Enhanced Mutual Authentication and Key Exchange Protocol for Wireless Communications
We analyze several mutual authentication and key exchange protocols (MAKEPs) in this paper, and present a number of desirable properties of such protocols for secure wireless communications. To address the security problems of existing protocols, we propo
- PDF / 271,449 Bytes
- 11 Pages / 430 x 660 pts Page_size
- 117 Downloads / 247 Views
Dept of Computer Science & Engineering, The Chinese University of Hong Kong, Shatin, NT, Hong Kong {yjhe, mclee}@cse.cuhk.edu.hk 2 School of Information Science and Engineering, Central South University, Changsha 410075, Hunan, China [email protected]
Abstract. We analyze several mutual authentication and key exchange protocols (MAKEPs) in this paper, and present a number of desirable properties of such protocols for secure wireless communications. To address the security problems of existing protocols, we propose an improved version of MAKEP known as EC-MAKEP. Apart from providing the desired security features supported by the existing protocols, the proposed protocol supports user anonymity, and forward secrecy which are not supported by many of the previously proposed protocols. Further, the proposed protocol outperforms ESMAKEP, the latest improved version of MAKEP, in terms of computation cost and communication bandwidth. Keywords: MAKEP; Elliptic Curve; forward secrecy; user anonymity.
1 Introduction The mutual authentication and key exchange protocol (MAKEP) presented in [1] aimed to provide secure authentication between a user and a server, and to enable them to determine jointly a session key. This session key can then be used to establish a secure communication channel between the user and the server. In general, a good mutual authentication and key exchange protocol should possess the following properties [2,3]: User Anonymity: In mobile communications, most users require their identity and private information being kept confidential. Forward secrecy: If the long-term private keys of one or more of the entities are compromised, the secrecy of previously established session keys should not be affected. Data Integrity: A system with this property implies that it can verify if any data received from the client has been modified during transmission. Known-key security: If one session key has been obtained by an adversary, the protocol should still be able to achieve its goal; this means that neither the private keys nor other session keys (past or future) would be compromised as a result. Y. Zhang et al. (Eds.): APWeb 2008, LNCS 4976, pp. 348–358, 2008. © Springer-Verlag Berlin Heidelberg 2008
Enhanced Mutual Authentication and Key Exchange Protocol
349
Key control: The secret session key between any two entities should be jointly determined; neither entity can predetermine any portion of the session key. Key-compromise impersonation resilience: If the long-term private key of an entity A is compromised, the protocol would allow the adversary to impersonate A; but it should not allow the adversary to impersonate other entities to A. Unknown key-share resilience: An entity A cannot be coerced into sharing a key with any entity C when in fact A thinks that it is sharing the key with another entity B. In addition, based on the considerations for a mobile communication environment, the list below could be seen as performance measurement criteria [4]. 1. Minimum number of passes: To reduce latency time, the nu
Data Loading...
