• Title/Summary/Keyword: Random oracle model

Search Result 78, Processing Time 0.023 seconds

Efficient Password-based Group Key Exchange Protocol (효율적인 패스워드 기반 그룹 키 교환 프로토콜)

  • 황정연;최규영;이동훈;백종명
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.1
    • /
    • pp.59-69
    • /
    • 2004
  • Password-based authenticated group key exchange protocols provide a group of user, communicating over a public(insecure) channel and holding a common human-memorable password, with a session key to be used to construct secure multicast sessions for data integrity and confidentiality. In this paper, we present a password-based authenticated group key exchange protocol and prove the security in the random oracle model and the ideal cipher model under the intractability of the decisional Diffie-Hellman(DH) problem and computational DH problem. The protocol is scalable, i.e. constant round and with O(1) exponentiations per user, and provides forward secrecy.

Practical Password-Authenticated Three-Party Key Exchange

  • Kwon, Jeong-Ok;Jeong, Ik-Rae;Lee, Dong-Hoon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.2 no.6
    • /
    • pp.312-332
    • /
    • 2008
  • Password-based authentication key exchange (PAKE) protocols in the literature typically assume a password that is shared between a client and a server. PAKE has been applied in various environments, especially in the “client-server” applications of remotely accessed systems, such as e-banking. With the rapid developments in modern communication environments, such as ad-hoc networks and ubiquitous computing, it is customary to construct a secure peer-to-peer channel, which is quite a different paradigm from existing paradigms. In such a peer-to-peer channel, it would be much more common for users to not share a password with others. In this paper, we consider password-based authentication key exchange in the three-party setting, where two users do not share a password between themselves but only with one server. The users make a session-key by using their different passwords with the help of the server. We propose an efficient password-based authentication key exchange protocol with different passwords that achieves forward secrecy in the standard model. The protocol requires parties to only memorize human-memorable passwords; all other information that is necessary to run the protocol is made public. The protocol is also light-weighted, i.e., it requires only three rounds and four modular exponentiations per user. In fact, this amount of computation and the number of rounds are comparable to the most efficient password-based authentication key exchange protocol in the random-oracle model. The dispensation of random oracles in the protocol does not require the security of any expensive signature schemes or zero-knowlegde proofs.

Efficiency in the Password-based Authenticated Key Exchange (패스워드 기반 인증 키 공유 프로토콜에서의 효율성)

  • 황정연;홍석희;박혜영;장상운;박영호;류희수
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.12 no.6
    • /
    • pp.113-124
    • /
    • 2002
  • Proposals for a password-based authenticated key exchange protocol that have been published so far almost concentrated on the provable security. But in a real environment such as mobile one, efficiency is a critical issue as security. In this paper we discuss the efficiency of PAK which is secure in the random oracle model [l]. Among 4 hash functions in PAK the instantiation for $H_1$, which outputs a verifier of the password, has most important effect on the computational efficiency. We analyze two different methods for $H_1$ suggested in [1] and we show that $H_{lq}$ has merits in transforming to EC or XTR variants as well as in the efficiency. As an efficient variant. we propose PAK2-EC and PAK2-XTR which do not require any additional step converting a hash output into a point of elliptic curve or XTR subgroup when compared to the previous work on the PAK[2]. Finally we compare PAK2 with the password-based authenticated key exchange protocols such as SPEKE, SRP, and AMP.

A Lightweight Three-Party Privacy-preserving Authentication Key Exchange Protocol Using Smart Card

  • Li, Xiaowei;Zhang, Yuqing;Liu, Xuefeng;Cao, Jin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.5
    • /
    • pp.1313-1327
    • /
    • 2013
  • How to make people keep both the confidentiality of the sensitive data and the privacy of their real identity in communication networks has been a hot topic in recent years. Researchers proposed privacy-preserving authenticated key exchange protocols (PPAKE) to answer this question. However, lots of PPAKE protocols need users to remember long secrets which are inconvenient for them. In this paper we propose a lightweight three-party privacy-preserving authentication key exchange (3PPAKE) protocol using smart card to address the problem. The advantages of the new 3PPAKE protocol are: 1. The only secrets that the users need to remember in the authentication are their short passwords; 2. Both of the users can negotiate a common key and keep their identity privacy, i.e., providing anonymity for both users in the communication; 3. It enjoys better performance in terms of computation cost and security. The security of the scheme is given in the random oracle model. To the best of our knowledge, the new protocol is the first provably secure authentication protocol which provides anonymity for both users in the three-party setting.

TinyIBAK: Design and Prototype Implementation of An Identity-based Authenticated Key Agreement Scheme for Large Scale Sensor Networks

  • Yang, Lijun;Ding, Chao;Wu, Meng
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.11
    • /
    • pp.2769-2792
    • /
    • 2013
  • In this paper, we propose an authenticated key agreement scheme, TinyIBAK, based on the identity-based cryptography and bilinear paring, for large scale sensor networks. We prove the security of our proposal in the random oracle model. According to the formal security validation using AVISPA, the proposed scheme is strongly secure against the passive and active attacks, such as replay, man-in-the middle and node compromise attacks, etc. We implemented our proposal for TinyOS-2.1, analyzed the memory occupation, and evaluated the time and energy performance on the MICAz motes using the Avrora toolkits. Moreover, we deployed our proposal within the TOSSIM simulation framework, and investigated the effect of node density on the performance of our scheme. Experimental results indicate that our proposal consumes an acceptable amount of resources, and is feasible for infrequent key distribution and rekeying in large scale sensor networks. Compared with other ID-based key agreement approaches, TinyIBAK is much more efficient or comparable in performance but provides rekeying. Compared with the traditional key pre-distribution schemes, TinyIBAK achieves significant improvements in terms of security strength, key connectivity, scalability, communication and storage overhead, and enables efficient secure rekeying.

New Public Key Encryption with Equality Test Based on non-Abelian Factorization Problems

  • Zhu, Huijun;Wang, Licheng;Qiu, Shuming;Niu, Xinxin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.2
    • /
    • pp.764-785
    • /
    • 2018
  • In this paper, we present a new public key encryption scheme with equality test (PKEwET). Compared to other PKEwET schemes, we find that its security can be improved since the proposed scheme is based on non-Abelian factorization problems. To our knowledge, it is the first scheme regarding equality test that can resist quantum algorithm attacks. We show that our scheme is one-way against chosen-ciphertext attacks in the case that the computational Diffie-Hellman problem is hard for a Type-I adversary. It is indistinguishable against chosen-ciphertext attacks in the case that the Decisional Diffie-Hellman problem is hard in the random oracle model for a Type-II adversary. To conclude the paper, we demonstrate that our scheme is more efficient.

Certificateless Proxy Re-Encryption Scheme and Its Extension to Multiple KGC Environment (무인증서기반 프락시 재암호화 기법 및 다중 KGC 환경으로의 확장)

  • Sur, Chul;Jung, Chae-Duk;Park, Young-Ho;Rhee, Kyung-Hyune
    • Journal of Korea Multimedia Society
    • /
    • v.12 no.4
    • /
    • pp.530-539
    • /
    • 2009
  • In this paper we introduce the notion of certificateless proxy re-encryption which enjoys the advantages of certificateless cryptography while providing the functionalities of proxy re-encryption. We give precise definitions for secure certificateless proxy re-encryption schemes and also present a concrete scheme from bilinear pairing. Our scheme is unidirectional and compatible with current certificateless encryption deployments, In addition, we show that our scheme has chosen ciphertext security in the random oracle model. Finally, we extend the proposed scheme for appling multiple KGC environment.

  • PDF

On-Line/Off-Line Signature Schemes with Tight Security Reduction to the RSA Problem (RSA 문제와 동등한 안전성을 갖는 온라인/오프라인 서명 기법)

  • Choi, Kyung-yong;Park, Jong Hwan
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.2
    • /
    • pp.327-338
    • /
    • 2018
  • On-line/off-line signature is a technique for performing heavy computations required for signature generation in the off-line stage and completing the final signature by a simple operation in the online stage. This is suitable for application environments that require immediate signing responses to multiple users. In this paper, we propose two new on-line/off-line signature schemes based on RSA problem. The first technique can generate a signature with a fixed base exponentiation when signing online, and the second technique can complete an online signature with a very simple calculation such as a hash operation. The security of both signatures is based on the RSA problem, which is proven to be tightly secure without security loss in the random oracle model.

Towards Smart Card Based Mutual Authentication Schemes in Cloud Computing

  • Li, Haoxing;Li, Fenghua;Song, Chenggen;Yan, Yalong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.7
    • /
    • pp.2719-2735
    • /
    • 2015
  • In the cloud environment, users pay more attentions to their data security since all of them are stored in the cloud server. Researchers have proposed many mutual authentication schemes for the access control of the cloud server by using the smart card to protect the sensitive data. However, few of them can resist from the smart card lost problem and provide both of the forward security and the backward security. In this paper, we propose a novel authentication scheme for cloud computing which can address these problems and also provide the anonymity for the user. The trick we use is using the password, the smart card and the public key technique to protect the processes of the user's authentication and key exchange. Under the Elliptic Curve Diffie-Hellman (ECDH) assumption, it is provably secure in the random oracle model. Compared with the existing smart card based authentication schemes in the cloud computing, the proposed scheme can provide better security degree.

An Untraceable ECC-Based Remote User Authentication Scheme

  • Mehmood, Zahid;Chen, Gongliang;Li, Jianhua;Albeshri, Aiiad
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.3
    • /
    • pp.1742-1760
    • /
    • 2017
  • Recent evolution in the open access internet technology demands that the identifying information of a user must be protected. Authentication is a prerequisite to ensure the protection of user identification. To improve Qu et al.'s scheme for remote user authentication, a recent proposal has been published by Huang et al., which presents a key agreement protocol in combination with ECC. It has been claimed that Huang et al. proposal is more robust and provides improved security. However, in the light of our experiment, it has been observed that Huang et al.'s proposal is breakable in case of user impersonation. Moreover, this paper presents an improved scheme to overcome the limitations of Huang et al.'s scheme. Security of the proposed scheme is evaluated using the well-known random oracle model. In comparison with Huang et al.'s protocol, the proposed scheme is lightweight with improved security.