An enhanced authenticated key agreement protocol for wireless mobile communication

With the rapid progress of wireless mobile communication, the authenticated key agreement protocol has attracted an increasing amount of attention. However, due to the limitations of bandwidth and storage of the mobile devices, most of the existing authenticated key agreement protocols are not suitable for wireless mobile communication. Quite recently, Sui et al. have presented an efficient authenticated key agreement protocol based on elliptic curves cryptography and included their protocol in 3GPP2 specifications to improve the security of A-Key distribution. However, in this paper, we show that Sui et al.'s protocol can't resist the off-line password guessing attack, and therefore present an enhanced authenticated key agreement protocol. At the same time, we also consider including our enhanced protocol in 3GPP2 specifications.

[1]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[2]  Steven M. Bellovin,et al.  Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise , 1993, CCS '93.

[3]  B. Carminati,et al.  Computer Standards & Interfaces , 2009 .

[4]  Zhenfu Cao,et al.  Off-line Password Guessing Attack on an Efficient Key Agreement Protocol for Secure Authentication , 2006, Int. J. Netw. Secur..

[5]  Sarvar Patel,et al.  Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman , 2000, EUROCRYPT.

[6]  Siu-Ming Yiu,et al.  An improved authenticated key agreement protocol with perfect forward secrecy for wireless mobile communication , 2005, IEEE Wireless Communications and Networking Conference, 2005.

[7]  Peter Sweeney,et al.  Simple authenticated key agreement algorithm , 1999 .

[8]  Ren-Junn Hwang,et al.  A new efficient authentication protocol for mobile networks , 2005, Comput. Stand. Interfaces.

[9]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[10]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[11]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[12]  Shiuh-Pyng Shieh,et al.  An Efficient Authentication Protocol for Mobile Networks , 1999, J. Inf. Sci. Eng..

[13]  Colin Boyd,et al.  The importance of proofs of security for key establishment protocols: Formal analysis of Jan-Chen, Yang-Shen-Shieh, Kim-Huh-Hwang-Lee, Lin-Sun-Hwang, and Yeh-Sun protocols , 2006, Comput. Commun..

[14]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[15]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.