IJCNIS Vol. 8, No. 6, 8 Jun. 2016
Cover page and Table of Contents: PDF (size: 846KB)
Full Text (PDF, 846KB), PP.59-66
Views: 0 Downloads: 0
Verifier–based protocols, Password –based Authentication, Three Party Encrypted Key Exchange Protocol (3P-EKE), Public-Key Cryptosystem Based on Logarithmic Approach (PCLA)
This paper endeavors to present a novel framework for the generic structure of a verifier-based password authenticated Three-Party Encrypted Key Exchange (3P-EKE) protocol which yields more efficient protocol than the ones knew before. A previous framework presented by Archana and Premchand is more secured against all types of attacks like password guessing, replay, pre-play, man-in-the-middle attack etc. But unfortunately, this protocol does not solve the problem of a server compromise. These proofs help as inspiration to search for another framework. The framework we offer produces more efficient 3P-EKE protocol, and, in addition, delivers perceptive clarification about the existing attacks that do not solve in the previous framework. Moreover, it allows direct change from a class of verge private-key encryption to a hybrid (symmetric & Asymmetric) one without significant overhead.
Archana Raghuvamshi, Premchand Parvataneni, "Verifier-based Password Authenticated 3P-EKE Protocol using PCLA keys", International Journal of Computer Network and Information Security(IJCNIS), Vol.8, No.6, pp.59-66, 2016. DOI:10.5815/ijcnis.2016.06.07
[1]Y. Ding and P. Horster. “Undetectable online password guessing attacks,” ACM Operating Systems Review vol.29, pp.77-86, 1995.
[2]Archana Raghuvamshi, P.Premchand and P.Venkateswara Rao. “PCLA: A New Public-key Cryptosystem Based on Logarithmic Approach”, International Journal of Computer Science Issues(IJCSI), vol.9,no.1, pp.355-359, 2012.
[3]W. Diffie and M. E. Hellman. “New directions in cryptography”, IEEE Transactions on Information Theory, vol.22, no.6, pp.644–654, 1976.
[4]S. M. Bellovin and M. Merritt, “Encrypted key exchange: Password-based protocols secure against dictionary
attacks”, IEEE Symposium on Security and Privacy, IEEE Computer Society Press, pp.72–84 May 1992.
[5]S. M. Bellovin and M. Merritt, “Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password file compromise”, ACM CCS, ACM Press vol.93, pp.244–250, November 1993.
[6]L. Gong, M. Lomas, R. Needham, and J. Saltzer, “Protecting poorly chosen secrets from guessing attacks”, IEEE Journal on Selected Areas in Communications, vol.11,no.5,pp. 648-656, 1993.
[7]W.M. Li, and Q.Y. Wen, “Efficient verifier-based password-authentication key exchange protocol via elliptic curves”, Proceedings of 2008 International Conference on Computer Science and Software Engineering, pp. 1003-1006, 2008.
[8]E.J. Yoon, and K.Y. Yoo, “Robust User Password Change Scheme based on the Elliptic Curve Cryptosystem”, Fundamenta Informaticae, pp 483-492, 2008.
[9]Zeng, Yong and Ma, Jianfeng, “An improvement on a password authentication scheme over insecure networks” Journal of Computational Information Systems, vol.5, no.4, pp.1331-1336, 2009.
[10]Chunling Liu, Yufeng Wanga and Qinxi Bai, “A New Three-party Key Exchange Protocol Based on Diffie-Hellman,” I.J. Wireless and Microwave Technologies, vol. 1, no.4, pp. 65-69, 2011.
[11]M. Abdalla, O. Chevassut, and D. Pointcheval. “One-time verifier-based encrypted key exchange”, PKC LNCS, Springer, vol. 3386, pp.47–64, January 2005.
[12]W.M. Lin, and Q.Y. Wen, “Efficient verifier-based password-authentication key exchange protocol via elliptic curves”, Proceedings of 2008 International Conference on Computer Science and Software Engineering, pp.1003-1006, 2008.
[13]Junhan YANG and Tianjie CAO, “A Verifier-based Password-Authenticated Key Exchange Protocol via Elliptic Curves”, Journal of Computational Information Systems, Binary Information Press, pp.548-553, 2011.
[14]Chin-Chen Chang and Ya-fen Chang, “A novel three-party encrypted key exchange protocol”, Elsevier, Computer Standards & Interfaces, vol.26 pp.471 – 476, 2004.
[15]Eun-Jun Yoon, and Kee-Young Yoo, “Improving the novel three-party encrypted key exchange protocol”, Elsevier, Computer Standards and Interfaces, vol. 30, pp.309-314, 2008.
[16]R.Padmavathy, Tallapally Shirisha, M.Rajkumar, and Jayadev Gyani, “Improved analysis on Chang and Chang Password Key Exchange Protocol”, IEEE International Conference on Advances in Computing, Control, and Telecommunication Technologies, pp.781-783, 2009.
[17]Ya-Fen Chang, Wei-Cheng Shiao, and Chung-Yi Lin, “Comments on Yoon and Yoo’s Three-party Encrypted Key Exchange Protocol”, International Conference on Advanced Information Technologies (AIT), 2009.
[18]R. Padmavathy, “Improved Three Party Eke Protocol”, Information Technology and Control, Vol.39, No.3, pp.220-226, 2010.
[19]Shirisha Tallapally, “Impersonation Attack on EKE Protocol”, International Journal of Network Security & Its Applications (IJNSA), vol.2, no. 2, pp. 114-121, 2010.
[20]Archana Raghuvamshi, P.Venkateshwara Rao, and Prof.P.Premchand, “Cryptanalysis of Authenticated Key Exchange 3P-EKE Protocol and its Enhancement”, IEEE-International Conference on Advances in Engineering, Science and Management (ICAESM -2012), pp.659-666, March 30, 31, 2012.
[21]S. Kulkarni, D. Jena, and S.K. Jena, "A Novel Secure Key Agreement Protocol using Trusted Third Party", Computer Science and Security Journals (IJCSS), vol.1, no.1, pp. 11 – 18, 2007.
[22]Dina Nabil Shaban, Maged H. Ibrahim, and Zaki B.Nossair, “Enhanced Verifier-Based Password Authenticated Key Agreement Protocol For Three-Parties”, Journal of Engineering Sciences, vol. 36, no. 6, pp.1513- 1522, 2008.
[23]Archana Raghuvamshi and Premchand Parvataneni. “Cryptanalysis of Verifier-Based Password-Authenticated Key Agreement Protocol for Three Parties”, Research Journal of Recent Sciences. Vol. 4, pp. 5-8, Feb 2015.
[24]Archana Raghuvamshi and Premchand Pavataneni, “Design of a Robust, Computation-Efficient and Secure 3P-EKE Protocol using Analogous Message Transmission”, International Journal of Computer Network and Information Security (IJCNIS), In Press.
[25]Y. Gertner, T. Malkin, and O. Reingold, “On the impossibility of basing trapdoor functions on trapdoor predicates”, Proceedings of the 42nd IEEE Symposium on foundations of Computer Science, Las Vegas, Nevada, , pp. 126 – 135, October 2001.