Universally composable client-to-client general authenticated key exchange (特集:情報システムを支えるコンピュータセキュリティ技術の再考)
スポンサーリンク
概要
- 論文の詳細を見る
In large-scale networks, users want to be able to communicate securely with each other over a channel that is unreliable. When the existing 2- and 3-party protocols are realized in this situation, there are several problems : a client must hold many passwords and the load on the server concerning password management is heavy. In this paper, we define a new ideal client-to-client general authenticated key exchange functionality, where arbitrary 2-party key exchange protocols are applicable to protocols between the client and server and between servers. We also propose a client-to-client general authenticated key exchange protocol C2C-GAKE as a general form of the client-to-client model, and a client-to-client hybrid authenticated key exchange protocol C2C-HAKE as an example protocol of C2C-GAKE to solve the above problems. In C2C-HAKE, a server shares passwords only with clients in the same realm respectively, public/private keys are used between respective servers, and two clients between different realms share a final session key via the respective servers. Thus, with regard to password management in C2C-HAKE, the load on the server can be distributed to several servers. In addition, we prove that C2C-HAKE securely realizes the above functionality. C2C-HAKE is the first client-to-client hybrid authenticated key exchange protocol that is secure in a universally composable framework with a security-preserving composition property.
- 2007-09-15
著者
-
米山 一樹
電気通信大学情報通信工学専攻
-
OHTA Kazuo
University of Electro-Communications
-
KIYOMOTO Shinsaku
KDDI R & D Laboratories Inc.
-
TANAKA Toshiaki
KDDI R & D Laboratories Inc.
-
OHTA Kazuo
The University of Electro-Communications
-
Yoneyama Kazuki
Ntt Corporation
-
Tanaka T
Kddi R & D Laboratories Inc.
-
OTA HARUKI
KDDI R & D Laboratories, Inc.
-
YONEYAMA KAZUKI
The University of Electro-Communications
-
Ota Haruki
Kddi R & D Laboratories Inc.
-
Kiyomoto S
Kddi R & D Laboratories Inc.
-
Ohta Kazuo
Department Of Informatics The University Of Electro-communications
-
Yoneyama Kazuki
Ntt Information Sharing Platform Laboratories Ntt Corporation
-
KIYOMOTO Shinsaku
KDDI R&D Laboratories, Inc.
関連論文
- A-7-29 パスワードベース認証付き鍵交換の安全性における(不)可能性(A-7. 情報セキュリティ,一般セッション)
- ハッシュリストの閲覧可能なランダムオラクルモデル(情報通信基礎サブソサイエティ合同研究会)
- 受信者の条件を秘匿したAttribute-Based Encryption
- Task-Structured PIOAフレームワークを用いた適応的攻撃者に対するDiffie-Hellman鍵交換の安全性解析(セキュリティ,フォーマルアプローチ論文)
- Secret Handshakeの安全性について(情報通信基礎サブソサイエティ合同研究会)
- Gap Diffie-Hellman署名に基づいた階層表記型多重署名方式(情報セキュリティ,ライフログ活用技術,ライフインテリジェンス,オフィス情報システム,一般)
- Cryptanalysis of Two MD5-Based Authentication Protocols: APOP and NMAC
- Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication
- 回覧文書閲覧確認に適した階層表記型多重署名方式の提案と実装評価(社会基盤としてのインターネットアーキテクチャ論文)
- B-19-16 ポインタ変数の符号化による難読化方式(B-19.ネットワークソフトウェア,一般セッション)
- A-7-9 SCHにおけるメッセージ入力(A-7.情報セキュリティ,一般セッション)
- Gap Diffie-Hellman署名に基づいた階層表記型多重署名方式(情報セキュリティ,ライフログ活用技術,ライフインテリジェンス,オフィス情報システム,一般)
- ハッシュリストの閲覧可能なランダムオラクルモデル(情報通信基礎サブソサイエティ合同研究会)
- ハッシュリストの閲覧可能なランダムオラクルモデル(情報通信基礎サブソサイエティ合同研究会)
- Toward the Fair Anonymous Signatures : Deniable Ring Signatures(Signatures,Cryptography and Information Security)
- Analysis of Program Obfuscation Schemes with Variable Encoding Technique
- On Effectiveness of Clock Control in Stream Ciphers(Information Theory and Its Applications)
- Experimental Analysis of Guess-and-Determine Attacks on Clock-Controlled Stream Ciphers(Cryptography and Information Security, Information Theory and Its Applications)
- ストリーム暗号K2に対するサイドチャネル攻撃と対策手法
- B-19-23 任意型の変数の符号化による難読化方式(B-19.ネットワークソフトウェア,一般セッション)
- Security of Cryptosystems Using Merkle-Damgård in the Random Oracle Model
- Secret Handshakeの安全性について(情報通信基礎サブソサイエティ合同研究会)
- Secret Handshakeの安全性について(情報通信基礎サブソサイエティ合同研究会)
- AS-3-3 非線形ランプ型秘密分散(招待講演,AS-3.情報ハイディングの理論と技術,シンポジウム)
- 分散画像の回転を許す一般アクセス構造に対して複数の画像を隠す視覚復号型秘密分散法
- 確率的メータリング法(ブロードバンドモバイル時代における基礎技術)(情報通信サブソサイエティ合同研究会)
- 確率的メータリング法(ブロードバンドモバイル時代における基礎技術)(情報通信サブソサイエティ合同研究会)
- 確率的メータリング法(ブロードバンドモバイル時代における基礎技術)(情報通信サブソサイエティ合同研究会)
- Design and implementation of secure area expansion scheme for public wireless LAN services (特集 センサネットワーク)
- Extension of Secret Handshake Protocols with Multiple Groups in Monotone Condition
- B-18-4 非接触型掌紋認証を用いたリモート認証システムの提案(B-18.バイオメトリックシステムセキュリティ,一般セッション)
- A Novel Error Control Algorithm for Reducing Transmission Delay in Real-Time Mobile Video Communication (Special Issue on Multimedia Mobile Communication Systems)
- Characteristics of Video Communication System in Mobile Radio Channel (Special Issue on Mobile Computing)
- A Study on Reducing Transmission Delay in Mobile Video Communication Systems (Special Section on Mutli-dimensional Mobile Information Network)
- Cryptanalysis of Two MD5-Based Authentication Protocols : APOP and NMAC
- Practical Password Recovery Attacks on MD4 Based Prefix and Hybrid Authentication Protocols
- Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication
- A Strict Evaluation on the Number of Conditions for SHA-1 Collision Search
- New Message Differences for Collision Attacks on MD4 and MD5
- Improved Collision Attacks on MD4 and MD5(Hash Functions,Cryptography and Information Security)
- Universally composable client-to-client general authenticated key exchange (特集:情報システムを支えるコンピュータセキュリティ技術の再考)
- Universally Composable Client-to-Client General Authenticated Key Exchange
- Efficient Implementation of the Pairing on Mobilephones Using BREW
- Universally Composable Hierarchical Hybrid Authenticated Key Exchange(Protocols,Cryptography and Information Security)
- Review on Sufficient Conditions of SHA-0
- Proposal of a Transformation Method for Iris Codes in Iris Scanning Verification(Biometrics)(Cryptography and Information Security)
- A Fast (k, L, n)-Threshold Ramp Secret Sharing Scheme
- Design of Anonymous Attribute Authentication Mechanism
- A-7-3 Revocation and Addition Mechanisms for Fast (k, n)-Threshold Schemes
- On a Fast (K, n)-Threshold Secret Sharing Scheme
- Analysis of Program Obfuscation Schemes with Variable Encoding Technique
- A Fast (3, n)-Threshold Secret Sharing Scheme Using Exclusive-OR Operations
- Design of τ-Gradual Key-Management Schemes for Mobile Content Distribution (特集:ユビキタス時代を支えるモバイル通信と高度交通システム)
- An Obfuscation Scheme Using Affine Transformation and Its Implementation (特集:ユビキタス社会を支えるコンピュータセキュリティ技術)
- Design of Self-Delegation for Mobile Terminals (特集 多様な社会的責任を担うコンピュータセキュリティ技術)
- Design of Security Architecture for Beyond 3G Mobile Terminals (特集:プライバシを保護するコンピュータセキュリティ技術)
- Improved Collision Search for Hash Functions : New Advanced Message Modification
- Provably Secure Untraceable Electronic Cash against Insider Attacks(Discrete Mathematics and Its Applications)
- OAEP-ES : Methodology of Universal Padding Technique (Asymmetric Cipher) (Cryptography and Information Security)
- (Network Services Basics) Notification of Certificate Revocation Status between Different Domains under a PKI System ( Object-Oriented Technologies)
- Solutions to Security Problems of Rivest and Shamir's Pay Word Scheme(Application)(Cryptography and Information Security)
- Provably Secure Multisignatures in Formal Security Model and Their Optimality
- Taxonomical Security Consideration of OAEP Variants(Discrete Mathematics and Its Applications)
- Implementation and Evaluation of a Micropayment System for Mobile Environments (Security and Society)
- New Time-Stamping Scheme Using Mutual Communications with Pseudonymous Clients (Applications) (Cryptography and Information Security)
- New Time-Stamping Scheme Using Mutual Communications with Pseudonymous Clients
- A Study of Access Control Method for Mobile Agents by Using Secure Stubs (特集:新たな脅威に立ち向かうコンピュータセキュリティ技術)
- Proxiable Designated Verifier Signature
- Power Analysis against a DPA-Resistant S-Box Implementation Based on the Fourier Transform
- Near-Collision Attacks on MD4 : Applied to MD4-Based Protocols
- Secure Host Name Resolution Infrastructure for Overlay Networks(Networking Technologies for Overlay Networks)
- Improved Subset Difference Method with Ternary Tree
- Security of Cryptosystems Using Merkle-Damgard in the Random Oracle Model
- Visual Secret Sharing Schemes for Multiple Secret Images Allowing the Rotation of Shares(Discrete Mathematics and Its Applications)
- Efficient and Strongly Secure Password-based Server Aided Key Exchange
- Ring signatures: universally composable definitions and constructions (特集:情報システムを支えるコンピュータセキュリティ技術の再考)
- A-7-2 Revisiting Zero-Knowledgeness of an On the Fly Authentication Scheme
- Leaky Random Oracle
- FOREWORD
- Zero-Knowledge and Correlation Intractability(Information Security)
- Evaluation of Mutational Capability and Real-Time Applicability of Obfuscation Techniques(Information Hiding, Cryptography and Information Security)
- Universally Composable NBAC-Based Fair Voucher Exchange for Mobile Environments
- How to Shorten a Ciphertext of Reproducible Key Encapsulation Mechanisms in the Random Oracle Model
- Software Protection Combined with Tamper-Proof Device
- Meet-in-the-Middle (Second) Preimage Attacks on Two Double-Branch Hash Functions RIPEMD and RIPEMD-128
- Toward Effective Countermeasures against an Improved Fault Sensitivity Analysis
- Proxiable Designated Verifier Signature
- A New Type of Fault-Based Attack: Fault Behavior Analysis
- Optimization of Group Key Management Structure with a Client Join-Leave Mechanism
- Design of Self-Delegation for Mobile Terminals
- Design of Self-Delegation for Mobile Terminals
- Ring Signatures: Universally Composable Definitions and Constructions
- Fast Implementation of KCipher-2 for Software and Hardware
- Chosen-IV Correlation Power Analysis on KCipher-2 Hardware and a Masking-Based Countermeasure
- An Obfuscation Scheme Using Affine Transformation and Its Implementation
- BS-7-44 Decodability Attacks in XOR Network Coding
- An Obfuscation Scheme Using Affine Transformation and Its Implementation
- Optimization of Group Key Management Structure with a Client Join-Leave Mechanism
- A New Type of Fault-Based Attack : Fault Behavior Analysis