论文信息 - An efficient and secure authentication protocol using uncertified keys

An efficient and secure authentication protocol using uncertified keys

Most authentication protocols for distributed systems achieve identification and key distributions on the belief that the use of a uncertified key, i.e. the key whose freshness and authenticity cannot be immediately verified by its receiving principal while being received, should be avoided during the mid-way of an authentication process. In this paper we claim that using a uncertified key prudently can give performance advantages and not necessarily reduces the security of authentication protocols, as long as the validity of the key can be verified at the end of an authentication process. A nonce-based authentication protocol using uncertified keys is proposed. Its total number of messages is shown to be the minimal of all authentication protocols with the same formalized goals of authentication. The properties which make the protocol optimal in terms of message complexity are elaborated, and a formal logical analysis to the protocol is performed. The protocol is extended to counter the session key compromise problem and to support repeated authentication, in a more secure and flexible way without losing its optimality.

Randy Chow | I-Lung Kao

[1] Giovanni Maria Sacco,et al. Timestamps in key distribution protocols , 1981, CACM.

[2] Paul F. Syverson. On key distribution protocols for repeated authentication , 1993, OPSR.

[3] Gene Tsudik,et al. KryptoKnight Authentication and Key Distribution System , 1992, ESORICS.

[4] Martín Abadi,et al. A logic of authentication , 1990, TOCS.

[5] B. Clifford Neuman,et al. A note on the use of timestamps as nonces , 1993, OPSR.

[6] Jürgen Schönwälder,et al. A nonce-based protocol for multiple authentications , 1992, OPSR.

[7] Roger M. Needham,et al. Using encryption for authentication in large networks of computers , 1978, CACM.

[8] Owen Rees,et al. Efficient and timely mutual authentication , 1987, OPSR.

[9] Moti Yung,et al. Systematic Design of a Family of Attack-Resistant Authentication Protocols , 1993, IEEE J. Sel. Areas Commun..

[10] Martín Abadi,et al. Prudent Engineering Practice for Cryptographic Protocols , 1994, IEEE Trans. Software Eng..

[11] Paul C. van Oorschot,et al. Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[12] Roger M. Needham,et al. Authentication revisited , 1987, OPSR.

[13] Barbara Liskov,et al. Practical uses of synchronized clocks in distributed systems , 1991, PODC '91.

[14] Jeffrey I. Schiller,et al. An Authentication Service for Open Network Systems. In , 1998 .

[15] Li Gong,et al. A security risk of depending on synchronized clocks , 1992, OPSR.