Analysis and improvement of a key exchange and authentication protocol in client-server environment
- PDF / 2,391,066 Bytes
- 13 Pages / 595.276 x 790.866 pts Page_size
- 95 Downloads / 240 Views
ORIGINAL RESEARCH
Analysis and improvement of a key exchange and authentication protocol in client‑server environment Yuting Li1 · Qingfeng Cheng1 · Xinghua Li2 Received: 17 April 2019 / Accepted: 12 November 2019 © Springer-Verlag GmbH Germany, part of Springer Nature 2019
Abstract With the rapid development of mobile communication technologies and network applications, communication models for mobile client and server interaction are becoming increasingly popular. The certificateless public key cryptography is suitable for designing security protocols which are used for mobile devices under the model of client and server. In the last decade, various ID-based protocols have been discussed, but some of them have several flaws. To address the security problems found in the key exchange protocol designed by Hassan et al., we introduce a new protocol named iHEEL protocol, a new key exchange and authentication protocol in client-server environment. Our new protocol is proved to be secure under the random oracle model and computational Diffie-Hellman assumption. Finally, iHEEL protocol is compared with several preceding protocols in terms of security properties and communication cost, which is measured by different data volumes. Keywords Key exchange protocol · Authentication · Mobile device · Client-server
1 Introduction As the Internet has an ever-increasing impact in our daily life, many security risks have emerged, such as stealing, deleting, tampering with messages. Therefore, there are more stringent requirements for the security of communications and information on the network. How to implement secure communication in an open network environment has always been a deep concern (Alawatugoda et al. 2014), especially in small mobile devices networks shown in Fig. 1. Cryptographic algorithms and protocols are the most direct and effective means to solve network information security and communication security issues, also, ones * Qingfeng Cheng [email protected] Yuting Li [email protected] Xinghua Li [email protected] 1
State Key Laboratory of Mathematical Engineering and Advanced Computing, Strategic Support Force Information Engineering University, Zhengzhou 450001, China
School of Cyber Engineering, Xidian University, Xi’an 710071, China
2
of the theoretical frameworks for building a network security information system (Yang and Li 2015). With the wide application of key distribution in e-commerce, the status of cryptographic protocols cannot be ignored. Among them, the key exchange protocol, also known as key agreement protocol, allows several parties to jointly establish a common key, which is always called the session key, by passing certain security parameters on a public channel. The session key is aimed at providing security for subsequent communication between two parties (or multiple parties). The authenticated key exchange protocols not only achieve the goal of key agreement, but also guarantee the situation that it is impossible for any other illegal entities to obtain the sessi
Data Loading...
