Finding and fixing vulnerabilities in several three-party password authenticated key exchange protocols without server public keys

2013 ◽  
Vol 235 ◽  
pp. 329-340 ◽  
Author(s):  
Hu Xiong ◽  
Yanan Chen ◽  
Zhi Guan ◽  
Zhong Chen
Keyword(s):  
Key Exchange ◽  
Authenticated Key Exchange ◽  
Public Keys ◽  
Key Exchange Protocols

scholarly journals On the leakage-resilient key exchange

2017 ◽  
Vol 11 (4) ◽  
Author(s):  
Janaka Alawatugoda
Keyword(s):  
Key Exchange ◽  
Authenticated Key Exchange ◽  
Key Exchange Protocol ◽  
Security Models ◽  
Public Keys ◽  
Secret Keys ◽  
Key Exchange Protocols ◽  
Leakage Resilient ◽  
Secure Channels

AbstractTypically, secure channels are constructed from an authenticated key exchange (AKE) protocol, which authenticates the communicating parties based on long-term public keys and establishes secret session keys. In this paper we address the partial leakage of long-term secret keys of key exchange protocol participants due to various side-channel attacks. Security models for two-party authenticated key exchange protocols have been developed over time to provide security even when the adversary learns certain secret values. This paper combines and extends the advances of security modelling for AKE protocols addressing more granular partial leakage of long-term secrets of protocol participants. Further, we fix some flaws in security proofs of previous leakage-resilient key exchange protocols.

scholarly journals On the Security of a Simple Three-Party Key Exchange Protocol without Server’s Public Keys

2014 ◽  
Vol 2014 ◽  
pp. 1-7 ◽  
Author(s):  
Junghyun Nam ◽  
Kim-Kwang Raymond Choo ◽  
Minkyu Park ◽  
Juryon Paik ◽  
Dongho Won
Keyword(s):  
Real World ◽  
Key Exchange ◽  
Authenticated Key Exchange ◽  
Key Exchange Protocol ◽  
Dictionary Attack ◽  
Security Vulnerabilities ◽  
Network Applications ◽  
Public Keys ◽  
Man In The Middle ◽  
Key Exchange Protocols

Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot protect clients’ passwords against an offline dictionary attack; and (3) the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol.

scholarly journals Parallel network file systems using authenticated key exchange protocols

2017 ◽  
Vol 2 (3) ◽  
pp. 161
Author(s):  
S. Sathya ◽  
M. Ranjith Kumar ◽  
K. Madheswaran
Keyword(s):  
Large Scale ◽  
File Systems ◽  
Key Exchange ◽  
Distributed File Systems ◽  
Authenticated Key Exchange ◽  
Forward Secrecy ◽  
Storage Devices ◽  
Key Exchange Protocols ◽  
Parallel Network ◽  
Metadata Server

The keyestablishment for secure many-to-many communications is very important nowadays. The problem is inspired by the proliferation of large-scale distributed file systems supporting parallel access to multiple storage devices. In this, a variety of authenticated key exchange protocols that are designed to address the issues. This shows that these protocols are capable of reducing the workload of the metadata server and concurrently supporting forward secrecy and escrow-freeness. All this requires only a small fraction of increased computation overhead at the client. This proposed three authenticated key exchange protocols for parallel network file system (pNFS). The protocols offer three appealing advantages over the existing Kerberos-based protocol. First, the metadata server executing these protocols has much lower workload than that of the Kerberos-based approach. Second, two of these protocols provide forward secrecy: one is partially forward secure (with respect to multiple sessions within a time period), while the other is fully forward secure (with respect to a session). Third, designed a protocol which not only provides forward secrecy, but is also escrow-free.

Sign in / Sign up

Export Citation Format

Share Document