Abstract
Establishing secure channels is one of the most important and fundamental trust issues in information security. It is of high important not only for servers and users computers but also for global connectivity among any kind of network devices. Most existing technologies for establishing secure channels are based on asymmetric cryptography which requires heavy computations, large memory and complicated supporting mechanism such as PKI. In this paper, we consider the setting of authentication with small devices possibly held by humans and possibly embedded in a semi secure environment. We propose a authenticated key renewal protocol which uses only symmetric cryptography. The protocol takes into account other factors important for embedded and human held network devices: It covers multi-factor authentication to take advantage of secrets possessed by the secure device as well as the memorable password of the device owner. The protocol can, further, allow partial leakage of stored secret from a secure device. The protocol’s considerations are a good demonstration of designing “trusted procedure” in the highly constrained environment of mobile and embedded small devices which is expected to be prevalent in the coming years.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Avoine, G., Oechslin, P.: A scalable and provably secure hash-based RFID protocol. In: Proc. of the PerCom 2005 Workshops (2005)
Juels, A., Pappu, R.: Squealing Euros: Privacy Protection in RFID-Enabled Banknotes. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)
Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2. Internet Draft, RFC 5246 (2008)
Dziembowski, S., Pietrzak, K.: Leakage-resilient cryptography. In: Proc. FOCS, October 25-28, pp. 293–302 (2008)
Halevi, S., Krawczyk, H.: Public-key cryptography and password protocols. ACM Transactions on Information and System Security (TISSEC) 2(3), 230–268 (1999)
Katz, J., Ostrovsky, R., Yung, M.: Forward Secrecy in Password-Only Key Exchange Protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 29–44. Springer, Heidelberg (2003)
Kolesnikov, V., Rackoff, C.: Key Exchange Using Passwords and Long Keys. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 100–119. Springer, Heidelberg (2006)
Kent, S., Seo, K.: Security Architecture for the Internet Protocol. Internet Draft, RFC 4301 (2005)
Matsuo, S., Phong, L.T., Ohkubo, M., Yung, M.: Leakage-Resilient RFID Authentication with Forward-Privacy. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 176–188. Springer, Heidelberg (2010)
Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic Approach to “Privacy-Friendly” Tags. In: RFID Privacy Workshop. MIT, USA (2003)
Pietrzak, K.: A Leakage-Resilient Mode of Operation. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 462–482. Springer, Heidelberg (2009)
Petit, C., Standaert, F.-X., Pereira, O., Malkin, T., Yung, M.: A Block Cipher based Pseudo Random Number Generator Secure against Side-channel Key Recovery. In: Proc. of ASIACCS 2008, pp. 56–65 (2008)
Pointcheval, D., Zimmer, S.: Multi-factor Authenticated Key Exchange. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 277–295. Springer, Heidelberg (2008)
Sarma, S.E., Weis, S.A., Engels, D.W.: RFID Systems and Security and Privacy Implications. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 454–469. Springer, Heidelberg (2003)
Trusted Computing Group, http://www.trustedcomputinggroup.org/
Ylonen, T., Lonvick, C.: The Secure Shell (SSH) Protocol Architecture. Internet Draft, RFC 4541 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Matsuo, S., Moriyama, D., Yung, M. (2012). Multifactor Authenticated Key Renewal. In: Chen, L., Yung, M., Zhu, L. (eds) Trusted Systems. INTRUST 2011. Lecture Notes in Computer Science, vol 7222. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32298-3_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-32298-3_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32297-6
Online ISBN: 978-3-642-32298-3
eBook Packages: Computer ScienceComputer Science (R0)