Two-Round Password-Only Authenticated Key Exchange in the Three-Party Setting

Nam, Junghyun; Choo, Kim‐Kwang Raymond; Paik, Juryon; Won, Dongho

doi:10.3390/sym7010105

Cited by 9 publications

(5 citation statements)

References 51 publications

(89 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The corresponding performance was computed to substantiate the proposed scheme, and the performance was examined. However, cryptography keys were distributed in the absence of a certificate authority (CA), which will be considered as part of future work [102].…”

Section: Discussionmentioning

confidence: 99%

“…In conclusion, the approximate security lies in the range of 60 to 80 percent, which is comparatively low relative to the current research, which computed security results of 95 to 98 percent. Therefore, this study and others [25,[29][30][31][35][36][37][38][39][40]59,[91][92][93][94][95][96][97][98]101,102] conclude that security in any system should be significantly improved if a security mechanism can be a part of a system rather depending on an end-to-end approach. However, security developments are quite difficult to design and test inside of the protocol and the required depth knowledge of the protocol and other implementation details except security performance are more accurate and remarkable in these scenarios.…”

Section: Performance Evaluation and Comparisonmentioning

confidence: 99%

See 1 more Smart Citation

Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Shahzad

Lee

et al. 2015

Symmetry

View full text Add to dashboard Cite

Information technology (IT) security has become a major concern due to the growing demand for information and massive development of client/server applications for various types of applications running on modern IT infrastructure. How has security been taken into account and which paradigms are necessary to minimize security issues while increasing efficiency, reducing the influence on transmissions, ensuring protocol independency and achieving substantial performance? We have found cryptography to be an absolute security mechanism for client/server architectures, and in this study, a new security design was developed with the MODBUS protocol, which is considered to offer phenomenal performance for future development and enhancement of real IT infrastructure. This study is also considered to be a complete development because security is tested in almost all ways of MODBUS communication. The computed measurements are evaluated to validate the overall development, and the results indicate a substantial improvement in security that is differentiated from conventional methods. OPEN ACCESSSymmetry 2015, 7 1177

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Performance Evaluation and Comparisonmentioning

confidence: 99%

Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Shahzad

Lee

et al. 2015

Symmetry

View full text Add to dashboard Cite

show abstract

“…Chang et al proposed password-authenticated key exchange and protected password change protocols that do not involve symmetric or asymmetric cryptosystems (see [24]), basing the security on the computational Diffie-Hellman assumption in the random oracle model. Nam et al presented a provably secure three-party password-only authenticated key exchange protocol (see [25]) that can run in only two rounds of communication.…”

Section: Related Workmentioning

confidence: 99%

Optimizing a Password Hashing Function with Hardware-Accelerated Symmetric Encryption

2018

View full text Add to dashboard Cite

Password-based key derivation functions (PBKDFs) are commonly used to transform user passwords into keys for symmetric encryption, as well as for user authentication, password hashing, and preventing attacks based on custom hardware. We propose two optimized alternatives that enhance the performance of a previously published PBKDF. This design is based on (1) employing a symmetric cipher, the Advanced Encryption Standard (AES), as a pseudo-random generator and (2) taking advantage of the support for the hardware acceleration for AES that is available on many common platforms in order to mitigate common attacks to password-based user authentication systems. We also analyze their security characteristics, establishing that they are equivalent to the security of the core primitive (AES), and we compare their performance with well-known PBKDF algorithms, such as Scrypt and Argon2, with favorable results.

show abstract

“…Homeland Security Department, Schweitzer Engineering Laboratories, Inc., the American Gas Association, and the Gas Technology Institute, have been vulnerable to security threats due to the Internet’s open connectivity [ 28 , 29 ]. These organizations and other researchers have developed several security solutions and protocols to guard against cyber-security issues, and the cryptography-based security mechanisms have been selected as the “best” security approaches for secure SCADA communications [ 26 , 30 , 31 , 32 , 33 , 34 , 35 , 36 , 37 , 38 , 39 , 40 , 41 , 42 ]. As a consequence, the DNP3 users group defined and described the cryptography approaches, such as the asymmetric and symmetric methods, to enhance the security of the DNP3 protocol; therefore, the details of several cryptography algorithms are available along with the information regarding their security parameters [ 43 , 44 , 45 , 46 , 47 , 48 , 49 , 50 , 51 , 52 , 53 , 54 , 55 , 56 , 57 ].…”

Section: Problem Statementmentioning

confidence: 99%

Design and Development of Layered Security: Future Enhancements and Directions in Transmission

Shahzad

Lee

Kim

et al. 2016

Sensors

View full text Add to dashboard Cite

Today, security is a prominent issue when any type of communication is being undertaken. Like traditional networks, supervisory control and data acquisition (SCADA) systems suffer from a number of vulnerabilities. Numerous end-to-end security mechanisms have been proposed for the resolution of SCADA-system security issues, but due to insecure real-time protocol use and the reliance upon open protocols during Internet-based communication, these SCADA systems can still be compromised by security challenges. This study reviews the security challenges and issues that are commonly raised during SCADA/protocol transmissions and proposes a secure distributed-network protocol version 3 (DNP3) design, and the implementation of the security solution using a cryptography mechanism. Due to the insecurities found within SCADA protocols, the new development consists of a DNP3 protocol that has been designed as a part of the SCADA system, and the cryptographically derived security is deployed within the application layer as a part of the DNP3 stack.

show abstract

Two-Round Password-Only Authenticated Key Exchange in the Three-Party Setting

Cited by 9 publications

References 51 publications

Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Real Time MODBUS Transmissions and Cryptography Security Designs and Enhancements of Protocol Sensitive Information

Optimizing a Password Hashing Function with Hardware-Accelerated Symmetric Encryption

Design and Development of Layered Security: Future Enhancements and Directions in Transmission

Contact Info

Product

Resources

About