Ephemeral-secret-leakage secure ID-based three-party Authenticated Key Agreement Protocol for mobile distributed computing environments

Chao Liang Liu, Wang Jui Tsai, Ting-Yi  Chang, Ta Ming Liu

Research output: Contribution to journalArticle

2 Citations (Scopus)

Abstract

A three-party Authenticated Key Agreement (AKA) protocol in the distributed computing environment is a client that requests services from an application server through an authentication server. The authentication server is responsible for authenticating the participating entities and helping them to construct a common session key. Adopting the Key Transfer Authentication Protocol (KTAP) in such an environment, the authentication server is able to monitor the communication messages to prevent and trace network crime. However, the session key in the KTAP setting is created only by the authentication server and is vulnerable to the resilience of key control. On the other hand, with the rapid growth of network technologies, mobile devices are widely used by people to access servers in the Internet. Many AKA protocols for mobile devices have been proposed, however, most protocols are vulnerable to Ephemeral Secret Leakage (ESL) attacks which compromise the private keys of clients and the session key by an adversary from eavesdropped messages. This paper proposes a novel ESL-secure ID-based three-party AKA protocol for mobile distributed computing environments based on ESL-secure ID-based Authenticated Key Exchange (ID-AKE) protocol. The proposed protocol solves the key control problem in KTAP while retaining the advantages of preventing and tracing network crime in KTAP and also resists ESL attacks. The AVISPA tool simulation results confirm the correctness of the protocol security analysis. Furthermore, we present a parallel version of the proposed ESL-secure ID-based three-party AKA protocol that is communication-efficient.

Original languageEnglish
Article number84
JournalSymmetry
Volume10
Issue number4
DOIs
Publication statusPublished - 2018 Apr 1

Fingerprint

Key Agreement Protocol
Identity-based
Mobile Computing
Distributed computer systems
Distributed Computing
Leakage
leakage
Network protocols
Authentication
Authentication Protocol
Server
Servers
crime
messages
attack
Crime
Mobile Devices
communication
Mobile devices
Attack

All Science Journal Classification (ASJC) codes

  • Computer Science (miscellaneous)
  • Chemistry (miscellaneous)
  • Mathematics(all)
  • Physics and Astronomy (miscellaneous)

Cite this

@article{045725e038ce48e3b72a4fe655dc9c1f,
title = "Ephemeral-secret-leakage secure ID-based three-party Authenticated Key Agreement Protocol for mobile distributed computing environments",
abstract = "A three-party Authenticated Key Agreement (AKA) protocol in the distributed computing environment is a client that requests services from an application server through an authentication server. The authentication server is responsible for authenticating the participating entities and helping them to construct a common session key. Adopting the Key Transfer Authentication Protocol (KTAP) in such an environment, the authentication server is able to monitor the communication messages to prevent and trace network crime. However, the session key in the KTAP setting is created only by the authentication server and is vulnerable to the resilience of key control. On the other hand, with the rapid growth of network technologies, mobile devices are widely used by people to access servers in the Internet. Many AKA protocols for mobile devices have been proposed, however, most protocols are vulnerable to Ephemeral Secret Leakage (ESL) attacks which compromise the private keys of clients and the session key by an adversary from eavesdropped messages. This paper proposes a novel ESL-secure ID-based three-party AKA protocol for mobile distributed computing environments based on ESL-secure ID-based Authenticated Key Exchange (ID-AKE) protocol. The proposed protocol solves the key control problem in KTAP while retaining the advantages of preventing and tracing network crime in KTAP and also resists ESL attacks. The AVISPA tool simulation results confirm the correctness of the protocol security analysis. Furthermore, we present a parallel version of the proposed ESL-secure ID-based three-party AKA protocol that is communication-efficient.",
author = "Liu, {Chao Liang} and Tsai, {Wang Jui} and Ting-Yi  Chang and Liu, {Ta Ming}",
year = "2018",
month = "4",
day = "1",
doi = "10.3390/sym10040084",
language = "English",
volume = "10",
journal = "Symmetry",
issn = "2073-8994",
publisher = "Multidisciplinary Digital Publishing Institute (MDPI)",
number = "4",

}

Ephemeral-secret-leakage secure ID-based three-party Authenticated Key Agreement Protocol for mobile distributed computing environments. / Liu, Chao Liang; Tsai, Wang Jui; Chang, Ting-Yi ; Liu, Ta Ming.

In: Symmetry, Vol. 10, No. 4, 84, 01.04.2018.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Ephemeral-secret-leakage secure ID-based three-party Authenticated Key Agreement Protocol for mobile distributed computing environments

AU - Liu, Chao Liang

AU - Tsai, Wang Jui

AU - Chang, Ting-Yi 

AU - Liu, Ta Ming

PY - 2018/4/1

Y1 - 2018/4/1

N2 - A three-party Authenticated Key Agreement (AKA) protocol in the distributed computing environment is a client that requests services from an application server through an authentication server. The authentication server is responsible for authenticating the participating entities and helping them to construct a common session key. Adopting the Key Transfer Authentication Protocol (KTAP) in such an environment, the authentication server is able to monitor the communication messages to prevent and trace network crime. However, the session key in the KTAP setting is created only by the authentication server and is vulnerable to the resilience of key control. On the other hand, with the rapid growth of network technologies, mobile devices are widely used by people to access servers in the Internet. Many AKA protocols for mobile devices have been proposed, however, most protocols are vulnerable to Ephemeral Secret Leakage (ESL) attacks which compromise the private keys of clients and the session key by an adversary from eavesdropped messages. This paper proposes a novel ESL-secure ID-based three-party AKA protocol for mobile distributed computing environments based on ESL-secure ID-based Authenticated Key Exchange (ID-AKE) protocol. The proposed protocol solves the key control problem in KTAP while retaining the advantages of preventing and tracing network crime in KTAP and also resists ESL attacks. The AVISPA tool simulation results confirm the correctness of the protocol security analysis. Furthermore, we present a parallel version of the proposed ESL-secure ID-based three-party AKA protocol that is communication-efficient.

AB - A three-party Authenticated Key Agreement (AKA) protocol in the distributed computing environment is a client that requests services from an application server through an authentication server. The authentication server is responsible for authenticating the participating entities and helping them to construct a common session key. Adopting the Key Transfer Authentication Protocol (KTAP) in such an environment, the authentication server is able to monitor the communication messages to prevent and trace network crime. However, the session key in the KTAP setting is created only by the authentication server and is vulnerable to the resilience of key control. On the other hand, with the rapid growth of network technologies, mobile devices are widely used by people to access servers in the Internet. Many AKA protocols for mobile devices have been proposed, however, most protocols are vulnerable to Ephemeral Secret Leakage (ESL) attacks which compromise the private keys of clients and the session key by an adversary from eavesdropped messages. This paper proposes a novel ESL-secure ID-based three-party AKA protocol for mobile distributed computing environments based on ESL-secure ID-based Authenticated Key Exchange (ID-AKE) protocol. The proposed protocol solves the key control problem in KTAP while retaining the advantages of preventing and tracing network crime in KTAP and also resists ESL attacks. The AVISPA tool simulation results confirm the correctness of the protocol security analysis. Furthermore, we present a parallel version of the proposed ESL-secure ID-based three-party AKA protocol that is communication-efficient.

UR - http://www.scopus.com/inward/record.url?scp=85046104829&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85046104829&partnerID=8YFLogxK

U2 - 10.3390/sym10040084

DO - 10.3390/sym10040084

M3 - Article

AN - SCOPUS:85046104829

VL - 10

JO - Symmetry

JF - Symmetry

SN - 2073-8994

IS - 4

M1 - 84

ER -