Elliptic Curve Cryptography Based Wireless Authentication Protocol

Recently, Aydos et al. proposed an ECC-based wireless authentication protocol. Because their protocol is based on ECC, the protocol has significant advantage including lower computational burden, lower communication bandwidth and storage requirements. However, Mangipudi et al showed that the protocol is vulnerable to the man-in-the-middle attack from the attacker within the system and proposed a user authentication protocol to prevent the attack. This paper further shows that Aydos et al.'s protocol is vulnerable to man-in-the-middle attack from any attacker not restricted on the inside attacker. Then, a forging certificate attack on Mangipudi et al's protocol is presented. Next, the reasons that Aydos et al's protocol and Mangipudi et al's protocol suffer the attacks are analyzed. Finally, we propose a novel ECC-based wireless authentication protocol and analyze the security of our protocol.

[1]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[2]  Luo Shoushan Research on the Authenticated Key Agreement Protocol Based on Elliptic Curve Cryptography , 2004 .

[3]  He Chen,et al.  A novel mutual authentication and key agreement protocol based on NTRU cryptography for wireless communications , 2005 .

[4]  Russell Miller,et al.  A Low-Power Design for an Elliptic Curve Digital Signature Chip , 2002, CHES.

[5]  Kam-Pui Chow,et al.  Elliptic curve cryptography based authenticated key agreement with pre-shared password , 2005 .

[6]  Çetin Kaya Koç,et al.  High-speed implementation of an ECC-based wireless authentication protocol on an ARM microprocessor , 2001 .

[7]  Martín Abadi,et al.  Prudent engineering practice for cryptographic protocols , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[8]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[9]  Hung-Min Sun,et al.  Cryptanalysis of Aydos et al.'s ECC-based wireless authentication protocol , 2004, IEEE International Conference on e-Technology, e-Commerce and e-Service, 2004. EEE '04. 2004.

[10]  Liu Zhi-meng An elliptic curve cryptography based on authentication and key agreement protocol for wireless communication , 2008 .

[11]  Gavin Lowe,et al.  Some new attacks upon security protocols , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[12]  Huirong Fu,et al.  Attacks and solutions on Aydos-Savas-Koc's wireless authentication protocol , 2004, IEEE Global Telecommunications Conference, 2004. GLOBECOM '04..

[13]  Alfred Menezes,et al.  Authenticated Diffie-Hellman Key Agreement Protocols , 1998, Selected Areas in Cryptography.

[14]  Alfred Menezes,et al.  Unknown Key-Share Attacks on the Station-to-Station (STS) Protocol , 1999, Public Key Cryptography.

[15]  Reiner Dojen,et al.  On the automated implementation of modal logics used to verify security protocols , 2003, ISICT.

[16]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .