Home   >   CSC-OpenAccess Library   >    Manuscript Information
Full Text Available

(102.34KB)
This is an Open Access publication published under CSC-OpenAccess Policy.
A Novel Secure Key Agreement Protocol using Trusted Third Party.
Sairam Kulkarni, Debashih Jena, Sanjay Kumar Jena
Pages - 11 - 18     |    Revised - 15-06-2007     |    Published - 30-06-2007
Volume - 1   Issue - 1    |    Publication Date - June 2007  Table of Contents
MORE INFORMATION
KEYWORDS
Key Agreement, Diffie-Hellman, Online guessing attacks, Dictionary attacks
ABSTRACT
In the past, several key agreement protocols are proposed on password based mechanism. These protocols are vulnerable to dictionary attacks. Storing plain text version of password on server is not secure always. In this paper we utilize the service of a trusted third party, i.e., the Key Distribution server (KDS) for key agreement between the hosts. Now-a-days in large working environments two party key agreement protocols are being rarely used. In this proposed scheme, instead of storing plain text version of password we store one way hash of the password at the server. Every host and server agree upon family of commutative one-way hash functions, using which host authentication is done when a host applies for session key with KDS. Host establishes one time key with server using which server authentication is done. Due to this man-in-the middle attacks are defeated. The proposed protocol is based on Diffie-Hellman key exchange protocol.
CITED BY (4)  
1 YungCheng, L. E. E., HSIEH, Y., & PeiJu, L. E. E. (2011). Improvement on the Password Authenticated Three-Party Key Agreement Protocol. Journal of Computational Information Systems, 7(1), 42-48.
2 Y. C. Lee, Y. Hsieh and P. Lee, “Improvement on the Password Authenticated Three-Party Key Agreement Protocol”, Journal of Computational Information Systems, 7(1), pp. 42-48, 2011
3 Raghuvamshi, A., & Premchand, P. Cryptanalysis of Verifier-Based Password Authenticated Key Agreement Protocol for Three Parties. Research Journal of Recent Sciences ______________________________________________________________ ISSN, 2277, 2502.
4 Shaban, D. N., Ibrahim, M. H., & Nossair, Z. B. enhanced verifier-based password authenticated key agreement protocol for three-parties.
1 Google Scholar
2 Academic Journals Database
3 ScientificCommons
4 Academic Index
5 CiteSeerX
6 refSeek
7 iSEEK
8 Socol@r
9 ResearchGATE
10 Libsearch
11 Bielefeld Academic Search Engine (BASE)
12 OpenJ-Gate
13 Scribd
14 WorldCat
15 SlideShare
16 PDFCAST
17 PdfSR
18 Google Books
1 Menezes A.,Oorschot P. van and Vanstone S. "Handbook of Applied Cryptography”, CRC Press, (1996)
2 Schneier Bruce. “Applied Cryptography: Protocols and Algorithms”, John Wiley and Sons, (1994)
3 Stallings Williams. “Cryptography and Network Security”, 3rd Edition, Pearson Educa- tion, (2004)
4 Mel H.X.,Baker Doris.M. and Burnett Steve. “Cryptography Decrypted”, Addison- Wesley, (2004)
5 Bellare Mihir, Rogaway Phillip. "Provably Secure Session Key Distribution-The Three Party Case". In Proceedings of the 27th annual ACM symposium on Theory of computing STOC '95, ACM Press, May 1995
6 L. Gong, M. A. Lomas, R. M. Needham, and J. H. Saltzer, “Protecting Poorly Chose Secrets From Guessing Attacks”. SELECTED AREAS IN COMMUNICATIONS, vol. 11, no. 5, pp. 648–656, June 1993
7 M. Strangio, “An Optimal Round Two-Party Password-Authenticated Key Agreement Protocol”. In The First International Conference on Availability, Reliability and Security, p. 8, April 2006
8 W. Diffie and M. Hellman, “New Directions In Cryptography”. IEEE Transactions on Information Theory IT-11, pp. 644–654, November 1976
9 S. Bellovin and M. Merritt, “Encrypted Key Exchange: Password Based Protocols Secure Against Dictionary Attacks”. In Proceedings IEEE Symposium on Research in Security and Privacy, pp. 72–84, 1992
10 Y. Her-Tyan and S. Hung-Min, “Simple Authenticated Key Agreement Protocol Resistant To Password Guessing Attacks”, ACM SIGOPS Operating Systems Review, vol. 36, no. 4, pp. 14–22, October 2002
11 M. Steiner, G. Tsudik, and M. Waidner, “Refinement And Extension Of Encrypted Key Exchange”. ACM Operating System Review, vol. 29, no. 3, pp. 22–30, 1995
12 C. L. Lin, H. M. Sun, and Hwang, “Three-Party Encrypted Key Exchange: Attacks And A Solution”. ACM Operating System Review, vol. 34, no. 4, pp. 12–20, October 2000
13 S. Bellovin and M. Merritt, “Augmented Encrypted Key Exchange: A Password Based Protocols Secure Against Dictionary Attacks And Password File Compromise”. In 1st ACM Conf. on Computer and Communications Security. ACM Press, pp. 244–250, December 1993
14 T. Gene and H. Van, “On Simple and Secure Key Distribution”. In Proceedings of the 1st ACM conference on Computer and communications security CCS 93. ACM Press, pp. 49–57, December 1993s
Mr. Sairam Kulkarni
- India
Assistant Professor Debashih Jena
- India
debasishjena@hotmail.com
Professor Sanjay Kumar Jena
- India