scholarly journals Scrutinizing the Vulnerability of Ephemeral Diffie–Hellman over COSE (EDHOC) for IoT Environment Using Formal Approaches

2021 ◽  
Vol 2021 ◽  
pp. 1-18
Author(s):  
Jiyoon Kim ◽  
Daniel Gerbi Duguma ◽  
Sangmin Lee ◽  
Bonam Kim ◽  
JaeDeok Lim ◽  
...  
Keyword(s):  
Task Force ◽  
Mutual Authentication ◽  
Key Exchange ◽  
Security Environment ◽  
Diffie Hellman ◽  
Verification Methods ◽  
Security Properties ◽  
Perfect Forward Secrecy ◽  
Resource Exhaustion ◽  
Future Work

Most existing conventional security mechanisms are insufficient, mainly attributable to their requirements for heavy processing capacity, large protocol message size, and longer round trips, for resource-intensive devices operating in an Internet of Things (IoT) context. These devices necessitate efficient communication and security protocols that are cognizant of the severe resource restrictions regarding energy, computation, communication, and storage. To realize this, the IETF (Internet Engineering Task Force) is currently working towards standardizing an ephemeral key-based lightweight and authenticated key exchange protocol called EDHOC (Ephemeral Diffie–Hellman over COSE). The protocol’s primary purpose is to build an OSCORE (Object Security for Constrained RESTful Environments) security environment by supplying crucial security properties such as secure key exchange, mutual authentication, perfect forward secrecy, and identity protection. EDHOC will most likely dominate IoT security once it becomes a standard. It is, therefore, imperative to inspect the protocol for any security flaw. In this regard, two previous studies have shown different security vulnerabilities of the protocol using formal security verification methods. Yet, both missed the vital security flaws we found in this paper: resource exhaustion and privacy attacks. In finding these vulnerabilities, we leveraged BAN-Logic and AVISPA to formally verify both EDHOC protocol variants. Consequently, we described these security flaws together with the results of the related studies and put forward recommended solutions as part of our future work.

scholarly journals An efficient 3D Diffie-Hellman based Two-Server password-only authenticated key exchange

2019 ◽  
Vol 16 (1) ◽  
Author(s):  
Anitha Kumari K ◽  
Sudha Sadasivam G
Keyword(s):  
Large Scale ◽  
Communication Complexity ◽  
Mutual Authentication ◽  
Formal Proof ◽  
Key Exchange ◽  
Authenticated Key Exchange ◽  
Diffie Hellman ◽  
Technological World ◽  
Client Side ◽  
Evaluation Parameters

In emerging technological world, security potentially remains as a highest challenge in the large-scale distributed systems, as it is suffering extensively with adversarial attacks due to insufficient mutual authentication. In order to address this, a state-of-art tetrahedron (3D) based two-server Password Authenticated and Key Exchange (PAKE) protocol has been formulated with formal proof of security by incorporating the elementary properties of plane geometry. The main intention of this work is, obtaining a password from the stored credentials must be infeasible when both the servers compromised together. At the outset to realize these goals, in this paper, the properties of the tetrahedron are utilized along with Diffie-Hellman (DH) key exchange algorithm to withstand against malicious attacks. A significant aspect of the proposed 3D PAKE protocol is, client side complexity has been reduced to a greater extent in terms of computation and communication. Both theoretically and practically, 3D PAKE protocol is the first demonstrable secure two-server PAKE protocol that breaks the assumptions of the Yang et al. and Yi et al. protocol that the two servers must not compromise together. Computational complexity, communication complexity, security key principles, best of all attacks happening dubiously are considered as the evaluation parameters to compare the performance of the proposed 3D PAKE protocol.

scholarly journals Network Security System with Optimized Randomized Multiple Key Exchange Algorithm

2020 ◽  
Vol 9 (3) ◽  
pp. 1075-1080
Keyword(s):  
Network Security ◽  
Elliptic Curve ◽  
Key Exchange ◽  
Memory Requirement ◽  
Secret Key ◽  
Diffie Hellman ◽  
Shared Secret ◽  
Security Properties ◽  
Diffie Hellman Key Exchange ◽  
Shared Secret Key

This paper illustrates three different algorithms to provide shared secret key for security of the system. The proposed three algorithms namely 1) Modified Simple Password Key Exchange Scheme 2) Modified Diffie-Hellman Key exchange Scheme 3) Modified Elliptic Curve Scheme are meant to provide shared secret key for authentication process. Enhancements in terms of memory requirement, storage and other security properties such as authentication among mutual users, fraud prevention, attack etc., prove the validity of the proposed algorithms in proving authentication for the cryptographic identification of networks

scholarly journals An efficient 3D Diffie-Hellman based Two-Server password-only authenticated key exchange

2018 ◽  
Vol 16 (1) ◽  
Author(s):  
Anitha Kumari K ◽  
Sudha Sadasivam G
Keyword(s):  
Large Scale ◽  
Communication Complexity ◽  
Mutual Authentication ◽  
Formal Proof ◽  
Key Exchange ◽  
Authenticated Key Exchange ◽  
Diffie Hellman ◽  
Technological World ◽  
Client Side ◽  
Evaluation Parameters

In emerging technological world, security potentially remains as a highest challenge in the large-scale distributed systems, as it is suffering extensively with adversarial attacks due to insufficient mutual authentication. In order to address this, a state-of-art tetrahedron (3D) based two-server Password Authenticated and Key Exchange (PAKE) protocol has been formulated with formal proof of security by incorporating the elementary properties of plane geometry. The main intention of this work is, obtaining a password from the stored credentials must be infeasible when both the servers compromised together. At the outset to realize these goals, in this paper, the properties of the tetrahedron are utilized along with Diffie-Hellman (DH) key exchange algorithm to withstand against malicious attacks. A significant aspect of the proposed 3D PAKE protocol is, client side complexity has been reduced to a greater extent in terms of computation and communication. Both theoretically and practically, 3D PAKE protocol is the first demonstrable secure two-server PAKE protocol that breaks the assumptions of the Yang et al. and Yi et al. protocol that the two servers must not compromise together. Computational complexity, communication complexity, security key principles, best of all attacks happening dubiously are considered as the evaluation parameters to compare the performance of the proposed 3D PAKE protocol.

scholarly journals Hybrid Secure Authentication and Key Exchange Scheme for M2M Home Networks

2018 ◽  
Vol 2018 ◽  
pp. 1-25 ◽  
Author(s):  
Uğur Coruh ◽  
Oğuz Bayat
Keyword(s):  
Secure Communication ◽  
Channel Model ◽  
Denial Of Service ◽  
Mutual Authentication ◽  
Privacy Preserving ◽  
Key Exchange ◽  
Home Networks ◽  
Home Gateway ◽  
Diffie Hellman ◽  
Code Division Multiple

In this paper, we analyzed Sun et al.’s scheme which proposes an M2M (Machine-to-Machine) secure communication scheme by using existing TD SCMA (Time Division-Synchronous Code Division Multiple Access) networks. They offer a password-based authentication and key establishment protocol for mutual authentication. Moreover, their proposed secure channel establishment protocol uses symmetric cryptography and one-way hash algorithms and they considered using their protected channel model for mobile users and smart home networks. In this paper, we propose to complete the missing part of Sun et al.’s scheme. This can occur by addressing privacy-preserving and message modification protection. Moreover, improvements can be made to MITM (Man-In-The-Middle) attack resistance, anomaly detection and DoS (Denial-of-Service) attacks with timing. ECDH (Elliptic Curve Diffie Hellman) cryptography based protected cipher-key exchange operation used on initial setup and key-injection operations to provide secure user registration, user password change and home gateway network join phases. We simulated both the proposed and Sun et al.’s schemes. We analyzed Sun et al.’s scheme for performance, network congestion and resource usage. Missing privacy-preserving was analyzed and compared with the GLARM scheme, and the storage cost of each phase was analyzed according to Ferrag et al.’s survey proposal. In Sun et al.’s scheme, future work for the security architecture of the home network is related to Li et al.’s protocol being implemented in our proposed design.

NATO adaptation to current challenges and mechanisms of Ukraine’s cooperation with the North Atlantic Treaty Organization

2019 ◽  
pp. 73-81
Author(s):  
Oleh Poshedin
Keyword(s):  
North Atlantic ◽  
Task Force ◽  
Response Force ◽  
Cyber Attack ◽  
Adaptation Measures ◽  
Joint Force ◽  
Security Environment ◽  
The North ◽  
The North Atlantic ◽  
Area Of Influence

The purpose of the article is to describe the changes NATO undergoing in response to the challenges of our time. Today NATO, as a key element of European and Euro-Atlantic security, is adapting to changes in the modern security environment by increasing its readiness and ability to respond to any threat. Adaptation measures include the components required to ensure that the Alliance can fully address the security challenges it might face. Responsiveness NATO Response Force enhanced by developing force packages that are able to move rapidly and respond to potential challenges and threats. As part of it, was established a Very High Readiness Joint Task Force, a new Allied joint force that deploy within a few days to respond to challenges that arise, particularly at the periphery of NATO’s territory. NATO emphasizes, that cyber defence is part of NATO’s core task of collective defence. A decision as to when a cyber attack would lead to the invocation of Article 5 would be taken by the North Atlantic Council on a case-by-case basis. Cooperation with NATO already contributes to the implementation of national security and defense in state policy. At the same time, taking into account that all decision-making in NATO based on consensus, Ukraine’s membership in the Alliance quite vague perspective. In such circumstances, in Ukraine you often can hear the idea of announcement of a neutral status. It is worth reminding that non-aligned status did not save Ukraine from Russian aggression. Neutral status will not accomplish it either. All talks about neutrality and the impossibility of Ukraine joining NATO are nothing but manipulations, as well as recognition of the Ukrainian territory as Russian Federation area of influence (this country seeks to sabotage the Euro-Atlantic movement of Ukraine). Think about it, Moldova’s Neutrality is enshrined in the country’s Constitution since 1994. However, this did not help Moldova to restore its territorial integrity and to force Russia to withdraw its troops and armaments from Transnistria.

Research on psychological stress intervention of college students based on Diffie-hellman key exchange algorithm

2021 ◽  
pp. 1-7
Author(s):  
Yibo Liu ◽  
Xuejing Hao ◽  
Yanjun Mao
Keyword(s):  
College Students ◽  
Psychological Stress ◽  
Original Data ◽  
Key Exchange ◽  
Psychological Burden ◽  
Exchange Algorithm ◽  
Diffie Hellman ◽  
Stress Intervention ◽  
Psychological Pressure ◽  
Diffie Hellman Key Exchange

At present, the mental health of college students has also become an important issue that urgently needs attention under the influence of the surrounding environment. It is coupled with the grim employment situation after graduation and the students’ psychological burden is becoming more and heavier. This paper based on Diffie-Hellman key exchange algorithm studied the effect of psychological stress intervention. First, the Diffie-Hellman key exchange algorithm was analyzed, and then the Diffie-Hellman prediction model was established according to the psychological pressure of college students. Secondly, the simulation test was conducted to compare the simulated results with the original data. The conclusion of the data fitting of the network model training set, verification set and test set were good and the error was very small. Finally, the detailed application of the algorithm and the model were described.

Sign in / Sign up

Export Citation Format

Share Document