Skip to main content
SpringerLink
Log in

Analyzing three-party authentication and key agreement protocol for real time IP multimedia server–client systems

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

Authenticated key agreement (AKA) is useful to preserve the secret (private) key for the data being transmitted over an insecure Thus, this paper proposes the strategies, such as short-term and long-term private keys for the three party authentication and key agreement (3PAKA) protocol. Recently, the IP Multimedia server and client systems have been sprung up for the Telecom Industry, though the systems have not had any proficient authentication mechanism for the fulfillment of security properties and mitigation of signal congestion, bandwidth consumption and end-to-end voice call delay. To address this issue, we present a novel 3PAKA that duplicates the long-term and short-term private keys to alleviate the signal congestion of the multimedia systems. It is then analyzed in the real time multimedia server–client systems to examine the metrics realistically. Besides, we employ the strategy of random Challenge-Response (CR) technique to declare the clock synchronization as invalid.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Abdalla M, Fouque PA, Pointcheval D (2005) Password based authenticated key exchange in the three-party setting. PKC’05, pp 65–84

  2. Abdalla M, Pointcheval D (2005) Simple password-based encrypted key exchange protocols. Topics in Cryptology – CT-RSA 2005, LNCS. Springer-Verlag, pp 191–208

  3. Awasthi AK, Lal S (2003) A remote user authentication scheme using smart cards with forward secrecy. IEEE Trans Consum Electron 49(4):1246–1248

    Article  Google Scholar 

  4. Bellare M, Rogaway P (1993) Random oracles are practical: a paradigm for designing efficient protocols, in: Proc. the 1st ACM Conference on Computer and Communications, Security (CCS’93), pp. 62–73.

  5. Bellovin SM, Merritt M (1990) Limitations of the Kerberos authentication system. ACM Comput Commun Rev 20:119–132

    Article  Google Scholar 

  6. Bird R, Gopal I, Herzberg A, Janson P, Kutten S, Molva R, Yung M (1991) Systematic design of two-party authentication protocols. Advances in Cryptology (Crypto’91), pp 44–61

  7. Byun JW, Lee DH, Lim J (2006) Efficient and provably secure client-to-client password-based key exchange protocol. APWeb’06 LNCS 3841:830–836

    Google Scholar 

  8. Chang TY, Hwang MS, Yang WP (2011) A communication-efficient three-party password authenticated key exchange protocol. Inf Sci 181(1):217–226

    Article  MathSciNet  Google Scholar 

  9. Chang C, Lee J, Cheng T (2008) Security design for three-party encrypted key exchange protocol using smart cards. 2nd International Conference on Ubiquitous Information Management and, Communication, pp 329–333

  10. Chien H (2011) Secure verifier-based three-party key exchange in the random oracle model. J Inf Sci Eng 27(4):1487–1501

    MathSciNet  MATH  Google Scholar 

  11. Diffie W, Hellman M (1976) New directions in cryptography. IEEE Trans Inf Theory 22:644–654. doi:10.1109/TIT.1976.1055638

    Article  MathSciNet  MATH  Google Scholar 

  12. Diffie W, Wiener M, Van Oorschot P (1992) Authentication and authenticated key exchanges. Des Codes Crypt 2:107–125. doi:10.1007/BF00124891

    Article  MathSciNet  Google Scholar 

  13. Ding Y, Horster P (1995) Undetectable on-line password guessing attacks. ACM Oper Syst Rev 29(4):77–86

    Article  Google Scholar 

  14. Farash MS, Attari MA (2014) An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps. Nonlinear Dyn 77(1–2):399–411

    Article  MathSciNet  MATH  Google Scholar 

  15. Gaarder K, Snekkenes E (1991) Applying a formal analysis technique to the CCITT X.509 strong two-way authentication protocol. J Cryptol 3:81–98. doi:10.1007/BF00196790

    Article  MathSciNet  MATH  Google Scholar 

  16. Gong L (1993) Lower bounds on messages and rounds for network authentication protocols. 1st ACM conference on Computer and communications, security (CCS’93), pp 26–37

  17. Gong L (1995) Optimal authentication protocols resistant to password guessing attacks. 8th IEEE Computer Security Foundation Workshop, pp 24–29

  18. Gong L, Lomas MA, Needham R, Saltzerr J (1993) Protecting poorly chosen secrets from guessing attacks. IEEE J Sel Areas Commun 11(5):648–656. doi:10.1109/49.223865

  19. Guo H, Li ZJ, Mu Y, Zhang XY (2008) Cryptanalysis of simple three-party key exchange protocol. Comput Secur 27:16–21

    Article  Google Scholar 

  20. Hwang MS, Li LH (2000) A new remote user authentication scheme using smart cards. IEEE Trans Consum Electron 46(1):28–30

    Article  Google Scholar 

  21. Jablon D (1997) Extended password key exchange protocols immune to dictionary attack. WETICE Workshop on Enterprise Security, pp 248–255

  22. Juang WS (2004) Efficient three-party key exchange using smart cards. IEEE Trans Consum Electron 50:619–624

    Article  Google Scholar 

  23. Katz J, Lindell Y (2007) Introduction to modern cryptography, Chapman & Hall/CRC Press, pp 476–478

  24. Katz J, Ostrovsky R, Yung M (2001) Efficient password-authenticated key exchange using human-memorable passwords. Eurocrypt 2001, LNCS 2045, Springer-Verlag, pp 475–494

  25. Keung S, Siu K (1995) Efficient protocols secure against guessing and replay attacks. Fourth International Conference on Computer Communications and Networks, pp 105–112.

  26. Ku WC, Chen SM (2004) Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards. IEEE Trans Consum Electron 50(1):204–207

    Article  Google Scholar 

  27. Kwon T, Kang M, Jung S, Song J (1999) An improvement of the password-based authentication protocol (K1P) on security against replay attacks. IEICE Trans Commun E82-B(7):991–997

    Google Scholar 

  28. Kwon T, Song J (1998) Efficient key exchange and authentication protocol protecting weak secrets. IEICE Trans Fundam E81-A(1):156–163

    Google Scholar 

  29. Kwon T, Song J (1998) Authentication key exchange protocols resistant to password guessing attacks. IEE Commun 145(5):304–308

    Article  Google Scholar 

  30. Law L, Menezes A, Qu M, Solinas J, Vanstone S (2003) An efficient protocol for authenticated key agreement. Des Codes Crypt 28:119–134. doi:10.1023/A:1022595222606

    Article  MathSciNet  MATH  Google Scholar 

  31. Lee TF, Hwang T (2010) Simple password-based three party authenticated key exchange without server public keys. Inf Sci 180(9):1702–1714

    Article  MATH  Google Scholar 

  32. Li X, Qiu W, Zheng D, Chen K, Li J (2010) Anonymity enhancement on robust and efficient password-authenticated key agreement using smart cards. IEEE Trans Ind Electron 57:793–800. doi:10.1109/TIE.2009.2028351

    Article  Google Scholar 

  33. Lin CL, Sun HM, Steiner M, Hwang T (2001) Three-party encrypted key exchange without server public-keys. IEEE Commun Lett 5(12):497–499

    Article  Google Scholar 

  34. Lin CL, Sun HM, Hwang T (2000) Three-party encrypted key exchange: attacks and a solution. ACM Oper Syst Rev 34(4):12–20

    Article  Google Scholar 

  35. Lou DC, Huang HF (2011) Efficient three-party password-based key exchange scheme. Int J Commun Syst 24:504–512

    Article  Google Scholar 

  36. Lu RX, Cao ZF (2007) Simple three-party key exchange protocol. Comput Secur 26:94–97

    Article  Google Scholar 

  37. Lucks S (1997) Open key exchange: How to defeat dictionary attacks without encrypting public keys. Security Protocol Workshop ’97, pp 79–90

  38. Menezes A, van Oorschot P, Vanstone S (1996) Handbook of applied cryptography. CRC Press Inc

  39. Nisan N, Widgerson A (1991) Rounds in communication complexity revisited. 23rd Annual ACM Symposium on Theory of Computing (STOC’91), pp 419–429

  40. OpenIMSCore (2009). Website Link: http://www.openim-score.org/

  41. Phan RC, Goi BM (2006) Cryptanalysis of two provably secure cross-realm C2C-PAKE protocols. INDOCRYPT’06, LNCS, pp 104–117

  42. Pu Q, Wang J, Wu S, Fu J (2013) Secure verifier based three-party password-authenticated key exchange. Peer-to-Peer Netw Appl 6(1):15–25

    Article  Google Scholar 

  43. Steiner M, Tsudik G, Waidner M (1995) Refinement and extension of encrypted key exchange. ACM Oper Syst Rev 29(3):22–30

    Article  Google Scholar 

  44. Sun HM (2000) An efficient remote user authentication scheme using smart cards. IEEE Trans Consum Electron 46(4):958–961

    Article  Google Scholar 

  45. Tallapally S (2012) Security enhancement on simple three party PAKE protocol. Inf Technol Control 41(1):15–22

    Google Scholar 

  46. Toldinas J, Štuikys V, Ziberkas G, Naunikas D (2010) Power awareness experiment for crypto service–based algorithms. Electronics and electrical engineering. Kaunas Technologija 5(101):57–62

    Google Scholar 

  47. Tso R (2013) Security analysis and improvements of a communication-efficient three-party password authenticated key exchange protocol. J Super Comput 66(2):863–874

    Article  Google Scholar 

  48. UCTIMS (2012). Website Link: http://uctimsclient.berlios.de/

  49. Wang WJ, Hu L (2006) Efficient and provably secure generic construction of three-party password-based authenticated key exchange protocols. INDOCRYPT’06 LNCS, pp 118–132

  50. Wu S, Chen K, Zhu Y (2013) Enhancements of a three-party password-based authenticated key exchange protocol. Int Arab J Inf Technol 10(3):215

    Google Scholar 

  51. Wu S, Pu Q, Wang S, He D (2012) Cryptanalysis of a communication-efficient three-party password authenticated key exchange protocol. Inf Sci 215(1):83–96

    Article  MathSciNet  MATH  Google Scholar 

  52. Yang Y, Deng RH, Bao F (2006) A practical password-based two-server authentication and key exchange system. IEEE Trans Dependable Secure Comput 3:105–114. doi:10.1109/TDSC.2006.16

    Article  Google Scholar 

  53. Yang Y, Zhou J, Weng J, Bao F (2009) A new approach for anonymous password authentication. Annual Computer Security Applications Conference (ACSAC 2009), pp 199–208

  54. Yin Y, Bao L (2006) Secure cross-realm C2C-PAKE protocol. ACISP’06 LNCS 4058:395–406

    MATH  Google Scholar 

  55. Yoon EJ, Yoo KY (2007) Token-based authenticated key establishment protocols for three-party communication. 2007 Conference on Emerging Direction in Embedded and Ubiquitous Computing LNCS 4809:758–769

Download references

Acknowledgments

The corresponding author would like to thank Tata Consultancy Services and SASTRA for the financial assistance under the scheme of Research Scholar Program (RSP).

Author information

Authors and Affiliations

  1. School of Computing, SASTRA University, Thanjavur, TN, 613401, India

    Bakkiam David Deebak, Rajappa Muthaiah & Pitchai Iyer Swaminathan

  2. School of Electrical and Electronics, SASTRA University, Thanjavur, TN, 613401, India

    Karuppuswamy Thenmozhi

Authors
  1. Bakkiam David Deebak
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rajappa Muthaiah
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Karuppuswamy Thenmozhi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Pitchai Iyer Swaminathan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bakkiam David Deebak.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Deebak, B.D., Muthaiah, R., Thenmozhi, K. et al. Analyzing three-party authentication and key agreement protocol for real time IP multimedia server–client systems. Multimed Tools Appl 75, 5795–5817 (2016). https://doi.org/10.1007/s11042-015-2542-4

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-015-2542-4

Keywords

Search

Navigation