Public-key cryptography and password protocols
ACM Transactions on Information and System Security (TISSEC)
RFID Systems and Security and Privacy Implications
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
A Scalable and Provably Secure Hash-Based RFID Protocol
PERCOMW '05 Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications Workshops
A block cipher based pseudo random number generator secure against side-channel key recovery
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Leakage-Resilient Cryptography
FOCS '08 Proceedings of the 2008 49th Annual IEEE Symposium on Foundations of Computer Science
A Leakage-Resilient Mode of Operation
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Forward secrecy in password-only key exchange protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Multi-factor authenticated key exchange
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Leakage-resilient RFID authentication with forward-privacy
RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
Key exchange using passwords and long keys
TCC'06 Proceedings of the Third conference on Theory of Cryptography
New directions in cryptography
IEEE Transactions on Information Theory
Hi-index | 0.00 |
Establishing secure channels is one of the most important and fundamental trust issues in information security. It is of high important not only for servers and users computers but also for global connectivity among any kind of network devices. Most existing technologies for establishing secure channels are based on asymmetric cryptography which requires heavy computations, large memory and complicated supporting mechanism such as PKI. In this paper, we consider the setting of authentication with small devices possibly held by humans and possibly embedded in a semi secure environment. We propose a authenticated key renewal protocol which uses only symmetric cryptography. The protocol takes into account other factors important for embedded and human held network devices: It covers multi-factor authentication to take advantage of secrets possessed by the secure device as well as the memorable password of the device owner. The protocol can, further, allow partial leakage of stored secret from a secure device. The protocol's considerations are a good demonstration of designing "trusted procedure" in the highly constrained environment of mobile and embedded small devices which is expected to be prevalent in the coming years.