Further improvement on the modified authenticated key agreement scheme
Introduction
In 1976, Diffie and Hellman [1] first proposed an asymmetric key agreement scheme to solve the key distribution problem in an open network. However, the Diffie–Hellman scheme is obviously vulnerable to the man-in-middle attack. It is because that the communicating parties have no way to verify each other. In order to defeat the attack, Seo and Sweeney [2], in 1999, proposed an authenticated key agreement scheme, called SAKA, which uses a pre-shared password to provide user authentication. However, in 2000, Tseng [3] showed that the SAKA cannot resist the replay attack in which an attacker can cheat the honest party into believing a wrong session key. Tseng also proposed an improved scheme to prevent the replay attack.
In 2000, Ku and Wang [4] pointed out that the Tseng scheme suffers from two kinds of attacks: the backward replay attack without modification and the modification attack. In the first attack, an attacker can masquerade as one communicating party and replay the exchanged messages to cheat the other one. In the second attack, an attacker can alter the exchanged messages to cheat one party into believing a wrong session key. Ku and Wang [4] also proposed a modified authenticated key agreement scheme to defeat these two attacks. Unfortunately, in 2003, Hsu et al. [5] showed that the Ku–Wang scheme is still vulnerable to the modification attack and gave an improvement to enhance the security of the Ku–Wang scheme. Moreover, the Hsu et al. scheme is more efficient than the previous schemes [2], [3], [4].
However, we find that the Hsu et al. scheme is still vulnerable to the modification attack. An attacker can cheat the participants to accept a wrong session key by altering the exchanged messages. This paper will first review the Hsu et al. scheme, and then show the security flaw in the Hsu et al. scheme in the Section 2. Then, we will further propose an improved scheme and analyze the security in the Section 3. Finally, conclusions will be given in the Section 4.
Section snippets
Review and analysis of the Hsu et al. scheme
In this section, we will briefly review the Hsu et al. scheme and then show the security flaw of the Hsu et al. scheme. Some notations used in the Hsu et al. scheme are defined as follows:
- •
A, B: two communicating parties;
- •
C: an attacker;
- •
idA, idB: the identities of A and B;
- •
n: a large prime number;
- •
g: a generator with the order n−1;
- •
P: the common password shared between A and B;
- •
Q: an integer computed from P;
- •
Q−1: the inverse of ;
- •
a: a random number chosen by A;
- •
b: a random number chosen by B;
The proposed scheme
To resist the modification attack, we propose an improvement on the Hsu et al. scheme in this section. The Key establishment phase in the proposed scheme is the same as the Key establishment phase in the Hsu et al. scheme. The only difference between the proposed scheme and the Hsu et al. scheme is in the Key validation phase.
Key validation phase
- (v.1)
A computes X2=H(idA,X1,K1) and sends X2 to B.
- (v.2)
B verifies the validation of the equation X2=H(idA,X1,K2).
- (v.3)
If it holds, B computes Y2=H(idB,Y1,K2) and
Conclusions
We have shown that the Hsu et al. scheme is still vulnerable to the modification attack. An attacker can alter the transmitted messages to cheat the communicating parties into believing a wrong session key. This paper further proposes an improvement to repair the security flaw. The improved scheme is as efficient as the Hsu et al. scheme.
Acknowledgements
This research was partially supported by the National Science Council of Republic of China under the contract no. NSC92-2213-E-218-019.
References (5)
- et al.
Improvement of modified authenticated key agreement protocol
Applied Mathematics and Computation
(2003) - et al.
New directions in cryptography
IEEE Transaction on Information Theory
(1976)
Cited by (11)
Cryptanalysis of the modified authenticated key agreement scheme
2005, Applied Mathematics and ComputationCryptanalysis of Lee-Kim-Yoo password-based key agreement scheme
2005, Applied Mathematics and ComputationA Secure Key Agreement Protocol for Data Communication in Public Network Based on the Diffie-Hellman Key Agreement Protocol
2020, Lecture Notes in Networks and SystemsImproving the lee-lee's password based authenticated key agreement protocol
2012, International Journal of Innovative Computing, Information and ControlAn efficient authenticated key agreement scheme without using smart card
2011, IMETI 2011 - 4th International Multi-Conference on Engineering and Technological Innovation, ProceedingsSimple password-based authenticated key agreement protocol
2011, Advanced Materials Research