Skip to main content
Springer Nature Link
Log in

An Authentication and Key Exchange Protocol for Secure Credential Services

  • Conference paper
Information Security (ISC 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4176))

Included in the following conference series:

  • 1634 Accesses

Abstract

In this paper, we propose a leakage-resilient and proactive authenticated key exchange (called LRP-AKE) protocol for credential services which provides not only a higher level of security against leakage of stored secrets but also secrecy of private key with respect to the involving server. The LRP-AKE protocol is provably secure in the random oracle model with the reduction to the computational Diffie-Hellman problem.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Abdalla, M., Bresson, E., Chevassut, O., Moller, B., Pointcheval, D.: Provably Secure Password-based Authentication in TLS. In: Proc. of AsiaCCS 2006. ACM, New York (2006)

    Google Scholar 

  2. Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., Levkowetx, H.: Extensible Authentication Protocol (EAP). IETF RFC 3748 (June 2004)

    Google Scholar 

  3. Abdalla, M., Pointcheval, D.: Simple Password-Based Encrypted Key Exchange Protocols. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 191–208. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  4. Bresson, E., Chevassut, O., Pointcheval, D.: New Security Results on Encrypted Key Exchange. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 145–158. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  5. Bellovin, S.M., Merritt, M.: Encrypted Key Exchange: Password-based Protocols Secure against Dictionary Attacks. In: Proc. of IEEE Symposium on Security and Privacy, pp. 72–84 (1992)

    Google Scholar 

  6. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  7. Bellare, M., Rogaway, P.: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In: Proc. of ACM CCS 1993, pp. 62–73 (1993)

    Google Scholar 

  8. Blunk, L., Vollbrecht, J.: PPP Extensible Authentication Protocol (EAP). IETF RFC 2284 (March 1998)

    Google Scholar 

  9. Canetti, R., Goldreich, O., Halevi, S.: The Random Oracle Methodology, Revisited. In: Proc. of the 30th ACM Symposium on Theory of Computing (STOC), pp. 209–218. ACM, New York (1998)

    Google Scholar 

  10. Catalano, D., Pointcheval, D., Pornin, T.: Trapdoor Hard-to-Invert Group Isomorphisms and Their Application to Password-based Authentication. Journal of Cryptology (2006); The extended abstract appeared at CRYPTO 2004

    Google Scholar 

  11. Ford, W., Kaliski, B.S.: Server-Assisted Generation of a Strong Secret from a Password. In: Proc. of the Fifth International Workshop on Enterprise Security. IEEE, Los Alamitos (2000)

    Google Scholar 

  12. Haverinen, H., Salowey, J.: Extensible Authentication Protocol Method for GSM Subscriber Identity Modules (EAP-SIM) (December 2004)

    Google Scholar 

  13. Jablon, D.P.: Password Authentication Using Multiple Servers. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 344–360. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  14. Kwon, T.: Virtual Software Tokens - A Practical Way to Secure PKI Roaming. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 288–302. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  15. Ostrovsky, R., Yung, M.: How to Withstand Mobile Virus Attacks. In: Proc. of 10th Annual ACM Symposium on Principles of Distributed Computing (1991)

    Google Scholar 

  16. Patel, S.: Number Theoretic Attacks on Secure Password Schemes. In: Proc. of IEEE Symposium on Security and Privacy, pp. 236–247. IEEE Computer Society, Los Alamitos (1997)

    Google Scholar 

  17. Patel, S.: Analysis of EAP-SIM Session Key Agreement, Available at: http://www.drizzle.com/~aboba/EAP/AnalyisOfEAP.pdf

  18. Perlman, R., Kaufman, C.: Secure Password-Based Protocol for Downloading a Private Key. In: Proc. 1999 Network and Distributed System Security Symposium, Internet Security (1999)

    Google Scholar 

  19. Sandhu, R., Bellare, M., Ganesan, R.: Password Enabled PKI: Virtual Smartcards vs. Virtual Soft Tokens. In: Proc. of the 1st Annual PKI Research Workshop, pp. 89–96 (2002)

    Google Scholar 

  20. Shoup, V.: On Formal Models for Secure Key Exchange. IBM Research Report RZ 3121 (1999), Available at: http://eprint.iacr.org/1999/012

  21. Shoup, V.: OAEP Reconsidered. Journal of Cryptology 15(4), 223–249 (2002)

    Article  MATH  MathSciNet  Google Scholar 

  22. Shin, S., Kobara, K., Imai, H.: Efficient and Leakage-Resilient Authenticated Key Transport Protocol Based on RSA. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 269–284. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  23. Shin, S.H., Kobara, K., Imai, H.: Security Proof of Efficient and Leakage-Resilient Authenticated Key Transport Protocol Based on RSA. Cryptology ePrint Archive, Report 2005/190 (2005)

    Google Scholar 

  24. Tardo, J., Alagappan, K.: SPX: Global Authentication Using Public Key Certificates. In: Proc. of 1991 IEEE Computer Society Symposium on Security and Privacy, pp. 232–244 (1991)

    Google Scholar 

  25. Tang, Q., Mitchell, C.J.: Weaknesses in a Leakage-Resilient Authenticated Key Transport Protocol. Cryptology ePrint Archive, Report 2005/173 (2005)

    Google Scholar 

  26. Wang, X.: Intrusion-Tolerant Password-Enabled PKI. In: Proc. of the 2nd Annual PKI Research Workshop, pp. 44–53 (2003)

    Google Scholar 

  27. Welch, V., Foster, I., Kesselman, C., Mulmo, O., Pearlman, L., Tuecke, S., Gawor, J., Meder, S., Siebenlist, F.: X.509 Proxy Certificates for Dynamic Delegation. In: Proc. of the 3rd Annual PKI R&D Workshop (2004)

    Google Scholar 

  28. Wan, Z., Wang, S.: Cryptanalysis of Two Password-Authenticated Key Exchange Protocols. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 164–175. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science and Technology (AIST), 1-18-13, Sotokannda, Chiyoda-ku, Tokyo, 101-0021, Japan

    SeongHan Shin, Kazukuni Kobara & Hideki Imai

  2. Chuo University, 1-13-27, Haruhi, Bunkyo-ku, Tokyo, 112-8551, Japan

    Hideki Imai

Authors
  1. SeongHan Shin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kazukuni Kobara
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hideki Imai
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of the Aegean, University Hill, 81100, Mytilene, Greece

    Sokratis K. Katsikas

  2. Department of Information and Communication Technologies, University of A Coruña, Spain

    Javier López

  3. MPI-SWS,  

    Michael Backes

  4. Department of Information and Communication Systems Engineering, University of the Aegean, Karlovassi, Samos, Greece

    Stefanos Gritzalis

  5. Interdisciplinary Institute for BroadBand Technology (IBBT), Belgium

    Bart Preneel

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Shin, S., Kobara, K., Imai, H. (2006). An Authentication and Key Exchange Protocol for Secure Credential Services. In: Katsikas, S.K., López, J., Backes, M., Gritzalis, S., Preneel, B. (eds) Information Security. ISC 2006. Lecture Notes in Computer Science, vol 4176. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11836810_32

Download citation

  • DOI: https://doi.org/10.1007/11836810_32

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-38341-3

  • Online ISBN: 978-3-540-38343-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation