Cryptoanalysis on the Forward Security of Two Authenticated Key Protocols

CHENG Qingfeng; MA Yuqian

doi:10.11999/JEIT211137

Volume 44 Issue 12

Dec. 2022

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2022 > 44(12): 4294-4303

CHENG Qingfeng, MA Yuqian. Cryptoanalysis on the Forward Security of Two Authenticated Key Protocols[J]. Journal of Electronics & Information Technology, 2022, 44(12): 4294-4303. doi: 10.11999/JEIT211137

Citation:

CHENG Qingfeng, MA Yuqian. Cryptoanalysis on the Forward Security of Two Authenticated Key Protocols[J]. Journal of Electronics & Information Technology, 2022, 44(12): 4294-4303. doi: 10.11999/JEIT211137

Citation:

PDF( 1726 KB)

Cryptoanalysis on the Forward Security of Two Authenticated Key Protocols

doi: 10.11999/JEIT211137

CHENG Qingfeng,
MA Yuqian^,

1.
Strategic Support Force Information Engineering University, Zhengzhou 450001, China
2.
State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China

Funds: The National Natural Science Foundation of China (61872449)

Received Date: 2021-10-15
Accepted Date: 2022-05-05
Rev Recd Date: 2022-04-20

Available Online: 2022-05-10

Publish Date: 2022-12-16

Abstract

Abstract

At present, network security and privacy have attracted extensive attention. Forward security is a security attribute of Authenticated Key Agreement protocol (AKA) proposed by Günther in 1989. Since then, this property has become one of the hot topics. This paper analyzes the security properties of two AKA protocols, MZK20 and VSR20. First, based on heuristic analysis and BAN logic, MZK20 protocol is proved that it does not satisfy weak forward security. Second, using heuristic analysis and Scyther, it is proved that VSR20 protocol does not fulfill forward security. Finally, the enhanced VSR20 protocol is designed and proved more secure than VSR20. The security of the modified VSR20 is verified both by the use of security reduction under eCK model and Scyther.
- Formal analysis of security protocols,
- Authenticated Key Agreement protocols (AKA),
- Forward Security

FullText(HTML)

References(25)

References

[1]	GÜNTHER C G. An identity-based key-exchange protocol[C]. Workshop on the Theory and Application of of Cryptographic Techniques, Houthalen, Belgium, 1989: 29–37.
[2]	MATSUMOTO T, TAKASHIMA Y, and IMAI H. On seeking smart public-key-distribution systems[J]. Transactions of the Institute of Electronics and Communication Engineers of Japan Section E, 1986, 69(2): 99–106.
[3]	JEONG I R, KATZ J, and LEE D H. One-round protocols for two-party authenticated key exchange[C]. The 2nd International Conference on Applied Cryptography and Network Security, Yellow Mountain, China, 2004: 220–232.
[4]	KRAWCZYK H. HMQV: A high-performance secure Diffie-Hellman protocol[C]. The 25th Annual International Cryptology Conference, Santa Barbara, USA, 2005: 546–566.
[5]	BOYD C and NIETO J G. On forward secrecy in one-round key exchange[C]. The 13th IMA International Conference on Cryptography and Coding, Oxford, UK, 2011: 451–468.
[6]	曹晨磊, 刘明奇, 张茹, 等. 基于层级化身份的可证明安全的认证密钥协商协议[J]. 电子与信息学报, 2014, 36(12): 2848–2854. doi: 10.3724/SP.J.1146.2014.00684 CAO Chenlei, LIU Mingqi, ZHANG Ru, et al. Provably secure authenticated key agreement protocol based on hierarchical identity[J]. Journal of Electronics &Information Technology, 2014, 36(12): 2848–2854. doi: 10.3724/SP.J.1146.2014.00684
[7]	杨孝鹏, 马文平, 张成丽. 一种新型基于环上带误差学习问题的认证密钥交换方案[J]. 电子与信息学报, 2015, 37(8): 1984–1988. doi: 10.11999/JEIT141506 YANG Xiaopeng, MA Wenping, and ZHANG Chengli. New authenticated key exchange scheme based on ring learning with errors problem[J]. Journal of Electronics &Information Technology, 2015, 37(8): 1984–1988. doi: 10.11999/JEIT141506
[8]	熊婧, 王建明. 基于HASH函数的RFID安全双向认证协议研究[J]. 中国测试, 2017, 43(3): 87–90,96. doi: 10.11857/j.issn.1674-5124.2017.03.018 XIONG Jing and WANG Jianming. Based on HASH function of RFID security authentication protocol and analysis[J]. China Measurement &Test, 2017, 43(3): 87–90,96. doi: 10.11857/j.issn.1674-5124.2017.03.018
[9]	LI Xiong, PENG Jieyao, OBAIDAT M S, et al. A secure three-factor user authentication protocol with forward secrecy for wireless medical sensor network systems[J]. IEEE Systems Journal, 2021, 14(1): 39–50. doi: 10.1109/JSYST.2019.2899580
[10]	SALEEM M A, SHAMSHAD S, AHMED S, et al. Security analysis on “A secure three-factor user authentication protocol with forward secrecy for wireless medical sensor network systems”[J]. IEEE Systems Journal, 2021, 15(4): 5557–5559. doi: 10.1109/JSYST.2021.3073537
[11]	YANG Zheng, HE Jun, TIAN Yangguang, et al. Faster authenticated key agreement with perfect forward secrecy for industrial internet-of-things[J]. IEEE Transactions on Industrial Informatics, 2020, 16(10): 6584–6596. doi: 10.1109/TII.2019.2963328
[12]	CHANG C C and LE H D. A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks[J]. IEEE Transactions on Wireless Communications, 2016, 15(1): 357–366. doi: 10.1109/TWC.2015.2473165
[13]	GOPE P and HWANG T. A realistic lightweight anonymous authentication protocol for securing real-time application data access in wireless sensor networks[J]. IEEE Transactions on Industrial Electronics, 2016, 63(11): 7124–7132. doi: 10.1109/TIE.2016.2585081
[14]	王晨宇, 汪定, 王菲菲, 等. 面向多网关的无线传感器网络多因素认证协议[J]. 计算机学报, 2020, 43(4): 683–700. doi: 10.11897/SP.J.1016.2020.00683 WANG Chenyu, WANG Ding, WANG Feifei, et al. Multi-factor user authentication scheme for multi-gateway wireless sensor networks[J]. Chinese Journal of Computers, 2020, 43(4): 683–700. doi: 10.11897/SP.J.1016.2020.00683
[15]	QIU Shuming, WANG Ding, XU Guoai, et al. Practical and provably secure three-factor authentication protocol based on extended chaotic-maps for mobile lightweight devices[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(2): 1338–1351. doi: 10.1109/TDSC.2020.3022797
[16]	SHAMSHAD S, SALEEM M A, OBAIDAT M S, et al. On the security of a lightweight privacy-preserving authentication protocol for VANETs[C]. 2021 International Conference on Artificial Intelligence and Smart Systems (ICAIS), Coimbatore, India, 2021: 1766–1770.
[17]	RESCORLA E.Internet Engineering Task Force. RFC 8446-The Transport Layer Security (TLS) protocol version 1.3[S]. 2018.
[18]	BOYD C and GELLERT K. A modern view on forward security[J]. The Computer Journal, 2021, 64(4): 639–652. doi: 10.1093/comjnl/bxaa104
[19]	LAMACCHIA B, LAUTER K, and MITYAGIN A. Stronger security of authenticated key exchange[C]. The 1st International Conference on Provable Security, Wollongong, Australia, 2007: 1–16.
[20]	CANETTI R and KRAWCZYK H. Analysis of key-exchange protocols and their use for building secure channels[C]. International Conference on the Theory and Applications of Cryptographic Techniques, Innsbruck, Austria, 2001: 453–474.
[21]	MOHAMED M I, WANG Xiaofen, and ZHANG Xiaosong. Adaptively-secure authenticated key exchange protocol in standard model[J]. International Journal of Network Security, 2018, 20(2): 345–358. doi: 10.6633/IJNS.201803.20(2).16
[22]	BURROWS M, ABADI M, and NEEDHAM R M. A logic of authentication[J]. Proceedings of the Royal Society A:Mathematical, Physical and Engineering Sciences, 1989, 426(1871): 233–271. doi: 10.1098/rspa.1989.0125
[23]	CREMERS C J F. The scyther tool: Verification, falsification, and analysis of security protocols[C]. International Conference on Computer Aided Verification, Princeton, USA, 2008: 414–418.
[24]	AKRAM M A, GHAFFAR Z, MAHMOOD K, et al. An anonymous authenticated key-agreement scheme for multi-server infrastructure[J]. Human-centric Computing and Information Sciences, 2020, 10(1): 22. doi: 10.1186/s13673-020-00227-9
[25]	SURESHKUMAR V, ANANDHI S, AMIN R, et al. Design of robust mutual authentication and key establishment security protocol for cloud-enabled smart grid communication[J]. IEEE Systems Journal, 2021, 15(3): 3565–3572. doi: 10.1109/JSYST.2020.3039402