Universally Composable Hierarchical Hybrid Authenticated Key Exchange(Protocols,<Special Section>Cryptography and Information Security)
スポンサーリンク
概要
- 論文の詳細を見る
Password-based authenticated key exchange protocols are more convenient and practical, since users employ human-memorable passwords that are simpler to remember than cryptographic secret keys or public/private keys. Abdalla, Fouque, and Pointcheval proposed the password-based authenticated key exchange protocol in a 3-party model (GPAKE) in which clients trying to establish a secret do not share a password between themselves but only with a trusted server. On the other hand, Canetti presented a general framework, which is called universally composable (UC) framework, for representing cryptographic protocols and analyzing their security. In this framework, the security of protocols is maintained under a general protocol composition operation called universal composition. Canetti also proved a UC composition theorem, which states that the definition of UC-security achieves the goal of concurrent general composition. A server must manage all the passwords of clients when the 3-party password-based authenticated key exchange protocols are realized in large-scale networks. In order to resolve this problem, we propose a hierarchical hybrid authenticated key exchange protocol (H2AKE). In H2AKE, forwarding servers are located between each client and a distribution server, and the distribution server sends the client an authentication key via the forwarding servers. In H2AKE, public/private keys are used between servers, while passwords are also used between clients and forwarding servers. Thus, in H2AKE, the load on the distribution server can be distributed to the forwarding servers concerning password management. In this paper, we define hierarchical hybrid authenticated key exchange functionality. H2AKE is the universal form of the hierarchical (hybrid) authenticated key exchange protocol, which includes a 3-party model, and it has the characteristic that the construction of the protocol can flexibly change according to the situation. We also prove that H2AKE is secure in the UC framework with the security-preserving composition property.
- 社団法人電子情報通信学会の論文
- 2007-01-01
著者
-
米山 一樹
電気通信大学情報通信工学専攻
-
OHTA Kazuo
University of Electro-Communications
-
KIYOMOTO Shinsaku
KDDI R & D Laboratories Inc.
-
TANAKA Toshiaki
KDDI R & D Laboratories Inc.
-
Yoneyama Kazuki
University Of Electro-communications
-
Yoneyama Kazuki
Ntt Corporation
-
Tanaka T
Kddi R & D Laboratories Inc.
-
OTA HARUKI
KDDI R & D Laboratories, Inc.
-
Ota Haruki
Kddi R & D Laboratories Inc.
-
Kiyomoto S
Kddi R & D Laboratories Inc.
-
Ohta Kazuo
Department Of Informatics The University Of Electro-communications
-
Yoneyama Kazuki
Ntt Information Sharing Platform Laboratories Ntt Corporation
-
KIYOMOTO Shinsaku
KDDI R&D Laboratories, Inc.
関連論文
- A-7-29 パスワードベース認証付き鍵交換の安全性における(不)可能性(A-7. 情報セキュリティ,一般セッション)
- ハッシュリストの閲覧可能なランダムオラクルモデル(情報通信基礎サブソサイエティ合同研究会)
- 受信者の条件を秘匿したAttribute-Based Encryption
- Task-Structured PIOAフレームワークを用いた適応的攻撃者に対するDiffie-Hellman鍵交換の安全性解析(セキュリティ,フォーマルアプローチ論文)
- Secret Handshakeの安全性について(情報通信基礎サブソサイエティ合同研究会)
- Gap Diffie-Hellman署名に基づいた階層表記型多重署名方式(情報セキュリティ,ライフログ活用技術,ライフインテリジェンス,オフィス情報システム,一般)
- Cryptanalysis of Two MD5-Based Authentication Protocols: APOP and NMAC
- Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication
- 回覧文書閲覧確認に適した階層表記型多重署名方式の提案と実装評価(社会基盤としてのインターネットアーキテクチャ論文)
- B-19-16 ポインタ変数の符号化による難読化方式(B-19.ネットワークソフトウェア,一般セッション)
- A-7-9 SCHにおけるメッセージ入力(A-7.情報セキュリティ,一般セッション)
- Gap Diffie-Hellman署名に基づいた階層表記型多重署名方式(情報セキュリティ,ライフログ活用技術,ライフインテリジェンス,オフィス情報システム,一般)
- ハッシュリストの閲覧可能なランダムオラクルモデル(情報通信基礎サブソサイエティ合同研究会)
- ハッシュリストの閲覧可能なランダムオラクルモデル(情報通信基礎サブソサイエティ合同研究会)
- Toward the Fair Anonymous Signatures : Deniable Ring Signatures(Signatures,Cryptography and Information Security)
- Analysis of Program Obfuscation Schemes with Variable Encoding Technique
- On Effectiveness of Clock Control in Stream Ciphers(Information Theory and Its Applications)
- Experimental Analysis of Guess-and-Determine Attacks on Clock-Controlled Stream Ciphers(Cryptography and Information Security, Information Theory and Its Applications)
- ストリーム暗号K2に対するサイドチャネル攻撃と対策手法
- B-19-23 任意型の変数の符号化による難読化方式(B-19.ネットワークソフトウェア,一般セッション)
- Security of Cryptosystems Using Merkle-Damgård in the Random Oracle Model
- Secret Handshakeの安全性について(情報通信基礎サブソサイエティ合同研究会)
- Secret Handshakeの安全性について(情報通信基礎サブソサイエティ合同研究会)
- AS-3-3 非線形ランプ型秘密分散(招待講演,AS-3.情報ハイディングの理論と技術,シンポジウム)
- 分散画像の回転を許す一般アクセス構造に対して複数の画像を隠す視覚復号型秘密分散法
- 確率的メータリング法(ブロードバンドモバイル時代における基礎技術)(情報通信サブソサイエティ合同研究会)
- 確率的メータリング法(ブロードバンドモバイル時代における基礎技術)(情報通信サブソサイエティ合同研究会)
- 確率的メータリング法(ブロードバンドモバイル時代における基礎技術)(情報通信サブソサイエティ合同研究会)
- Design and implementation of secure area expansion scheme for public wireless LAN services (特集 センサネットワーク)
- Extension of Secret Handshake Protocols with Multiple Groups in Monotone Condition
- B-18-4 非接触型掌紋認証を用いたリモート認証システムの提案(B-18.バイオメトリックシステムセキュリティ,一般セッション)
- A Novel Error Control Algorithm for Reducing Transmission Delay in Real-Time Mobile Video Communication (Special Issue on Multimedia Mobile Communication Systems)
- Characteristics of Video Communication System in Mobile Radio Channel (Special Issue on Mobile Computing)
- A Study on Reducing Transmission Delay in Mobile Video Communication Systems (Special Section on Mutli-dimensional Mobile Information Network)
- Cryptanalysis of Two MD5-Based Authentication Protocols : APOP and NMAC
- Practical Password Recovery Attacks on MD4 Based Prefix and Hybrid Authentication Protocols
- Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication
- A Strict Evaluation on the Number of Conditions for SHA-1 Collision Search
- New Message Differences for Collision Attacks on MD4 and MD5
- Improved Collision Attacks on MD4 and MD5(Hash Functions,Cryptography and Information Security)
- A Novel Coherent Preambleless Demodulator Employing Sequential Processing for PSK Packet Signals : AFC and Carrier Recovery Circuits
- A Fast Synchronization Scheme of OFDM Signals for High-Rate Wireless LAN
- Nomadic Computing Environment Employing Wired and Wireless Networks(Special Issue on Multimedia Communications in Heterogeneous Network Environments)
- Universally composable client-to-client general authenticated key exchange (特集:情報システムを支えるコンピュータセキュリティ技術の再考)
- Universally Composable Client-to-Client General Authenticated Key Exchange
- Efficient Implementation of the Pairing on Mobilephones Using BREW
- Universally Composable Hierarchical Hybrid Authenticated Key Exchange(Protocols,Cryptography and Information Security)
- Review on Sufficient Conditions of SHA-0
- Proposal of a Transformation Method for Iris Codes in Iris Scanning Verification(Biometrics)(Cryptography and Information Security)
- A Fast (k, L, n)-Threshold Ramp Secret Sharing Scheme
- Design of Anonymous Attribute Authentication Mechanism
- A-7-3 Revocation and Addition Mechanisms for Fast (k, n)-Threshold Schemes
- On a Fast (K, n)-Threshold Secret Sharing Scheme
- Analysis of Program Obfuscation Schemes with Variable Encoding Technique
- A Fast (3, n)-Threshold Secret Sharing Scheme Using Exclusive-OR Operations
- Design of τ-Gradual Key-Management Schemes for Mobile Content Distribution (特集:ユビキタス時代を支えるモバイル通信と高度交通システム)
- An Obfuscation Scheme Using Affine Transformation and Its Implementation (特集:ユビキタス社会を支えるコンピュータセキュリティ技術)
- Design of Self-Delegation for Mobile Terminals (特集 多様な社会的責任を担うコンピュータセキュリティ技術)
- Design of Security Architecture for Beyond 3G Mobile Terminals (特集:プライバシを保護するコンピュータセキュリティ技術)
- Does Secure Password-Based Authenticated Key Exchange against Leakage of Internal States Exist?
- Improved Collision Search for Hash Functions : New Advanced Message Modification
- OAEP-ES : Methodology of Universal Padding Technique (Asymmetric Cipher) (Cryptography and Information Security)
- (Network Services Basics) Notification of Certificate Revocation Status between Different Domains under a PKI System ( Object-Oriented Technologies)
- Solutions to Security Problems of Rivest and Shamir's Pay Word Scheme(Application)(Cryptography and Information Security)
- Provably Secure Multisignatures in Formal Security Model and Their Optimality
- Taxonomical Security Consideration of OAEP Variants(Discrete Mathematics and Its Applications)
- Implementation and Evaluation of a Micropayment System for Mobile Environments (Security and Society)
- New Time-Stamping Scheme Using Mutual Communications with Pseudonymous Clients (Applications) (Cryptography and Information Security)
- New Time-Stamping Scheme Using Mutual Communications with Pseudonymous Clients
- A Study of Access Control Method for Mobile Agents by Using Secure Stubs (特集:新たな脅威に立ち向かうコンピュータセキュリティ技術)
- Proxiable Designated Verifier Signature
- Power Analysis against a DPA-Resistant S-Box Implementation Based on the Fourier Transform
- Near-Collision Attacks on MD4 : Applied to MD4-Based Protocols
- Secure Host Name Resolution Infrastructure for Overlay Networks(Networking Technologies for Overlay Networks)
- Improved Subset Difference Method with Ternary Tree
- Security of Cryptosystems Using Merkle-Damgard in the Random Oracle Model
- Visual Secret Sharing Schemes for Multiple Secret Images Allowing the Rotation of Shares(Discrete Mathematics and Its Applications)
- Efficient and Strongly Secure Password-based Server Aided Key Exchange
- Ring signatures: universally composable definitions and constructions (特集:情報システムを支えるコンピュータセキュリティ技術の再考)
- Leaky Random Oracle
- FOREWORD
- Zero-Knowledge and Correlation Intractability(Information Security)
- Evaluation of Mutational Capability and Real-Time Applicability of Obfuscation Techniques(Information Hiding, Cryptography and Information Security)
- Universally Composable NBAC-Based Fair Voucher Exchange for Mobile Environments
- How to Shorten a Ciphertext of Reproducible Key Encapsulation Mechanisms in the Random Oracle Model
- Software Protection Combined with Tamper-Proof Device
- Meet-in-the-Middle (Second) Preimage Attacks on Two Double-Branch Hash Functions RIPEMD and RIPEMD-128
- Toward Effective Countermeasures against an Improved Fault Sensitivity Analysis
- Proxiable Designated Verifier Signature
- A New Type of Fault-Based Attack: Fault Behavior Analysis
- Optimization of Group Key Management Structure with a Client Join-Leave Mechanism
- Design of Self-Delegation for Mobile Terminals
- Design of Self-Delegation for Mobile Terminals
- Fast Implementation of KCipher-2 for Software and Hardware
- Chosen-IV Correlation Power Analysis on KCipher-2 Hardware and a Masking-Based Countermeasure
- An Obfuscation Scheme Using Affine Transformation and Its Implementation
- BS-7-44 Decodability Attacks in XOR Network Coding
- An Obfuscation Scheme Using Affine Transformation and Its Implementation
- Optimization of Group Key Management Structure with a Client Join-Leave Mechanism