• Title/Summary/Keyword: Session Key Exchange

Search Result 77, Processing Time 0.025 seconds

Multi-party Password-Authenticated Key Exchange Scheme with Privacy Preservation for Mobile Environment

  • Lu, Chung-Fu
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.12
    • /
    • pp.5135-5149
    • /
    • 2015
  • Communications among multi-party must be fast, cost effective and secure. Today's computing environments such as internet conference, multi-user games and many more applications involve multi-party. All participants together establish a common session key to enable multi-party and secure exchange of messages. Multi-party password-based authenticated key exchange scheme allows users to communicate securely over an insecure network by using easy-to-remember password. Kwon et al. proposed a practical three-party password-based authenticated key exchange (3-PAKE) scheme to allow two users to establish a session key through a server without pre-sharing a password between users. However, Kwon et al.'s scheme cannot meet the security requirements of key authentication, key confirmation and anonymity. In this paper, we present a novel, simple and efficient multi-party password-based authenticated key exchange (M-PAKE) scheme based on the elliptic curve cryptography for mobile environment. Our proposed scheme only requires two round-messages. Furthermore, the proposed scheme not only satisfies security requirements for PAKE scheme but also achieves efficient computation and communication.

Pairwise Key Agreement Protocols Using Randomness Re-use Technique (난수 재사용 기법을 이용한 다중 키 교환 프로토콜)

  • Jeong, Ik-Rae;Lee, Dong-Hoon
    • The KIPS Transactions:PartC
    • /
    • v.12C no.7 s.103
    • /
    • pp.949-958
    • /
    • 2005
  • In the paper we study key agreement schemes when a party needs to establish a session key with each of several parties, thus having multiple session keys. This situation can be represented by a graph, tailed a key graph, where a vertex represents a party and an edge represents a relation between two parties sharing a session key. graphs to establish all session keys corresponding to all edges in a key graph simultaneously in a single session. A key agreement protocol of a key graph is a natural extension of a two-party key agreement protocol. We propose a new key exchange model for key graphs which is an extension of a two-party key exchange model. using the so-called randomness re-use technique which re-uses random values to make session keys for different sessions, we suggest two efficient key agreement protocols for key graphs based on the decisional Diffie-Hellman assumption, and prove their securities in the key exchange model of key graphs. Our first scheme requires only a single round and provides key independence. Our second scheme requires two rounds and provides forward secrecy. Both are proven secure In the standard model. The suggested protocols are the first pairwise key agreement protocols and more efficient than a simple scheme which uses a two-party key exchange for each necessary key. Suppose that a user makes a session key with n other users, respectively. The simple scheme's computational cost and the length of the transmitted messages are increased by a factor of n. The suggested protocols's computational cost also depends on n, but the length of the transmitted messages are constant.

A Session Key Exchange Scheme for Secure Vehicle Communication in V2I-based VANET Environments (V2I 기반의 VANET 환경에서 안전한 차량 통신을 위한 세션 키 교환 기법)

  • Ryu, Seung-Ho;Jung, Sou-Hwan
    • Journal of KIISE:Information Networking
    • /
    • v.35 no.4
    • /
    • pp.311-317
    • /
    • 2008
  • This paper proposes a session key exchange scheme for providing secure communication between Vehicles and Infrastructure in VANET. In the current VANET environment, IEEE 802.11i or PKI based mechanism is used to provide secure communication between V2I. However, since the vehicles and the frequent changes of network topology, VANET nodes have some difficulties to exchange the session key using IEEE 802.11i or PKI method. In the proposed scheme, Local Router is newly defined for exchanging the session key between moving vehicles and infrastructure. A session key is generated by XOR operation based on the random values between Local Router and OBU. As a result, the proposed scheme has a noticeable advantage on the fastness of key exchange by exchanging session keys between LR and OBU.

Dictionary Attack on Huang-Wei's Key Exchange and Authentication Scheme (Huang-Wei의 키 교환 및 인증 방식에 대한 사전공격)

  • Kim, Mi-Jin;Nam, Jung-Hyun;Won, Dong-Ho
    • Journal of Internet Computing and Services
    • /
    • v.9 no.2
    • /
    • pp.83-88
    • /
    • 2008
  • Session initiation protocol (SIP) is an application-layer prolocol to initiate and control multimedia client session. When client ask to use a SIP service, they need to be authenticated in order to get service from the server. Authentication in a SIP application is the process in which a client agent present credentials to another SIP element to establish a session or be granted access to the network service. In 2005, Yang et al. proposed a key exchange and authentication scheme for use in SIP applications, which is based on the Diffie-Hellman protocol. But, Yang et al.'s scheme is not suitable for the hardware-limited client and severs, since it requires the protocol participant to perform significant amount of computations (i.e., four modular exponentiations). Based on this observation. Huang and Wei have recently proposed a new efficient key exchange and authentication scheme thor improves on Yang et al.'s scheme. As for security, Huang and Wei claimed, among others, that their scheme is resistant to offline dictionary attacks. However, the claim turned out to be untrue. In this paper, we show thor Huang and Wei's key exchange and authentication scheme is vulnerable to on offline dictionary attack and forward secrecy.

  • PDF

Session Key Exchange and Authentication Scheme between Communication Members in Ubiquitous Networks (유비쿼터스 네트워크 환경에서 커뮤니티 멤버간 인증 및 세션키 교환 기법)

  • Roh, Hyo-Sun;Jung, Sou-Hwan
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.46 no.2
    • /
    • pp.81-88
    • /
    • 2009
  • This paper proposed a session key exchange and authentication scheme on non-interactive key distribution algorithm using a community member's ID in ubiquitous networks. In ubiquitous network environment, User's context-awareness information is collected and used to provide a context-awareness service for someone who need it. However, in ubiquitous network environment, this kind of the Context-awareness information could be abused by a malicious nodes. The proposed scheme using the community member ID provides a session key exchange and mutual authentication between community members, and supports secure data communication. Also, when exchanging the session key and authenticating each other, this scheme reduces communication overhead and authentication delay compared to the AAA server scheme.

Securing RTP Packets Using Per-Packet Key Exchange for Real-Time Multimedia

  • Jung, Younchan;Festijo, Enrique;Atwood, J. William
    • ETRI Journal
    • /
    • v.35 no.4
    • /
    • pp.726-729
    • /
    • 2013
  • For secure multimedia communications, existing encryption techniques use an online session key for the key exchange, for which key size is limited to less than 10 digits to accommodate the latency condition caused by user devices only being able to handle low computational loads. This condition results in poor security of recorded encrypted data. In this letter, we propose a packet key scheme that encrypts real-time packets using a different key per packet for multimedia applications. Therefore, a key of a relatively small size can provide after-transmission confidentiality to data of a real-time session.

Invited Speech at ICSS 2007 Generation of Session, Authentication, and Encryption Keys for CDMA2000 1x EV-DO Air Interface Standard

  • Rhee, Man-Young
    • Review of KIISC
    • /
    • v.17 no.2
    • /
    • pp.9-23
    • /
    • 2007
  • The air interface supports a security layer which provides the key exchange protocol, authentication protocol, and encryption protocol. The authentication is performed on the encryption protocol packet. The authentication protocol header or trailer may contain the digital signature that is used to authenticate a portion of the authentication protocol packet that is authenticated. The encryption protocol may add a trailer to hide the actual length of the plaintext of padding to be used by the encryption algorithm. The encryption protocol header may contain variables such as the initialization vector (IV) to be used by the encryption protocol. It is our aim to firstly compute the session key created from the D H key exchange algorithm, and thereof the authenticating key and the encryption key being generated from the session key.

Mutual Identification and Key Exchange Scheme in Secure Vehicular Communications based on Group Signature (그룹 서명 기반의 차량 네트워크에서 상호 신분 확인 및 세션키 교환 기법)

  • Kim, Dai-Hoon;Choi, Jae-Duck;Jung, Sou-Hwan
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.1
    • /
    • pp.41-50
    • /
    • 2010
  • This paper proposes a mutual identification and session key exchange scheme in secure vehicular communication based on the group signature. In VANETs, security requirements such as authentication, conditional privacy, non-repudiation, and confidentiality are required to satisfy various vehicular applications. However, existing VANET security methods based on the group signature do not support a mutual identification and session key exchange for data confidentiality. The proposed scheme allows only one credential to authenticate ephemeral Diffie-Hellman parameters generated every key exchange session. Our scheme provides a robust key exchange and reduces storage and communication overhead. The proposed scheme also satisfies security requirements for various application services in VANETs.

A Session Key Establishment Scheme in Mobile Ad-Hoc Networks (이동 애드혹 네트워크에서 세션 키 설정 방안)

  • 왕기철;정병호;조기환
    • Journal of KIISE:Information Networking
    • /
    • v.31 no.4
    • /
    • pp.353-362
    • /
    • 2004
  • Mobile Ad-Hoc network tends to expose scarce computing resources and various security threats because all traffics are carried in air along with no central management authority. To provide secure communication and save communication overhead, a scheme is inevitable to serurely establish session keys. However, most of key establishment methods for Ad-Hoc network focus on the distribution of a group key to all hosts and/or the efficient public key management. In this paper, a secure and efficient scheme is proposed to establish a session key between two Ad-Hoc nodes. The proposed scheme makes use of the secret sharing mechanism and the Diffie-Hellman key exchange method. For secure intra-cluster communication, each member node establishes session keys with its clusterhead, after mutual authentication using the secret shares. For inter-cluster communication, each node establishes session keys with its correspondent node using the public key and Diffie-Hellman key exchange method. The simulation results prove that the proposed scheme is more secure and efficient than that of the Clusterhead Authentication Based Method(1).

One time password key exchange Authentication technique based on MANET (MANET 기반 원타임 패스워드 키교환 인증기법)

  • Lee, Cheol-Seung;Lee, Joon
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.11 no.7
    • /
    • pp.1367-1372
    • /
    • 2007
  • This paper suggests One-time Password key exchange authentication technique for a strong authentication based on MANET and through identify wireless environment security vulnerabilities, analyzes current authentication techniques. The suggested authentication technique consists of 3 steps: Routing, Registration, and Running. The Routing step sets a safe route using AODV protocol. The Registration and Running step apply the One-time password S/key and the DH-EKE based on the password, for source node authentication. In setting the Session key for safe packet transmission and data encryption, the suggested authentication technique encrypts message as H(pwd) verifiers, performs key exchange and utilizes One time password for the password possession verification and the efficiency enhancement. EKE sets end to end session key using the DH-EKE in which it expounds the identifier to hash function with the modula exponent. A safe session key exchange is possible through encryption of the H(pwd) verifier. The suggested authentication technique requires exponentiation and is applicable in the wireless network environment because it transmits data at a time for key sharing, which proves it is a strong and reliable authentication technique based on the complete MANET.