Abstract
In this paper, we consider the problem of mutually authenticated key exchanges between a low-power client and a powerful server. We show how the Jakobsson-Pointcheval scheme proposed recently [15] can be compromised using a variant of interleaving attacks. We also propose a new scheme for achieving mutually authenticated key exchanges. The protocol is proven correct within a variant of Bellare-Rogaway model [3],[4]. This protocol gives the same scalability as other publickey based authenticated key exchange protocols but with much higher efficiency and fewer messages. It only takes 20 msec total computation time on a PalmPilot and has only three short messages exchanged during the protocol.
This work was sponsored by the U. S. Air Force under contract F30602-00-2-0518.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Ashar Aziz and Whitfield Diffie. A secure communcations protocol to prevent unauthorized access — privacy and authentication for wireless local area networks. IEEE Personal Communications, First Quarter 1994.
Mihir Bellare and Phillip Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In First ACM Conference on Computer and Communications Security, pages 62–73, Fairfax, 1993. ACM.
Mihir Bellare and Phillip Rogaway. Entity authentication and key distribution. In Douglas R. Stinson, editor, Proc. CRYPTO 93, pages 232–249. Springer, 1994. Lecture Notes in Computer Science No. 773.
Mihir Bellare and Phillip Rogaway. Provably secure session key distribution-the three party case. In Proc. 27th ACM Symp. on Theory of Computing, pages 57–66, Las Vegas, 1995. ACM.
R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva, and M. Yung. Systematic design of two-party authentication protocols. In J. Feigenbaum, editor, Proc. CRYPTO 91, pages 44–61. Springer, 1992. Lecture Notes in Computer Science No. 576.
Simon Blake-Wilson, Don Johnson, and Alfred Menezes. Key agreement protocols and their security analysis. In Sixth IMA International Conference on Cryptography and Coding, pages 30–45, 1997. Lecture Notes in Computer Science No. 1355.
Simon Blake-Wilson and Alfred Menezes. Authenticated Diffie-Hellman key agreement protocols. In 5th annual international workshop, SAC’98, pages 339–361. Springer-Verlag, 1998. Lecture Notes in Computer Science No. 1556.
J. Daemen and V. Rijmen. AES Proposal: Rijndael. AES Algorithm Submission, Sep 1999. http://www.nist.gov/aes.
W. Diffie and M. E. Hellman. New directions in cryptography. IEEE Trans. Inform. Theory, IT-22:644–654, November 1976.
Whitfield Diffie, Paul C. Van Oorschot, and Michael J. Wiener. Authentication and authenticated key exchanges. Designs, Codes, and Cryptography, 2(2):107–125, June 1992.
Alan O. Freier, Philip Karlton, and Paul C. Kocher. The SSL Protocol Version 3.0. INTERNET-DRAFT, Nov 1996. www.netscape.com/eng/ssl3/draft302.txt.
S. Goldwasser and S. Micali. Probabilistic encryption. JCSS, 28(2):270–299, April 1984.
Shafi Goldwasser and Mihir Bellare. Lecture Notes on Cryptography. http://wwwcse.ucsd.edu/users/mihir/papers/gb.html, 1996.
IEEE. P1363: Standard Specifications For Public Key Cryptography, Nov 1999. Draft P1363 / D13.
Markus Jakobsson and David Pointcheval. Mutual authentication for low-power mobile devices. In P. Syverson, editor, Proceedings of Financial Cryptography 2001. Springer-Verlag, February 2001.
J. Kohl and C. Neuman. The Kerberos Network Authentication Service (V5). IETF RFC1510, Sep 1993.
Laurie Law, Alfred Menezes, Minghua Qu, Jerry Solinas, and Scott Vanstone. An efficient protocol for authenticated key agreement. Technical Report CORR 98-05, University of Waterloo, 1998.
C. Lim and P. Lee. A key recovery attack on discrete log-based schemes using a prime order subgroup. In Proc. CRYPTO 97, pages 249–263. Springer, 1997. Lecture Notes in Computer Science No. 1294.
Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press LLC, 1997.
C. Mitchell. Limitations of challenge-response entity authentication. Electronics Letters, 25(17), Aug 1989.
R. M. Needham and M. D. Schroeder. Using encryption for authentication in large networks of computers. Communications of the ACM, 21(12):993–999, December 1978.
Dave Otway and Owen Rees. Efficient and timely mutual authentication. Operating Systems Review, 21, Jan 1987.
C. P. Schnorr. Efficient identification and signatures for smart cards. In G. Brassard, editor, Proc. CRYPTO 89, pages 239–252. Springer, 1990. Lecture Notes in Computer Science No. 435.
C. P. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4(3), 1991.
Victor Shoup. Lower bounds for discrete logarithms and related problems. In Walter Fumy, editor, Proc. EUROCRYPT 97, pages 256–266. Springer, 1997. Lecture Notes in Computer Science No. 1233.
Duncan S. Wong and Agnes H. Chan. Mutual authentication and key exchange for low power wireless communications. to appear in IEEE MILCOM 2001 Conference Proceedings, Oct 2001.
Duncan S. Wong, Hector Ho Fuentes, and Agnes H. Chan. The performance measurement of cryptographic primitives on palm devices. to appear in the Proceedings of the 17th Annual Computer Security Applications Conference, Dec 2001.
Muxiang Zhang, Christopher Carroll, and Agnes H. Chan. The software-oriented stream cipher SSC2. Fast Software Encryption Workshop 2000, 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wong, D.S., Chan, A.H. (2001). Efficient and Mutually Authenticated Key Exchange for Low Power Computing Devices. In: Boyd, C. (eds) Advances in Cryptology — ASIACRYPT 2001. ASIACRYPT 2001. Lecture Notes in Computer Science, vol 2248. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45682-1_17
Download citation
DOI: https://doi.org/10.1007/3-540-45682-1_17
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42987-6
Online ISBN: 978-3-540-45682-7
eBook Packages: Springer Book Archive