Security Weakness in a Provable Secure Authentication Protocol Given Forward Secure Session Key

Authors:
Mijin Kim;Heasuk Jo;Seungjoo Kim;Dongho Won
Affiliations:
Department of Electrical and Computer Engineering, Sungkyunkwan University, Suwon-si, Korea 440-746;Department of Electrical and Computer Engineering, Sungkyunkwan University, Suwon-si, Korea 440-746;Department of Electrical and Computer Engineering, Sungkyunkwan University, Suwon-si, Korea 440-746;Department of Electrical and Computer Engineering, Sungkyunkwan University, Suwon-si, Korea 440-746
Venue:
ICCSA '09 Proceedings of the International Conference on Computational Science and Its Applications: Part II
Year:
2009

Citing 12
Cited 3

Entity authentication and key distribution

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
An efficient and secure authentication protocol using uncertified keys

ACM SIGOPS Operating Systems Review
Security on the move: indirect authentication using Kerberos

MobiCom '96 Proceedings of the 2nd annual international conference on Mobile computing and networking
Limitations of the Kerberos authentication system

ACM SIGCOMM Computer Communication Review
A Key Distribution "Paradox"

CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Yaksha: augmenting Kerberos with public key cryptography

SNDSS '95 Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)
Distributed Authentication in Kerberos Using Public Key Cryptography

SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security
A hybrid authentication protocol for large mobile network

Journal of Systems and Software
Security for Mobility

Security for Mobility
Cryptanalysis of a hybrid authentication protocol for large mobile networks

Journal of Systems and Software
A new efficient authentication protocol for mobile networks

Computer Standards & Interfaces
A provable secure authentication protocol given forward secure session key

APWeb'08 Proceedings of the 10th Asia-Pacific web conference on Progress in WWW research and development

An authenticated key exchange to improve the security of Shi et al. and Kim et al.'s protocols

WISM'11 Proceedings of the 2011 international conference on Web information systems and mining - Volume Part I
A security enhanced authentication and key distribution protocol for wireless networks

Security and Communication Networks
Weakness and simple improvement of anonymous mutual authentication protocol with link-layer

Proceedings of the CUBE International Information Technology Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

Shi, Jang and Yoo recently proposed a provable secure key distribution and authentication protocol between user, service provider and key distribution center(KDC). The protocol was based on symmetric cryptosystem, challenge-response, Diffie-Hellman component and hash function. Despite the claim of provable security, the protocol is in fact insecure in the presence of an active adversary. In this paper, we present the imperfection of Shi et al.'s protocol and suggest modifications to the protocol which would resolve the problem.