An Improvement of the Password-Based Authentication Protocol (K1P) on Security against Replay Attacks
スポンサーリンク
概要
- 論文の詳細を見る
Authentication protocols are necessary for the receiver of a message to ascertain its origin in a distributed environment. Since they exchange cryptographic messages at the beginning of communication, their security is an essential requirement. However, most of the protocols have suffered from several kinds of attacks. A replay attack is one kind of those attacks. Attackers could launch it easily by replaying an eavesdropped message. Moreover, there are many types of replay attacks while most of the formal methods are not capable of detecting them. [3] classified various kinds of replay attacks and proposed a taxonomy. Therefore, it is necessary to verify authentication protocols deliberately with such a taxonomy for a basis. In this paper, at first, we give a clear definition and several remarks on replay attacks. Secondly we review the taxonomy of replay attacks presented in [3], and comment on its minor mistake. Finally we examine on the basis of the taxonomy the password-based authentication protocol, K1P, which was proposed in our earlier papers for protecting weak secrets efficiently. As a result of the examination, we have found that three way mutual K1P shown in [2] was vulnerable to one of replay attacks. Therefore, we improve three way K1P on security against the replay attack. Improved three way K1P is secure against replay attacks as well as guessing attacks and therefore it may be useful for security services of various communication networks.
- 社団法人電子情報通信学会の論文
- 1999-07-25
著者
-
Song Jooseok
Department Of Computer Science Yonsei University
-
Kwon Taekyoung
Department Of Computer Engineering Sejong University
-
KANG Myeongho
Department of Computer Science, Yonsei University
-
JUNG Sangjoon
Department of Computer Science, Yonsei University
-
Jung S
Dept. Of Ee Ajou University
-
Kang M
Hanshin Univ. Kor
関連論文
- An Interactive Identification Scheme Based on Quadratic Residue Problem
- Energy-Efficient Vertical Handover Mechanism
- Optical Burst Switching with Limited Deflection Routing Rules(The IEICE Transactions on Communications, Vol.E86-B, No.5)
- Optical Burst Switching with Limited Deflection Routing Rules ( Recent Progress in Optoelectronics and Communications)
- An Integrated Call Admission Control in ATM Networks
- A Study on the Generalized Key Agreement and Password Authentication Protocol
- Efficient Key Exchange and Authentication Protocols Protecting Weak Secrets
- An Improvement of the Password-Based Authentication Protocol (K1P) on Security against Replay Attacks
- A Feedback Controller for Overloaded Web Requests(Multimedia Systems for Communications)
- Integrated Scheduling for Reducing the Delays by Priority Inversion in Real-Time Web Service(Intemet)
- Efficient and Secure Key Agreement for Merging Clusters in Ad-Hoc Networking Environments(Fundamental Theories for Communications)