Provably Secure Authenticated Diffie-Hellman Key Exchange for Resource-Limited Smart Card

doi:10.1007/s12204-014-1521-7

Abstract

Abstract: Authenticated Diffie-Hellman key agreement is quite popular for establishing secure session keys. As resource-limited mobile devices are becoming more popular and security threats are increasing, it is desirable to reduce computational load for these resource-limited devices while still preserving its strong security and convenience for users. In this paper, we propose a new smart-card-based user authenticated key agreement scheme which allows users to memorize passwords, reduces users’ device computational load while still preserves its strong security. The proposed scheme effectively improves the computational load of modular exponentiations by 50%, and the security is formally proved.

Key words: Diffie-Hellman| key agreement| forward secrecy| authentication| password

摘要： Authenticated Diffie-Hellman key agreement is quite popular for establishing secure session keys. As resource-limited mobile devices are becoming more popular and security threats are increasing, it is desirable to reduce computational load for these resource-limited devices while still preserving its strong security and convenience for users. In this paper, we propose a new smart-card-based user authenticated key agreement scheme which allows users to memorize passwords, reduces users’ device computational load while still preserves its strong security. The proposed scheme effectively improves the computational load of modular exponentiations by 50%, and the security is formally proved.

关键词: Diffie-Hellman| key agreement| forward secrecy| authentication| password

CLC Number:

TP 309.2

CHIEN Hung-yu (简宏宇). Provably Secure Authenticated Diffie-Hellman Key Exchange for Resource-Limited Smart Card[J]. Journal of shanghai Jiaotong University (Science), 2014, 19(4): 436-439.

References

[1] Sandirigama M, Shimizu A, Noda M T. Simple and secure password authentication protocol (SAS) [J].IEICE Transactions on Communications, 2000, E83-B(6): 1363-1365.
[2] Chien H Y, Jan J K, Tseng Y M. A modified remote login authentication scheme based on geometric approach [J]. The Journal of Systems and Software,2001, 55: 287-290.
[3] Sun H M, Li L H. An efficient remote user authentication scheme using smart cards [J]. IEEE Transactions on Consumer Electronics, 2000, 46(4): 958-961.
[4] Wu T C. Remote login authentication scheme based on a geometric approach [J]. Computer Communications,1995, 18(12): 959-963.
[5] Hwang M S. Cryptanalysis of a remote login authentication scheme [J]. Computer Communications, 1999,22(8): 742-744.
[6] Bellare M, Canetti R, Krawczyk H. A modular approach to the design and analysis of authentication and key exchange protocols [C]//Proceedings of 30th Annual Symposium on the Theory of Computing. New York, USA: ACM, 1998: 419-428.
[7] Bellare M, Pointcheval D, Rogaway P. Authenticated key exchange secure against dictionary attacks [J]. Lecture Notes in Computer Science, 2000, 1807:139-155.
[8] Ding Y, Horster P. Undetectable on-line password guessing attacks [J]. ACM Operating Systems Review,1995, 29(4): 77-86.
[9] Brusilovsky A, Faynberg I, Zeltsan Z, et al. RFC683-password-authenticated key (PAK)Diffie-Hellman exchange [EB/OL]. (2013-10-30).http://tools.ietf.org/ html/rfc5683.
[10] Boyko V, Mackenzie P, Patel S. Provably secure password authenticated key exchange using Diffie-Hellman [J]. Lecture Notes in Computer Science, 2000,1807: 156-171.
[11] Kwon T. Authentication and key agreement via memorable password [C]// Proceedings of the ISOC Network and Distributed System Security Symposium.[s.l.]: International Association for Cryptologic Research,2001: 1-13.
[12] Kwon T. Practical authenticated key agreement using passwords [J]. Lecture Notes in Computer Science,2004, 3225: 1-12.
[13] IEEE. P1363.2 standard specifications for passwordbased public key cryptographic techniques [EB/OL].http://grouper.ieee.org/groups/1363/december 2002.