Skip to main content
SpringerLink
Log in

Cryptanalysis and Enhancement of an Anonymous Self-Certified Key Exchange Protocol

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Authentication protocols with anonymity have gained much popularity recently which allows users to access any public network without compromising their identity. Several key exchange protocols have been proposed in the literature using either public key infrastructure or identity-based cryptosystem. However, the former suffers from heavy computation cost and latter fails to prevent key escrow problem. Recently, Islam et al. have proposed a self-certified authenticated key agreement protocol based on ECC which removes the above limitations. However, through careful analysis, we found that their scheme lack anonymity and vulnerable to trace the attack, clogging attack, and fails to prevent the replay attack. To overcome these weaknesses, we propose an anonymous self-certified authenticated key exchange protocol by including the required security features. The scheme is formally proved using Automated Validation of Internet Security protocols and Applications software. Also, the formal authentication proofs using Burrows–Abadi–Needham logic ensures successful authentication. Furthermore, the performance analysis demonstrates that the proposed scheme accomplishes less computational cost and is applicable to a client–server architecture.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

References

  1. Diffie, W., & Hellman, M. (1976). New directions in cryptography. IEEE Transactions on Information Theory, 22(6), 644–654.

    Article  MathSciNet  MATH  Google Scholar 

  2. Bellare, M., & Rogaway, P. (1993). Entity authentication and key distribution. In Annual international cryptology conference (pp. 232–249). Springer.

  3. Bellovin, S. M., & Merritt, M. (1992). Encrypted key exchange: Password-based protocols secure against dictionary attacks. In Proceedings of 1992 IEEE computer society symposium on research in security and privacy (pp. 72–84). IEEE.

  4. Bellare, M., Pointcheval, D., & Rogaway, P. (2000). Authenticated key exchange secure against dictionary attacks. In International conference on the theory and applications of cryptographic techniques (pp. 139–155). Springer.

  5. Chen, T.-H., Lee, W.-B., & Chen, H.-B. (2008). A round-and computation-efficient three-party authenticated key exchange protocol. Journal of Systems and Software, 81(9), 1581–1590.

    Article  Google Scholar 

  6. Blake-Wilson, S., Johnson, D., & Menezes, A. (1997). Key agreement protocols and their security analysis. In IMA international conference on cryptography and coding (pp. 30–45). Springer.

  7. Shamir, A. (1984). Identity-based cryptosystems and signature schemes. In Workshop on the theory and application of cryptographic techniques (pp. 47–53). Springer.

  8. Scott, M. (2002). Authenticated id-based key exchange and remote log-in with simple token and pin number. IACR Cryptology ePrint Archive, 2002, 164.

    Google Scholar 

  9. Smart, N. P. (2002). Identity-based authenticated key agreement protocol based on weil pairing. Electronics Letters, 38(13), 630–632.

    Article  MATH  Google Scholar 

  10. Boneh, D., & Franklin, M. (2001). Identity-based encryption from the Weil pairing. In Annual international cryptology conference (pp. 213–229). Springer.

  11. Joux, A. (2000). A one round protocol for tripartite Diffie–Hellman. In International algorithmic number theory symposium (pp. 385–393). Springer.

  12. Chen, L., & Kudla, C. (2003). Identity based authenticated key agreement protocols from pairings. In Proceedings of 16th IEEE on computer security foundations workshop (pp. 219–233). IEEE.

  13. Shim, K. (2003). Efficient ID-based authenticated key agreement protocol based on weil pairing. Electronics Letters, 39(8), 653–654.

    Article  Google Scholar 

  14. Sun, H.-M., & Hsieh, B.-T. (2003). Security analysis of shim’s authenticated key agreement protocols from pairings. IACR Cryptology ePrint Archive, 2003, 113.

    Google Scholar 

  15. Ryu, E.-K., Yoon, E.-J., & Yoo, K.-Y. (2004). An efficient ID-based authenticated key agreement protocol from pairings. In International conference on research in networking (pp. 1458–1463). Springer.

  16. Boyd, C., & Choo, K.-K. R. (2005). Security of two-party identity-based key agreement. In International conference on cryptology in Malaysia (pp. 229–243). Springer.

  17. Wang, S., Cao, Z., Choo, K. K. R., & Wang, L. (2009). An improved identity-based key agreement protocol and its security proof. Information Sciences, 179(3), 307–318.

    Article  MathSciNet  MATH  Google Scholar 

  18. Cao, X., Kou, W., & Xiaoni, D. (2010). A pairing-free identity-based authenticated key agreement protocol with minimal message exchanges. Information Sciences, 180(15), 2895–2903.

    Article  MathSciNet  MATH  Google Scholar 

  19. Kudla, C., & Paterson, K. G. (2005). Modular security proofs for key agreement protocols. In International conference on the theory and application of cryptology and information security (pp. 549–565). Springer.

  20. Hafizul Islam, S. K., & Biswas, G. P. (2012). An improved pairing-free identity-based authenticated key agreement protocol based on ECC. Procedia Engineering, 30, 499–507.

    Article  Google Scholar 

  21. Girault, M. (1991). Self-certified public keys. In Workshop on the theory and application of cryptographic techniques (pp. 490–497). Springer.

  22. Saeednia, S. (1997). Identity-based and self-certified key-exchange protocols. In Australasian conference on information security and privacy (pp. 303–313). Springer.

  23. Tzong-Chen, W., Chang, Y.-S., & Lin, T.-Y. (1998). Improvement of saeednia’s self-certified key exchange protocols. Electronics Letters, 34(11), 1094–1095.

    Article  Google Scholar 

  24. Kim, S., Oh, S., Park, S., Wong, D., Kimy, S., Ohy, S. et al. (1998). On saeednia’s key-exchange protocols. Citeseer: In Proceedings of teddington conference on the mechanization of thought processes.

  25. Zu-Hua, S. (2005). Efficient authenticated key agreement protocol using self-certified public keys from pairings. Wuhan University Journal of Natural Sciences, 10(1), 267–270.

    Article  MathSciNet  Google Scholar 

  26. Tsaur, W.-J. (2005). Several security schemes constructed using ECC-based self-certified public key cryptosystems. Applied Mathematics and Computation, 168(1), 447–464.

    Article  MathSciNet  MATH  Google Scholar 

  27. Hafizul Islam, S. K., & Biswas, G. P. (2015). Design of two-party authenticated key agreement protocol based on ecc and self-certified public keys. Wireless Personal Communications, 82(4), 2727–2750.

    Article  Google Scholar 

  28. Khan, M. K., Kim, S.-K., & Alghathbar, K. (2011). Cryptanalysis and security enhancement of a more efficient and secure dynamic id-based remote user authentication scheme. Computer Communications, 34(3), 305–309.

    Article  Google Scholar 

  29. Liao, Y.-P., & Wang, S.-S. (2009). A secure dynamic id based remote user authentication scheme for multi-server environment. Computer Standards and Interfaces, 31(1), 24–29.

    Article  Google Scholar 

  30. Wang, Y., Liu, J., Xiao, F., & Dan, J. (2009). A more efficient and secure dynamic id-based remote user authentication scheme. Computer Communications, 32(4), 583–585.

    Article  Google Scholar 

  31. Chaum, D., & Van Heyst, E. (1991). Group signatures. In Advances in cryptology EUROCRYPT91 (pp. 257–265). Springer.

  32. Ren, J., & Harn, L. (2013). An efficient threshold anonymous authentication scheme for privacy-preserving communications. IEEE Transactions on Wireless Communications, 12(3), 1018–1025.

    Article  Google Scholar 

  33. He, D., Chen, C., Chan, S., & Jiajun, B. (2012). Secure and efficient handover authentication based on bilinear pairing functions. IEEE Transactions on Wireless Communications, 11(1), 48–53.

    Article  Google Scholar 

  34. Lu, Y., Li, L., Peng, H., & Yang, Y. (2016). Robust id based mutual authentication and key agreement scheme preserving user anonymity in mobile networks. KSII Transactions on Internet and Information Systems, 10(3), 1.

    Google Scholar 

  35. Hsieh, W.-B., & Leu, J.-S. (2014). An anonymous mobile user authentication protocol using self-certified public keys based on multi-server architectures. The Journal of Supercomputing, 70(1), 133–148.

    Article  Google Scholar 

  36. Hankerson, D., & Menezes, A. J. (2005). Guide to elliptic curve cryptography. Computing Reviews, 46(1), 13.

    MATH  Google Scholar 

  37. Gutub, A. A.-A., & Arabia, S. (2010). Remodeling of elliptic curve cryptography scalar multiplication architecture using parallel jacobian coordinate system. International Journal of Computer Science and Security (IJCSS), 4(4), 409.

    Google Scholar 

  38. Garrett, K., Talluri, S. R., & Roy, S. (2015). On vulnerability analysis of several password authentication protocols. Innovations in Systems and Software Engineering, 11(3), 167–176.

    Article  Google Scholar 

  39. Rankl, W., & Effing, W. (2004). Smart card handbook. New York: Wiley.

    Google Scholar 

  40. Han, W., & Zhu, Z. (2014). An id-based mutual authentication with key agreement protocol for multiserver environment on elliptic curve cryptosystem. International Journal of Communication Systems, 27(8), 1173–1185.

    Article  Google Scholar 

  41. He, D. (2012). An efficient remote user authentication and key agreement protocol for mobile client–server environment from pairings. Ad Hoc Networks, 10(6), 1009–1016.

    Article  Google Scholar 

  42. Khatwani, C., & Roy, S. (2015). Security analysis of ECC based authentication protocols. In 2015 International conference on computational intelligence and communication networks (CICN) (pp. 1167–1172). IEEE.

  43. Roy, S. (2017). Denial of service attack on protocols for smart grid communications. In Security solutions and applied cryptography in smart grid communications (pp. 50–67). IGI Global.

  44. Viganò, L. (2006). Automated security protocol analysis with the avispa tool. Electronic Notes in Theoretical Computer Science, 155, 61–86.

    Article  Google Scholar 

  45. Avispa Web Tool. (2017). Automated validation of internet security protocols and applications.

  46. Hlpsl Tutorial. (2006). http://www.avispa-project.org/package/tutorial.pdf.

  47. Dolev, D., & Yao, A. C. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 198–208.

    Article  MathSciNet  MATH  Google Scholar 

  48. Roy, S., Das, A. K., & Li, Y. (2011). Cryptanalysis and security enhancement of an advanced authentication scheme using smart cards, and a key agreement scheme for two-party communication. In 2011 IEEE 30th international performance computing and communications conference (IPCCC) (pp. 1–7). IEEE.

  49. Burrows, M., Abadi, M., & Needham, R. M. (1989). A logic of authentication. Proceedings of the Royal Society of London A: Mathematical, Physical and Engineering Sciences, 426, 233–271.

    Article  MathSciNet  MATH  Google Scholar 

  50. Wen, J., Zhang, M., & Li, X. (2005). The study on the application of ban logic in formal analysis of authentication protocols. In Proceedings of the 7th international conference on electronic commerce (pp. 744–747). ACM.

  51. Wang, S., Cao, Z., Cao, F., et al. (2008). Efficient identity-based authenticated key agreement protocol with pkg forward secrecy. IJ Network Security, 7(2), 181–186.

    Google Scholar 

  52. Hafizul Islam, S. K., & Biswas, G. P. (2015). A pairing-free identity-based two-party authenticated key agreement protocol for secure and efficient communication. Journal of King Saud University-Computer and Information Sciences, 29(1), 63–73.

    Article  Google Scholar 

  53. Farash, M. S., Chaudhry, Shehzad A., Heydari, M., Sadough, S., Mohammad, S., Kumari, S., et al. (2017). A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security. International Journal of Communication Systems, 30(4), 2017.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, National Institute of Technology Rourkela, Rourkela, Orissa, India

    Susmita Mandal, Sujata Mohanty & Banshidhar Majhi

Authors
  1. Susmita Mandal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sujata Mohanty
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Banshidhar Majhi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Susmita Mandal.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Mandal, S., Mohanty, S. & Majhi, B. Cryptanalysis and Enhancement of an Anonymous Self-Certified Key Exchange Protocol. Wireless Pers Commun 99, 863–891 (2018). https://doi.org/10.1007/s11277-017-5156-5

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-017-5156-5

Keywords

Search

Navigation