An authenticated key exchange to improve the security of Shi et al. and Kim et al.'s protocols

Authors:
Mijin Kim;Changyoung Kwon;Dongho Won
Affiliations:
Department of Electrical and Computer Engineering, Sungkyunkwan University, Suwon-si, Gyeonggi-do, Korea;Department of Computer Information, DongSeoul University, Sungnam-si, Gyeonggi-do, Korea;Department of Electrical and Computer Engineering, Sungkyunkwan University, Suwon-si, Gyeonggi-do, Korea
Venue:
WISM'11 Proceedings of the 2011 international conference on Web information systems and mining - Volume Part I
Year:
2011

Citing 10
Cited 1

Entity authentication and key distribution

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
An efficient and secure authentication protocol using uncertified keys

ACM SIGOPS Operating Systems Review
A Key Distribution "Paradox"

CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
A hybrid authentication protocol for large mobile network

Journal of Systems and Software
Cryptanalysis of a hybrid authentication protocol for large mobile networks

Journal of Systems and Software
Resource-aware protocols for authenticated group key exchange in integrated wired and wireless networks

Information Sciences: an International Journal
Security Weakness in a Provable Secure Authentication Protocol Given Forward Secure Session Key

ICCSA '09 Proceedings of the International Conference on Computational Science and Its Applications: Part II
A new efficient authentication protocol for mobile networks

Computer Standards & Interfaces
Enhancement of two-factor authenticated key exchange protocols in public wireless LANs

Computers and Electrical Engineering
A provable secure authentication protocol given forward secure session key

APWeb'08 Proceedings of the 10th Asia-Pacific web conference on Progress in WWW research and development

On the security of an novel protocol for downloadable CAS

Proceedings of the 6th International Conference on Ubiquitous Information Management and Communication

Quantified Score

Hi-index	0.00

Visualization

Abstract

Understanding security failures of authenticated key exchange protocols is the key to both patching existing protocols and designing future protocols. In 2009, Kim et al. proposed an authenticated key exchange protocol to improve the security of Shi et al.'s protocol between user, service provider, and key distribution center (KDC). The protocol was based on the symmetric cryptosystem, challenge-response, Diffie-Hellman component, and hash function. This paper proves how, Kim et al.'s protocol fails to achieve its basic goal of securely establishing a common secret key among communication parties. We also present how to resolve the security problems of the protocol.