5 research outputs found
Security of two recent constant-round password authenticated group key exchange schemes
When humans interact with machines in their daily networks, it is important that security of the communications is offered, and where the involved shared secrets used to achieve this are easily remembered by humans. Password-based authenticated group key exchange (PAGKE) schemes allow group users to share a session key based on a human-memorizable password. In this paper, we consider two PAGKE schemes that build on the seminal scheme of Burmester and Desmedt. Weshow an undetectable online dictionary attack on the first scheme, and exploit the partnering definition to break the key indistinguishability of the second scheme
Security of Group Key Exchange Protocols with Different Passwords
Password-based authenticated group key exchange protocols allow group users to jointly share a session key based on a human-memorizable password. In this paper, we present an undetectable online dictionary attack on N-EKE-D, a recent provably secure protocol designed to explicitly resist this type of attack. Thus, our result contradicts the design goal. We also give a simple attack on the key indistinguishability of N-EKE-D and two N-EKE-M variants that exploits the definition of partnering in their security model
Enhancing Security of a Group Key Exchange Protocol for Users with Individual Passwords
Group key exchange protocols allow a group of parties communicating
over a public network to come up with a common secret key called a
session key. Due to their critical role in building secure
multicast channels, a number of group key exchange protocols have
been suggested over the years for a variety of settings. Among these
is the so-called EKE-M protocol proposed by Byun and Lee for
password-based group key exchange in the different password
authentication model, where group members are assumed to hold an
individual password rather than a common password. While the
announcement of the EKE-M protocol was essential in the light of the
practical significance of the different password authentication
model, Tang and Chen showed that the EKE-M protocol itself suffers
from an undetectable on-line dictionary attack. Given Tang and
Chen\u27s attack, Byun et al.~have recently suggested a modification to
the EKE-M protocol and claimed that their modification makes EKE-M
resistant to the attack. However, the claim turned out to be untrue.
In the current paper, we demonstrate this by showing that Byun et
al.\u27s modified EKE-M is still vulnerable to an undetectable on-line
dictionary attack. Besides reporting our attack, we also figure out
what has gone wrong with Byun et al.\u27s modification and how to fix
it
Enhancing Security of a Group Key Exchange Protocol for Users with Individual Passwords
1 Introduction The highest priority in designing a key exchange protocol is placed on ensuring the security of session keys to be established by the protocol. Roughly speaking, establishing a session key securely means that the key is being known only to the intended parties at the end of the protocol run. Even if it is computationally infeasible to break the cryptographic algorithms used, the whole system becomes vulnerable to al