TY - JOUR
T1 - Cryptanalysis and enhancement of two-pass authenticated key agreement with key confirmation protocols
AU - Mohammad, Zeyad
AU - Chen, Yaw-Chung
AU - Hsu, Chien Lung
AU - Lo, Chi Chun
PY - 2010/5/1
Y1 - 2010/5/1
N2 - In NRSC24, Elkamchouchi et al. proposed a new approach for key controlled agreement to provide key control in the Pour public key distribution system. In NRSC25, they further proposed an efficient and confirmed protocol for authenticated key agreement to provide forward secrecy in their previously proposed protocol. This paper, however, will show that Pour′s protocol and Elkamchouchi et al.′s two protocols cannot withstand key compromise impersonation resilience, and man-in-the-middle attacks, and do not have perfect forward secrecy resilience. To eliminate the pointed out security leaks, we further propose a new two-pass authenticated key agreement with a key confirmation protocol. The proposed protocol has the following properties: (i) it is proved to be secure against above attacks and stronger adversary attacks, and provides the desirable security properties as a three-pass authenticated key agreement protocol. (ii) It can provide entity authentication and assurance for key reception in an indirect way. (iii) It can withstand denial of service attacks. In addition, we also propose a derivation one-pass protocol from the proposed two-pass protocol to fit a one-way communication channel, which is suitable for mobile stations and electronic business transactions. The security and the computational complexities of the proposed two protocols outperform those of previously proposed protocols.
AB - In NRSC24, Elkamchouchi et al. proposed a new approach for key controlled agreement to provide key control in the Pour public key distribution system. In NRSC25, they further proposed an efficient and confirmed protocol for authenticated key agreement to provide forward secrecy in their previously proposed protocol. This paper, however, will show that Pour′s protocol and Elkamchouchi et al.′s two protocols cannot withstand key compromise impersonation resilience, and man-in-the-middle attacks, and do not have perfect forward secrecy resilience. To eliminate the pointed out security leaks, we further propose a new two-pass authenticated key agreement with a key confirmation protocol. The proposed protocol has the following properties: (i) it is proved to be secure against above attacks and stronger adversary attacks, and provides the desirable security properties as a three-pass authenticated key agreement protocol. (ii) It can provide entity authentication and assurance for key reception in an indirect way. (iii) It can withstand denial of service attacks. In addition, we also propose a derivation one-pass protocol from the proposed two-pass protocol to fit a one-way communication channel, which is suitable for mobile stations and electronic business transactions. The security and the computational complexities of the proposed two protocols outperform those of previously proposed protocols.
KW - Diffie-Hellman
KW - Entity authentication
KW - Key agreement
KW - Key compromise impersonation resilience
KW - Man-in-the-middle attack
KW - Perfect forward secrecy resilience
UR - http://www.scopus.com/inward/record.url?scp=77952517263&partnerID=8YFLogxK
U2 - 10.4103/0256-4602.62786
DO - 10.4103/0256-4602.62786
M3 - Article
AN - SCOPUS:77952517263
SN - 0256-4602
VL - 27
SP - 252
EP - 265
JO - IETE Technical Review (Institution of Electronics and Telecommunication Engineers, India)
JF - IETE Technical Review (Institution of Electronics and Telecommunication Engineers, India)
IS - 3
ER -