Abstract
We provide a cryptanalysis of a certain type of an authenticated key exchange protocol (AKE) for wearable devices. Subsequently, we propose a secure construction based on a modified SIGMA protocol with strengthened signature blocks and an additional out-of-bound channel. Specifically, we propose a signature scheme with an additive split of the signing key with a refresh mechanism. We analyze the security of the scheme, assuming that partial keys are stored in distinct hardware signature modules of the signing devices. We use these constructions for strengthening the SIGMA key exchange protocol. Refreshing the partial key shares in each protocol execution protects against potential key leakage from a single SM. Such leakages can occur due to unintended errors in implementations, or malicious hardware manufacturers. We give a formal security analysis in our strengthen Canetti-Krawczyk (CK) model with long-term secret key splitting and refresh over two separated signature modules.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alwen, J., Dodis, Y., Wichs, D.: Leakage-resilient public-key cryptography in the bounded-retrieval model. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 36–54. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_3
Apple: Apple Platform Security Spring 2020 (2020). https://manuals.info.apple.com/MANUALS/1000/MA1902/en_US/apple-platform-security-guide.pdf
Brakerski, Z., Kalai, Y.T., Katz, J., Vaikuntanathan, V.: Overcoming the hole in the bucket: public-key cryptography resilient to continual memory leakage. In: 2010 IEEE 51st Annual Symposium on Foundations of Computer Science, pp. 501–510 (2010). https://doi.org/10.1109/FOCS.2010.55
Butun, I., Sari, A., Österberg, P.: Hardware security of fog end-devices for the internet of things. Sensors 20, 5729 (2020)
Camenisch, J., Kohlweiss, M., Rial, A., Sheedy, C.: Blind and anonymous identity-based encryption and authorised private searches on public key encrypted data. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 196–214. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00468-1_12
Canetti, R., Krawczyk, H.: Security analysis of IKE’s signature-based key-exchange protocol. Cryptology ePrint Archive, Report 2002/120 (2002)
Dodis, Y., Haralambiev, K., Lopez-Alt, A., Wichs, D.: Cryptography against continuous memory attacks. In: 2010 IEEE 51st Annual Symposium on Foundations of Computer Science, pp. 511–520 (2010). https://doi.org/10.1109/FOCS.2010.56
Ferreira, L.C., Dahab, R.: Blinded-key signatures: securing private keys embedded in mobile agents. In: Proceedings of the 2002 ACM Symposium on Applied Computing, SAC 2002, pp. 82–86. Association for Computing Machinery, New York (2002). https://doi.org/10.1145/508791.508808
Google: Android Enterprise Security White Paper (2020). https://static.googleusercontent.com/media/www.android.com/sv//static/2016/pdfs/enterprise/Android_Enterprise_Security_White_Paper_2019.pdf
Green, M.D., Miers, I.: Forward secure asynchronous messaging from puncturable encryption. In: 2015 IEEE Symposium on Security and Privacy, pp. 305–320 (2015). https://doi.org/10.1109/SP.2015.26
Hanzlik, L., Kluczniak, K., Krzywiecki, L., Kutylowski, M.: Mutual chip authentication. In: 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2013 / 11th IEEE International Symposium on Parallel and Distributed Processing with Applications, ISPA-13/12th IEEE International Conference on Ubiquitous Computing and Communications, IUCC-2013, Melbourne, Australia, 16–18 July 2013, pp. 1683–1689. IEEE (2013). https://doi.org/10.1109/TrustCom.2013.209
Hanzlik, L., Kluczniak, K., Kutyłowski, M., Krzywiecki, Ł: Mutual restricted identification. In: Katsikas, S., Agudo, I. (eds.) EuroPKI 2013. LNCS, vol. 8341, pp. 119–133. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-53997-8_8
Huang, H.: Strongly secure one round authenticated key exchange protocol with perfect forward security. In: Boyen, X., Chen, X. (eds.) ProvSec 2011. LNCS, vol. 6980, pp. 389–397. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24316-5_28
Kiltz, E., Pietrzak, K.: Leakage resilient ElGamal encryption. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 595–612. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17373-8_34
Krawczyk, H.: SIGMA: the “SIGn-and-MAc’’ approach to authenticated Diffie-Hellman and its use in the IKE protocols. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 400–425. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_24
Krawczyk, H.: HMQV: a high-performance secure Diffie-Hellman protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546–566. Springer, Heidelberg (2005). https://doi.org/10.1007/11535218_33
Krzywiecki, Ł: Deniable version of SIGMA key exchange protocol resilient to ephemeral key leakage. In: Chow, S.S.M., Liu, J.K., Hui, L.C.K., Yiu, S.M. (eds.) ProvSec 2014. LNCS, vol. 8782, pp. 334–341. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12475-9_25
Krzywiecki, L., Kluczniak, K., Koziel, P., Panwar, N.: Privacy-oriented dependency via deniable SIGMA protocol. Comput. Secur. 79, 53–67 (2018). https://doi.org/10.1016/j.cose.2018.08.002
LaMacchia, B.A., Lauter, K.E., Mityagin, A.: Stronger security of authenticated key exchange, vol. 2006, p. 73 (2006). http://eprint.iacr.org/2006/073
Lauter, K.E., Mityagin, A.: Security analysis of KEA authenticated key exchange protocol, vol. 2005, p. 265 (2005). http://eprint.iacr.org/2005/265
Metcalf, D., Milliard, S.T.J., Gomez, M., Schwartz, M.: Wearables and the internet of things for health: wearable, interconnected devices promise more efficient and comprehensive health care. IEEE Pulse 7(5), 35–39 (2016). https://doi.org/10.1109/MPUL.2016.2592260
Nicolosi, A., Krohn, M.N., Dodis, Y., Mazières, D.: Proactive two-party signatures for user authentication. In: NDSS. The Internet Society (2003)
Papa, A., Mital, M., Pisano, P., Del Giudice, M.: E-health and wellbeing monitoring using smart healthcare devices: an empirical investigation. Technol. Forecast. Soc. Change 153, 119226 (2020). https://doi.org/10.1016/j.techfore.2018.02.018. http://www.sciencedirect.com/science/article/pii/S0040162517312696
Park, J.H., Chen, H.-H., Atiquzzaman, M., Lee, C., Kim, T., Yeo, S.-S. (eds.): ISA 2009. LNCS, vol. 5576. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02617-1
Qu, Y., Zheng, G., Ma, H., Wang, X., Ji, B., Wu, H.: A survey of routing protocols in WBAN for healthcare applications. Sensors (Basel, Switzerland) 19(7), 1638 (2019). https://doi.org/10.3390/s19071638. https://pubmed.ncbi.nlm.nih.gov/30959817
Ruan, O., Zhang, Y., Zhang, M., Zhou, J., Harn, L.: After-the-fact leakage-resilient identity-based authenticated key exchange. IEEE Syst. J. 12(2), 2017–2026 (2018). https://doi.org/10.1109/JSYST.2017.2685524
Sarr, A.P., Elbaz-Vincent, P., Bajard, J.-C.: A new security model for authenticated key agreement. In: Garay, J.A., De Prisco, R. (eds.) SCN 2010. LNCS, vol. 6280, pp. 219–234. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15317-4_15
Selvi, S.S.D., Paul, A., Rangan, C.P., Dirisala, S., Basu, S.: Splitting and aggregating signatures in cryptocurrency protocols. In: 2019 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON), pp. 100–108 (2019). https://doi.org/10.1109/DAPPCON.2019.00021
Shuai, M., Liu, B., Yu, N., Xiong, L., Wang, C.: Efficient and privacy-preserving authentication scheme for wireless body area networks. J. Inf. Secur. Appl. 52, 102499 (2020). https://doi.org/10.1016/j.jisa.2020.102499. http://www.sciencedirect.com/science/article/pii/S2214212619305903
Sidhu, S., Mohd, B.J., Hayajneh, T.: Hardware security in IoT devices with emphasis on hardware Trojans. J. Sens. Actuator Netw. 8(3), 42 (2019)
Tahir, H., Tahir, R., McDonald-Maier, K.: On the security of consumer wearable devices in the Internet of Things. PLoS ONE 13(4), e0195487 (2018)
Tang, Q., Chen, L.: Extended KCI attack against two-party key establishment protocols. Inf. Process. Lett. 111(15), 744–747 (2011)
Ustaoglu, B.: Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS. Des. Codes Cryptography 46(3), 329–342 (2008)
Zeng, W., Zhang, J.: Leakage-resilient and lightweight authenticated key exchange for E-health. In: 2020 6th International Conference on Information Management (ICIM), pp. 162–166 (2020). https://doi.org/10.1109/ICIM49319.2020.244691
Acknowledgments
The research was partially financed from the Fundamental Research Fund number 8211104160 of the Wrocław University of Science and Technology.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Krzywiecki, Ł., Salin, H. (2022). How to Design Authenticated Key Exchange for Wearable Devices: Cryptanalysis of AKE for Health Monitoring and Countermeasures via Distinct SMs with Key Split and Refresh. In: Beresford, A.R., Patra, A., Bellini, E. (eds) Cryptology and Network Security. CANS 2022. Lecture Notes in Computer Science, vol 13641. Springer, Cham. https://doi.org/10.1007/978-3-031-20974-1_11
Download citation
DOI: https://doi.org/10.1007/978-3-031-20974-1_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-20973-4
Online ISBN: 978-3-031-20974-1
eBook Packages: Computer ScienceComputer Science (R0)