Design of a Robust, Computation-Efficient and Secure 3P-EKE Protocol using Analogous Message Transmission

Full Text (PDF, 721KB), PP.9-17

Views: 0 Downloads: 0

Author(s)

Archana Raghuvamshi 1,* Premchand Parvataneni 2

1. Adkavi Nannaya University /CSE Department, Rajahmundry, 533296, India

2. Osmania University/CSE Department, Hyderabad, 500007, India

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2016.05.02

Received: 12 Oct. 2015 / Revised: 16 Jan. 2016 / Accepted: 11 Mar. 2016 / Published: 8 May 2016

Index Terms

Password Authenticated Key Exchange Protocols, Three-Party Encrypted Key Exchange Protocols, Types of Attacks

Abstract

In this modern era of digital communication even a trivial task needs to be performed over internet which is not secure. Many cryptographic algorithms existed to provide security which facilitates secure communication through internet. As these algorithms need a secret session key, it is required to interchange this key in a secure way. In two-party communication, two clients initially share a low random (entropy) password through a secure channel to establish a secret session key. But this paradigm necessitates high maintenance of passwords, since each communicating pair requires separate passwords to establish a secure session key. In three-party communication network, each communication party shares a password with the trusted third-party (server) to exchange a secret session key. The beauty of this setting is that, even a server does not know the session key. The Password Authenticated Encrypted Key Exchange (PA-EKE) protocols have attracted a lot of curiosity to authors to propose various two-party and three-party PA-EKE protocols. Security flaws in various protocols proposed by Chang-Chang, Yoon-Yoo, PSRJ and Raj et al. inspired to design a robust, computationally efficient and highly secure protocol. This paper is an attempt to propose a secure and novel Password Authenticated 3P-EKE protocol using XOR operations and analogous (parallel) message transmission. The proposed protocol is easy to design and more secured against all types of attacks like password guessing, replay, pre-play, server spoofing etc. which made this protocol special.

Cite This Paper

Archana Raghuvamshi, Premchand Parvataneni, "Design of a Robust, Computation-Efficient and Secure 3P-EKE Protocol using Analogous Message Transmission", International Journal of Computer Network and Information Security(IJCNIS), Vol.8, No.5, pp.9-17, 2016. DOI:10.5815/ijcnis.2016.05.02

Reference

[1]W. Diffie and M. E. Hellman. “New directions in cryptography”. IEEE Transactions on Information Theory, vol.22, no.6, pp.644– 654, 1976.
[2]Y. Ding and P. Horster, “Undetectable on-line password guessing attacks,” ACM Operating Systems Review, vol.29, no.4, pp.77-86, 1995.
[3]S.M. Bellovin and M. Merritt, “Encrypted key exchange: password-based protocols secure against password guessing attacks,” in Proc. of 1992 IEEE Symposium on Research in Security and Privacy, pp.72–84, 1992.
[4]Chin-Chen Chang*, Ya-fen Chang, “A novel three-party encrypted key exchange protocol”, Elsevier, Computer Standards & Interfaces 26 (2004) pp.471 – 476.
[5]Eun-Jun Yoon, Kee-Young Yoo, “Improving the novel three-party encrypted key exchange protocol”, Elsevier, Computer Standards and Interfaces, 30:309-314 , (2008).
[6]H.R. Chung and W.C. Ku, “Three weaknesses in a simple three-party key exchange protocol,” Information Science, vol.178, no.1, pp.220-229, 2008.
[7]R.Padmavathy, Tallapally Shirisha, M.Rajkumar, Jayadev Gyani, “Improved analysis on Chang and Chang Password Key Exchange Protocol”, IEEE International Conference on Advances in Computing, Control, and Telecommunication Technologies, 2009, pp.781-783.
[8]Ya-Fen Chang, Wei-Cheng Shiao, and Chung-Yi Lin, “Comments on Yoon and Yoo’s Three-party Encrypted Key Exchange Protocol”, International Conference on Advanced Information Technologies (AIT) in 2009.
[9]R.Parvathy, “IMPROVED THREE PARTY EKE PROTOCOL”, ISSN 1392 – 124X INFORMATION TECHNOLOGY AND CONTROL, 2010, Vol.39, No.3, pp.220-226.
[10]Shirisha Tallapally, “IMPERSONATION ATTACK ON EKE PROTOCOL”, International Journal of Network Security & Its Applications (IJNSA), Volume 2, Number 2, April 2010, pp. 114-121.
[11]Archana Raghuvamshi, P.Venkateshwara Rao, and Prof.P.Premchand, “Cryptanalysis of Authenticated Key Exchange 3P-EKE Protocol and its Enhancement”, IEEE-International Conference On Advances In Engineering, Science And Management (ICAESM -2012) March 30, 31, 2012, pp.659-666.
[12]P.Rajkumar and C.Manoharan, “Security Enhancement for 3-PEKE protocol using parallel Message transmission”, International Journal of Engineering Science and Technology (IJEST),Vol.4, No.8, pp.3767-3772
[13]P.Rajkumar, C.Manoharan, M.Ananthi, “Performance Analysis Of 3pek Exchange Protocol Using Parallel Message Transmission Technique”, International Journal
of Engineering Research & Technology (IJERT), Vol. 1 Issue 7, September – 2012, ISSN: 2278-0181, pp.1-5.
[14]Archana Raghuvamshi , Prof.P.Premchand ,“A Weakness in 3pek Exchange Protocol using Parallel Message Transmission Technique”, International Journal of Advanced Research in Computer Science(IJARCS), ISSN No. 0976-5697, Volume 4, No. 11, Nov-Dec 2013,pp.104-108.
[15]Y. Gertner, T. Malkin, O. Reingold, “On the impossibility of basing trapdoor functions on trapdoor predicates”, Proceedings of the 42nd IEEE Symposium on foundations of Computer Science, Las Vegas, Nevada, October, 2001, pp. 126 – 135.