Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 4 of 4
Full-Text Articles in Physical Sciences and Mathematics
Authenticated Key Exchange Under Bad Randomness, Guomin Yang, Shanshan Duan, Duncan S. Wong, Chik How Tan, Huaxiong Wang
Authenticated Key Exchange Under Bad Randomness, Guomin Yang, Shanshan Duan, Duncan S. Wong, Chik How Tan, Huaxiong Wang
Research Collection School Of Computing and Information Systems
We initiate the formal study on authenticated key exchange (AKE) under bad randomness. This could happen when (1) an adversary compromises the randomness source and hence directly controls the randomness of each AKE session; and (2) the randomness repeats in different AKE sessions due to reset attacks. We construct two formal security models, Reset-1 and Reset-2, to capture these two bad randomness situations respectively, and investigate the security of some widely used AKE protocols in these models by showing that they become insecure when the adversary is able to manipulate the randomness. On the positive side, we propose simple but …
Strongly Secure Certificateless Key Exchange Without Pairing, Guomin Yang, Chik How Tan
Strongly Secure Certificateless Key Exchange Without Pairing, Guomin Yang, Chik How Tan
Research Collection School Of Computing and Information Systems
In certificateless cryptography, a user secret key is derived from two partial secrets: one is the identity-based secret key (corresponding to the user identity) generated by a Key Generation Center (KGC), and the other is the user selfgenerated secret key (corresponding to a user self-generated and uncertified public key). Two types of adversaries are considered for certificateless cryptography: a Type-I adversary who can replace the user self-generated public key (in transmission or in a public directory), and a Type-II adversary who is an honest-but-curious KGC. In this paper, we present a formal study on certificateless key exchange (CLKE). We show …
Deposit-Case Attack Against Secure Roaming, Guomin Yang, Duncan S. Wong, Xiaotie Deng
Deposit-Case Attack Against Secure Roaming, Guomin Yang, Duncan S. Wong, Xiaotie Deng
Research Collection School Of Computing and Information Systems
A secure roaming protocol involves three parties: a roaming user, a visiting foreign server and the user’s home server. The protocol allows the user and the foreign server to establish a session key and carry out mutual authentication with the help of the home server. In the mutual authentication, user authentication is generally done in two steps. First, the user claims that a particular server is his home server. Second, that particular server is called in by the foreign server for providing a ‘credential’ which testifies the user’s claim. We present a new attacking technique which allows a malicious server …
Efficient Anonymous Roaming And Its Security Analysis, Guomin Yang, Duncan S. Wong, Xiaotie Deng
Efficient Anonymous Roaming And Its Security Analysis, Guomin Yang, Duncan S. Wong, Xiaotie Deng
Research Collection School Of Computing and Information Systems
The Canetti-Krawczyk (CK) model uses resuable modular components to construct indistinguishability-based key exchange protocols. The reusability of modular protocol components makes it easier to construct and prove new protocols when compared with other provably secure approaches. In this paper, we build an efficient anonymous and authenticated key exchange protocol for roaming by using the modular approach under the CK-model. Our protocol requires only four message flows and uses only standard cryptographic primitives. We also propose a one-pass counter based MT-authenticator and show its security under the assumption that there exists a MAC which is secure against chosen message attack.