Analysis of a key-establishment security protocol
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
AI
AI
This paper analyzes security protocols with a focus on the Wide-Mouthed Frog key establishment protocol. It discusses common weaknesses in security protocols, explores attacks that exploit these weaknesses, and presents a corrected version of the original protocol. Additionally, a new parallel session attack on the modified protocol is introduced, highlighting the implications for the security of communications among honest principals.
Related papers
On Establishing and Fixing a Parallel Session Attack in a Security Protocol
2008
Nowadays mobile and fixed networks are trusted with highly sensitive information, which must be protected by security protocols. However, security protocols are vulnerable to a host of subtle attacks, such as replay, parallel session and type-flaw attacks. Designing protocols to be impervious to these attacks has been proven to be extremely challenging and error prone. This paper discusses various attacks against security protocols. As an example, the security of the Wide-Mouthed Frog key distribution protocol when subjected to known attacks is discussed. Significantly, a hitherto unknown attack on Lowe’s modified version of the Wide-Mouthed Frog protocol is presented. Finally, a correction for the protocol to prevent this attack is proposed and discussed.
On the security of recent protocols
Information Processing Letters, 1995
Enhanced password-based key establishment protocol
2005
In this paper we analyse a password-based authenticated key establishment protocol due to Laih, Ding and Huang, which enables a user to authenticate himself to a server and negotiate a shared session key. This protocol is also designed to guarantee that a human being is actually involved in an ongoing protocol execution. However we show that the protocol suffers from offline dictionary attacks. We propose an enhanced password-based authenticated key establishment protocol which is secure against offline dictionary attacks, and that possesses an additional feature guaranteeing that a user is involved in each protocol execution.
A Simple Leakage-Resilient Authenticated Key Establishment Protocol, Its Extensions, and Applications
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2005
Authenticated Key Establishment (AKE) protocols enable two entities, say a client (or a user) and a server, to share common session keys in an authentic way. In this paper, we review the previous AKE protocols, all of which turn out to be insecure, under the following realistic assumptions: (1) High-entropy secrets that should be stored on devices may leak out due to accidents such as bugs or mis-configureations of the system; (2) The size of human-memorable secret, i.e. password, is short enough to memorize, but large enough to avoid on-line exhaustive search;
Session Initiation Protocol Attacks and Challenges
In recent years, Session Initiation Protocol (SIP) has become widely used in current internet protocols. It is a text-based protocol much like Hyper Text Transport Protocol (HTTP) and Simple Mail Transport Protocol (SMTP). SIP is a strong enough signaling protocol on the internet for establishing, maintaining, and terminating session. In this paper the areas of security and attacks in SIP are discussed. We consider attacks from diverse related perspectives. The authentication schemes are compared, the representative existing solutions are highlighted, and several remaining research challenges are identified. Finally, the taxonomy of SIP threat will be presented.
Comparison of existing key establishment protocol
KIISC (CISC 2000), 2000
This paper classifies existing key establishment protocols according to cryptographic techniques, models of environment used, and the number of pass. The protocols' messages are described briefly and its properties are compared in four groups; key transport protocols using symmetric techniques, key transport protocols using asymmetric techniques, key agreement protocols using symmetric techniques, and key agreement protocols using asymmetric techniques.
Analysis of Key Exchange Protocols using Session Keys
Security of information flowing through insecure network is becoming complicated with advent of internet and its usage. Encrypting information is one way of securing it from unauthorized access. This paper analyze techniques of exchanging key through which encryption is performed. We review the techniques on various parameters and find which technique is best suitable for use in mobile computers with limited processing power and battery capacity while efficiently working on wireless networks.
Performance Analysis of Key Establishment Protocols for Secure System
International Journal of Computer Applications, 2013
Providing security over open and large distributed networks has always been both intriguing and challenging. There is a great chance for malicious individuals to perform disruptive and unethical tasks. Malicious users may attempt to obtain valuable information. So we require "secure channel" over insecure network. The secure communication channel should achieve primary security goals like confidentiality, integrity, authentication and non-repudiation and shared session keys are incorporated for the purpose. Therefore, it is of great interest and most challenging to devise effective mechanisms to establish these shared session keys, called key distribution problem. Much work has been done in recent years on mechanisms for key establishment. Many cryptosystems rely on cryptographically secure keys and therefore have to deal with issues like key management. A number of key establishment protocols have been proposed by different researchers as solutions to the key distribution problem and password based scheme is one of them. A password is shared between the entities in password based schemes. However, because users choose small and frequently used words as passwords, these schemes are suffered from password guessing attacks. Especially these schemes are subject to offline dictionary attacks. This work focus on password based key establishment. Even though there are a lot of password based schemes, the LDH, enhanced LDH, and PP-TAKE seems to be widely accepted mechanisms. In this context, this study includes performance evaluation of the above mentioned protocols.
Advancement towards secure authentication in the Session Initiation Protocol
Voice over IP, or VoIP, is the delivery of multimedia content over IP networks, such as the Internet. As the popularity of VoIP increases, attackers find VoIP installations more attractive to exploit to their gain – thus security threats and attacks become more prevalent. The deployment of secure VoIP setup is therefore required to minimize risks of successful security attacks. Hence we see the crucial importance of implementing and use of strong security mechanisms in real-world VoIP installations. Despite this importance, VoIP installations often lack deployment of strong security mechanisms that enforce authentication. Strong authentication in the VoIP signaling protocol SIP is important to ensure the authenticity of the communication peers. However, the most common authentication method used in SIP is weak and vulnerable to security attacks. This thesis contributes by offering advanced mechanisms for authentication in SIP. The overall goal of the research has been to exploit how...
Strengthening the security of key exchange protocols
2014
Authenticated key exchange (AKE) protocols are central building blocks of security protocols such as TLS, IPsec, and SSH, that are used in modern distributed applications. The security of these protocols can however be affected by threats such as attacks on users' long-term secret keys, attacks based on malicious key registration, and attacks on the random number generator used by the protocol. The goal of this thesis is to model advanced security threats against authenticated key exchange protocols and to develop methods that strengthen the security of these protocols and make them secure against the considered threats. I would like to express my gratitude to my advisor David Basin for giving me the opportunity of pursuing research in the Institute of Information Security and for his support over the last years. I owe many thanks to my advisor Cas Cremers for his time, patience, and for the many helpful and productive discussions we had at ETH Zurich and at the University of Oxford. It was a great pleasure for me to work with Colin Boyd, Cas Cremers, Kenneth Paterson, Bertram Poettering, and Douglas Stebila on authenticated key exchange security incorporating certification systems. Thanks for the very efficient collaboration and for your support. Also, I would like to thank Marc Fischlin for his willingness to serve as a co-examiner. During my PhD, I have had many constructive discussions with other researchers, including
A Password-Based Key Establishment Protocol with Symmetric Key Cryptography
2008
In 2005, Laih, Ding and Huang proposed a password-based key establishment protocol such that a user and a server can authenticate each other and generate a strong session key by their shared weak password within a symmetric cipher in an insecure channel. In this protocol, a special function which is a combination of a picture function and a distortion function e.g. CAPTCHA, is combined to authenticate the user and protect the password from the dictionary attacks that are major threats for most of the weak password-based protocols. They claim that the proposed protocol is secure against some well known attacks. However Tang and Mitchell show that the protocol suffers from an offline dictionary attack requiring a machine-based search of size 223 which takes only about 2.3 hours. So designing such a protocol with providing practical security against offline attack is still an open problem. In this study, we introduce two password-based authenticated key establishment protocols that provide practical security against offline dictionary attacks by only using symmetric key cryptography.
Cryptographic protocols for third generation mobile communication systems
2001
All Rights Reserved iii Certificate Recommending Acceptance iv v Key Words Authentication, key establishment, authentication model, formal analysis, forward secrecy, key recovery, key escrow, WAKE protocol, denial-of-service attack, electronic commerce, mobile security, mobile communication security, UMTS, IMT-2000, IS -41C, GSM. vi vii
Formal analysis of a novel mutual authentication and key agreement protocol
Journal of Computer Science and Technology, 2011
This research work analyzes the universal mobile telecommunication system (UMTS) authentication and key agreement (AKA) protocol, which suffers from the traffic bottleneck at home location register and authentication center (HLR/AuC). In addition, serving network has no capability to authenticate mobile station. To overcome these problems a new security scheme has been proposed which provides a more efficient and a secure authentication between mobile station and home networks, the proposed protocol called Efficient AKA (E-AKA). The E-AKA uses a temporary key to enable visitor location register and serving network (VLR/SN) to authenticate mobile station (MS) without intervention of HLR/AuC. To analyze and validate the security of the proposed protocol, the BAN (Burrows, Abadi and Needham) logic is used. The results show that the E-AKA protocol is more robust than the current AKA protocol.
Weaknesses in a leakage-resilient authenticated key transport protocol
2005
In this paper we demonstrate the existence of a number of weaknesses in a leakage-resilient authenticated key transport protocol due to Shin, Kobara and Imai. The weaknesses imply that the protocol cannot achieve the security goals claimed by its designers. We also propose an enhanced protocol which is immune to some of these vulnerabilities.
Security Analysis of the PACE Key-Agreement Protocol
Lecture Notes in Computer Science, 2009
We analyze the Password Authenticated Connection Establishment (PACE) protocol for authenticated key agreement, recently proposed by the German Federal Office for Information Security (BSI) for the deployment in machine readable travel documents. We show that the PACE protocol is secure in the real-or-random sense of Abdalla, Fouque and Pointcheval, under a number-theoretic assumption related to the Diffie-Hellman problem and assuming random oracles and ideal ciphers.
Two types of key-compromise impersonation attacks against one-pass key establishment protocols
E-business and …, 2009
Key establishment protocols are among the most important security mechanisms via which two or more parties can encrypt their communications over an insecure network. This paper is concerned with the vulnerability of onepass two-party key establishment protocols to key-compromise impersonation (K-CI) attacks. The latter may occur once an adversary has obtained the longterm private key of an honest party, and represent a serious -but often underestimated -threat, because a successful impersonation attack may result in far greater harm than the reading of past and future conversations. Our aim is to describe two main classes of K-CI attacks that can be mounted against all of the best-known one-pass protocols, including MQV and HMQV. We show that one of the attacks described can be somewhat avoided (though not completely eliminated) through the combined use of digital signatures and time-stamps; however, there still remains a class of K-CI threats for which there is no obvious solution.
Non-standard Attacks against Cryptographic Protocols, with an Example over a Simplified Mutual Authentication Protocol
2008
In this work, we present a simple model for the automated cryptanalysis of cryptographic protocols based on meta-heuristic search. We illustrate our approach with a straightforward application in the form of an attack against a slightly simplified version of an ultra-lightweight authentication protocol for RFID environments called SASI. We show how an attack based on Simulated Annealing can efficiently recover the tag's secret ID, which is the value the protocol is designed to conceal.
Questioning the Security of Three Recent Authentication and Key Agreement Protocols
IEEE Access, 2021
The result was created in solving the standard project no. 7429/2020/02 System approach to selected information and communications technology trends'' using institutional support for long-term conceptual development of research of the University of Finance and Administration.
Subtle Interactions: Security Protocols and
2007
Abstract In this chapter, we show how security protocols can be attacked by exploiting the underlying block cipher modes of operation. We first present a comprehensive treatment of the properties and weaknesses of standard modes of operation. We then show why all modes of operation should not be used with public-key ciphers in public-key security protocols. This includes the cipher block chaining (CBC) mode when there is no integrity protection of the initialisation vector (IV).
An Enhanced Authenticated Key Agreement for Session Initiation Protocol
In 2012, Xie proposed an authentication scheme based on Elliptic Curve Cryptography (ECC) for Session Initiation Protocol (SIP). However, this paper demonstrates that the Xie's scheme is vulnerable to impersonation at-tack by which an active adversary can easily forge the server's identity. Based on this attack, we also show that the Xie's scheme is also defenseless to off-line password guessing attack. Therefore, we propose a more secure and efficient scheme, which does not only cover all the security flaws and weaknesses of related previous protocols, but also provides more functionality. We also evaluate the proposed protocol by AVISPA (Automated Validation of Internet Security Protocols and Applications) tools and confirm its security attributes.
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.