FORMAL PROOF OF RELATIVE STRENGTH OF SECURITY AMONG ECK2007 MODEL AND OTHER PROOF MODELS FOR KEY AGREEMENT PROTOCOLS

The differences among the extended Canetti ＆ Krawezyk 2007 model （ECK2007） and other four models, i.e., the Bellare ＆ Rogaway （1993, 1995）models （BR93,BR95）, the Bellare, Pointcheval ＆ Rogaway （2000） model （BPR2000） and the Canetti ＆ Krawczyk （2001） model （CK2001） are given. The relative strength of security among these models is analyzed. To support the implication or non-implication relation among these models, the formal proof or the counter-example is provided.

Efficient Authenticated Key Agreement Protocol Using Self-Certified Public Keys from Pairings

An efficient authenticated key agreement protocol is proposed, which makesuse of bilinear pairings and self-certificd public keys. Its security is based on the securityassumptions of the bilinear Diff ie-Hellman problem and the computational Diffie-Hellman problem.Users can choose their private keys independently. The public keys and identities of users can beverified implicitly when the session key being generating in a logically single step. A trusted KeyGeneration Center is no longer requiredas in the ID-based authenticated key agreement protocolsCompared with existing authenticated key agreement protocols from pairings, the. new proposedprotocol is more efficient and secure.

Breaking and Repairing the Certificateless Key Agreement Protocol from ASIAN 2006

The certificateless authenticated key agreement protocol proposed by Mandt et al does not haVE the property of key-compromise impersonation （K-CI） resilience. An improved protocol with a simple modification of their protocol is proposed in this paper. In particular, our improved protocol is proved to be immune to the K-CI attack and at the same time possess other security properties.

New semi-quantum key agreement protocol based on high-dimensional single-particle states

A new efficient two-party semi-quantum key agreement protocol is proposed with high-dimensional single-particle states.Different from the previous semi-quantum key agreement protocols based on the two-level quantum system,the propounded protocol makes use of the advantage of the high-dimensional quantum system,which possesses higher efficiency and better robustness against eavesdropping.Besides,the protocol allows the classical participant to encode the secret key with qudit shifting operations without involving any quantum measurement abilities.The designed semi-quantum key agreement protocol could resist both participant attacks and outsider attacks.Meanwhile,the conjoint analysis of security and efficiency provides an appropriate choice for reference on the dimension of single-particle states and the number of decoy states.

An Efficient Lightweight Authentication and Key Agreement Protocol for Patient Privacy

Tele-medical information system provides an efficient and convenient way to connect patients at home with medical personnel in clinical centers.In this system,service providers consider user authentication as a critical requirement.To address this crucial requirement,various types of validation and key agreement protocols have been employed.The main problem with the two-way authentication of patients and medical servers is not built with thorough and comprehensive analysis that makes the protocol design yet has flaws.This paper analyzes carefully all aspects of security requirements including the perfect forward secrecy in order to develop an efficient and robust lightweight authentication and key agreement protocol.The secureness of the proposed protocol undergoes an informal analysis,whose findings show that different security features are provided,including perfect forward secrecy and a resistance to DoS attacks.Furthermore,it is simulated and formally analyzed using Scyther tool.Simulation results indicate the protocol’s robustness,both in perfect forward security and against various attacks.In addition,the proposed protocol was compared with those of other related protocols in term of time complexity and communication cost.The time complexity of the proposed protocol only involves time of performing a hash function Th,i.e.,:O(12Th).Average time required for executing the authentication is 0.006 seconds;with number of bit exchange is 704,both values are the lowest among the other protocols.The results of the comparison point to a superior performance by the proposed protocol.

A Novel Approach towards Cost Effective Region-Based Group Key Agreement Protocol for Ad Hoc Networks Using Elliptic Curve Cryptography

This paper addresses an interesting security problem in wireless ad hoc networks: the dynamic group key agreement key establishment. For secure group communication in an ad hoc network, a group key shared by all group members is required. This group key should be updated when there are membership changes (when the new member joins or current member leaves) in the group. In this paper, we propose a novel, secure, scalable and efficient region-based group key agreement protocol for ad hoc networks. This is implemented by a two-level structure and a new scheme of group key update. The idea is to divide the group into subgroups, each maintaining its subgroup keys using group elliptic curve diffie-hellman (GECDH) Protocol and links with other subgroups in a tree structure using tree-based group elliptic curve diffie-hellman (TGECDH) protocol. By introducing region-based approach, messages and key updates will be limited within subgroup and outer group;hence computation load is distributed to many hosts. Both theoretical analysis and experimental results show that this Region-based key agreement protocol performs well for the key establishment problem in ad hoc network in terms of memory cost, computation cost and communication cost.

A secure key agreement protocol based on chaotic maps

To guarantee the security of communication in the public channel, many key agreement protocols have been proposed. Recently, Gong et al. proposed a key agreement protocol based on chaotic maps with password sharing. In this paper, Gong et al.＇s protocol is analyzed, and we find that this protocol exhibits key management issues and potential security problems. Furthermore, the paper presents a new key agreement protocol based on enhanced Chebyshev polynomials to overcome these problems. Through our analysis, our key agreement protocol not only provides mutual authentication and the ability to resist a variety of conarnon attacks, but also solve the problems of key management and security issues existing in Gong et al.＇ s protocol.

An efficient three-party password-based key agreement protocol using extended chaotic maps

Three-party password-based key agreement protocols allow two users to authenticate each other via a public channel and establish a session key with the aid of a trusted server. Recently, Farash et al. [Farash M S, Attari M A 2014 ＂An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps＂, Nonlinear Dynamics 77（7）： 399-411] proposed a three-party key agreement protocol by using the extended chaotic maps. They claimed that their protocol could achieve strong security. In the present paper, we analyze Farash et al.＇s protocol and point out that this protocol is vulnerable to off-line password guessing attack and suffers communication burden. To handle the issue, we propose an efficient three-party password-based key agreement protocol using extended chaotic maps, which uses neither symmetric cryptosystems nor the server＇s public key. Compared with the relevant schemes, our protocol provides better performance in terms of computation and communication. Therefore, it is suitable for practical applications.

Robust Authentication and Session Key Agreement Protocol for Satellite Communications

Satellite networks are recognized as the most essential communication infrastructures in the world today,which complement land networks and provide valuable services for their users.Extensive coverage and service stability of these networks have increased their popularity.Since eavesdropping and active intrusion in satellite communications are much easier than in terrestrial networks,securing satellite communications is vital.So far,several protocols have been proposed for authentication and key exchange of satellite communications,but none of them fullymeet the security requirements.In this paper,we examine one of these protocols and identify its security vulnerabilities.Moreover,we propose a robust and secure authentication and session key agreement protocol using the elliptic curve cryptography(ECC).We show that the proposed protocol meets common security requirements and is resistant to known security attacks.Moreover,we prove that the proposed scheme satisfies the security features using the Automated Validation of Internet Security Protocols and Applications(AVISPA)formal verification tool and On-the fly Model-Checker(OFMC)and ATtack SEarcher(ATSE)model checkers.We have also proved the security of the session key exchange of our protocol using theReal orRandom(RoR)model.Finally,the comparison of our scheme with similar methods shows its superiority.

Improved Key Agreement Based Kerberos Protocol for M-Health Security

The development of wireless sensor network with Internet of Things(IoT)predicts various applications in the field of healthcare and cloud computing.This can give promising results on mobile health care(M-health)and Telecare medicine information systems.M-health system on cloud Internet of Things(IoT)through wireless sensor network(WSN)becomes the rising research for the need of modern society.Sensor devices attached to the patients’body which is connected to the mobile device can ease the medical services.Security is the key connect for optimal performance of the m-health system that share the data of patients in wireless networks in order to maintain the anonymity of the patients.This paper proposed a secure transmission of M-health data in wireless networks using proposed key agreement based Kerberos protocol.The patients processed data are stored in cloud server and accessed by doctors and caregivers.The data transfer between the patients,server and the doctors are accessed with proposed protocol in order to maintain the confidentiality and integrity of authentication.The efficiency of the proposed algorithm is compared with the existing protocols.For computing 100 devices it consumes only 91milllisecond for computation.

Two Modifications on IKE Protocol with Pre-shared Key Authentication

This paper proposed two modifications on IKE protocol with pre-shared key authentication. The first modification can improve its immunity against DDoS attack by authenticating the initiator before the responder generates the computation-intensive Diffie-Hellman public value. The second modification can improve its efficiency when the attack on messages occurs because it can detect the attack quickly by replacing the centralized authentication in origical IKE protocol with immediate authentication. In addition, the two modifications can be integrated into one protocol compactly.

New Public Key Cryptosystems from Combinatorial Group Theory

External direct product of some low layer groups such as braid groups and general Artin groups, with a kind of special group action on it, provides a secure cryptographic computation platform, which can keep secure in the quantum computing epoch. Three hard problems on this new platform, Subgroup Root Problem, Multi-variant Subgroup Root Problem and Subgroup Action Problem are presented and well analyzed, which all have no relations with conjugacy. New secure public key encryption system and key agreement protocol are designed based on these hard problems. The new cryptosystems can be implemented in a general group environment other than in braid or Artin groups.

Two-party certificateless authenticated key agreement protocol with enhanced security

Two-party certificateless authenticated key agreement(CL-AKA) protocol is a hot topic in the field of wireless communication security. An improved two-party CL-AKA protocol with enhanced security is proposed,which is of provable security and unforgeability in the extended Canetti-Krawczyk(eCK) security model based on the hardness assumption of the computational Diffie Hellman(CDH) problem. Compared with other similar protocols, it is more efficient and can satisfy security properties such as free of the centralized management of certificate and key, free of bilinear pairings, two-party authentication, resistant to unknown key-share attack, key compromise impersonation attacks, the man-in-the-middle-attack(MIMA) of key generation center(KGC), etc. These properties make the proposed protocol have better performance and adaptability for military communication.

An Improved ID-Based Group Key Agreement Protocol

ID-based constant-round group key agreement protocols are efficient in both computation and communication, but previous protocols did not provide valid message authentication. An improvement based on attack analysis is proposed in this paper. The improved method takes full advantage of the data transmitted at various stages of the protocol. By guaranteeing the freshness of authentication messages, the authenticity of the generator of authentication messages, and the completeness of the authenticator, the improved protocol can resist various passive and active attacks. The forward secrecy of the improved protocol is proved under a Katz-Yung （KY） model. Compared with existing methods, the improved protocol is more effective and applicable.

Improved authenticated key agreement protocol based on Bi-ISIS problem

In the post quantum era,public key cryptographic scheme based on lattice is considered to be the most promising cryptosystem that can resist quantum computer attacks.However,there are still few efficient key agreement protocols based on lattice up to now.To solve this issue,an improved key agreement protocol with post quantum security is proposed.Firstly,by analyzing the Wess-Zumino model+(WZM+)key agreement protocol based on small integer solution(SIS)hard problem,it is found that there are fatal defects in the protocol that cannot resist man-in-the-middle attack.Then based on the bilateral inhomogeneous small integer solution(Bi-ISIS)problem,a mutual authenticated key agreement(AKA)protocol with key confirmation is proposed and designed.Compared with Diffie-Hellman(DH)protocol,WZM+key agreement protocol,and the AKA agreement based on the ideal lattice protocol,the improved protocol satisfies the provable security under the extend Canetti-Krawczyk(eCK)model and can resist man-in-the-middle attack,replay attack and quantum computing attack.

A dynamic,secure,and efficient group key agreement protocol

The key challenge of dynamic peer communication is how to realize secure and efficient group key manage-ment.A two rounds key agreement protocol for dynamic peer group(DPG)is proposed in this paper.The protocol,which was obtained by combining the ElGamal encryption scheme with the ElGamal signature scheme,is efficient and simple.The protocol is proven secure against passive attack by using indistinguishable method.Moreover,both perfect forward secrecy(PFS)and key independence(KI)were achieved.Because the protocol is based on the broadcast channel,it is also suitable for key agreement in wireless communications,especially in ad-hoc networks.

Authenticated Diffie-Hellman Key Agreement Protocol with Forward Secrecy

Forward secrecy is an important security property in key agreement protocol. Based on Ham＇s protocol, in this paper a new authenticated Diffie-Hellman key agreement protocol with half forward secrecy is proposed. This protocol is also based on a single cryptographic assumption, and is user authentication and shared key authentication. More importantly, our protocol provides forward secrecy with respect to one of the parties. For this reason, besides the advantages of Ham＇s protocol, in practice, our protocol can reduce the damages resulted from the disclosure of the user＇s secret key and it is very beneficial to today＇s communication with portable devices.

Authenticated Group Key Agreement Protocol Based on Twist Conjugacy Problem in Near-Rings

Nowadays some promising authenticated group key agreement protocols are constructed on braid groups, dynamic groups, pairings and bilinear pairings. Hence the non-abelian structure has attracted cryptographers to construct public-key cryptographic protocols. In this article, we propose a new authenticated group key agreement protocol which works in non-abelian near-rings. We have proved that our protocol meets the security attributes under the assumption that the twist conjugacy search problem（TCSP） is hard in near-ring.

Multiparty semiquantum key agreement without entanglement

The key agreement protocols allow two or more users to negotiate a shared key for establishing a secure communication channel without a third trusted party in such a way that the shared key is determined by all authorized players rather than any subset of them.We propose the first real multiparty semiquantum key agreement(SQKA)protocols based on single-photons.Our protocols include only one quantum player,while the others are classical players who only need to measure and prepare states in the classical basis.We first present a symmetric three-party SQKA protocol,where two classical players can fairly negotiate a key with a quantum player by using single-photons as message carriers.Then we present an asymmetric SQKA protocol where a relatively low percentage of quantum states are used for eavesdropping detection.And we further extend them to an asymmetric multiparty SQKA protocol.Our SQKA protocols require fewer quantum resources than the previous SQKA protocols for classical players,especially without requirement of entanglement,which makes them easier to implement using current technologies.Our protocols are secure against external eavesdroppers and are fair against a minority of internal dishonest players.

nPAKE^+:A Tree-Based Group Password-Authenticated Key Exchange Protocol Using Different Passwords

Although two-party password-authenticated key exchange （PAKE） protocols have been intensively studied in recent years, group PAKE protocols have received little attention. In this paper, we propose a tree-based group PAKE protocol - nPAKE^＋ protocol under the setting where each party shares an independent password with a trusted server. The nPAKE^＋ protocol is a novel combination of the hierarchical key tree structure and the password-based Diffie-Hellman exchange, and hence it achieves substantial gain in computation efficiency. In particular, the computation cost for each client in our protocol is only O（log n）. Additionally, the hierarchical feature of nPAKE^＋ enables every subgroup to obtain its own subgroup key in the end. We also prove the security of our protocol under the random oracle model and the ideal cipher model.