Deniable Key Establishment Resistance against eKCI Attacks

Krzywiecki, Łukasz; Wlisłocki, Tomasz

doi:10.1155/2017/7810352

Cited by 4 publications

(2 citation statements)

References 41 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The extended version of these protocols cannot withstand the extended KCI (eKCI) 38 . Table 1 shows that the mHMQV‐1 76 protocol can provide AKC; however, it is higher than that of the proposed protocol in terms of communication and computation complexities. The YAK protocol has a comparable performance with the proposed protocol as shown in Table 1.…”

Section: Security and Performance Comparisonsmentioning

confidence: 99%

Cryptanalysis and improvement of the YAK protocol with formal security proof and security verification via Scyther

Mohammad

2020

Int J Communication

View full text Add to dashboard Cite

Hao proposed the YAK as a robust key agreement based on public-key authentication, and the author claimed that the YAK protocol withstands all known attacks and therefore is secure against an extremely strong adversary. However, Toorani showed the security flaws in the YAK protocol. This paper shows that the YAK protocol cannot withstand the known key security attack, and its consequences lead us to introduce a new key compromise impersonation attack, where an adversary is allowed to reveal both the shared static secret key between two-party participation and the ephemeral private key of the initiator party in order to mount this attack. In addition, we present a new security model that covers these attacks against an extremely strong adversary. Moreover, we propose an improved YAK protocol to remedy these attacks and the previous attacks mentioned by Toorani on the YAK protocol, and the proposed protocol uses a verification mechanism in its block design that provides entity authentication and key confirmation. Meanwhile, we show that the proposed protocol is secure in the proposed formal security model under the gap Diffie-Hellman assumption and the random oracle assumption. Moreover, we verify the security of the proposed protocol and YAK protocol by using an automatic verification method such as the Scyther tool, and the verification result shows that the security claims of the proposed protocol are proven, in contrast to those of the YAK protocol, which are not proven. The security and performance comparisons show that the improved YAK protocol outperforms previous related protocols. K E Y W O R D Sauthenticated key agreement, cryptanalysis, eCK, formal security model, key compromise impersonation, known key security, Scyther tool | INTRODUCTIONAs a result of the rapid development in the Internet of Things (IoT)-related applications in daily life, which uses diverse communication devices, securing data has become a more challenging task. Due to a diverse powerful adversary for revealing secret information from a party's participation via the open communication model, many formal security models and automated verification tools have been developed for finding security flaws in proposed new protocols before implementing them in applications. Consequently, secret key distribution and user authentication became the most important security issues in IoT. Nowadays, the security proof and verification process of an Authenticated Key Agreement (AKA) protocol in the formal security model is important for successful IoT applications.Diffie-Hellman (DH) key exchange protocol is a fundamental building block to distribute a shared secret key over an insecure communication model, 1 which is based on the concept of asymmetric cryptography. The shared secret key is used to provide confidentiality, integrity, nonrepudiation, and authenticity for data during transmission over an untrusted communication model. An AKA protocol is based on a public key, wherein the two intended participating parties exchange static and ephemeral ...

show abstract

Section: Security and Performance Comparisonsmentioning

confidence: 99%

Cryptanalysis and improvement of the YAK protocol with formal security proof and security verification via Scyther

Mohammad

2020

Int J Communication

View full text Add to dashboard Cite

show abstract

“…Many other variants of HMQV have been proposed in the literature. [24][25][26][27][28][29] In the literature, there is an alternative method to ensure the authentication of the secret key by incorporating the one-way functions in the DH key agreement protocol 12,[30][31][32][33][34][35] in order to confirm the validity of the shared secret key.…”

mentioning

confidence: 99%

Authenticated secret session key using elliptic curve digital signature algorithm

Mehibel

Hamadouche

2021

Security and Privacy

View full text Add to dashboard Cite

Elliptic curve Diffie‐Hellman (ECDH) scheme is the basic key exchange used in elliptic curve cryptography. ECDH is a public key cryptosystem based on the discrete logarithm problem, but is vulnerable to man‐in‐the‐middle attack because it does not authenticate the secret session key. The integration of the elliptic curve digital signature allows authenticating the secret session key of the ECDH scheme (A‐ECDH). However, it is a technique (A‐ECDH) that uses a single random variable and it has been shown in the literature that a single random variable does not make the system secure. Therefore, the use of two random variables has been suggested to secure an authentication scheme. In this paper, a new authentication scheme using the elliptic curve digital signature algorithm is proposed. The performance analysis of the proposed authentication protocol is performed. The comparative results from the perspective of security and computation time showed that the proposed authentication protocol is more efficient in terms of computation time compared to the related works and it provides all the security features.

show abstract