80 likes | 418 Views
Improved Authenticated Multiple-Key Agreement Protocol. Source: Computer and Mathematics with Applications 46 (2003), pp. 207-211. Author: Her-Tyan Yen, Hung-Min Sun and Tzonelih Hwang. Introduction. Multiple-Key Agreement protocol The cost of hash function.
E N D
Improved Authenticated Multiple-Key Agreement Protocol Source: Computer and Mathematics with Applications 46 (2003), pp. 207-211. Author: Her-Tyan Yen, Hung-Min Sun and Tzonelih Hwang
Introduction • Multiple-Key Agreement protocol • The cost of hash function
Motivation (1/2) • Authenticated key agreement without using one-way hash functions • L. Harn and H.Y. Lin, Authenticated key agreement protocol without using one-way functions, In Proc. 8th National Conf. Information Security, 155-160 (1998). • Improved authenticated multiple-key agreement protocol • S.M. Yen and M. Joye, Improved authenticated multiple-key agreement protocol, Electron. Lett., 1738-1739, (1998)
Motivation (2/2) • Security of authecticated multiple-key agreement protocols • T.S. Wu, W.H. He and C.L. Hsu, Security of authenticated multiple-key agreement protocols, Electron. Lett., 391-392 (1999). • In Wu et al.’s paper, it still suffers the forgery problem.
Authenticated key agreement without using one-way hash functions • p: large prime • α: primitive element • xA: A’s secret key • xB: B’s secret key • , A’s public key • , B’s public key
Authentication Phase • A selects two random secret number KA1 and KA2 where rA1, rA2, SA, cert(yA)
Key generation • K1 = (rA1)KB1 mod p • K2 = (rA2)KB1 mod p • K3 = (rA1)KB2 mod p • K4 = (rA2)KB2 mod p
Conclusion • The proposed protocol is secure and efficient against forgery, and does not involve any one-way hash function.