Efficient and Secure Cross-Realm Client-to-Client Password-Authenticated Key Exchange

[[conferencetype]]國際[[conferencedate]]20120326~20120329[[iscallforpapers]]Y[[conferencelocation]]Fukuoka, Japa

Analysis of two pairing-based three-party password authenticated key exchange protocols

Password-Authenticated Key Exchange (PAKE) protocols allow parties to share secret keys in an authentic manner based on an easily memorizable password. Recently, Nam et al. showed that a provably secure three-party password-based authenticated key exchange protocol using Weil pairing by Wen et al. is vulnerable to a man-in-the-middle attack. In doing so, Nam et al. showed the flaws in the proof of Wen et al. and described how to fix the problem so that their attack no longer works. In this paper, we show that both Wen et al. and Nam et al. variants fall to key compromise impersonation by any adversary. Our results underline the fact that although the provable security approach is necessary to designing PAKEs, gaps still exist between what can be proven and what are really secure in practice

Mitigating Botnet-based DDoS Attacks against Web Servers

Distributed denial-of-service (DDoS) attacks have become wide-spread on the Internet. They continuously target retail merchants, financial companies and government institutions, disrupting the availability of their online resources and causing millions of dollars of financial losses. Software vulnerabilities and proliferation of malware have helped create a class of application-level DDoS attacks using networks of compromised hosts (botnets). In a botnet-based DDoS attack, an attacker orders large numbers of bots to send seemingly regular HTTP and HTTPS requests to a web server, so as to deplete the server's CPU, disk, or memory capacity. Researchers have proposed client authentication mechanisms, such as CAPTCHA puzzles, to distinguish bot traffic from legitimate client activity and discard bot-originated packets. However, CAPTCHA authentication is vulnerable to denial-of-service and artificial intelligence attacks. This dissertation proposes that clients instead use hardware tokens to authenticate in a federated authentication environment. The federated authentication solution must resist both man-in-the-middle and denial-of-service attacks. The proposed system architecture uses the Kerberos protocol to satisfy both requirements. This work proposes novel extensions to Kerberos to make it more suitable for generic web authentication. A server could verify client credentials and blacklist repeated offenders. Traffic from blacklisted clients, however, still traverses the server's network stack and consumes server resources. This work proposes Sentinel, a dedicated front-end network device that intercepts server-bound traffic, verifies authentication credentials and filters blacklisted traffic before it reaches the server. Using a front-end device also allows transparently deploying hardware acceleration using network co-processors. Network co-processors can discard blacklisted traffic at the hardware level before it wastes front-end host resources. We implement the proposed system architecture by integrating existing software applications and libraries. We validate the system implementation by evaluating its performance under DDoS attacks consisting of floods of HTTP and HTTPS requests

Cryptanalysis of a client-to-client password-authenticated key agreement protocol

Recently, Byun et al. proposed an efficient client-to-client password-authenticated key agreement protocol (EC2C-PAKA), which was provably secure in a formally defined security model. This letter shows that EC2C-PAKA protocol is vulnerable to password compromise impersonate attack and man-in-the-middle attack if the key between servers is compromised

Security of two recent constant-round password authenticated group key exchange schemes

When humans interact with machines in their daily networks, it is important that security of the communications is offered, and where the involved shared secrets used to achieve this are easily remembered by humans. Password-based authenticated group key exchange (PAGKE) schemes allow group users to share a session key based on a human-memorizable password. In this paper, we consider two PAGKE schemes that build on the seminal scheme of Burmester and Desmedt. Weshow an undetectable online dictionary attack on the first scheme, and exploit the partnering definition to break the key indistinguishability of the second scheme

Authentication for mobile computing

Host mobility is becoming an increasingly important feature with the recent arrival of laptop and palmtop computers, the development of wireless network interfaces and the implementation of global networks. Unfortunately, this mobile environment is also much more vulnerable to penetration by intruders. A possible means of protection can be authentication. This guarantees the identity of a communication peer. This thesis studies the constraints imposed on the mobile environment with respect to authentication. It compares the two prevailing authentication mechanisms, Kerberos and SPX, and tries to make suggestions of how a mechanism can be adapted to the mobile environment

Analysis of Two Pairing-Based Three-Party Password Authenticated Key Exchange Protocols

Password-Authenticated Key Exchange (PAKE) protocols allow parties to share secret keys in an authentic manner based on an easily memorizable password. Recently, Nam et al. showed that a provably secure three-party password-based authenticated key exchange protocol using Weil pairing by Wen et al. is vulnerable to a man-in-the-middle attack. In doing so, Nam et al. showed the flaws in the proof of Wen et al. and described how to fix the problem so that their attack no longer works. In this paper, we show that both Wen et al. and Nam et al. variants fall to key compromise impersonation by any adversary. Our results underline the fact that although the provable security approach is necessary to designing PAKEs, gaps still exist between what can be proven and what are really secure in practice