• Journal of the Korea Society of Computer and Information
• /
• v.16 no.2
• /
• pp.173-181
• /
• 2011

User authentication and key exchange protocols are the most important cryptographic applications. For user authentication, most protocols are based on the users' secret passwords. However, protocols based on the users' secret passwords are vulnerable to the password guessing attack. In 1992, Bellovin and Merritt proposed an EKE(Encrypted Key Exchange) protocol for user authentication and key exchage that is secure against password guessing attack. After that, many enhanced and secure EKE protocols are proposed so far. In 2006, Lo pointed out that Yeh et al.'s password-based authenticated key exchange protocol has a security weakness and proposed an improved protocol. However, Cao and Lin showed that his protocol is also vulnerable to off-line password guessing attack. In this paper, we show his protocol is vulnerable to on-line password guessing attack using new attack method, and propose an improvement of password authenticated key exchange protocol for imbalanced wireless networks secure against password guessing attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.3
• /
• pp.531-546
• /
• 2015

A non-interactive key exchange protocol provides an efficiency of overall system by eliminating additional communication. However, traditional non-interactive key exchange protocols without updating a private key fail to provide forward secrecy, since there is no usage of ephemeral key for randomness of session key. In 2012, Sang et al. proposed a certificateless non-interactive key exchange(CL-NIKE) protocol, but they do not prove the security of the protocol and it does not provide forward secrecy. In this paper, we propose a new CL-NIKE protocol and it's security model. Then we prove the proposed protocol is secure under the security model based on DBDH(Decision Bilinear Diffie-Hellman) assumption. Moreover, we propose a CL-NIKE protocol with forward secrecy which updates user's private key by using multilinear map and prove it's security.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.5
• /
• pp.1313-1327
• /
• 2013

How to make people keep both the confidentiality of the sensitive data and the privacy of their real identity in communication networks has been a hot topic in recent years. Researchers proposed privacy-preserving authenticated key exchange protocols (PPAKE) to answer this question. However, lots of PPAKE protocols need users to remember long secrets which are inconvenient for them. In this paper we propose a lightweight three-party privacy-preserving authentication key exchange (3PPAKE) protocol using smart card to address the problem. The advantages of the new 3PPAKE protocol are: 1. The only secrets that the users need to remember in the authentication are their short passwords; 2. Both of the users can negotiate a common key and keep their identity privacy, i.e., providing anonymity for both users in the communication; 3. It enjoys better performance in terms of computation cost and security. The security of the scheme is given in the random oracle model. To the best of our knowledge, the new protocol is the first provably secure authentication protocol which provides anonymity for both users in the three-party setting.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.12
• /
• pp.3244-3260
• /
• 2013

A three-party password-based authenticated key exchange (PAKE) protocol allows two clients registered with a trusted server to generate a common cryptographic key from their individual passwords shared only with the server. A key requirement for three-party PAKE protocols is to prevent an adversary from mounting a dictionary attack. This requirement must be met even when the adversary is a malicious (registered) client who can set up normal protocol sessions with other clients. This work revisits three existing three-party PAKE protocols, namely, Guo et al.'s (2008) protocol, Huang's (2009) protocol, and Lee and Hwang's (2010) protocol, and demonstrates that these protocols are not secure against offline and/or (undetectable) online dictionary attacks in the presence of a malicious client. The offline dictionary attack we present against Guo et al.'s protocol also applies to other similar protocols including Lee and Hwang's protocol. We conclude with some suggestions on how to design a three-party PAKE protocol that is resistant against dictionary attacks.

• Journal of the Optical Society of Korea
• /
• v.18 no.5
• /
• pp.477-484
• /
• 2014

In this paper, we propose a new optical secret key sharing method based on the Diffie-Hellman key exchange protocol required in cipher system. The proposed method is optically implemented by using a free-space interconnected optical logic gate technique in order to process XOR logic operations in parallel. Also, we present a compact type of optical module which can perform the modified Diffie-Hellman key exchange for a cryptographic system. Schematically, the proposed optical configuration has an advantage of producing an open public key and a shared secret key simultaneously. Another advantage is that our proposed key exchange system uses a similarity to double key encryption techniques to enhance security strength. This can provide a higher security cryptosystem than the conventional Diffie-Hellman key exchange protocol due to the complexity of the shared secret key. Results of numerical simulation are presented to verify the proposed method and show the effectiveness in the modified Diffie-Hellman key exchange system.

• Journal of Korea Multimedia Society
• /
• v.8 no.4
• /
• pp.525-535
• /
• 2005

A password-based authenticated tripartite key exchange protocol based on A. Joux's protocol was proposed. By using encryption scheme with shared password, we can resolve man-in-the-middle attack and lack of authentication problems. We also suggested a scheme to avoid the offline dictionary attack to which symmetric encryption schemes are vulnerable. The proposed protocol does not require a trusted party which is required in certificate or identity based authentication schemes. Therefore in a ad hoc network which is difficult to install network infrastructure, the proposed protocol would be very useful. The proposed protocol is more efficient in computation aspect than any existing password-based authenticated tripartite key exchange protocols. When it is used as a base line protocol of tree based group key exchange protocol, the computational weak points of the proposed protocol are compensated.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.11 no.3
• /
• pp.53-62
• /
• 2001

In this paper, we study the security of key recovery enhanced key exchange protocol. We present a subliminal channel of self-escrowed Diffie-Hellman key exchange protocol proposed by P. Paillier and M. Yung in ICISC\`99, and also we present a method to prevent such a subliminal channel. In addition, we review and analyze the weakness of the modified key recovery enhanced key exchange Protocol proposed by C. Kim and p. Lee in PKC 2001.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.127-133
• /
• 2005

This paper presents a password-based key exchange protocol to guarantee secure communications for two users registered in a sever. In this protocol, the server is only responsible for the legality of the users but does not how the session key agreed between them. The protocol can resist the various attacks including server compromise attack and provide the perfect forward secrecy. The proposed protocol is efficient in terms of computation cost because of not employing the sewer's public key.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.2
• /
• pp.388-395
• /
• 2009

Three-party authenticated key exchange protocol based on smartcards using XOR and hash function operation instead of the public key operation has been proposed in 2006. Recently, it is doing for research because of increasing interest in privacy. This paper pointed out that proposed three-party authenticated key exchange protocol in 2006 has some problems; it is user anonymity and slow wrong input detection, and then we proposed new one to overcome these problems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.11
• /
• pp.5639-5653
• /
• 2016

Security models for key exchange protocols have been researched for years, however, lots of them only focus on what secret can be compromised but they do not differentiate the timing of secrets compromise, such as the extended Canetti-Krawczyk (eCK) model. In this paper, we propose a new security model for key exchange protocols which can not only consider what keys can be compromised as well as when they are compromised. The proposed security model is important to the security proof of the key exchange protocols with forward secrecy (either weak forward secrecy (wFS) or strong forward secrecy (sFS)). In addition, a new kind of key compromise impersonation (KCI) attacks which is called strong key compromise impersonation (sKCI) attack is proposed. Finally, we provide a new one-round key exchange protocol called mOT+ based on mOT protocol. The security of the mOT+ is given in the new model. It can provide the properties of sKCI-resilience and sFS and it is secure even if the ephemeral key reveal query is considered.