Skip to main content
SpringerLink
Log in
Book cover

International Conference on Trusted Systems

INTRUST 2011: Trusted Systems pp 204–220Cite as

Multifactor Authenticated Key Renewal

  • Conference paper

  • 869 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7222))

Abstract

Establishing secure channels is one of the most important and fundamental trust issues in information security. It is of high important not only for servers and users computers but also for global connectivity among any kind of network devices. Most existing technologies for establishing secure channels are based on asymmetric cryptography which requires heavy computations, large memory and complicated supporting mechanism such as PKI. In this paper, we consider the setting of authentication with small devices possibly held by humans and possibly embedded in a semi secure environment. We propose a authenticated key renewal protocol which uses only symmetric cryptography. The protocol takes into account other factors important for embedded and human held network devices: It covers multi-factor authentication to take advantage of secrets possessed by the secure device as well as the memorable password of the device owner. The protocol can, further, allow partial leakage of stored secret from a secure device. The protocol’s considerations are a good demonstration of designing “trusted procedure” in the highly constrained environment of mobile and embedded small devices which is expected to be prevalent in the coming years.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Avoine, G., Oechslin, P.: A scalable and provably secure hash-based RFID protocol. In: Proc. of the PerCom 2005 Workshops (2005)

    Google Scholar 

  2. Juels, A., Pappu, R.: Squealing Euros: Privacy Protection in RFID-Enabled Banknotes. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  3. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  4. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)

    Article  MathSciNet  Google Scholar 

  5. Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2. Internet Draft, RFC 5246 (2008)

    Google Scholar 

  6. Dziembowski, S., Pietrzak, K.: Leakage-resilient cryptography. In: Proc. FOCS, October 25-28, pp. 293–302 (2008)

    Google Scholar 

  7. Halevi, S., Krawczyk, H.: Public-key cryptography and password protocols. ACM Transactions on Information and System Security (TISSEC) 2(3), 230–268 (1999)

    Article  Google Scholar 

  8. Katz, J., Ostrovsky, R., Yung, M.: Forward Secrecy in Password-Only Key Exchange Protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 29–44. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. Kolesnikov, V., Rackoff, C.: Key Exchange Using Passwords and Long Keys. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 100–119. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  10. Kent, S., Seo, K.: Security Architecture for the Internet Protocol. Internet Draft, RFC 4301 (2005)

    Google Scholar 

  11. Matsuo, S., Phong, L.T., Ohkubo, M., Yung, M.: Leakage-Resilient RFID Authentication with Forward-Privacy. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 176–188. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  12. Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic Approach to “Privacy-Friendly” Tags. In: RFID Privacy Workshop. MIT, USA (2003)

    Google Scholar 

  13. Pietrzak, K.: A Leakage-Resilient Mode of Operation. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 462–482. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  14. Petit, C., Standaert, F.-X., Pereira, O., Malkin, T., Yung, M.: A Block Cipher based Pseudo Random Number Generator Secure against Side-channel Key Recovery. In: Proc. of ASIACCS 2008, pp. 56–65 (2008)

    Google Scholar 

  15. Pointcheval, D., Zimmer, S.: Multi-factor Authenticated Key Exchange. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 277–295. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  16. Sarma, S.E., Weis, S.A., Engels, D.W.: RFID Systems and Security and Privacy Implications. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 454–469. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  17. Trusted Computing Group, http://www.trustedcomputinggroup.org/

  18. Ylonen, T., Lonvick, C.: The Secure Shell (SSH) Protocol Architecture. Internet Draft, RFC 4541 (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Institute of Information and Communications Technology (NICT), Japan

    Shin’ichiro Matsuo & Daisuke Moriyama

  2. Columbia University, USA

    Moti Yung

  3. Google Inc., USA

    Moti Yung

Authors
  1. Shin’ichiro Matsuo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Daisuke Moriyama
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Moti Yung
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hewlett-Packard Laboratories, Long Down Avenue, BS34 8QZ, Stoke Gifford, Bristol, UK

    Liqun Chen

  2. Computer Science Department, Columbia University, Room 465, S.W. Mudd Building, 10027, New York, NY, USA

    Moti Yung

  3. Institute of Technology, Beijing Key Lab of Intelligent Information Technology, 100081, Beijing, China

    Liehuang Zhu

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Matsuo, S., Moriyama, D., Yung, M. (2012). Multifactor Authenticated Key Renewal. In: Chen, L., Yung, M., Zhu, L. (eds) Trusted Systems. INTRUST 2011. Lecture Notes in Computer Science, vol 7222. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32298-3_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-32298-3_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-32297-6

  • Online ISBN: 978-3-642-32298-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation