HMAKE: Legacy-Compliant Multi-factor Authenticated Key Exchange from Historical Data

In this paper, we introduce two lightweight historical data based multi-factor authenticated key exchange (HMAKE) protocols in the random oracle model. Our HMAKE protocols use a symmetric secret key, as their first authentication factor, together with their second authentication factor, historical data exchanged between the two parties in the past, and the third authentication factor, a set of secret tags associated with the historical data, to establish a secure communication channel between the client and the server. A remarkable security feature of HMAKE is bounded historical tag leakage resilience, which means that (informally speaking) if a small portion of the secret tags is leaked to an adversary, it will not affect the security of one HMAKE protocol with an overwhelming probability. Our first HMAKE protocol can provide static bounded leakage resilience, meaning that the secret tags are leaked at the beginning of the security game. To enhance its security, our second HMAKE protocol makes use of our first protocol as a compiler to transform any passively secure two-message key exchange protocol to an actively secure HMAKE protocol with perfect forward secrecy, and therefore it can be secure even if the historical tags are compromised adaptively by an attacker. In addition to the strong security properties we achieved, our protocols can potentially have great impacts in practice: they are efficient in computation, and they are compatible with legacy devices in cyber-physical systems.

[1]  Yonatan Aumann,et al.  Everlasting security in the bounded storage model , 2002, IEEE Trans. Inf. Theory.

[2]  Aldar C.-F. Chan Efficient defence against misbehaving TCP receiver DoS attacks , 2011, Comput. Networks.

[3]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[4]  Jianying Zhou,et al.  Scalable Two-Factor Authentication Using Historical Data , 2016, ESORICS.

[5]  Chao Liu,et al.  On the security of a provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks , 2018, Int. J. Distributed Sens. Networks.

[6]  Sridhar Adepu,et al.  A Dataset to Support Research in the Design of Secure Water Treatment Systems , 2016, CRITIS.

[7]  Eun-Jun Yoon,et al.  Secure Signature-Based Authenticated Key Establishment Scheme for Future IoT Applications , 2017, IEEE Access.

[8]  Zheng Yang,et al.  On the Security of the Pre-shared Key Ciphersuites of TLS , 2014, Public Key Cryptography.

[9]  Dan Boneh,et al.  Verifiable Delay Functions , 2018, IACR Cryptol. ePrint Arch..

[10]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.3 , 2018, RFC.

[11]  Zheng Yang,et al.  New constructions for (multiparty) one-round key exchange with strong security , 2017, Science China Information Sciences.

[12]  Tibor Jager,et al.  Generic Compilers for Authenticated Key Exchange , 2010, ASIACRYPT.

[13]  Tibor Jager,et al.  On the Security of TLS-DHE in the Standard Model , 2012, CRYPTO.

[14]  Willy Susilo,et al.  Secure Message Communication Protocol Among Vehicles in Smart City , 2018, IEEE Transactions on Vehicular Technology.

[15]  Zheng Yang,et al.  A Lightweight Generic Compiler for Authenticated Key Exchange from Non-interactive Key Exchange with Auxiliary Input , 2016, Int. J. Netw. Secur..

[16]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[17]  Stefan Dziembowski,et al.  Intrusion-Resilience Via the Bounded-Storage Model , 2006, TCC.

[18]  Yuwen Chen,et al.  A Lightweight Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: LightPriAuth , 2018, J. Sensors.

[19]  Marc Fischlin,et al.  A Cryptographic Analysis of the TLS 1.3 Handshake Protocol Candidates , 2015, IACR Cryptol. ePrint Arch..

[20]  Moni Naor,et al.  Security Standardisation Research , 2016, Lecture Notes in Computer Science.

[21]  Junyu Lai,et al.  A Novel Authenticated Key Agreement Protocol With Dynamic Credential for WSNs , 2019, ACM Trans. Sens. Networks.

[22]  Nils Ole Tippenhauer,et al.  Legacy-Compliant Data Authentication for Industrial Control System Traffic , 2017, ACNS.

[23]  Mark Manulis,et al.  A Modular Framework for Multi-Factor Authentication and Key Exchange , 2014, SSR.

[24]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[25]  Xiong Li,et al.  Provably secure user authentication and key agreement scheme for wireless sensor networks , 2016, Secur. Commun. Networks.

[26]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[27]  Li Li,et al.  Signature-based three-factor authenticated key exchange for internet of things applications , 2017, Multimedia Tools and Applications.

[28]  Zheng Yang,et al.  New Modular Compilers for Authenticated Key Exchange , 2014, ACNS.

[29]  Hugo Krawczyk,et al.  Two-Factor Authentication with End-to-End Password Security , 2018, Public Key Cryptography.

[30]  Jonathan Katz,et al.  Fixing Cracks in the Concrete: Random Oracles with Auxiliary Input, Revisited , 2017, EUROCRYPT.

[31]  Zheng Yang,et al.  Simpler Generic Constructions for Strongly Secure One-round Key Exchange from Weaker Assumptions , 2017, Comput. J..

[32]  Mauro Conti,et al.  Design of Secure User Authenticated Key Management Protocol for Generic IoT Networks , 2018, IEEE Internet of Things Journal.

[33]  Ashok Kumar Das,et al.  A new two-server authentication and key agreement protocol for accessing secure cloud services , 2018, Comput. Networks.

[34]  P. Urien EMV support for TLS-PSK , 2010 .

[35]  Alireza Esfahani,et al.  A Lightweight Authentication Mechanism for M2M Communications in Industrial IoT Environment , 2019, IEEE Internet of Things Journal.

[36]  Marten van Dijk,et al.  Snapshotter: Lightweight intrusion detection and prevention system for industrial control systems , 2018, 2018 IEEE Industrial Cyber-Physical Systems (ICPS).