Universally Composable Client-to-Client General Authenticated Key Exchange
スポンサーリンク
概要
- 論文の詳細を見る
In large-scale networks, users want to be able to communicate securely with each other over a channel that is unreliable. When the existing 2- and 3-party protocols are realized in this situation, there are several problems: a client must hold many passwords and the load on the server concerning password management is heavy. In this paper, we define a new ideal client-to-client general authenticated key exchange functionality, where arbitrary 2-party key exchange protocols are applicable to protocols between the client and server and between servers. We also propose a client-to-client general authenticated key exchange protocol C2C-GAKE as a general form of the client-to-client model, and a client-to-client hybrid authenticated key exchange protocol C2C-HAKE as an example protocol of C2C-GAKE to solve the above problems. In C2C-HAKE, a server shares passwords only with clients in the same realm respectively, public/private keys are used between respective servers, and two clients between different realms share a final session key via the respective servers. Thus, with regard to password management in C2C-HAKE, the load on the server can be distributed to several servers. In addition, we prove that C2C-HAKE securely realizes the above functionality. C2C-HAKE is the first client-to-client hybrid authenticated key exchange protocol that is secure in a universally composable framework with a security-preserving composition property.
著者
-
KIYOMOTO Shinsaku
KDDI R & D Laboratories Inc.
-
TANAKA Toshiaki
KDDI R & D Laboratories Inc.
-
OHTA Kazuo
The University of Electro-Communications
-
OTA HARUKI
KDDI R & D Laboratories, Inc.
-
YONEYAMA KAZUKI
The University of Electro-Communications
関連論文
- Analysis of Program Obfuscation Schemes with Variable Encoding Technique
- On Effectiveness of Clock Control in Stream Ciphers(Information Theory and Its Applications)
- Experimental Analysis of Guess-and-Determine Attacks on Clock-Controlled Stream Ciphers(Cryptography and Information Security, Information Theory and Its Applications)
- Design and implementation of secure area expansion scheme for public wireless LAN services (特集 センサネットワーク)
- Practical Password Recovery Attacks on MD4 Based Prefix and Hybrid Authentication Protocols
- A Strict Evaluation on the Number of Conditions for SHA-1 Collision Search
- Universally composable client-to-client general authenticated key exchange (特集:情報システムを支えるコンピュータセキュリティ技術の再考)
- Universally Composable Client-to-Client General Authenticated Key Exchange
- Efficient Implementation of the Pairing on Mobilephones Using BREW
- Universally Composable Hierarchical Hybrid Authenticated Key Exchange(Protocols,Cryptography and Information Security)
- Review on Sufficient Conditions of SHA-0
- Proposal of a Transformation Method for Iris Codes in Iris Scanning Verification(Biometrics)(Cryptography and Information Security)
- A Fast (k, L, n)-Threshold Ramp Secret Sharing Scheme
- Design of Anonymous Attribute Authentication Mechanism
- A-7-3 Revocation and Addition Mechanisms for Fast (k, n)-Threshold Schemes
- On a Fast (K, n)-Threshold Secret Sharing Scheme
- Analysis of Program Obfuscation Schemes with Variable Encoding Technique
- A Fast (3, n)-Threshold Secret Sharing Scheme Using Exclusive-OR Operations
- Design of τ-Gradual Key-Management Schemes for Mobile Content Distribution (特集:ユビキタス時代を支えるモバイル通信と高度交通システム)
- An Obfuscation Scheme Using Affine Transformation and Its Implementation (特集:ユビキタス社会を支えるコンピュータセキュリティ技術)
- Design of Self-Delegation for Mobile Terminals (特集 多様な社会的責任を担うコンピュータセキュリティ技術)
- Design of Security Architecture for Beyond 3G Mobile Terminals (特集:プライバシを保護するコンピュータセキュリティ技術)
- Provably Secure Untraceable Electronic Cash against Insider Attacks(Discrete Mathematics and Its Applications)
- (Network Services Basics) Notification of Certificate Revocation Status between Different Domains under a PKI System ( Object-Oriented Technologies)
- Implementation and Evaluation of a Micropayment System for Mobile Environments (Security and Society)
- New Time-Stamping Scheme Using Mutual Communications with Pseudonymous Clients (Applications) (Cryptography and Information Security)
- New Time-Stamping Scheme Using Mutual Communications with Pseudonymous Clients
- A Study of Access Control Method for Mobile Agents by Using Secure Stubs (特集:新たな脅威に立ち向かうコンピュータセキュリティ技術)
- Secure Host Name Resolution Infrastructure for Overlay Networks(Networking Technologies for Overlay Networks)
- Improved Subset Difference Method with Ternary Tree
- Ring signatures: universally composable definitions and constructions (特集:情報システムを支えるコンピュータセキュリティ技術の再考)
- A-7-2 Revisiting Zero-Knowledgeness of an On the Fly Authentication Scheme
- Zero-Knowledge and Correlation Intractability(Information Security)
- Evaluation of Mutational Capability and Real-Time Applicability of Obfuscation Techniques(Information Hiding, Cryptography and Information Security)
- Software Protection Combined with Tamper-Proof Device
- Optimization of Group Key Management Structure with a Client Join-Leave Mechanism
- Design of Self-Delegation for Mobile Terminals
- Design of Self-Delegation for Mobile Terminals
- Ring Signatures: Universally Composable Definitions and Constructions
- Fast Implementation of KCipher-2 for Software and Hardware
- Chosen-IV Correlation Power Analysis on KCipher-2 Hardware and a Masking-Based Countermeasure
- An Obfuscation Scheme Using Affine Transformation and Its Implementation
- BS-7-44 Decodability Attacks in XOR Network Coding
- An Obfuscation Scheme Using Affine Transformation and Its Implementation
- Optimization of Group Key Management Structure with a Client Join-Leave Mechanism
- A New Type of Fault-Based Attack : Fault Behavior Analysis