Abstract
With the rapid development in wireless communications and cloud computing technologies, clients (users) often use handheld mobile devices to access remote servers via open network channels. To provide authentication and confidentiality between clients and servers, a large number of ID-based authentication and key exchange (ID-AKE) protocols have been proposed for mobile client-server environments. However, most of the existing ID-AKE protocols adopt the precomputation technique so that they become vulnerable to the ephemeral-secret-leakage (ESL) attacks, in the sense that an adversary could use the ephemeral secrets to reveal the private keys of clients from the corresponding exchange messages. In the paper, we propose a new ESL-secure ID-AKE protocol for mobile client-server environments. We formally prove that the proposed protocol satisfies the security requirements of both mutual authentication and key exchange while resisting the ESL attacks. When compared with previously proposed ID-AKE protocols, our protocol has higher security and retains computational performance, since it requires no bilinear pairing operation for mobile clients. Finally, we mention the possibility of adopting our protocol as an authentication method of the extensible authentication protocol (EAP) for wireless networks.
Original language | English |
---|---|
Article number | 898716 |
Journal | International Journal of Distributed Sensor Networks |
Volume | 2015 |
DOIs | |
Publication status | Published - 2015 Jan 1 |
Fingerprint
All Science Journal Classification (ASJC) codes
- Engineering(all)
- Computer Networks and Communications
Cite this
}
A novel ID-based authentication and key exchange protocol resistant to ephemeral-secret-leakage attacks for mobile devices. / Tseng, Yuh Min; Huang, Sen Shan; Tsai, Tung Tso; Tseng, Li.
In: International Journal of Distributed Sensor Networks, Vol. 2015, 898716, 01.01.2015.Research output: Contribution to journal › Article
TY - JOUR
T1 - A novel ID-based authentication and key exchange protocol resistant to ephemeral-secret-leakage attacks for mobile devices
AU - Tseng, Yuh Min
AU - Huang, Sen Shan
AU - Tsai, Tung Tso
AU - Tseng, Li
PY - 2015/1/1
Y1 - 2015/1/1
N2 - With the rapid development in wireless communications and cloud computing technologies, clients (users) often use handheld mobile devices to access remote servers via open network channels. To provide authentication and confidentiality between clients and servers, a large number of ID-based authentication and key exchange (ID-AKE) protocols have been proposed for mobile client-server environments. However, most of the existing ID-AKE protocols adopt the precomputation technique so that they become vulnerable to the ephemeral-secret-leakage (ESL) attacks, in the sense that an adversary could use the ephemeral secrets to reveal the private keys of clients from the corresponding exchange messages. In the paper, we propose a new ESL-secure ID-AKE protocol for mobile client-server environments. We formally prove that the proposed protocol satisfies the security requirements of both mutual authentication and key exchange while resisting the ESL attacks. When compared with previously proposed ID-AKE protocols, our protocol has higher security and retains computational performance, since it requires no bilinear pairing operation for mobile clients. Finally, we mention the possibility of adopting our protocol as an authentication method of the extensible authentication protocol (EAP) for wireless networks.
AB - With the rapid development in wireless communications and cloud computing technologies, clients (users) often use handheld mobile devices to access remote servers via open network channels. To provide authentication and confidentiality between clients and servers, a large number of ID-based authentication and key exchange (ID-AKE) protocols have been proposed for mobile client-server environments. However, most of the existing ID-AKE protocols adopt the precomputation technique so that they become vulnerable to the ephemeral-secret-leakage (ESL) attacks, in the sense that an adversary could use the ephemeral secrets to reveal the private keys of clients from the corresponding exchange messages. In the paper, we propose a new ESL-secure ID-AKE protocol for mobile client-server environments. We formally prove that the proposed protocol satisfies the security requirements of both mutual authentication and key exchange while resisting the ESL attacks. When compared with previously proposed ID-AKE protocols, our protocol has higher security and retains computational performance, since it requires no bilinear pairing operation for mobile clients. Finally, we mention the possibility of adopting our protocol as an authentication method of the extensible authentication protocol (EAP) for wireless networks.
UR - http://www.scopus.com/inward/record.url?scp=84930669455&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84930669455&partnerID=8YFLogxK
U2 - 10.1155/2015/898716
DO - 10.1155/2015/898716
M3 - Article
AN - SCOPUS:84930669455
VL - 2015
JO - International Journal of Distributed Sensor Networks
JF - International Journal of Distributed Sensor Networks
SN - 1550-1329
M1 - 898716
ER -