Skip to main content
SpringerLink
Log in

Using the Modified Diffie–Hellman Problem to Enhance Client Computational Performance in a Three-Party Authenticated Key Agreement

  • Research Article - Computer Engineering and Computer Science
  • Published:
Arabian Journal for Science and Engineering Aims and scope Submit manuscript

Abstract

A three-party authenticated key agreement (3PAKA) scheme is a protocol that enables a pair of registered clients to establish session keys via the help of a trusted server such that each client pre-shares its secret key with the server only. This approach greatly improves the scalability of key agreement protocols and provides better user convenience. Conventionally, 3PAKA-like many other key agreement schemes are based on the classic computational Diffie–Hellman problem (CDHP) to establish the session keys, and each client requires at least two modular exponentiations. However, as more and more mobile devices with limited resources are becoming popular, it is desirable to reduce the computational load for those clients while still preserving its strong security. In this paper, based on the modified CDHP, we propose new 3PAKA schemes which require only four message steps and reduce clients’ exponentiation computations up to 50%, compared to those schemes that are based on the CDHP and provide the same functions. The security of the proposed schemes is formally proved. The excellent performance makes them very attractive to those clients with limited resources.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Gong, L.: Lower bounds on messages and rounds for network authentication protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security 1993, Fair-fax, Virginia, 3–5 Nov, pp. 26–37, ACM (1993)

  2. Steiner, M.; Tsudik, G.; Wainder, M.: Refinement and extension of encrypted key exchange. ACM Oper. Syst. Rev. 29(3), 22–30 (1995)

    Article  Google Scholar 

  3. Bellare, M.; Rogaway, P.: Provably secure session key distribution: the three party case. In: Proceedings of 27th ACM Symposium on the Theory of Computing, Las Vegas, Nevada, USA, 29 May–1 June 1995, pp. 57–66, ACM (1995)

  4. Bellare, M.; Pointcheval, D.; Rogaway, P.: Authenticated key exchange secure against dictionary attacks. Eurocrypt 2000, Belgium, 14–18 May, pp. 139–155, LNCS 1807, Springer, Berlin (2000)

  5. Lin, C.L.; Sun, H.M.; Hwang, T.: Three party-encrypted key exchange: attacks and a solution. ACM Oper. Syst. Rev. 34(4), 12–20 (2000)

    Article  Google Scholar 

  6. Lin, C.L.; Sun, H.M.; Steiner, M.; Hwang, T.: Three-party encrypted key exchange without server public-keys. IEEE Commun. Lett. 5(12), 497–499 (2001)

    Article  Google Scholar 

  7. Lee, T.F.; Hwang, T.; Lin, C.L.: Enhanced three-party encrypted key exchange without server public keys. Comput. Secur. 23(7), 571–577 (2004)

    Article  Google Scholar 

  8. Huang, H.F.: A simple three-party password-based key exchange protocol. Int. J. Commun. Syst. 22(7), 857–862 (2009)

    Article  Google Scholar 

  9. Juang, W.S.J.: Efficient three-party key exchange using smart cards. IEEE Trans. Consum. Electron. 50, 619–624 (2004)

    Article  Google Scholar 

  10. Sun, H.M.; Chen, B.C.; Hwang, T.: Secure key agreement protocols for three-party against guessing attacks. J. Syst. Softw. 75, 63–68 (2005)

    Article  Google Scholar 

  11. Nam, J.; Kim, S.; Won, D.: Attack on the Sun–Chen–Hwang’s three-party key agreement protocols using passwords. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. E89–A(1), 209–212 (2006)

    Article  Google Scholar 

  12. Lu, R.; Cao, Z.: Simple three-party key exchange protocol. Comput. Secur. 26(1), 94–97 (2007)

    Article  Google Scholar 

  13. Yoon, E.J.; Yoo, K.Y.: Cryptanalysis of a simple three-party password-based key exchange protocol. Int. J. Commun. Syst. 24(4), 532–542 (2010)

    Article  Google Scholar 

  14. Chung, H.R.; Ku, W.C.: Three weaknesses in a simple three-party key exchange protocol. Inf. Sci. 178(1), 220–229 (2008)

    Article  MathSciNet  MATH  Google Scholar 

  15. Yoon, E.J.; Yoo, K.Y.: 3PSA: 3-party smart card-based authentication scheme. In: Proceedings of Fourth International Conference on Innovative Computing Information and Control (ICICIC), Kaohsiung, Taiwan, Dec 7–9, pp. 1447–1451, IEEE (2009)

  16. Chien, H.Y.; Wu, T.C.: Provably secure password-based three-party key exchange with optimal message steps. Comput. J. 52(6), 646–655 (2009)

    Article  Google Scholar 

  17. Chien, H.Y.: Provably secure authenticated Diffie–Hellman key exchange for resource-limited devices. In: The Second Cross-Straits Conference on Information Security (CSCIS 2013), Kaohsiung, Taiwan, Sept 11–13 (2013)

  18. Yang, H.; Zhang, Y.X.; Zhou, Y.Z.; Fu, X.M.; Liu, H.; Vasilakosc, A.V.: Provably secure three-party authenticated key agreement protocol using smart cards. Comput. Netw. 58, 29–38 (2014)

    Article  Google Scholar 

  19. Lee, C.F.; Chien, H.Y.; Laih, C.S.L.: Server-less RFID authentication and search protocol with enhanced security. Int. J. Commun. Syst. 25(3), 376–385 (2012)

    Article  Google Scholar 

  20. Guo, C.; Chang, C.C.: An authenticated group key distribution protocol based on the generalized Chinese remainder theorem. Int. J. Commun. Syst. 27(1), 126–134 (2014)

    Article  Google Scholar 

  21. Chien, H.-Y.: A generic approach to improving Diffie–Hellman key agreement efficiency for thin clients. Comput. J. 59, 592–601 (2015)

  22. Xiong, H.; Chen, Y.; Guan, Z.; Chen, Z.: Finding and fixing vulnerabilities of several three-party password authenticated key exchange protocols without server public key. Inf. Sci. 235(20), 329–340 (2013)

  23. Muthumeenakshi, R.; Reshmi, T.R.; Murugan, K.: Extended 3PAKE authentication scheme for value-added services in VANETs. Comput. Electr. Eng. 59, 27–38 (2017)

    Article  Google Scholar 

  24. Yang, H.; Zhang, Y.; Zhou, Y.; Xiaoming, F.; Liu, H.; Vasilakos, A.V.: Provably secure three-party authenticated key agreement protocol using smart cards. Comput. Netw. 58(1), 29–38 (2014)

    Article  Google Scholar 

  25. Islam, S.K.H.; Amin, R.; Biswas, G.P.; Farash, M.S.; Li, X.; Kumari, S.: An improved three party authenticated key exchange protocol using hash function and elliptic curve cryptography for mobile-commerce environments. J. King Saud Univ. Comput. Inf. Sci. doi:10.1016/j.jksuci.2015.08.002

  26. Amin, R.; Biswas, G.P.: Cryptanalysis and design of a three-party authenticated key exchange protocol using smart card. Arab. J. Sci. Eng. 40(11), 3135–3149 (2015)

    Article  MathSciNet  Google Scholar 

  27. Avispa—a tool for automated validation of internet security protocols. http://www.avispa-project.org

  28. de la Piedra, A.; Braeken, A.; Touhafi, A.: A performance comparison study of ECC and AES in commercial and research sensor nodes. IEEE EUROCON 2013, July 1–4 Croatia

Download references

Author information

Authors and Affiliations

  1. Department of Information Management, National Chi-Nan University, Puli, 545, Taiwan, ROC

    Hung-Yu Chien

Authors
  1. Hung-Yu Chien
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hung-Yu Chien.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Chien, HY. Using the Modified Diffie–Hellman Problem to Enhance Client Computational Performance in a Three-Party Authenticated Key Agreement. Arab J Sci Eng 43, 637–644 (2018). https://doi.org/10.1007/s13369-017-2725-6

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13369-017-2725-6

Keywords

Search

Navigation