Verifier-based Password Authenticated 3P-EKE Protocol using PCLA keys

Автор: Archana Raghuvamshi, Premchand Parvataneni

Журнал: International Journal of Computer Network and Information Security(IJCNIS) @ijcnis

Статья в выпуске: 6 vol.8, 2016 года.

Бесплатный доступ

This paper endeavors to present a novel framework for the generic structure of a verifier-based password authenticated Three-Party Encrypted Key Exchange (3P-EKE) protocol which yields more efficient protocol than the ones knew before. A previous framework presented by Archana and Premchand is more secured against all types of attacks like password guessing, replay, pre-play, man-in-the-middle attack etc. But unfortunately, this protocol does not solve the problem of a server compromise. These proofs help as inspiration to search for another framework. The framework we offer produces more efficient 3P-EKE protocol, and, in addition, delivers perceptive clarification about the existing attacks that do not solve in the previous framework. Moreover, it allows direct change from a class of verge private-key encryption to a hybrid (symmetric & Asymmetric) one without significant overhead.

Еще

Verifier–based protocols, Password –based Authentication, Three Party Encrypted Key Exchange Protocol (3P-EKE), Public-Key Cryptosystem Based on Logarithmic Approach (PCLA)

Короткий адрес: https://sciup.org/15011539

IDR: 15011539

Список литературы Verifier-based Password Authenticated 3P-EKE Protocol using PCLA keys

  • Y. Ding and P. Horster. "Undetectable online password guessing attacks," ACM Operating Systems Review vol.29, pp.77-86, 1995.
  • Archana Raghuvamshi, P.Premchand and P.Venkateswara Rao. "PCLA: A New Public-key Cryptosystem Based on Logarithmic Approach", International Journal of Computer Science Issues(IJCSI), vol.9,no.1, pp.355-359, 2012.
  • W. Diffie and M. E. Hellman. "New directions in cryptography", IEEE Transactions on Information Theory, vol.22, no.6, pp.644–654, 1976.
  • S. M. Bellovin and M. Merritt, "Encrypted key exchange: Password-based protocols secure against dictionary attacks", IEEE Symposium on Security and Privacy, IEEE Computer Society Press, pp.72–84 May 1992.
  • S. M. Bellovin and M. Merritt, "Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password file compromise", ACM CCS, ACM Press vol.93, pp.244–250, November 1993.
  • L. Gong, M. Lomas, R. Needham, and J. Saltzer, "Protecting poorly chosen secrets from guessing attacks", IEEE Journal on Selected Areas in Communications, vol.11,no.5,pp. 648-656, 1993.
  • W.M. Li, and Q.Y. Wen, "Efficient verifier-based password-authentication key exchange protocol via elliptic curves", Proceedings of 2008 International Conference on Computer Science and Software Engineering, pp. 1003-1006, 2008.
  • E.J. Yoon, and K.Y. Yoo, "Robust User Password Change Scheme based on the Elliptic Curve Cryptosystem", Fundamenta Informaticae, pp 483-492, 2008.
  • Zeng, Yong and Ma, Jianfeng, "An improvement on a password authentication scheme over insecure networks" Journal of Computational Information Systems, vol.5, no.4, pp.1331-1336, 2009.
  • Chunling Liu, Yufeng Wanga and Qinxi Bai, "A New Three-party Key Exchange Protocol Based on Diffie-Hellman," I.J. Wireless and Microwave Technologies, vol. 1, no.4, pp. 65-69, 2011.
  • M. Abdalla, O. Chevassut, and D. Pointcheval. "One-time verifier-based encrypted key exchange", PKC LNCS, Springer, vol. 3386, pp.47–64, January 2005.
  • W.M. Lin, and Q.Y. Wen, "Efficient verifier-based password-authentication key exchange protocol via elliptic curves", Proceedings of 2008 International Conference on Computer Science and Software Engineering, pp.1003-1006, 2008.
  • Junhan YANG and Tianjie CAO, "A Verifier-based Password-Authenticated Key Exchange Protocol via Elliptic Curves", Journal of Computational Information Systems, Binary Information Press, pp.548-553, 2011.
  • Chin-Chen Chang and Ya-fen Chang, "A novel three-party encrypted key exchange protocol", Elsevier, Computer Standards & Interfaces, vol.26 pp.471 – 476, 2004.
  • Eun-Jun Yoon, and Kee-Young Yoo, "Improving the novel three-party encrypted key exchange protocol", Elsevier, Computer Standards and Interfaces, vol. 30, pp.309-314, 2008.
  • R.Padmavathy, Tallapally Shirisha, M.Rajkumar, and Jayadev Gyani, "Improved analysis on Chang and Chang Password Key Exchange Protocol", IEEE International Conference on Advances in Computing, Control, and Telecommunication Technologies, pp.781-783, 2009.
  • Ya-Fen Chang, Wei-Cheng Shiao, and Chung-Yi Lin, "Comments on Yoon and Yoo's Three-party Encrypted Key Exchange Protocol", International Conference on Advanced Information Technologies (AIT), 2009.
  • R. Padmavathy, "Improved Three Party Eke Protocol", Information Technology and Control, Vol.39, No.3, pp.220-226, 2010.
  • Shirisha Tallapally, "Impersonation Attack on EKE Protocol", International Journal of Network Security & Its Applications (IJNSA), vol.2, no. 2, pp. 114-121, 2010.
  • Archana Raghuvamshi, P.Venkateshwara Rao, and Prof.P.Premchand, "Cryptanalysis of Authenticated Key Exchange 3P-EKE Protocol and its Enhancement", IEEE-International Conference on Advances in Engineering, Science and Management (ICAESM -2012), pp.659-666, March 30, 31, 2012.
  • S. Kulkarni, D. Jena, and S.K. Jena, "A Novel Secure Key Agreement Protocol using Trusted Third Party", Computer Science and Security Journals (IJCSS), vol.1, no.1, pp. 11 – 18, 2007.
  • Dina Nabil Shaban, Maged H. Ibrahim, and Zaki B.Nossair, "Enhanced Verifier-Based Password Authenticated Key Agreement Protocol For Three-Parties", Journal of Engineering Sciences, vol. 36, no. 6, pp.1513- 1522, 2008.
  • Archana Raghuvamshi and Premchand Parvataneni. "Cryptanalysis of Verifier-Based Password-Authenticated Key Agreement Protocol for Three Parties", Research Journal of Recent Sciences. Vol. 4, pp. 5-8, Feb 2015.
  • Archana Raghuvamshi and Premchand Pavataneni, "Design of a Robust, Computation-Efficient and Secure 3P-EKE Protocol using Analogous Message Transmission", International Journal of Computer Network and Information Security (IJCNIS), In Press.
  • Y. Gertner, T. Malkin, and O. Reingold, "On the impossibility of basing trapdoor functions on trapdoor predicates", Proceedings of the 42nd IEEE Symposium on foundations of Computer Science, Las Vegas, Nevada, , pp. 126 – 135, October 2001.
Еще
Статья научная