An Efficient and Leakage-Resilient RSA-Based Authenticated Key Exchange Protocol with Tight Security Reduction(Information Security)
スポンサーリンク
概要
- 論文の詳細を見る
Both mutual authentication and generation of session keys can be accomplished by an authenticated key exchange (AKE) protocol. Let us consider the following situation: (1) a client, who communicates with many different servers, remembers only one password and has insecure devices (e.g., mobile phones or PDAs) with very-restricted computing power and built-in memory capacity; (2) the counterpart servers have enormous computing power, but they are not perfectly secure against various attacks (e.g., virus or hackers); (3) neither PKI (Public Key Infrastructures) nor TRM (Tamper-Resistant Modules) is available. The main goal of this paper is to provide security against the leakage of stored secrets as well as to attain high efficiency on client's side. For those, we propose an efficient and leakage-resilient RSA-based AKE (RSA-AKE) protocol suitable for the above situation whose authenticity is based on password and another secret. In the extended model where an adversary is given access to the stored secret of client, we prove that its security of the RSA-AKE protocol is reduced tightly to the RSA one-wayness in the random oracle model. We also show that the RSA-AKE protocol guarantees several security properties (e.g., security of password, multiple sever scenario with only one password, perfect forward secrecy and anonymity). To our best knowledge, the RSA-AKE protocol is the most efficient, in terms of both computation costs of client and communication costs, over the previous AKE protocols of their kind (using password and RSA).
- 社団法人電子情報通信学会の論文
- 2007-02-01
著者
-
SHIN SeongHan
Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science a
-
KOBARA Kazukuni
Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science a
-
IMAI Hideki
Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science a
-
IMAI Hideki
Chuo University
-
Kobara K
Research Center For Information Security (rcis) National Institute Of Advanced Industrial Science &a
-
Kobara K
Research Center For Information Security (rcis):national Institute Of Advanced Industrial Science An
-
Kobara K
Univ. Tokyo Tokyo Jpn
-
Kobara Kazukuni
National Inst. Advanced Industrial Sci. & Technol. (aist) Tokyo Jpn
-
Kobara Kazukuni
Information And Systems Institute Of Industrial Science The University Of Tokyo
-
Imai H
Research Center For Information Security (rcis):national Institute Of Advanced Industrial Science An
-
Shin Seonghan
Research Center For Information Security (rcis):national Institute Of Advanced Industrial Science An
-
Kobara Kazukuni
Imai Laboratory Information And Systems Institute Of Industrial Science University Of Tokyo
-
Shin Seonghan
Research Center For Information Security (rcis) National Institute Of Advanced Industrial Science An
-
Imai H
Chuo University
-
Kobara Kazukuni
Research Center For Information Security (rcis) National Institute Of Advanced Industrial Science &a
-
Imai Hideki
Research Center For Information Security (rcis) National Institute Of Advanced Industrial Science &a
-
Imai H
Univ. Tokyo Tokyo
関連論文
- An RSA-Based Leakage-Resilient Authenticated Key Exchange Protocol Secure against Replacement Attacks, and Its Extensions
- Anonymous Password-Authenticated Key Exchange: New Construction and Its Extensions
- Extension of Broadcasting Service by Using Electronic Tokens(Contents Technology and Web Information Systems)
- Traitor Tracing Scheme Secure against Adaptive Key Exposure and its Application to Anywhere TV Service(Discrete Mathematics and Its Applications)
- Unconditionally Secure Chaffing-and-Winnowing
- Shared Pseudo-Random Secret Generation Protocols (Special Section on Discrete Mathematics and Its Applications)
- Efficient and Secure Multiparty Generation of Digital Signatures Based on Discrete Logarithms (Special Section on Discrete Mathematics and Its Applications)
- Smallest Size of Circulant Matrix for Regular (3, L) and (4, L) Quasi-Cyclic LDPC Codes with Girth 6
- An RSA-Based Leakage-Resilient Authenticated Key Exchange Protocol Secure against Replacement Attacks, and Its Extensions
- Anonymous Password-Authenticated Key Exchange : New Construction and Its Extensions
- A Secure Construction for Threshold Anonymous Password-Authenticated Key Exchange
- A New Security Architecture for Personal Networks and Its Performance Evaluation
- RSA-Based Password-Authenticated Key Exchange, Revisited
- A Secure Authenticated Key Exchange Protocol for Credential Services
- An Efficient and Leakage-Resilient RSA-Based Authenticated Key Exchange Protocol with Tight Security Reduction(Information Security)
- New Security Architecture for Mobile IPv6 Networks
- Notes on Formal Methods Used for Verification of the Security Properties of Protocols Used in Wireless Environment
- A Leakage-Resilient Network Storage System
- Security Analysis of Password-based Protocols via FDR and AVISPA
- A Simple Leakage-Resilient Authenticated Key Establishment Protocol, Its Extensions, and Applications(Information Security)
- An Efficient Leakage-Resilient Authenticated Key Exchange Protocol
- A Secure and Lightweight Authenticated Key Exchange Protocol for Wireless Networks
- Lightweight Privacy-Preserving Authentication Protocols Secure against Active Attack in an Asymmetric Way
- Asymmetric RFID System Secure against Active Attack
- The MAC-based Construction of Strong Multiple Encryption
- Efficient Strong Multiple Encryption from Relaxed Conditions
- ID-based Encryption for Directed Acyclic Graph Hierarchies : Unification of Key-evolving Encryption Primitives (Extended Abstract)
- Shielding Asymmetric Cryptosystems from Decryption Failures
- A Bandwidth-Saving Public Key Encryption Conversion Scheme
- Towards Removing Random Oracles from OAEP
- IVs to Skip for Immunizing WEP against FMS Attack
- Best Truncated and Impossible Differentials of Feistel Block Ciphers with S-D (Substitution and Diffusion) or D-S Round Functions(Special Section on Cryptography and Information Security)
- An Efficient 2-Secure and Short Random Fingerprint Code and Its Security Evaluation
- Tag-KEM from Set Partial Domain One-Way Permutations
- Birthday Paradox Based Security Analysis of Certain Broadcast Encryption Schemes(Information Security)
- A Novel Approach to Algebraic and Fast Correlation Attacks for Cryptanalysis of Certain Keystream Generators
- CCA-Secure Public Key Encryption without Group-Dependent Hash Functions
- Formal Security Treatments for IBE-to-Signature Transformation : Relations among Security Notions
- A Strongly Unforgeable Signature under the CDH Assumption without Collision Resistant Hash Functions
- Key-Insulated Public Key Encryption with Auxiliary Helper Key : Model, Constructions and Formal Security Proofs(Information Theory and Its Applications)
- Efficient Identity-Based Encryption with Tight Security Reduction(Information Theory and Its Applications)
- A New Key-Insulated Public Key Encryption Scheme with Auxiliary Helper Key
- Security Tightness Evaluation of Fujisaki-Okamoto Conversion in Identity Based Encryption
- Searchable Public-key Broadcast Encryption
- Relations among Notions of Security for Identity Based Encryption Schemes (特集:ユビキタス社会を支えるコンピュータセキュリティ技術)
- Towards Security Enhancement with Efficient Reduction for Identity Based Encryption
- CCA-secure IBE Scheme with Tight Security Reduction based on the Gap BDH Assumption
- A Remark on GEM
- Compact Encoding of the Web Graph Exploiting Various Power Distributions(Discrete Mathematics and Its Applications)
- Sliced Onion Routing Scheme and its Aptitude for Sender-Identifiable Environments
- A New Anonymous Routing Scheme and its Aptitude for Ad-hoc Networks
- Optimally Mastering Keys in Various Broadcast Encryption Schemes
- Personal Entropy from Graphical Passwords : Methods for Quantification and Practical Key Generation(Cryptography and Information Security)(Information Theory and Its Applications)
- Finding Neighbor Communities in the Web Using an Inter-Site Graph(Database)
- Managing Encryption and Key Publication Independently in Digital Rights Management Systems (Applications) (Cryptography and Information Security)
- On Evaluating the Entropy of Graphical Passwords
- Semantically Secure McEliece Phblic-Key Cryptosystem(Special Section on Cryptography and Information Security)
- An Error-Controlling Scheme according to the Importance of Individual Segments of Model-Based Coded Facial Images (Special Section on Information Theory and Its Applications)
- Variable Error Controlling Schemes for Intelligent Error Controlling Systems (Special Section on Information Theory and Its Applications)
- New Short Signature Scheme without Random Oracles
- A Trade-off Traitor Tracing Scheme
- A Formulation of Key Privacy in Plaintext Checking Attack Model
- Key-Dependent Weak IVs and Weak Keys in WEP : How to Trace Conditions Back to Their Patterns(Information Security)
- Strong Anonymous Signature
- Security Analysis of Two Augmented Password-Authenticated Key Exchange Protocols
- Combining Public Key Encryption with Keyword Search and Public Key Encryption
- Wolf Attack Probability : A Theoretical Security Measure in Biometric Authentication Systems
- Strength of interaction for information distribution and generalized Wigner-Araki-Yanase theorem
- Threshold Anonymous Password-Authenticated Key Exchange Secure against Insider Attacks
- A Dynamical Bifurcation of Distinguishability in Thermalization Processes, from Classical to Quantum (特集:量子計算と量子情報)
- About Validity Checks of Augmented PAKE in IEEE 1363.2 and ISO/IEC 11770-4
- Wolf fingerprints against minutiae count matching systems
- A Dynamical Bifurcation of Distinguishability in Thermalization Processes, from Classical to Quantum