Abstract
When we consider wireless security, it is strongly preferable to use password-based authentication and the elliptic curve based Diffie-Hellman protocol since the former provides a user-friendly authentication method and the latter is an efficient key agreement protocol. However, this combination does not necessarily guarantee security against off-line dictionary attacks (especially, ”partition attacks”). In this paper, we propose an elliptic curve based authenticated key agreement (called EC-AKA) protocol that is secure against partition attacks as well as suitable for the following situation: (1) a client, who communicates with many different servers, remembers only one password and has insecure devices; (2) the counterpart servers are not perfectly secure against several attacks; (3) neither PKI (Public Key Infrastructures) nor TRM (Tamper-Resistance Modules) is available. The EC-AKA protocol is secure under the elliptic curve Diffie-Hellman problem in the random oracle model. We also show that the EC-AKA protocol achieves more strengthened security properties and efficiency compared with the existing protocols (employed in the IEEE 802.1x).
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
- Elliptic Curve
- Random Oracle Model
- Extensible Authentication Protocol
- Dictionary Attack
- Elliptic Curve Discrete Logarithm Problem
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Koblitz, N.: Elliptic Curve Cryptosystems. Mathematics of Computation 48, 203–209 (1987)
Miller, V.: Use of Elliptic Curves in Cryptography. In: Williams, H.C. (ed.) Advances in Cryptology. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)
Boyd, C., Montague, P., Nguyen, K.: Elliptic Curve based Password Authenticated Key Exchange Protocols. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 487–501. Springer, Heidelberg (2001)
Diffie, W., Hellman, M.: New Directions in Cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)
Wong, D.S., Chan, A.H., Zhu, F.: Password Authenticated Key Exchange for Resource-Contrained Wireless Communications. In: Lorenz, P., Dini, P. (eds.) ICN 2005. LNCS, vol. 3421, pp. 827–834. Springer, Heidelberg (2005)
Antipa, A., Brown, D., Menezes, A., Struik, R., Vanstone, S.: Validation of Elliptic Curve Public Keys. PKC 2003. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 211–223. Springer, Heidelberg (2002)
Blake, I.F., Seroussi, G., Smart, N.P.: Elliptic Curves in Cryptography. In: Jantke, K.P. (ed.) AII 1986. LNCS, vol. 265, Springer, Heidelberg (1987)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Bellare, M., Rogaway, P.: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In: ACM CCS 1993, pp. 62–73. ACM Press, New York (1993)
Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)
Shoup, V.: On Formal Models for Secure Key Exchange. IBM Research Report RZ 3121 (1999), http://eprint.iacr.org/1999/012
IETF (Internet Engineering Task Force).: PPP Extensible Authentication Protocol (EAP). RFC 2284 (1998)
Halevi, S., Krawczyk, H.: Public-Key Cryptography and Password Protocols. In: ACM Transactions on Information and System Security, vol. 2(3), pp. 230–268. ACM Press, New York (1999)
Haverinen, H., Salowey, J.: Extensible Authentication Protocol Method for GSM Subscriber Identity Modules (EAP-SIM) (2004), draft-haverinen-pppext-eap-sim-16.txt
IEEE 802.1x: Port Based Network Access Control. IEEE, http://www.ieee.802/org/1/pages/802.1xhtml
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Shin, S., Kobara, K., Imai, H. (2007). An Elliptic Curve Based Authenticated Key Agreement Protocol for Wireless Security. In: Wang, Y., Cheung, Ym., Liu, H. (eds) Computational Intelligence and Security. CIS 2006. Lecture Notes in Computer Science(), vol 4456. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74377-4_80
Download citation
DOI: https://doi.org/10.1007/978-3-540-74377-4_80
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74376-7
Online ISBN: 978-3-540-74377-4
eBook Packages: Computer ScienceComputer Science (R0)