Security weakness in a provable secure authentication protocol given forward secure session key

Mijin Kim, Heasuk Jo, Seung-Joo Kim, Dongho Won

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Citations (Scopus)

Abstract

Shi, Jang and Yoo recently proposed a provable secure key distribution and authentication protocol between user, service provider and key distribution center(KDC). The protocol was based on symmetric cryptosystem, challenge-response, Diffie-Hellman component and hash function. Despite the claim of provable security, the protocol is in fact insecure in the presence of an active adversary. In this paper, we present the imperfection of Shi et al.'s protocol and suggest modifications to the protocol which would resolve the problem.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Pages204-211
Number of pages8
Volume5593 LNCS
EditionPART 2
DOIs
Publication statusPublished - 2009 Nov 9
Externally publishedYes
EventInternational Conference on Computational Science and Its Applications, ICCSA 2009 - Seoul, Korea, Republic of
Duration: 2009 Jun 292009 Jul 2

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
NumberPART 2
Volume5593 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

OtherInternational Conference on Computational Science and Its Applications, ICCSA 2009
CountryKorea, Republic of
CitySeoul
Period09/6/2909/7/2

Fingerprint

Hash functions
Authentication Protocol
Authentication
Cryptography
Key Distribution
Defects
Provable Security
Distribution Center
Diffie-Hellman
Cryptosystem
Imperfections
Hash Function
Resolve

Keywords

  • Authentication
  • Cryptography
  • Key distribution
  • Known key attack
  • Provable security

ASJC Scopus subject areas

  • Computer Science(all)
  • Theoretical Computer Science

Cite this

Kim, M., Jo, H., Kim, S-J., & Won, D. (2009). Security weakness in a provable secure authentication protocol given forward secure session key. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (PART 2 ed., Vol. 5593 LNCS, pp. 204-211). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5593 LNCS, No. PART 2). https://doi.org/10.1007/978-3-642-02457-3_18

Security weakness in a provable secure authentication protocol given forward secure session key. / Kim, Mijin; Jo, Heasuk; Kim, Seung-Joo; Won, Dongho.

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 5593 LNCS PART 2. ed. 2009. p. 204-211 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5593 LNCS, No. PART 2).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Kim, M, Jo, H, Kim, S-J & Won, D 2009, Security weakness in a provable secure authentication protocol given forward secure session key. in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). PART 2 edn, vol. 5593 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), no. PART 2, vol. 5593 LNCS, pp. 204-211, International Conference on Computational Science and Its Applications, ICCSA 2009, Seoul, Korea, Republic of, 09/6/29. https://doi.org/10.1007/978-3-642-02457-3_18
Kim M, Jo H, Kim S-J, Won D. Security weakness in a provable secure authentication protocol given forward secure session key. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). PART 2 ed. Vol. 5593 LNCS. 2009. p. 204-211. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); PART 2). https://doi.org/10.1007/978-3-642-02457-3_18
Kim, Mijin ; Jo, Heasuk ; Kim, Seung-Joo ; Won, Dongho. / Security weakness in a provable secure authentication protocol given forward secure session key. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 5593 LNCS PART 2. ed. 2009. pp. 204-211 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); PART 2).
@inproceedings{73b8a6b2f8564cae9c8adc96a26d1c17,
title = "Security weakness in a provable secure authentication protocol given forward secure session key",
abstract = "Shi, Jang and Yoo recently proposed a provable secure key distribution and authentication protocol between user, service provider and key distribution center(KDC). The protocol was based on symmetric cryptosystem, challenge-response, Diffie-Hellman component and hash function. Despite the claim of provable security, the protocol is in fact insecure in the presence of an active adversary. In this paper, we present the imperfection of Shi et al.'s protocol and suggest modifications to the protocol which would resolve the problem.",
keywords = "Authentication, Cryptography, Key distribution, Known key attack, Provable security",
author = "Mijin Kim and Heasuk Jo and Seung-Joo Kim and Dongho Won",
year = "2009",
month = "11",
day = "9",
doi = "10.1007/978-3-642-02457-3_18",
language = "English",
isbn = "3642024564",
volume = "5593 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
number = "PART 2",
pages = "204--211",
booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
edition = "PART 2",

}

TY - GEN

T1 - Security weakness in a provable secure authentication protocol given forward secure session key

AU - Kim, Mijin

AU - Jo, Heasuk

AU - Kim, Seung-Joo

AU - Won, Dongho

PY - 2009/11/9

Y1 - 2009/11/9

N2 - Shi, Jang and Yoo recently proposed a provable secure key distribution and authentication protocol between user, service provider and key distribution center(KDC). The protocol was based on symmetric cryptosystem, challenge-response, Diffie-Hellman component and hash function. Despite the claim of provable security, the protocol is in fact insecure in the presence of an active adversary. In this paper, we present the imperfection of Shi et al.'s protocol and suggest modifications to the protocol which would resolve the problem.

AB - Shi, Jang and Yoo recently proposed a provable secure key distribution and authentication protocol between user, service provider and key distribution center(KDC). The protocol was based on symmetric cryptosystem, challenge-response, Diffie-Hellman component and hash function. Despite the claim of provable security, the protocol is in fact insecure in the presence of an active adversary. In this paper, we present the imperfection of Shi et al.'s protocol and suggest modifications to the protocol which would resolve the problem.

KW - Authentication

KW - Cryptography

KW - Key distribution

KW - Known key attack

KW - Provable security

UR - http://www.scopus.com/inward/record.url?scp=70350686745&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=70350686745&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-02457-3_18

DO - 10.1007/978-3-642-02457-3_18

M3 - Conference contribution

AN - SCOPUS:70350686745

SN - 3642024564

SN - 9783642024566

VL - 5593 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 204

EP - 211

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

ER -