Robust biometric-based three-party authenticated key establishment protocols

International Journal of Computer Mathematics

Volumn 88, Issue 6, 2011, Pages 1144-1157

  Yoon, Eun Jun ^a   Yoo, Kee Young ^a  

^a Kyungpook National University   (South Korea)

Author keywords

authentication; biometric; cryptography; password; three party; token

Indexed keywords

EID: 79952645251     PISSN: 00207160     EISSN: 10290265     Source Type: Journal    
DOI: 10.1080/00207160.2010.496851     Document Type: Article

References (41)

1. S. Blake-Wilson and A. Menezes, Authenticated Diffie-Hellman key agreement protocols, Selected Areas in Cryptography 5th International Workshop LNCS 1556, 1999, pp. 339-361.
2. C. Boyd and A. Mathuria, Protocols for Authentication and Key Establishment, Springer-Verlag, Berlin, Heidelberg, New York, 2003.
3. I. Branovic, R. Giorgi, and E. Martinelli, A workload characterization of elliptic curve cryptography methods in embedded environments, ACM SIGARCH Comput. Archit. News 32(3) (2004), pp. 27-34.
4. C. Chang and Y. Chang, A novel three-party encrypted key exchange protocol, Comput. Stand. Interfaces 26(2004) , pp. 471-476.
5. T. Chen, W. Lee, and H. Chen, A round-and computation-efficient three-party authenticated key exchange protocol, J. Syst. Softw. 81(2008), 1581-1590.
6. H. Chung and W. Ku, Three weaknesses in a simple three-party key exchange protocol, Inf. Sci. 178(2008), 220-229. (Pubitemid 47531793)
7. L. Gong, M. Lomas, R. Needham, and J. Saltzer, Protecting poorly chosen secrets from guessing attacks, IEEE J. Sel. Areas Commun. 11(1993), 648-656.
8. L. Gong, Optimal authentication protocols resistant to password guessing attacks, Proc. of the 8th IEEE Computer Security Foundation Workshop, 1995, pp. 24-29.
9. H. Guo, Z. Lia, Y. Mu, and X. Zhang, Cryptanalysis of simple three-party key exchange protocol, Comput. Secur. 27(2008), pp. 16-21.
10. W. Juang, Efficient three-party key exchange using smart cards, IEEE Trans. Consum. Electron. 50(2004), pp. 619-624.
11. N. Koblitz, Elliptic curve cryptosystems, Math. Comput. 48(1987), pp. 203-209.
12. S. Keung and K. Siu, Efficient protocols secure against guessing and replay attacks, Proc. of the Fourth International Conference on Computer Communications and Networks, 1995, pp. 105-112.
13. T. Kwon, M. Kang, and J. Song, An adaptable and reliable authentication protocol for communication networks, Proc. of the IEEE INFOCOM'97, 1997, pp. 737-744.
14. T. Kwon and J. Song, Efficient key exchange and authentication protocols protecting weak secrets, IEICE Trans. Fundam. E81-A (1) (1998), pp. 156-163.
15. T. Kwon, M. Kang, S. Jung, and J. Song, An improvement of the password based authentication protocol (K1P) on security against replay attacks, IEICE Trans. Commun. E82-B (7) (1999), pp. 991-997. (Pubitemid 30531776)
16. S. Lee, H. Kim, and K. Yoo, Efficient verifier-based key agreement protocol for three parties without server's public key, Appl. Math. Comput. 167(2005), pp. 996-1003. (Pubitemid 41344804)
17. T. Lee, T. Hwang, and C. Lin, Enhanced three-party encrypted key exchange without server public keys, Comput. Secur. 23(2004), pp. 571-577.
18. T. Lee, J. Liu, M. Sung, S. Yang, and C. Chen, Communication-efficient three-party protocols for authentication and key agreement, Comput. Math. Appl. 58(2009), pp. 641-648.
19. C. Lin, H. Sun, and T. Hwang, Three-party encrypted key exchange: Attacks and a solution, ACM Oper. Syst. Rev. 34(2000), pp. 12-20.
20. C. Lin, H. Sun, M. Steiner, and T. Hwang, Three-party encrypted key exchange without server public-keys, IEEE Commun. Lett. 5(2001), pp. 497-499. (Pubitemid 34099691)
21. C. Lin and T. Hwang, A password authentication scheme with secure password updating, Comput. Secur. 22(2003), pp. 68-72.
22. I. Liao, C. Lee, and M. Hwang, A password authentication scheme over insecure networks, J. Comput. Syst. Sci. 72(2006), pp. 727-740. (Pubitemid 44308160)
23. R. Lu and Z. Cao, Simple three-party key exchange protocol, Comput. Secur. 26(2007), pp. 94-97. (Pubitemid 46216493)
24. V. Miller, Uses of Elliptic Curves in Cryptography, Advances in Cryptology CRYPTO'85, Lecture Notesin Computer Science, 6 Vol. 218, 1986, pp. 417-426.
25. A. Menezes, P. Oorschot, and S. Vanstone, Handbook of Applied Cryptograph, CRC Press, New York, 1997.
26. W. Mao, Modern Cryptography Theory & Practice, Prentice Hall, Upper Saddle River, NJ, 2004.
27. J. Nam, Y. Lee, S. Kim, and D. Won, Security weakness in a three-party pairing-based protocol for password authenticated key exchange, Inform. Sci. 177(6) (2007), pp. 1364-1375. (Pubitemid 46037672)
28. NIST, Recommended Elliptic Curves for Federal Government Use, July 1999.
29. R. Phan, W. Yau, and B. Go, Cryptanalysis of simple three-party key exchange protocol (S-3PAKE), Inform. Sci. 178(3) (2008), pp. 2849-2856.
30. B. Shneier, Applied Cryptography, 2nd ed., John Wiley & Sons, Inc., New York, 1996.
31. D. Stinson, Cryptography Theory and Practice, 2nd ed., Chapman & Hall/CRC, Boca Raton, FL, 2002.
32. J. Shao, Z. Cao, and R. Lu, An improved deniable authentication protocol, Networks 48(2006), pp. 179-181.
33. M. Steiner, G. Tsudik, and M. Waidner, Refinement and extension of encrypted key exchange, ACM Oper. Syst. Rev. 29(1995), pp. 22-30.
34. H. Sun, B. Chen, and T. Hwang, Secure key agreement protocols for three-party against guessing attacks, J. Syst. Softw. 75(2005), pp. 63-68.
35. Y. Wang, J. Li, and L. Tie, A simple protocol for deniable authentication based on ElGamal cryptography, Networks 45(2005), pp. 193-194. (Pubitemid 40948516)
36. H. Wen, T. Lee, and T. Hwang, Provably secure three-party password-based authenticated key exchange protocol using Weil pairing, IEE Proc., Commun. 152(2) (2005), pp. 138-143. (Pubitemid 40925390)
37. J. Yang and C. Chang, An efficient three-party authenticated key exchange protocol using elliptic curve cryptography for mobile-commerce environments, J. Syst. Softw. 82(2009), pp. 1497-1502.
38. H. Yeh, User authentication and key exchange protocols suitable for diverse circumstances, Ph. D. thesis, Southern Taiwan University of Technology, Taiwan, 2003, pp. 1-82.
39. H. Yeh, H. Sun, and T. Hwang, Efficient three-party authentication and key agreement protocols resistant to password guessing attacks, Inf. Sci. Eng. 19(2003), pp. 1059-1070.
40. E. Yoon and K. Yoo, Token-based Authenticated Key Establishment Protocols for Three-party Communication, Proc. of the Emerging Directions in Embedded and Ubiquitous Computing 2007, Lecture Notes in Computer Science, Vol. 4809, 2007, pp. 758-769.
41. E. Yoon and K. Yoo, Improving the novel three-party encrypted key exchange protocol, Comput. Stand. Interfaces 30(2008), pp. 309-314. (Pubitemid 351609330)