mouth Frog protocol 、 Computer security 、 Challenge–response authentication 、 Computer network 、 Computer science 、 One-time password
摘要: Three-party authenticated key exchange protocol (3PAKE) is used to provide security protection on the transmitted data over insecure communication by performing session agreement between entities involved. Comparing with 2PAKE protocol, 3PAKE more suitable for managing unrestricted number of users. Recently, several researchers have proposed many protocols using smart card. However, we scrutinized carefully recently published Yang et al.’s and it has been observed that same suffers from weaknesses such as insider attack, off-line password guessing logged-in users’ attack replay attack. Moreover, justified a serious issue change phase scheme. In order fix above-mentioned shortcomings, this paper proposes an efficient card based cryptographic one-way hash function. The formal analysis proves provides strong relevant attacks including weaknesses. simulation results scheme AVISPA tool show SAFE under OFMC CL-AtSe models. performance comparisons are also made, which ensure relatively better than existing related schemes. To best our knowledge, should be implemented in practical application, well attacks, complexities schemes, achieves proper mutual authentication along user-friendly phase.
springer.com
researchgate.net 
sci-hub.se 参考文章(50)
Bruce Schneier, Applied cryptography, second edition : protocols, algorithms,and source code in C John Wiley & Sons. ,(2015) , 10.1002/9781119183471
Ruhul Amin, G. P. Biswas, Design and Analysis of Bilinear Pairing Based Mutual Authentication and Key Agreement Protocol Usable in Multi-server Environment Wireless Personal Communications. ,vol. 84, pp. 439- 462 ,(2015) , 10.1007/S11277-015-2616-7
Ruhul Amin, G. P. Biswas, A Secure Three-Factor User Authentication and Key Agreement Protocol for TMIS With User Anonymity Journal of Medical Systems. ,vol. 39, pp. 1- 19 ,(2015) , 10.1007/S10916-015-0258-7
Ruhul Amin, G. P. Biswas, An Improved RSA Based User Authentication and Session Key Agreement Protocol Usable in TMIS Journal of Medical Systems. ,vol. 39, pp. 1- 14 ,(2015) , 10.1007/S10916-015-0262-Y
Ruhul Amin, SK Hafizul Islam, G. P. Biswas, Muhammad Khurram Khan, Xiong Li, Cryptanalysis and Enhancement of Anonymity Preserving Remote User Mutual Authentication and Session Key Agreement Scheme for E-Health Care Systems Journal of Medical Systems. ,vol. 39, pp. 1- 21 ,(2015) , 10.1007/S10916-015-0318-Z
Michel Abdalla, Pierre-Alain Fouque, David Pointcheval, Password-Based Authenticated Key Exchange in the Three-Party Setting Public Key Cryptography - PKC 2005. ,vol. 3386, pp. 65- 84 ,(2005) , 10.1007/978-3-540-30580-4_6
Eun-Jun Yoon, Kee-Young Yoo, Token-based authenticated key establishment protocols for three-party communication embedded and ubiquitous computing. pp. 758- 769 ,(2007) , 10.1007/978-3-540-77090-9_69
Bruce Schneier, Phil Sutherland, Applied Cryptography: Protocols, Algorithms, and Source Code in C ,(1993)
Eun-Jun Yoon, Kee-Young Yoo, Enhanced Three-Round Smart Card-Based Key Exchange Protocol Lecture Notes in Computer Science. pp. 507- 515 ,(2008) , 10.1007/978-3-540-69295-9_40
Laurie Law, Alfred Menezes, Minghua Qu, Jerry Solinas, Scott Vanstone, An Efficient Protocol for Authenticated Key Agreement Designs, Codes and Cryptography. ,vol. 28, pp. 119- 134 ,(2003) , 10.1023/A:1022595222606