During the past decade,rapid advances in wireless communication technologies have made it possible for users to access desired services using hand-held devices.Service providers have hosted multiple servers to ensure ...During the past decade,rapid advances in wireless communication technologies have made it possible for users to access desired services using hand-held devices.Service providers have hosted multiple servers to ensure seamless online services to end-users.To ensure the security of this online communication,researchers have proposed several multi-server authentication schemes incorporating various cryptographic primitives.Due to the low power and computational capacities of mobile devices,the hash-based multi-server authenticated key agreement schemes with offline Registration Server(RS)are the most efficient choice.Recently,Kumar-Om presented such a scheme and proved its security against all renowned attacks.However,we find that their scheme bears an incorrect login phase,and is unsafe to the trace attack,the Session-Specific Temporary Information Attack(SSTIA),and the Key Compromise Impersonation Attack(KCIA).In fact,all of the existing multi-server authentication schemes(hash-based with offline RS)do not withstand KCLA.To deal with this situation,we propose an improved hash-based multi-server authentication scheme(with offline RS).We analyze the security of the proposed scheme under the random oracle model and use the t4Automated Validation of Internet Security Protocols and Applications''(AVISPA)tool.The comparative analysis of communication overhead and computational complexity metrics shows the efficiency of the proposed scheme.展开更多
McCullagh-Barreto key agreement protocol and its variant achieve perfect forward security and key generation center (KGC) forward security, but provide no resistance to key compromise impersonation attack (KCI att...McCullagh-Barreto key agreement protocol and its variant achieve perfect forward security and key generation center (KGC) forward security, but provide no resistance to key compromise impersonation attack (KCI attack). In this paper, we give a formal treatment of key compromise impersonation (KCI) attack and define the security notion against it. Then an variant of McCullagh-Barreto protocol is presented with only one more Hash operation. The improved protocol preserves perfect forward security and KGC forward security, and furthermore is proved to be secure against KCI attack under k-Gap-BCAA1 assumption.展开更多
Because of its closeness to users,fog computing responds faster than cloud computing.Thus,it has been deployed to various applications,such as healthcare system.Recently,to ensure the secure communication of the fog-b...Because of its closeness to users,fog computing responds faster than cloud computing.Thus,it has been deployed to various applications,such as healthcare system.Recently,to ensure the secure communication of the fog-based healthcare system,Jia et al.proposed an authenticated key agreement scheme.Moreover,in view of the high computation cost existing in Jia et al.’s scheme,Ma et al.presented an efficient one using elliptic curve cryptography.In this paper,we observe that both the two schemes may potentially risk ephemeral key compromise attacks and need improving.Therefore,to overcome this potential risk,we propose a new authenticated scheme based on Jia et al.’s scheme using elliptic curve computational Diffie-Hellman hypothesis and hash functions.Additionally,we provide provable security under the adopted adversarial model and ProVerif simulation,and also analyze the performance in terms of computation and communication costs by comparisons.The analysis results show that the improved scheme resists the common attacks,reduces computation overhead,and has a certain significance.展开更多
This paper presents a deniable authenticated key agreement protocol. This protocol can provide an authenticated session key while the sender and the receiver can deny their involvement in such a protocol if the protoc...This paper presents a deniable authenticated key agreement protocol. This protocol can provide an authenticated session key while the sender and the receiver can deny their involvement in such a protocol if the protocol is executed successfully. Then both can deny their transmitted messages protected by the authenticated session key. If this protocol fails, no authenticated session key can be established and no protected messages can be transmitted. The protocol can be proved secure against key compromise impersonation attack. The protocol employs a new method to isolate a session key from confirmation keys.展开更多
文摘During the past decade,rapid advances in wireless communication technologies have made it possible for users to access desired services using hand-held devices.Service providers have hosted multiple servers to ensure seamless online services to end-users.To ensure the security of this online communication,researchers have proposed several multi-server authentication schemes incorporating various cryptographic primitives.Due to the low power and computational capacities of mobile devices,the hash-based multi-server authenticated key agreement schemes with offline Registration Server(RS)are the most efficient choice.Recently,Kumar-Om presented such a scheme and proved its security against all renowned attacks.However,we find that their scheme bears an incorrect login phase,and is unsafe to the trace attack,the Session-Specific Temporary Information Attack(SSTIA),and the Key Compromise Impersonation Attack(KCIA).In fact,all of the existing multi-server authentication schemes(hash-based with offline RS)do not withstand KCLA.To deal with this situation,we propose an improved hash-based multi-server authentication scheme(with offline RS).We analyze the security of the proposed scheme under the random oracle model and use the t4Automated Validation of Internet Security Protocols and Applications''(AVISPA)tool.The comparative analysis of communication overhead and computational complexity metrics shows the efficiency of the proposed scheme.
基金supported by the National Natural Science Foundation of China(60773003,60603010)the Natural Science Foundation of Shaanxi Province(2006F19)
文摘McCullagh-Barreto key agreement protocol and its variant achieve perfect forward security and key generation center (KGC) forward security, but provide no resistance to key compromise impersonation attack (KCI attack). In this paper, we give a formal treatment of key compromise impersonation (KCI) attack and define the security notion against it. Then an variant of McCullagh-Barreto protocol is presented with only one more Hash operation. The improved protocol preserves perfect forward security and KGC forward security, and furthermore is proved to be secure against KCI attack under k-Gap-BCAA1 assumption.
基金supported by the National Natural Science Foundation of China(Grant Nos.Ui708262,U1736203,61872449).
文摘Because of its closeness to users,fog computing responds faster than cloud computing.Thus,it has been deployed to various applications,such as healthcare system.Recently,to ensure the secure communication of the fog-based healthcare system,Jia et al.proposed an authenticated key agreement scheme.Moreover,in view of the high computation cost existing in Jia et al.’s scheme,Ma et al.presented an efficient one using elliptic curve cryptography.In this paper,we observe that both the two schemes may potentially risk ephemeral key compromise attacks and need improving.Therefore,to overcome this potential risk,we propose a new authenticated scheme based on Jia et al.’s scheme using elliptic curve computational Diffie-Hellman hypothesis and hash functions.Additionally,we provide provable security under the adopted adversarial model and ProVerif simulation,and also analyze the performance in terms of computation and communication costs by comparisons.The analysis results show that the improved scheme resists the common attacks,reduces computation overhead,and has a certain significance.
基金Supported by the National Natural Science Foundation of China (60473027, 60773202)Foundation of Sun Yat-Sen University (35000-2910025,35000-3171912)
文摘This paper presents a deniable authenticated key agreement protocol. This protocol can provide an authenticated session key while the sender and the receiver can deny their involvement in such a protocol if the protocol is executed successfully. Then both can deny their transmitted messages protected by the authenticated session key. If this protocol fails, no authenticated session key can be established and no protected messages can be transmitted. The protocol can be proved secure against key compromise impersonation attack. The protocol employs a new method to isolate a session key from confirmation keys.
