Abstract
Authenticated Diffie-Hellman key agreement is quite popular for establishing secure session keys. As resource-limited mobile devices are becoming more popular and security threats are increasing, it is desirable to reduce computational load for these resource-limited devices while still preserving its strong security and convenience for users. In this paper, we propose a new smart-card-based user authenticated key agreement scheme which allows users to memorize passwords, reduces users’ device computational load while still preserves its strong security. The proposed scheme effectively improves the computational load of modular exponentiations by 50%, and the security is formally proved.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Sandirigama M, Shimizu A, Noda M T. Simple and secure password authentication protocol (SAS) [J]. IEICE Transactions on Communications, 2000, E83-B(6): 1363–1365.
Chien H Y, Jan J K, Tseng Y M. A modified remote login authentication scheme based on geometric approach [J]. The Journal of Systems and Software, 2001, 55: 287–290.
Sun H M, Li L H. An efficient remote user authentication scheme using smart cards [J]. IEEE Transactions on Consumer Electronics, 2000, 46(4): 958–961.
Wu T C. Remote login authentication scheme based on a geometric approach [J]. Computer Communications, 1995, 18(12): 959–963.
Hwang M S. Cryptanalysis of a remote login authentication scheme [J]. Computer Communications, 1999, 22(8): 742–744.
Bellare M, Canetti R, Krawczyk H. A modular approach to the design and analysis of authentication and key exchange protocols [C]//Proceedings of 30th Annual Symposium on the Theory of Computing. New York, USA: ACM, 1998: 419–428.
Bellare M, Pointcheval D, Rogaway P. Authenticated key exchange secure against dictionary attacks [J]. Lecture Notes in Computer Science, 2000, 1807: 139–155.
Ding Y, Horster P. Undetectable on-line password guessing attacks [J]. ACM Operating Systems Review, 1995, 29(4): 77–86.
Brusilovsky A, Faynberg I, Zeltsan Z, et al. RFC683-password-authenticated key (PAK) Diffie-Hellman exchange [EB/OL]. (2013-10-30). http://tools.ietf.org/html/rfc 5683.
Boyko V, Mackenzie P, Patel S. Provably secure password authenticated key exchange using Diffie-Hellman [J]. Lecture Notes in Computer Science, 2000, 1807: 156–171.
Kwon T. Authentication and key agreement via memorable password [C]//Proceedings of the ISOC Network and Distributed System Security Symposium. [s.l.]: International Association for Cryptologic Research, 2001: 1–13.
Kwon T. Practical authenticated key agreement using passwords [J]. Lecture Notes in Computer Science, 2004, 3225: 1–12.
IEEE. P1363.2 standard specifications for passwordbased public key cryptographic techniques [EB/OL]. http://grouper.ieee.org/groups/1363/december 2002.
Author information
Authors and Affiliations
Corresponding author
Additional information
Foundation item: the National Science Council (No. NSC102-2221-E-260-011)
Rights and permissions
About this article
Cite this article
Chien, Hy. Provably secure authenticated Diffie-Hellman key exchange for resource-limited smart card. J. Shanghai Jiaotong Univ. (Sci.) 19, 436–439 (2014). https://doi.org/10.1007/s12204-014-1521-7
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12204-014-1521-7