Threshold Anonymous Password-Authenticated Key Exchange Secure against Insider Attacks
-
- SHIN SeongHan
- Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science and Technology (AIST) Chuo University
-
- KOBARA Kazukuni
- Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science and Technology (AIST) Chuo University
-
- IMAI Hideki
- Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science and Technology (AIST) Chuo University
この論文をさがす
抄録
An anonymous password-authenticated key exchange (PAKE) protocol is designed to provide both password-only authentication and client anonymity against a semi-honest server, who honestly follows the protocol. In INDOCRYPT2008, Yang and Zhang [26] proposed a new anonymous PAKE (NAPAKE) protocol and its threshold (D-NAPAKE) which they claimed to be secure against insider attacks. In this paper, we first show that the D-NAPAKE protocol [26]is completely insecure against insider attacks unlike their claim. Specifically, only one legitimate client can freely impersonate any subgroup of clients (the threshold t>1) to the server. After giving a security model that captures insider attacks, we propose a threshold anonymous PAKE (called, TAP++) protocol which provides security against insider attacks. Moreover, we prove that the TAP++ protocol has semantic security of session keys against active attacks as well as insider attacks under the computational Diffie-Hellman problem, and provides client anonymity against a semi-honest server, who honestly follows the protocol. Finally, several discussions are followed: 1) We also show another threshold anonymous PAKE protocol by applying our RATIONALE to the non-threshold anonymous PAKE (VEAP) protocol [23]; and 2) We give the efficiency comparison, security consideration and implementation issue of the TAP++ protocol.
収録刊行物
-
- IEICE Transactions on Information and Systems
-
IEICE Transactions on Information and Systems E94-D (11), 2095-2110, 2011
一般社団法人 電子情報通信学会
- Tweet
キーワード
詳細情報 詳細情報について
-
- CRID
- 1390282679356521472
-
- NII論文ID
- 10030193736
-
- NII書誌ID
- AA10826272
-
- ISSN
- 17451361
- 09168532
-
- 本文言語コード
- en
-
- データソース種別
-
- JaLC
- Crossref
- CiNii Articles
- KAKEN
-
- 抄録ライセンスフラグ
- 使用不可