|
| A Novel Secure Key Agreement Protocol using Trusted Third Party.
|
|
Full
text: |
 PDF(102.3KB) |
|
|
Source |
International Journal of Computer Science and Security (IJCSS) |
|
Table of Contents |
|
|
Download
Complete Issue PDF(1.56MB) |
|
Volume: 1 Issue: 1 |
| |
Pages: 1-96 |
|
Publication
Date: June 2007 |
|
ISSN
(Online): 1985-1553 |
|
|
|
|
|
Pages |
11 - 18 |
|
Author(s) |
|
|
|
Published
Date |
30-06-2007 |
|
Publisher |
CSC
Journals, Kuala Lumpur,
Malaysia |
|
ADDITIONAL
INFORMATION |
| Keywords Abstract References Cited by Related Articles Collaborative
Colleague |
| |
|
| |
KEYWORDS: Key Agreement, Diffie-Hellman, Online guessing attacks, Dictionary attacks |
|
|
| |
|
|
| This Manuscript is indexed in the following databases/websites:- |
|
| 1. Directory of Open Access Journals (DOAJ) |
| 2. CiteSeerX |
| 3. OpenJ-Gate |
| 4. Docstoc |
| 5. Scribd |
| 6. PDFCAST |
| 7. Google Scholar |
| 8. WorldCat |
| 9. ScientificCommons |
| 10. Bielefeld Academic Search Engine (BASE) |
| 11. Academic Index |
| 12. refSeek |
| 13. ResearchGATE |
| 14. Socol@r |
| 15. iSEEK |
| 16. Microsoft Academic Search |
| 17. Google Books |
| 18. Academic Journals Database |
| 19. Libsearch |
| 20. slideshare |
| |
|
| |
|
|
| In the past, several key agreement protocols are proposed on password based
mechanism. These protocols are vulnerable to dictionary attacks. Storing plain
text version of password on server is not secure always. In this paper we utilize
the service of a trusted third party, i.e., the Key Distribution server (KDS) for key
agreement between the hosts. Now-a-days in large working environments two
party key agreement protocols are being rarely used. In this proposed scheme,
instead of storing plain text version of password we store one way hash of the
password at the server. Every host and server agree upon family of commutative
one-way hash functions, using which host authentication is done when a host
applies for session key with KDS. Host establishes one time key with server
using which server authentication is done. Due to this man-in-the middle attacks
are defeated. The proposed protocol is based on Diffie-Hellman key exchange
protocol. |
| |
|
| |
|
| |
| 1 |
Menezes A.,Oorschot P. van and Vanstone S. "Handbook of Applied Cryptography”, CRC Press, (1996)
|
|
|
| 2 |
Schneier Bruce. “Applied Cryptography: Protocols and Algorithms”, John Wiley and Sons, (1994)
|
|
|
| 3 |
Stallings Williams. “Cryptography and Network Security”, 3rd Edition, Pearson Educa- tion, (2004)
|
|
|
| 4 |
Mel H.X.,Baker Doris.M. and Burnett Steve. “Cryptography Decrypted”, Addison- Wesley, (2004)
|
|
|
| 5 |
Bellare Mihir, Rogaway Phillip. "Provably Secure Session Key Distribution-The Three Party Case". In Proceedings of the 27th annual ACM symposium on Theory of computing STOC '95, ACM Press, May 1995
|
|
|
| 6 |
L. Gong, M. A. Lomas, R. M. Needham, and J. H. Saltzer, “Protecting Poorly Chose Secrets From Guessing Attacks”. SELECTED AREAS IN COMMUNICATIONS, vol. 11, no. 5, pp. 648–656, June 1993
|
|
|
| 7 |
M. Strangio, “An Optimal Round Two-Party Password-Authenticated Key Agreement Protocol”. In The First International Conference on Availability, Reliability and Security, p. 8, April 2006
|
|
|
| 8 |
W. Diffie and M. Hellman, “New Directions In Cryptography”. IEEE Transactions on Information Theory IT-11, pp. 644–654, November 1976
|
|
|
| 9 |
S. Bellovin and M. Merritt, “Encrypted Key Exchange: Password Based Protocols Secure Against Dictionary Attacks”. In Proceedings IEEE Symposium on Research in Security and Privacy, pp. 72–84, 1992
|
|
|
| 10 |
Y. Her-Tyan and S. Hung-Min, “Simple Authenticated Key Agreement Protocol Resistant To Password Guessing Attacks”, ACM SIGOPS Operating Systems Review, vol. 36, no. 4, pp. 14–22, October 2002
|
|
|
| 11 |
M. Steiner, G. Tsudik, and M. Waidner, “Refinement And Extension Of Encrypted Key Exchange”. ACM Operating System Review, vol. 29, no. 3, pp. 22–30, 1995
|
|
|
| 12 |
C. L. Lin, H. M. Sun, and Hwang, “Three-Party Encrypted Key Exchange: Attacks And A Solution”. ACM Operating System Review, vol. 34, no. 4, pp. 12–20, October 2000
|
|
|
| 13 |
S. Bellovin and M. Merritt, “Augmented Encrypted Key Exchange: A Password Based Protocols Secure Against Dictionary Attacks And Password File Compromise”. In 1st ACM Conf. on Computer and Communications Security. ACM Press, pp. 244–250, December 1993
|
|
|
| 14 |
T. Gene and H. Van, “On Simple and Secure Key Distribution”. In Proceedings of the 1st ACM conference on Computer and communications security CCS 93. ACM Press, pp. 49–57, December 1993s
|
|
|
| |
|
| |
|
| |
| 1 |
Y. C. Lee, Y. Hsieh and P. Lee, “Improvement on the Password Authenticated Three-Party Key Agreement Protocol”, Journal of Computational Information Systems, 7(1), pp. 42-48, 2011
|
|
|
| |
|
| |
|
| |
| 1 |
DOWNLOAD FREE PDF
|
| 2 |
TechRepublic
|
| 3 |
Apex Technologies
|
| 4 |
ZDNet
|
| 5 |
shendusou.com
|
| 6 |
Baidu
|
| 7 |
neotake.com
|
| |
|
| |
|
| |
|
| Sairam Kulkarni : Colleagues
|
|
| Debashih Jena : Colleagues
|
|
| Sanjay Kumar Jena : Colleagues
|
|
