1 / 11

An Improvement on Authenticated Key Agreement Scheme

An Improvement on Authenticated Key Agreement Scheme. Authors: Chin-Chen Chang and Shih-Yi Lin Source: 2007 International Conference on Intelligent Pervasive Computing, 11-13 Oct. 2007, pp. 3 - 6 Presenter: Jung-wen Lo ( 駱榮問 ). Outline. Introduction Notation Lee-Lee ’ s Scheme

conner
Download Presentation

An Improvement on Authenticated Key Agreement Scheme

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An Improvement on Authenticated Key Agreement Scheme Authors: Chin-Chen Chang and Shih-Yi Lin Source: 2007 International Conference on Intelligent Pervasive Computing, 11-13 Oct. 2007, pp. 3 - 6 Presenter: Jung-wen Lo (駱榮問)

  2. Outline • Introduction • Notation • Lee-Lee’s Scheme • Weakness of Lee-Lee’s scheme • Proposed scheme • Conclusions & Comment • Improved Lee-Lee’s Scheme1 • Improved Lee-Lee’s Scheme2 • Improved Chang-Lin’s scheme

  3. Introduction • Key agreement types • Based on public key techniques • Heavy computational overhead • Based on passwords • Popular approach • Simplicity & convenience • Diffie-Hellman key agreement • Vulnerable to man-in-the-middle attack • Narn-Yih Lee and Ming-Feng Lee, “Further improvement on the modified authenticated key agreement scheme,” Applied Mathematics and Computation, Vol. 157, pp. 729–733, 2004. • Keon-Jik Lee and Byeong-Jik Lee, “Cryptanalysis of the modified authenticated key agreement scheme,” Applied Mathematics and Computation, Vol. 170, pp. 280–284, 2005.

  4. Notation

  5. Lee-Lee’s Scheme Alice(Q) Bob(Q) Key EstablishmentPhase Random aXa=gaQ mod p Xa Random bYb=gbQ mod p Yb Key ValidationPhase Ka=1 => abandon h(IDa,Xa,Ka) h(IDa,Xa,Kb) ?= h(IDa,Xa,Ka) h(IDb,Yb,Kb) h(IDb,Yb,Ka) ?= h(IDb,Yb,Kb)

  6. Weakness of Lee-Lee’s scheme Alice(Q) Eve Bob(Q) Key EstablishmentPhase Random aXa=gaQ mod p Xa X’a=g mod P Random bYb=gbQ mod p Y’b=g mod p Yb Key ValidationPhase K’a=1 => abandon h(IDa,Xa,K’a) Eve: Chose one pw’  Q’

  7. Proposed scheme Alice (A) Bob (B) Random aM1=(ga mod p)h(IDa,Q,ta) M1,ta Check ta ga =M1h(IDa,Q,ta) Random b,rKb=(ga)b mod p M2=(gb mod p)h(IDb,Q,tb)M3=E[M2,r]Kb M2,M3,tb Check tb gb =M2h(IDb,Q,tb) Ka=(gb)a mod p (M2,r)=D[M3]kaM4=E[r]ka M4 r=D[M4]kb

  8. Conclusions & Comment • Conclusions • Authenticated key agreement • Resistance to replay attack and off-line password attack • Perfect forward secrecy • Comments • Improved Lee-Lee’s scheme • Improved Chang-Lin’s scheme • Reduce the computation load

  9. Improved Lee-Lee’s Scheme1 Alice(Q) Bob(Q) Key EstablishmentPhase Random aXa=gaQ mod p Xa Random bYb=gbQ mod p Yb Key ValidationPhase Ka=1 or ga/Q => abandon h(IDa,Xa,Ka) h(IDa,Xa,Kb) ?= h(IDa,Xa,Ka) h(IDb,Yb,Kb) h(IDb,Yb,Ka) ?= h(IDb,Yb,Kb)

  10. Improved Lee-Lee’s Scheme2 Alice(Q) Bob(Q) Key EstablishmentPhase Random aXa=gamod p Xah(Q) Random bYb=gb mod p Ybh(Q) Ka=(Yb)a mod p =gab mod p Kb=(Xa)b mod p =gab mod p Key ValidationPhase Ka=1 => abandon h(IDa||Q||Ka) h(IDa||Q||Kb) ?= h(Ida||Q||Ka) h(IDb||Q||Kb) h(IDb||Q||Ka) ?= h(IDb||Q||Kb)

  11. Improved Chang-Lin’s scheme Alice (A) Bob (B) Random aM1=(ga mod p)h(IDa,Q,ta) M1,ta Check ta ga =M1h(IDa,Q,ta) Random b,rKb=(ga)b mod p M2=(gb mod p)h(IDb,Q,tb)M3=rKb M2,M3,tb Check tb gb =M2h(IDb,Q,tb) Ka=(gb)a mod p r=M3kaM4=h(Q,r,ka ) M4 M4?=h(Q,r,kb) Chang-Lin: E[.]+D[.] in A,BOurs: +h(.) in A,B

More Related