One-Round Protocols for Two-Party Authenticated Key Exchange

Jeong, Ik Rae; Katz, Jonathan; Lee, Dong Hoon

doi:10.1007/978-3-540-24852-1_16

Cited by 70 publications

(49 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [3], Jeong and others suggested the JKL model for a duplex channel. In a duplex channel, the two communicating parties can send their messages simultaneously.…”

Section: Jkl Modelmentioning

confidence: 99%

“…There exist a few key-establishment schemes in the JKL model [3], [21]- [22]. We note that a multiparty authenticated key-establishment protocol can be used as a twoparty authenticated key-establishment protocol.…”

Section: Our Workmentioning

confidence: 99%

“…▪ A session identifier in the KR model has been defined as sid i,k = strID i,k [2]. ▪ A session identifier in the JKL model has been defined as sid i,k = strID i,k [3], [22]. (Note that strTIME i,k cannot be used as a session identifier in the JKL model, because the two parties may send their messages simultaneously.)…”

Section: Security Model For Key Establishmentmentioning

confidence: 99%

“…For a concrete definition of the KKS/w-FS/s-FS/KCI/SSRsecurity through an experiment, refer to [1]- [3].…”

Section: Security Model For Key Establishmentmentioning

confidence: 99%

“…In a duplex channel, the two communicating parties can send their messages at the same time. For such a channel, it is necessary to create new security models since those for the half-duplex channel are not transferable; one such model is defined by Jeong and others, which we call the JKL model [3].…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Relations among Security Models for Authenticated Key Exchange

Kwon

Jeong

2014

ETRI J

Self Cite

View full text Add to dashboard Cite

Usually, key-establishment protocols are suggested in a security model. However, there exist several different security models in the literature defined by their respective security notions. In this paper, we study the relations between the security models of key establishment. For the chosen security models, we first show that some proven key-establishment protocols are not secure in the more restricted security models. We then suggest two compilers by which we can convert a key-establishment protocol that is secure in a specific security model into a keyestablishment protocol that is still secure in a more restricted security model.

show abstract

“…In [3], Jeong and others suggested the JKL model for a duplex channel. In a duplex channel, the two communicating parties can send their messages simultaneously.…”

Section: Jkl Modelmentioning

confidence: 99%

Section: Our Workmentioning

confidence: 99%

Section: Security Model For Key Establishmentmentioning

confidence: 99%

“…For a concrete definition of the KKS/w-FS/s-FS/KCI/SSRsecurity through an experiment, refer to [1]- [3].…”

Section: Security Model For Key Establishmentmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Relations among Security Models for Authenticated Key Exchange

Kwon

Jeong

2014

ETRI J

Self Cite

View full text Add to dashboard Cite

show abstract

Security analysis and enhancement for three‐party password‐based authenticated key exchange protocol

Zhao

Zhang

2011

Security Comm Networks

View full text Add to dashboard Cite

Recently, Tzung‐Her Chen, Wei‐Bin Lee, and Hsing‐Bai Chen (CLC) proposed a new three‐party password‐based authenticated key exchange (3PAKE) protocol. This CLC protocol needs not store the security‐sensitive table on the server side, which reduces the danger of the server being compromised; also, it has the advantage in terms of the round efficiency and computational cost. However, we find that the leakage of values VA and VB in the CLC protocol will make a man‐in‐the‐middle attack feasible in practice. On the basis of this finding, we present a modified 3PAKE protocol called I‐CLC protocol, which is essentially an improved CLC protocol. I‐CLC can resist attacks available, including the man‐in‐the‐middle attack that we mentioned on the initial CLC protocol. Meanwhile, the new protocol allows that the participants choose their own passwords by themselves; additionally, the computation cost of I‐CLC is lower than that of CLC protocol. Copyright © 2011 John Wiley & Sons, Ltd.

show abstract

The design of authentication key protocol in certificate‐free public key cryptosystem

Chung

2013

Security Comm Networks

View full text Add to dashboard Cite

In regard to the communication security of open networks, authenticated key management agreements are able to provide confidentiality, integrity, and verification so as to establish a more secure and fair digital rights management mechanism. For this reason, this paper, aiming at authentication key management agreements, tends to provide a security study on the application of authentication key management agreements, covering the establishment, analysis, design, security study, and performance optimization in various environments. Based on present public key schemes, such as public key cryptography, identity‐recognized cryptography, and undocumented cryptography, it aims to establish an authenticated key management agreement suitable for various application environments. Using the one‐way transmission in identity‐recognized cryptography or undocumented cryptography for formulating practical and effective security models, it tends to establish the one‐way authentication key agreement for both parties. Based on the design of single authentication key, an authentication key agreement for the undocumented public key cryptography is proposed to design a security model for the secure and high‐efficiency undocumented two‐party authentication key agreement. Under random oracle model and standard model, the security of the undocumented two‐party authentication key agreement is authenticated. Furthermore, aiming at the computational efficiency, communication efficiency, and key exchange frequency of group key management agreements, this paper aims to propose a method for dynamic membership. Besides, regarding the secure communication environment in different application backgrounds, such as the network applications of Grid, P2P, and ad‐hoc, it would propose practical group key agreements for networks and multi‐node communications to promote the security of group key management and to facilitate the computation of agreements and the optimization of communications. Copyright © 2013 John Wiley & Sons, Ltd.

show abstract

One-Round Protocols for Two-Party Authenticated Key Exchange

Cited by 70 publications

References 23 publications

Relations among Security Models for Authenticated Key Exchange

Relations among Security Models for Authenticated Key Exchange

Security analysis and enhancement for three‐party password‐based authenticated key exchange protocol

The design of authentication key protocol in certificate‐free public key cryptosystem

Contact Info

Product

Resources

About