A note on leakage-resilient authenticated key exchange

Ji Young Chun; Jung Yeon Hwang; Dong Hoon Lee

doi:10.1109/TWC.2009.080693

A note on leakage-resilient authenticated key exchange

Ji Young Chun, Jung Yeon Hwang, Dong Hoon Lee

School of Cybersecurity

Research output: Contribution to journal › Article › peer-review

3 Citations (Scopus)

Abstract

Fathi et al. recently proposed a leakage-resilient authenticated key exchange protocol for a server-client model in mobility environment over wireless links. In the paper, we address flaws in a hash function used in the protocol. The direct use of the hash function cannot guarantee the security of the protocol. We also point out that a combination of the hash function and the RSA cryptosystem in the protocol may not work securely. To remedy these problems, we improve upon the protocol by modifying the hash function correctly.

Original language	English
Pages (from-to)	2274-2279
Number of pages	6
Journal	IEEE Transactions on Wireless Communications
Volume	8
Issue number	5
DOIs	https://doi.org/10.1109/TWC.2009.080693
Publication status	Published - 2009 May

Bibliographical note

Funding Information:
This work was supported by the Korea Research Foundation Grant funded by the Korean Government(MOEHRD, Basic Research Promotion Fund)(KRF-2008-314-D00412). Digital Object Identifier 10.1109/TWC.2009.080693

Keywords

Authentication
E-residue attack
Key exchange
Leakage-resilience
Off-line dictionary attack
Password

ASJC Scopus subject areas

Computer Science Applications
Electrical and Electronic Engineering
Applied Mathematics

Access to Document

10.1109/TWC.2009.080693

Cite this

@article{58aab812229a464892681d401b748b4f,

title = "A note on leakage-resilient authenticated key exchange",

abstract = "Fathi et al. recently proposed a leakage-resilient authenticated key exchange protocol for a server-client model in mobility environment over wireless links. In the paper, we address flaws in a hash function used in the protocol. The direct use of the hash function cannot guarantee the security of the protocol. We also point out that a combination of the hash function and the RSA cryptosystem in the protocol may not work securely. To remedy these problems, we improve upon the protocol by modifying the hash function correctly.",

keywords = "Authentication, E-residue attack, Key exchange, Leakage-resilience, Off-line dictionary attack, Password",

author = "Chun, {Ji Young} and Hwang, {Jung Yeon} and Lee, {Dong Hoon}",

note = "Funding Information: This work was supported by the Korea Research Foundation Grant funded by the Korean Government(MOEHRD, Basic Research Promotion Fund)(KRF-2008-314-D00412). Digital Object Identifier 10.1109/TWC.2009.080693",

year = "2009",

month = may,

doi = "10.1109/TWC.2009.080693",

language = "English",

volume = "8",

pages = "2274--2279",

journal = "IEEE Transactions on Wireless Communications",

issn = "1536-1276",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

number = "5",

}

TY - JOUR

T1 - A note on leakage-resilient authenticated key exchange

AU - Chun, Ji Young

AU - Hwang, Jung Yeon

AU - Lee, Dong Hoon

N1 - Funding Information: This work was supported by the Korea Research Foundation Grant funded by the Korean Government(MOEHRD, Basic Research Promotion Fund)(KRF-2008-314-D00412). Digital Object Identifier 10.1109/TWC.2009.080693

PY - 2009/5

Y1 - 2009/5

N2 - Fathi et al. recently proposed a leakage-resilient authenticated key exchange protocol for a server-client model in mobility environment over wireless links. In the paper, we address flaws in a hash function used in the protocol. The direct use of the hash function cannot guarantee the security of the protocol. We also point out that a combination of the hash function and the RSA cryptosystem in the protocol may not work securely. To remedy these problems, we improve upon the protocol by modifying the hash function correctly.

AB - Fathi et al. recently proposed a leakage-resilient authenticated key exchange protocol for a server-client model in mobility environment over wireless links. In the paper, we address flaws in a hash function used in the protocol. The direct use of the hash function cannot guarantee the security of the protocol. We also point out that a combination of the hash function and the RSA cryptosystem in the protocol may not work securely. To remedy these problems, we improve upon the protocol by modifying the hash function correctly.

KW - Authentication

KW - E-residue attack

KW - Key exchange

KW - Leakage-resilience

KW - Off-line dictionary attack

KW - Password

UR - http://www.scopus.com/inward/record.url?scp=77955719586&partnerID=8YFLogxK

U2 - 10.1109/TWC.2009.080693

DO - 10.1109/TWC.2009.080693

M3 - Article

AN - SCOPUS:77955719586

SN - 1536-1276

VL - 8

SP - 2274

EP - 2279

JO - IEEE Transactions on Wireless Communications

JF - IEEE Transactions on Wireless Communications

IS - 5

ER -

A note on leakage-resilient authenticated key exchange

Abstract

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this