research-article

Security design for three-party encrypted key exchange protocol using smart cards

Authors:

Chin-Chen Chang,

Jung-San Lee,

Ting-Fang ChengAuthors Info & Claims

ICUIMC '08: Proceedings of the 2nd international conference on Ubiquitous information management and communication

Pages 329 - 333

https://doi.org/10.1145/1352793.1352862

Published: 31 January 2008 Publication History

Get Access

Abstract

Three-Party encrypted key exchange (3PEKE) protocol is an important cryptographic mechanism, enabling two clients to communicate with each other through a trusted server. Specifically, it is often applied to provide confidential communications between two participants over an insecure network. In 2007, Lu and Cao proposed a simple and efficient version. Unfortunately, we find that there exists a design weakness in their mechanism. We therefore design a novel mechanism using smart cards. The smart-card based scheme (SC-3PEKE) not only confirms the security essentials of general 3PEKE methods, but also outperforms related works in terms of authentication overheads with the adoption of smart cards.

References

[1]

Chang, C. C., Chang, Y. F.: A Novel Three-party Encrypted Key Exchange Protocol. Computer Standards & Interfaces, vol. 26, (2004), pp. 471--476

Google Scholar

[2]

Chang, Y. F., Chang, C. C., Liu, Y. L.: Password Authentication without the Server Public Key. IEICE Transactions on Communications, vol. E87-B, no. 10, (2004), pp. 3088--3091

Google Scholar

[3]

Bellovin, S. M., Merrit, M.: Encrypted Key Exchange: Password-based Protocols Secure against Dictionary Attacks. Proceedings of 1992 IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, California, (1992), pp. 72--84

Digital Library

Google Scholar

[4]

Jaung, W. J.: Efficient Three-party Key Exchange using Smart Cards. IEEE Transactions on Consumer Electronics, vol. 50, no. 2, (2004), pp. 619--624

Digital Library

Google Scholar

[5]

Lin, C. L., Sun, H. M., Hwang, T.: Three-party Encrypted Key Exchange: Attacks and a Solution. ACM Operating Systems Review, vol. 34, no. 4, (2000), pp. 12--20

Digital Library

Google Scholar

[6]

Lin, C. L., Sun, H. M., Steiner, M., Hwang, T.: Three-party Encrypted Key Exchange without Server Public Keys. IEEE Communications Letters, vol. 5, (2001), pp. 497--499

Crossref

Google Scholar

[7]

Lee, T. F., Hwang, T., Lin, C. L.: Enhanced Three-party Encrypted Key Exchange without Server Public Key. Computer & Security, vol. 23, (2004), pp. 571--577

Digital Library

Google Scholar

[8]

Lu, R., Cao, Z.: Simple Three-party Key Exchange Protocol. Computer & Security, vol. 26, (2007), pp. 94--97

Digital Library

Google Scholar

[9]

Rankl, W., Effing, W.: Smart Card Handbook, John Wiley and Sons, 2nd Edition (2000)

Digital Library

Google Scholar

[10]

Sun, H. M., Chen B. C., Hwang, T.: Secure Key Agreement Protocols for Three-party against Guessing Attacks. The Journal of System and Software, vol. 75, (2005), pp. 63--68

Digital Library

Google Scholar

[11]

Schneier, B.: Applied Cryptography, Protocols, Algorithms, and Source Code in C, John Wiley and Sons Inc., 2nd Edition, New York, U.S.A., pp. 15 (1996)

Digital Library

Google Scholar

[12]

Steiner, M., Tsudik, G., Waidner, M.: Refinement and Extension of Encrypted Key Exchange. ACM Operating Systems Review, vol. 29, no. 3, (1995), pp. 22--30

Digital Library

Google Scholar

Cited By

View all

Deebak BMuthaiah RThenmozhi KSwaminathan P(2016)Analyzing three-party authentication and key agreement protocol for real time IP multimedia server---client systemsMultimedia Tools and Applications10.1007/s11042-015-2542-475:10(5795-5817)Online publication date: 1-May-2016
https://dl.acm.org/doi/10.1007/s11042-015-2542-4
Amin RBiswas G(2015)Cryptanalysis and Design of a Three-Party Authenticated Key Exchange Protocol Using Smart CardArabian Journal for Science and Engineering10.1007/s13369-015-1743-540:11(3135-3149)Online publication date: 24-Jun-2015
https://doi.org/10.1007/s13369-015-1743-5
Yang HZhang YZhou YFu XLiu HVasilakos A(2014)Provably secure three-party authenticated key agreement protocol using smart cardsComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2013.08.02058(29-38)Online publication date: 1-Jan-2014
https://dl.acm.org/doi/10.1016/j.comnet.2013.08.020

Recommendations

Provably secure three party encrypted key exchange scheme with explicit authentication

In 2007, Lu and Cao proposed a simple, three-party, password-based, authenticated key exchange (S-3PEKE) protocol based on the chosen-basis computational Diffie-Hellman assumption. Although the authors claimed that their protocol was superior to similar ...
Provably secure three-party authenticated key agreement protocol using smart cards

Authenticated key agreement protocol is a useful cryptographic primitive, which can be used to protect the confidentiality, integrity and authenticity for transmitted data over insecure networks. From the point of view of the management of pre-shared ...
Security of Indirect-Authenticated Key Exchange Protocol
IIH-MSP '09: Proceedings of the 2009 Fifth International Conference on Intelligent Information Hiding and Multimedia Signal Processing

Security issues play an important role in modern communication worlds. Via distrusted networks, exchanged messages need to be encrypted by a session key for security requirements. Session keys are preferred to be generated by communication parties, and ...

Comments

Information & Contributors

Information

Published In

ICUIMC '08: Proceedings of the 2nd international conference on Ubiquitous information management and communication

January 2008

604 pages

ISBN:9781595939937

DOI:10.1145/1352793

General Chairs:
Won Kim
Sungkyunkwan University
,
Hyung Jin Choi
Sungkyunkwan University

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

SIGMOD: ACM Special Interest Group on Management of Data

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 31 January 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ICUIMC08

Sponsor:

SIGKDD

ICUIMC08: The Second International Conference on Ubiquitous Information Management and Communication

January 31 - February 1, 2008

Suwon, Korea

Acceptance Rates

Overall Acceptance Rate 251 of 941 submissions, 27%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
381
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Deebak BMuthaiah RThenmozhi KSwaminathan P(2016)Analyzing three-party authentication and key agreement protocol for real time IP multimedia server---client systemsMultimedia Tools and Applications10.1007/s11042-015-2542-475:10(5795-5817)Online publication date: 1-May-2016
https://dl.acm.org/doi/10.1007/s11042-015-2542-4
Amin RBiswas G(2015)Cryptanalysis and Design of a Three-Party Authenticated Key Exchange Protocol Using Smart CardArabian Journal for Science and Engineering10.1007/s13369-015-1743-540:11(3135-3149)Online publication date: 24-Jun-2015
https://doi.org/10.1007/s13369-015-1743-5
Yang HZhang YZhou YFu XLiu HVasilakos A(2014)Provably secure three-party authenticated key agreement protocol using smart cardsComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2013.08.02058(29-38)Online publication date: 1-Jan-2014
https://dl.acm.org/doi/10.1016/j.comnet.2013.08.020

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Provably secure three party encrypted key exchange scheme with explicit authentication

Provably secure three-party authenticated key agreement protocol using smart cards

Security of Indirect-Authenticated Key Exchange Protocol

Comments

Published In

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Provably secure three party encrypted key exchange scheme with explicit authentication

Provably secure three-party authenticated key agreement protocol using smart cards

Security of Indirect-Authenticated Key Exchange Protocol

Comments

Information

Published In

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Get Access

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations