Threshold Anonymous Password-Authenticated Key Exchange Secure against Insider Attacks
スポンサーリンク
概要
- 論文の詳細を見る
An anonymous password-authenticated key exchange (PAKE) protocol is designed to provide both password-only authentication and client anonymity against a semi-honest server, who honestly follows the protocol. In INDOCRYPT2008, Yang and Zhang [26] proposed a new anonymous PAKE (NAPAKE) protocol and its threshold (D-NAPAKE) which they claimed to be secure against insider attacks. In this paper, we first show that the D-NAPAKE protocol [26]is completely insecure against insider attacks unlike their claim. Specifically, only one legitimate client can freely impersonate any subgroup of clients (the threshold t>1) to the server. After giving a security model that captures insider attacks, we propose a threshold anonymous PAKE (called, TAP++) protocol which provides security against insider attacks. Moreover, we prove that the TAP++ protocol has semantic security of session keys against active attacks as well as insider attacks under the computational Diffie-Hellman problem, and provides client anonymity against a semi-honest server, who honestly follows the protocol. Finally, several discussions are followed: 1) We also show another threshold anonymous PAKE protocol by applying our RATIONALE to the non-threshold anonymous PAKE (VEAP) protocol [23]; and 2) We give the efficiency comparison, security consideration and implementation issue of the TAP++ protocol.
- (社)電子情報通信学会の論文
- 2011-11-01
著者
-
IMAI Hideki
Chuo University
-
Kobara K
Research Center For Information Security (rcis) National Institute Of Advanced Industrial Science &a
-
Kobara K
Research Center For Information Security (rcis):national Institute Of Advanced Industrial Science An
-
Kobara Kazukuni
National Inst. Advanced Industrial Sci. & Technol. (aist) Tokyo Jpn
-
Kobara Kazukuni
Information And Systems Institute Of Industrial Science The University Of Tokyo
-
Imai H
Research Center For Information Security (rcis):national Institute Of Advanced Industrial Science An
-
Shin Seonghan
Research Center For Information Security (rcis):national Institute Of Advanced Industrial Science An
-
Kobara Kazukuni
Imai Laboratory Information And Systems Institute Of Industrial Science University Of Tokyo
-
Shin Seonghan
Research Center For Information Security (rcis) National Institute Of Advanced Industrial Science An
-
Imai H
Chuo University
-
Imai H
Univ. Tokyo Tokyo
-
Imai Hideki
Chuo Univ. Tokyo Jpn
-
KOBARA Kazukuni
Chuo University
関連論文
- Anonymous Password-Authenticated Key Exchange: New Construction and Its Extensions
- Extension of Broadcasting Service by Using Electronic Tokens(Contents Technology and Web Information Systems)
- Traitor Tracing Scheme Secure against Adaptive Key Exposure and its Application to Anywhere TV Service(Discrete Mathematics and Its Applications)
- Unconditionally Secure Chaffing-and-Winnowing
- Shared Pseudo-Random Secret Generation Protocols (Special Section on Discrete Mathematics and Its Applications)
- Efficient and Secure Multiparty Generation of Digital Signatures Based on Discrete Logarithms (Special Section on Discrete Mathematics and Its Applications)
- Smallest Size of Circulant Matrix for Regular (3, L) and (4, L) Quasi-Cyclic LDPC Codes with Girth 6
- An RSA-Based Leakage-Resilient Authenticated Key Exchange Protocol Secure against Replacement Attacks, and Its Extensions
- Anonymous Password-Authenticated Key Exchange : New Construction and Its Extensions
- A Secure Construction for Threshold Anonymous Password-Authenticated Key Exchange
- A New Security Architecture for Personal Networks and Its Performance Evaluation
- RSA-Based Password-Authenticated Key Exchange, Revisited
- A Secure Authenticated Key Exchange Protocol for Credential Services
- An Efficient and Leakage-Resilient RSA-Based Authenticated Key Exchange Protocol with Tight Security Reduction(Information Security)
- New Security Architecture for Mobile IPv6 Networks
- Notes on Formal Methods Used for Verification of the Security Properties of Protocols Used in Wireless Environment
- A Leakage-Resilient Network Storage System
- Security Analysis of Password-based Protocols via FDR and AVISPA
- A Simple Leakage-Resilient Authenticated Key Establishment Protocol, Its Extensions, and Applications(Information Security)
- An Efficient Leakage-Resilient Authenticated Key Exchange Protocol
- A Secure and Lightweight Authenticated Key Exchange Protocol for Wireless Networks
- Lightweight Privacy-Preserving Authentication Protocols Secure against Active Attack in an Asymmetric Way
- Asymmetric RFID System Secure against Active Attack
- The MAC-based Construction of Strong Multiple Encryption
- Efficient Strong Multiple Encryption from Relaxed Conditions
- ID-based Encryption for Directed Acyclic Graph Hierarchies : Unification of Key-evolving Encryption Primitives (Extended Abstract)
- Shielding Asymmetric Cryptosystems from Decryption Failures
- A Bandwidth-Saving Public Key Encryption Conversion Scheme
- Towards Removing Random Oracles from OAEP
- Best Truncated and Impossible Differentials of Feistel Block Ciphers with S-D (Substitution and Diffusion) or D-S Round Functions(Special Section on Cryptography and Information Security)
- An Efficient 2-Secure and Short Random Fingerprint Code and Its Security Evaluation
- Birthday Paradox Based Security Analysis of Certain Broadcast Encryption Schemes(Information Security)
- A Novel Approach to Algebraic and Fast Correlation Attacks for Cryptanalysis of Certain Keystream Generators
- CCA-Secure Public Key Encryption without Group-Dependent Hash Functions
- Formal Security Treatments for IBE-to-Signature Transformation : Relations among Security Notions
- A Strongly Unforgeable Signature under the CDH Assumption without Collision Resistant Hash Functions
- Key-Insulated Public Key Encryption with Auxiliary Helper Key : Model, Constructions and Formal Security Proofs(Information Theory and Its Applications)
- Efficient Identity-Based Encryption with Tight Security Reduction(Information Theory and Its Applications)
- A New Key-Insulated Public Key Encryption Scheme with Auxiliary Helper Key
- Security Tightness Evaluation of Fujisaki-Okamoto Conversion in Identity Based Encryption
- Searchable Public-key Broadcast Encryption
- Relations among Notions of Security for Identity Based Encryption Schemes (特集:ユビキタス社会を支えるコンピュータセキュリティ技術)
- Towards Security Enhancement with Efficient Reduction for Identity Based Encryption
- CCA-secure IBE Scheme with Tight Security Reduction based on the Gap BDH Assumption
- A Remark on GEM
- Compact Encoding of the Web Graph Exploiting Various Power Distributions(Discrete Mathematics and Its Applications)
- Sliced Onion Routing Scheme and its Aptitude for Sender-Identifiable Environments
- A New Anonymous Routing Scheme and its Aptitude for Ad-hoc Networks
- Subset Incremental Chain Based Broadcast Encryption with Shorter Ciphertext
- Optimally Mastering Keys in Various Broadcast Encryption Schemes
- Personal Entropy from Graphical Passwords : Methods for Quantification and Practical Key Generation(Cryptography and Information Security)(Information Theory and Its Applications)
- Finding Neighbor Communities in the Web Using an Inter-Site Graph(Database)
- Managing Encryption and Key Publication Independently in Digital Rights Management Systems (Applications) (Cryptography and Information Security)
- On Evaluating the Entropy of Graphical Passwords
- Semantically Secure McEliece Phblic-Key Cryptosystem(Special Section on Cryptography and Information Security)
- On the oblivious transfer capacity of the erasure channel
- An Error-Controlling Scheme according to the Importance of Individual Segments of Model-Based Coded Facial Images (Special Section on Information Theory and Its Applications)
- Variable Error Controlling Schemes for Intelligent Error Controlling Systems (Special Section on Information Theory and Its Applications)
- New Short Signature Scheme without Random Oracles
- A Trade-off Traitor Tracing Scheme
- Security Analysis of Two Augmented Password-Authenticated Key Exchange Protocols
- Threshold Anonymous Password-Authenticated Key Exchange Secure against Insider Attacks
- About Validity Checks of Augmented PAKE in IEEE 1363.2 and ISO/IEC 11770-4