標題: 金鑰一致性協定與安全模組之密碼分析與改善
Cryptanalysis and Enhancement of Authenticated Key Agreement Protocols and Their Security Models
作者: 穆罕默德
羅濟群
陳耀宗
資訊管理研究所
關鍵字: Cryptanalysis;Cryptography;denial of service attacks;Diffie-Hellman;elliptic curve cryptosystem;key agreement;key compromise impersonation resilience;man-in-the-middle attacks;non-repudiation attacks;perfect forward secrecy resilience;static private key leakage;extended Canetti-Krawczyk;Cryptanalysis;Cryptography;denial of service attacks;Diffie-Hellman;elliptic curve cryptosystem;key agreement;key compromise impersonation resilience;man-in-the-middle attacks;non-repudiation attacks;perfect forward secrecy resilience;static private key leakage;extended Canetti-Krawczyk
公開日期: 2009
摘要: With the rapid development of internet-based applications which are using open communications key agreements and user authentications become the most important security services for successful internet based commerce. A key agreement protocol is a fundamental building block of cryptography to establish a common secret key over public network. The design of a secure and efficient protocol is far from being a simple task, many protocols have been proposed to be secure in a heuristic argument model or a formal security model thereafter many have been broken. Nevertheless, a formal security proof may concrete a security of the designed new protocol. However, this research shows man in the middle attacks, key compromise impersonation resilience attacks, perfect forward secrecy resilience attacks on Pour public key distribution system, a new approach for key controlled agreement and an efficient & confirmed protocol for authenticated key agreement, and the later two attacks on an improved elliptic curve Diffie-Hellman key agreement protocol. In addition, it shows perfect forward secrecy resilience attacks on the unified model protocol and key compromise impersonation resilience attacks on KEA+ as the modified key exchange authentication protocol. Moreover, it shows that Lim et al.’s protocol as a secure and efficient three-pass authenticated key agreement protocol based on elliptic curves is vulnerable to leakage of responder’s static private key by malicious party. To eliminate the pointed out security leaks, this study further proposes a new two-pass authenticated key agreement with key confirmation protocol. The proposed protocol has the following security properties: (i) it is proved to be secure against above attacks, stronger adversary attacks and provide the desirable security properties as a three-pass authenticated key agreement protocol. (ii) It can provide entity authentication and assurance for key reception in an indirect way. (iii) It can withstand denial of service attacks. Furthermore, this research also proposes a derivation one-pass protocol from the proposed two-pass protocol to fit a one-way communication channel, which is suitable for mobile stations and electronic business transactions. The security and the computational complexities of the proposed two protocols outperform those of previously related proposed protocols. This research proposed a robust Diffie-Hellman based authenticated key agreement protocol without using a trick of NAXOS which has a tight security reduction proof in eCK model under gap Diffie-Hellman and random oracle assumptions and overcomes the security flaws in the existing those protocols based on MQV key agreement. In addition, the proposed protocol is an efficient protocol due to the total computation cost is 2.5 exponentiations only. Furthermore, it enhances an improved elliptic curve Diffie-Hellman key agreement protocol to overcome its security flaws, and this research shows that the proposed protocol is a secure against stronger adversary in a heuristic argument approach. Remedy to the security flaws in Lim et al.’s, this study proposed a new efficient and secure three-pass authenticated key agreement protocol elliptic curves based. The proposed three-pass protocol has the following security properties: (i) it is proved to be a secure against the attacks on Lim et al.’s protocol, stronger adversary attacks. (ii) It can provide an assurance of the identity authentication of its partner, thus it can withstand non-repudiation attacks. (iii) It can withstand denial of service attacks. The security and the computational complexities of the proposed three-pass protocol outperform that of Lim et al.’s protocol.
With the rapid development of internet-based applications which are using open communications key agreements and user authentications become the most important security services for successful internet based commerce. A key agreement protocol is a fundamental building block of cryptography to establish a common secret key over public network. The design of a secure and efficient protocol is far from being a simple task, many protocols have been proposed to be secure in a heuristic argument model or a formal security model thereafter many have been broken. Nevertheless, a formal security proof may concrete a security of the designed new protocol. However, this research shows man in the middle attacks, key compromise impersonation resilience attacks, perfect forward secrecy resilience attacks on Pour public key distribution system, a new approach for key controlled agreement and an efficient & confirmed protocol for authenticated key agreement, and the later two attacks on an improved elliptic curve Diffie-Hellman key agreement protocol. In addition, it shows perfect forward secrecy resilience attacks on the unified model protocol and key compromise impersonation resilience attacks on KEA+ as the modified key exchange authentication protocol. Moreover, it shows that Lim et al.’s protocol as a secure and efficient three-pass authenticated key agreement protocol based on elliptic curves is vulnerable to leakage of responder’s static private key by malicious party. To eliminate the pointed out security leaks, this study further proposes a new two-pass authenticated key agreement with key confirmation protocol. The proposed protocol has the following security properties: (i) it is proved to be secure against above attacks, stronger adversary attacks and provide the desirable security properties as a three-pass authenticated key agreement protocol. (ii) It can provide entity authentication and assurance for key reception in an indirect way. (iii) It can withstand denial of service attacks. Furthermore, this research also proposes a derivation one-pass protocol from the proposed two-pass protocol to fit a one-way communication channel, which is suitable for mobile stations and electronic business transactions. The security and the computational complexities of the proposed two protocols outperform those of previously related proposed protocols. This research proposed a robust Diffie-Hellman based authenticated key agreement protocol without using a trick of NAXOS which has a tight security reduction proof in eCK model under gap Diffie-Hellman and random oracle assumptions and overcomes the security flaws in the existing those protocols based on MQV key agreement. In addition, the proposed protocol is an efficient protocol due to the total computation cost is 2.5 exponentiations only. Furthermore, it enhances an improved elliptic curve Diffie-Hellman key agreement protocol to overcome its security flaws, and this research shows that the proposed protocol is a secure against stronger adversary in a heuristic argument approach. Remedy to the security flaws in Lim et al.’s, this study proposed a new efficient and secure three-pass authenticated key agreement protocol elliptic curves based. The proposed three-pass protocol has the following security properties: (i) it is proved to be a secure against the attacks on Lim et al.’s protocol, stronger adversary attacks. (ii) It can provide an assurance of the identity authentication of its partner, thus it can withstand non-repudiation attacks. (iii) It can withstand denial of service attacks. The security and the computational complexities of the proposed three-pass protocol outperform that of Lim et al.’s protocol.
URI: http://140.113.39.130/cdrfb3/record/nctu/#GT079455863
http://hdl.handle.net/11536/40938
Appears in Collections:Thesis