Movatterモバイル変換

[0]ホーム
URL:

IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Online ISSN : 1745-1337
Print ISSN : 0916-8508
Special Section on Discrete Mathematics and Its Applications
An RSA-Based Leakage-Resilient Authenticated Key Exchange Protocol Secure against Replacement Attacks, and Its Extensions
SeongHan SHINKazukuni KOBARAHideki IMAI
Author information
  • SeongHan SHIN

    Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science and Technology (AIST)
    Chuo University

  • Kazukuni KOBARA

    Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science and Technology (AIST)
    Chuo University

  • Hideki IMAI

    Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science and Technology (AIST)
    Chuo University

Corresponding author

ORCID
Keywords:authenticated key exchange,passwords,on-line/off-line dictionary attacks,RSA,leakage of stored secrets,replacement attacks
JOURNALRESTRICTED ACCESS

2010 Volume E93.AIssue 6Pages 1086-1101

DOIhttps://doi.org/10.1587/transfun.E93.A.1086
Details
  • Published: June 01, 2010Received: September 26, 2009Available on J-STAGE: June 01, 2010Accepted: -Advance online publication: -Revised: -
Download PDF(7535K)
Download citationRIS

(compatible with EndNote, Reference Manager, ProCite, RefWorks)

BIB TEX

(compatible with BibDesk, LaTeX)

Text
How to download citation
Contact us
Article overview
Share
Abstract
Secure channels can be realized by an authenticated key exchange (AKE) protocol that generates authenticated session keys between the involving parties. In [32], Shin et al., proposed a new kind of AKE (RSA-AKE) protocol whose goal is to provide high efficiency and security against leakage of stored secrets as much as possible. Let us consider more powerful attacks where an adversary completely controls the communications and the stored secrets (the latter is denoted by “replacement” attacks). In this paper, we first show that the RSA-AKE protocol [32] is no longer secure against such an adversary. The main contributions of this paper are as follows: (1) we propose an RSA-based leakage-resilient AKE (RSA-AKE2) protocol that is secure against active attacks as well as replacement attacks; (2) we prove that the RSA-AKE2 protocol is secure against replacement attacks based on the number theory results; (3) we show that it is provably secure in the random oracle model, by showing the reduction to the RSA one-wayness, under an extended model that covers active attacks and replacement attacks; (4) in terms of efficiency, the RSA-AKE2 protocol is comparable to [32] in the sense that the client needs to compute only one modular multiplication with pre-computation; and (5) we also discuss about extensions of the RSA-AKE2 protocol for several security properties (i.e., synchronization of stored secrets, privacy of client and solution to server compromise-impersonation attacks).
References (36)
Related articles (0)
Figures (0)
Content from these authors
Supplementary material (0)
Result List ()
Cited by (2)
© 2010 The Institute of Electronics, Information and Communication Engineers
Previous articleNext article
Favorites & Alerts
Related articles

Recently viewed articles
    Announcements from publisher
    Share this page
    feedback
    Top

    Register with J-STAGE for free!

    Register

    Already have an account? Sign inhere

    [8]ページ先頭
    ©2009-2025 Movatter.jp