Journal ArticleDOI
Cryptanalysis and improvement of an efficient authenticated key exchange protocol with tight security reduction
Reads0
Chats0
TLDR
This paper analyzes the SMEN protocol and finds that this protocol is not resistant to the session corruption attack and the key compromise impersonation attack, and proposes an improved protocol with tight security reduction.Abstract:
The SMEN protocol, proposed by Wu and Ustaoglu in 2009, has been considered to be secure as the authors claimed, and numerous theories are proposed based on this protocol. This paper analyzes the SMEN protocol and finds that this protocol is not resistant to the session corruption attack and the key compromise impersonation attack. Then, we propose an improved protocol with tight security reduction. Our improved protocol not only avoids the above attacks but also embraces the same efficiency as the SMEN protocol in terms of exponentiation. Besides, formal analysis of the improved protocol is presented by using the formal automatic security analysis tool Scyther. Copyright © 2014 John Wiley & Sons, Ltd.read more
Citations
More filters
Journal ArticleDOI
PUF‐based solutions for secure communications in Advanced Metering Infrastructure (AMI)
TL;DR: In this paper, the authors proposed an authenticated key exchange protocol and an authenticated message broadcasting protocol for Advanced Metering Infrastructure (AMI) systems, based on two well-known protocols, Okamoto and Schnorr, and inherit their security features.
Journal ArticleDOI
Cryptanalysis and improvement of the YAK protocol with formal security proof and security verification via Scyther
TL;DR: The YAK protocol cannot withstand the known key security attack, and its consequences lead to a new key compromise impersonation attack, which is introduced to introduce a new security model that covers these attacks against an extremely strong adversary.
Journal Article
Session corruption attack and improvements on encryption based MT-authenticators
Xiaojian Tian,Duncan S. Wong +1 more
TL;DR: In this paper, the authors show that the proof of the encryption-based MT-authenticator proposed in their paper is flawed, which leads to their encryptionbased MTauthenticator insecure.
Journal ArticleDOI
Analysis and improvement of the Internet‐Draft IKEv3 protocol
TL;DR: This paper analyzes the security and authentication of IKEv3 by formal verification and shows that it is susceptible to reflection attack and DoS attack, and proposes a new variant of the Ikev3 protocol, which both resists reflection attacked and mitigates the impact of the doS attack.
Journal ArticleDOI
Towards more secure EMV purchase transactions: A new security protocol formally analyzed by the Scyther tool
TL;DR: This paper proposes a new security solution that enhances the EMV protocol by solving the two dangerous EMV vulnerabilities and verifies the accuracy of the solution by using the Scyther security verification tool.
References
More filters
Journal ArticleDOI
New Directions in Cryptography
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Book
Handbook of Applied Cryptography
TL;DR: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols.
Journal ArticleDOI
On the security of public key protocols
Danny Dolev,Andrew Chi-Chih Yao +1 more
TL;DR: Several models are formulated in which the security of protocols can be discussed precisely, and algorithms and characterizations that can be used to determine protocol security in these models are given.
Book ChapterDOI
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
Ran Canetti,Hugo Krawczyk +1 more
TL;DR: In this article, the authors present a formalism for the analysis of key exchange protocols that combines previous definitional approaches and results in a definition of security that enjoys some important analytical benefits: (i) any key exchange protocol that satisfies the security definition can be composed with symmetric encryption and authentication functions to provide provably secure communication channels.
Book ChapterDOI
HMQV: a high-performance secure diffie-hellman protocol
TL;DR: HMQV is presented, a carefully designed variant of MQV that provides the same superb performance and functionality of the original protocol but for which all the MqV's security goals can be formally proved to hold in the random oracle model under the computational Diffie-Hellman assumption.