Maryam Saeed, H. Shahhoseini, Ali Mackvandi, Mohammad Reza Rezaeinezhad, Mansour Naddafiun, M. Bidoki
{"title":"一个安全的双方密码认证密钥交换协议","authors":"Maryam Saeed, H. Shahhoseini, Ali Mackvandi, Mohammad Reza Rezaeinezhad, Mansour Naddafiun, M. Bidoki","doi":"10.1109/IRI.2014.7051926","DOIUrl":null,"url":null,"abstract":"PAKE protocols which stands for Password Authenticated Key Exchange are of great importance for providing secure communications over the Internet. They permit two entities to share a session key in an authentic manner based on a human-memorable password. In 2006, Kolesnikov and Rackoff proposed an improvement to the Halevi and Krawczyk's PAKE protocols. In 2010, they revised their preceding protocol and introduced an improvement to it. In this paper, it is shown that not only are Halevi and Krawczyk's PAKE protocols vulnerable to ephemeral key compromise impersonation and malicious server attacks, but they also fail to provide key confirmation property simultaneously, one of which does not even satisfy Forward Secrecy attribute. It is also shown that Kolesnikov and Rackoffs protocols are susceptible to ephemeral key compromise impersonation and to Denial-of-Service (DoS) attacks, nor do they satisfy Forward Secrecy, mutual authentication, and key confirmation attributes. Additionally, they are prone to the disclosure of pre-shared secret key. Two improved protocols, called S2PAKEvl and S2PAKEv2, are also proposed providing several security attributes, both of which are still efficient. S2PAKEvl has two rounds with mutual authentication and not providing key confirmation, while S2PAKEv2 is of three rounds holding mutual authentication and key confirmation.","PeriodicalId":360013,"journal":{"name":"Proceedings of the 2014 IEEE 15th International Conference on Information Reuse and Integration (IEEE IRI 2014)","volume":"67 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"A secure two-party password-authenticated key exchange protocol\",\"authors\":\"Maryam Saeed, H. Shahhoseini, Ali Mackvandi, Mohammad Reza Rezaeinezhad, Mansour Naddafiun, M. Bidoki\",\"doi\":\"10.1109/IRI.2014.7051926\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"PAKE protocols which stands for Password Authenticated Key Exchange are of great importance for providing secure communications over the Internet. They permit two entities to share a session key in an authentic manner based on a human-memorable password. In 2006, Kolesnikov and Rackoff proposed an improvement to the Halevi and Krawczyk's PAKE protocols. In 2010, they revised their preceding protocol and introduced an improvement to it. In this paper, it is shown that not only are Halevi and Krawczyk's PAKE protocols vulnerable to ephemeral key compromise impersonation and malicious server attacks, but they also fail to provide key confirmation property simultaneously, one of which does not even satisfy Forward Secrecy attribute. It is also shown that Kolesnikov and Rackoffs protocols are susceptible to ephemeral key compromise impersonation and to Denial-of-Service (DoS) attacks, nor do they satisfy Forward Secrecy, mutual authentication, and key confirmation attributes. Additionally, they are prone to the disclosure of pre-shared secret key. Two improved protocols, called S2PAKEvl and S2PAKEv2, are also proposed providing several security attributes, both of which are still efficient. S2PAKEvl has two rounds with mutual authentication and not providing key confirmation, while S2PAKEv2 is of three rounds holding mutual authentication and key confirmation.\",\"PeriodicalId\":360013,\"journal\":{\"name\":\"Proceedings of the 2014 IEEE 15th International Conference on Information Reuse and Integration (IEEE IRI 2014)\",\"volume\":\"67 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2014 IEEE 15th International Conference on Information Reuse and Integration (IEEE IRI 2014)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IRI.2014.7051926\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2014 IEEE 15th International Conference on Information Reuse and Integration (IEEE IRI 2014)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IRI.2014.7051926","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A secure two-party password-authenticated key exchange protocol
PAKE protocols which stands for Password Authenticated Key Exchange are of great importance for providing secure communications over the Internet. They permit two entities to share a session key in an authentic manner based on a human-memorable password. In 2006, Kolesnikov and Rackoff proposed an improvement to the Halevi and Krawczyk's PAKE protocols. In 2010, they revised their preceding protocol and introduced an improvement to it. In this paper, it is shown that not only are Halevi and Krawczyk's PAKE protocols vulnerable to ephemeral key compromise impersonation and malicious server attacks, but they also fail to provide key confirmation property simultaneously, one of which does not even satisfy Forward Secrecy attribute. It is also shown that Kolesnikov and Rackoffs protocols are susceptible to ephemeral key compromise impersonation and to Denial-of-Service (DoS) attacks, nor do they satisfy Forward Secrecy, mutual authentication, and key confirmation attributes. Additionally, they are prone to the disclosure of pre-shared secret key. Two improved protocols, called S2PAKEvl and S2PAKEv2, are also proposed providing several security attributes, both of which are still efficient. S2PAKEvl has two rounds with mutual authentication and not providing key confirmation, while S2PAKEv2 is of three rounds holding mutual authentication and key confirmation.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
