Embedded end-to-end wireless security with ECDH key exchange

2006 ◽  
Author(s):  
S. Kumar ◽  
M. Girimondo ◽  
A. Weimerskirch ◽  
C. Paar ◽  
A. Patel ◽  
...  
Keyword(s):  
Key Exchange ◽  
Wireless Security ◽  
End To End

scholarly journals End-to-End Key Exchange through Disjoint Paths in P2P Networks

2015 ◽  
Vol 2 (3) ◽  
pp. e3
Author(s):  
Daouda Ahmat ◽  
Damien Magoni ◽  
Tegawendé F. Bissyandé
Keyword(s):  
Key Exchange ◽  
Disjoint Paths ◽  
P2p Networks ◽  
End To End

scholarly journals Two-factor Password-authenticated Key Exchange with End-to-end Security

2021 ◽  
Vol 24 (3) ◽  
pp. 1-37
Author(s):  
Stanislaw Jarecki ◽  
Mohammed Jubur ◽  
Hugo Krawczyk ◽  
Nitesh Saxena ◽  
Maliheh Shirvanian
Keyword(s):  
Formal Model ◽  
Public Key Infrastructure ◽  
Key Exchange ◽  
Message Authentication ◽  
Usability Study ◽  
Modular Construction ◽  
Authenticated Key Exchange ◽  
Client Server ◽  
Communication Links ◽  
End To End

We present a secure two-factor authentication (TFA) scheme based on the user’s possession of a password and a crypto-capable device. Security is “end-to-end” in the sense that the attacker can attack all parts of the system, including all communication links and any subset of parties (servers, devices, client terminals), can learn users’ passwords, and perform active and passive attacks, online and offline. In all cases the scheme provides the highest attainable security bounds given the set of compromised components. Our solution builds a TFA scheme using any Device-enhanced Password-authenticated Key Exchange (PAKE), defined by Jarecki et al., and any Short Authenticated String (SAS) Message Authentication, defined by Vaudenay. We show an efficient instantiation of this modular construction, which utilizes any password-based client-server authentication method, with or without reliance on public-key infrastructure. The security of the proposed scheme is proven in a formal model that we formulate as an extension of the traditional PAKE model. We also report on a prototype implementation of our schemes, including TLS-based and PKI-free variants, as well as several instantiations of the SAS mechanism, all demonstrating the practicality of our approach. Finally, we present a usability study evaluating the viability of our protocol contrasted with the traditional PIN-based TFA approach in terms of efficiency, potential for errors, user experience, and security perception of the underlying manual process. 1

Design of psk based trusted dtls for smart sensor nodes

2020 ◽  
Vol 13 ◽  
Author(s):  
Anil Yadav ◽  
Sujata Pandey ◽  
Rajat Singh ◽  
Nitin Rakesh
Keyword(s):  
Key Exchange ◽  
Sensor Nodes ◽  
Fine Tuning ◽  
Key Generation ◽  
Smart Sensor ◽  
Time Increase ◽  
Session Key ◽  
Message Exchange ◽  
Shared Key ◽  
End To End

Background: RSA based key exchange is a heavy and time-consuming process, as it involves numerous message exchange between a client and the server. Pre-shared key (PSK) based handshake process attempts to reduce the messages while the key exchange between a client and the server. Method: This paper extends the TEE enabled dtls handshake design based on RSA to the TEE enabled pre-shared key based handshake. A dtls client and the server installs the pre-shared key in advanced so that the message exchanges can be reduced while session key generation. Result: In this article, the authors have significantly reduced this penalty by fine-tuning of the tdtls algorithm for psk based handshake. On average, this gain is over 2 ms (50% - from 3.5 ms to 1.5 ms) across various cipher-suites. Conclusion: The tdtls approach increases the security of the session key and its intermediate keying materials which is a huge gain as compared to minor handshake time increase. The algorithm ensures an end-to-end security to the PSK based session key as well as its keying materials between a dtls client and a server.

Sign in / Sign up

Export Citation Format

Share Document