1 / 14

Enhancing Security in Three-Party Password Authenticated Key Exchange

This paper presents a new approach to improve security in a 3PAKE protocol using elliptic curve cryptography. The proposed scheme addresses vulnerabilities in existing protocols by enhancing the security of session key exchanges. By replacing XOR operations with additive ECC, the scheme achieves a higher level of security with smaller key sizes, making it suitable for resource-constrained environments. The analysis includes undetectable online and offline guessing attacks, highlighting the advantages and weaknesses compared to previous schemes.

ariana-snider
Télécharger la présentation

Enhancing Security in Three-Party Password Authenticated Key Exchange

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cryptanalysis of a Communication-EfficientThree-Party Password Authenticated KeyExchange Protocol Source: Information Sciences in review Presenter: Tsuei-Hung Sun (孫翠鴻) Date: 2010/10/29

  2. Outline • Introduction • Motivation • Demonstrate • Scheme • Security analysis • Advantage vs. weakness • Comment

  3. Introduction • Password-based Authenticated Key Exchange (PAKE) protocol • 3PAKE(Three-party model)

  4. , , Chang et al.’s Protocol ( T-Y. Chang, M-S. Hwang, W-P. Yang, A Communication-Efficient Three-Party Password Authenticated Key Exchange Protocol, Information Sciences (2010),doi: 10.1016/j.ins.2010.08.032.) S B A Step 1 Step 2 Step 3 Step 4

  5. Check Check Check , , Check Check Check Session key Chang et al.’s Protocol S B A Step 5 Step 6

  6. Motivation • Chang et al. use XOR operation to achieve the security, but it is vulnerable to a partition attack. • To find a way achieve security base on 3PAKE and without server’s public key and symmetric encryption. • This paper will prove Chang et al.’s scheme is completely insecure and propose improve scheme.

  7. Step 2 off-line guess password (1) assume a password is a real A’s password. (2) use to distinguish whether the is in G or not. If and , it is a feasible password, probability is Other is a infeasible password, probability is Demonstrate Step 1 wiretap a valid session and get Step 3 repeat step 2 until the range of password narrowed down to a single password. c: the number of possible values not in Zp.

  8. First partition: True: eS1=9 Demonstrate • Example p= 23; Zp={0,1,…,41,22}; generator g=2 G={ } CD=D; D={pw1,pw2,pw3,pw4}={1,2,4,8} Assume A’s password is pw4 CD: set of candidate passwords. D: space of password. FD: feasible passwords : infeasible passwords (m)b: binary representation of message m

  9. True: Demonstrate Second partition: eS1=2; CD=FD={pw2,pw4} CD=FD={pw4}

  10. Scheme S B A Step 1 Step 2 Step 3 Step 4

  11. , , Check Check Check Check Check Check Session key Scheme S B A Step 5 Step 6

  12. Security analysis • Undetectable on-line guessing attack • Off-line guessing attack • Forward security of session key

  13. Advantage vs. weakness • Advantage • Using elliptic curve cryptography (ECC) additive operation replace XOR operator that attack can’t distinguish feasible and infeasible passwords. • ECC can achieve the same level of security with smaller key size. • It is applicable in low resource environments, like smart cards or mobile unit. • Easily noting authenticators ( ) • Weakness • Computing time and computational complexity are more than XOR.

  14. Comment • This paper use elliptic curve to replace Chang et al.’s XOR. Is the performance of this paper better then Chang et al.’s scheme? • The partition attack mention at demonstrate, something like brute-force attack which is not a efficiency attack. • The related work about Chang et al.’s scheme, from notation to step statement are the same as Chang et al.’s paper.

More Related