Abstract
A three-party authenticated key agreement (3PAKA) scheme is a protocol that enables a pair of registered clients to establish session keys via the help of a trusted server such that each client pre-shares its secret key with the server only. This approach greatly improves the scalability of key agreement protocols and provides better user convenience. Conventionally, 3PAKA-like many other key agreement schemes are based on the classic computational Diffie–Hellman problem (CDHP) to establish the session keys, and each client requires at least two modular exponentiations. However, as more and more mobile devices with limited resources are becoming popular, it is desirable to reduce the computational load for those clients while still preserving its strong security. In this paper, based on the modified CDHP, we propose new 3PAKA schemes which require only four message steps and reduce clients’ exponentiation computations up to 50%, compared to those schemes that are based on the CDHP and provide the same functions. The security of the proposed schemes is formally proved. The excellent performance makes them very attractive to those clients with limited resources.
Similar content being viewed by others
References
Gong, L.: Lower bounds on messages and rounds for network authentication protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security 1993, Fair-fax, Virginia, 3–5 Nov, pp. 26–37, ACM (1993)
Steiner, M.; Tsudik, G.; Wainder, M.: Refinement and extension of encrypted key exchange. ACM Oper. Syst. Rev. 29(3), 22–30 (1995)
Bellare, M.; Rogaway, P.: Provably secure session key distribution: the three party case. In: Proceedings of 27th ACM Symposium on the Theory of Computing, Las Vegas, Nevada, USA, 29 May–1 June 1995, pp. 57–66, ACM (1995)
Bellare, M.; Pointcheval, D.; Rogaway, P.: Authenticated key exchange secure against dictionary attacks. Eurocrypt 2000, Belgium, 14–18 May, pp. 139–155, LNCS 1807, Springer, Berlin (2000)
Lin, C.L.; Sun, H.M.; Hwang, T.: Three party-encrypted key exchange: attacks and a solution. ACM Oper. Syst. Rev. 34(4), 12–20 (2000)
Lin, C.L.; Sun, H.M.; Steiner, M.; Hwang, T.: Three-party encrypted key exchange without server public-keys. IEEE Commun. Lett. 5(12), 497–499 (2001)
Lee, T.F.; Hwang, T.; Lin, C.L.: Enhanced three-party encrypted key exchange without server public keys. Comput. Secur. 23(7), 571–577 (2004)
Huang, H.F.: A simple three-party password-based key exchange protocol. Int. J. Commun. Syst. 22(7), 857–862 (2009)
Juang, W.S.J.: Efficient three-party key exchange using smart cards. IEEE Trans. Consum. Electron. 50, 619–624 (2004)
Sun, H.M.; Chen, B.C.; Hwang, T.: Secure key agreement protocols for three-party against guessing attacks. J. Syst. Softw. 75, 63–68 (2005)
Nam, J.; Kim, S.; Won, D.: Attack on the Sun–Chen–Hwang’s three-party key agreement protocols using passwords. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. E89–A(1), 209–212 (2006)
Lu, R.; Cao, Z.: Simple three-party key exchange protocol. Comput. Secur. 26(1), 94–97 (2007)
Yoon, E.J.; Yoo, K.Y.: Cryptanalysis of a simple three-party password-based key exchange protocol. Int. J. Commun. Syst. 24(4), 532–542 (2010)
Chung, H.R.; Ku, W.C.: Three weaknesses in a simple three-party key exchange protocol. Inf. Sci. 178(1), 220–229 (2008)
Yoon, E.J.; Yoo, K.Y.: 3PSA: 3-party smart card-based authentication scheme. In: Proceedings of Fourth International Conference on Innovative Computing Information and Control (ICICIC), Kaohsiung, Taiwan, Dec 7–9, pp. 1447–1451, IEEE (2009)
Chien, H.Y.; Wu, T.C.: Provably secure password-based three-party key exchange with optimal message steps. Comput. J. 52(6), 646–655 (2009)
Chien, H.Y.: Provably secure authenticated Diffie–Hellman key exchange for resource-limited devices. In: The Second Cross-Straits Conference on Information Security (CSCIS 2013), Kaohsiung, Taiwan, Sept 11–13 (2013)
Yang, H.; Zhang, Y.X.; Zhou, Y.Z.; Fu, X.M.; Liu, H.; Vasilakosc, A.V.: Provably secure three-party authenticated key agreement protocol using smart cards. Comput. Netw. 58, 29–38 (2014)
Lee, C.F.; Chien, H.Y.; Laih, C.S.L.: Server-less RFID authentication and search protocol with enhanced security. Int. J. Commun. Syst. 25(3), 376–385 (2012)
Guo, C.; Chang, C.C.: An authenticated group key distribution protocol based on the generalized Chinese remainder theorem. Int. J. Commun. Syst. 27(1), 126–134 (2014)
Chien, H.-Y.: A generic approach to improving Diffie–Hellman key agreement efficiency for thin clients. Comput. J. 59, 592–601 (2015)
Xiong, H.; Chen, Y.; Guan, Z.; Chen, Z.: Finding and fixing vulnerabilities of several three-party password authenticated key exchange protocols without server public key. Inf. Sci. 235(20), 329–340 (2013)
Muthumeenakshi, R.; Reshmi, T.R.; Murugan, K.: Extended 3PAKE authentication scheme for value-added services in VANETs. Comput. Electr. Eng. 59, 27–38 (2017)
Yang, H.; Zhang, Y.; Zhou, Y.; Xiaoming, F.; Liu, H.; Vasilakos, A.V.: Provably secure three-party authenticated key agreement protocol using smart cards. Comput. Netw. 58(1), 29–38 (2014)
Islam, S.K.H.; Amin, R.; Biswas, G.P.; Farash, M.S.; Li, X.; Kumari, S.: An improved three party authenticated key exchange protocol using hash function and elliptic curve cryptography for mobile-commerce environments. J. King Saud Univ. Comput. Inf. Sci. doi:10.1016/j.jksuci.2015.08.002
Amin, R.; Biswas, G.P.: Cryptanalysis and design of a three-party authenticated key exchange protocol using smart card. Arab. J. Sci. Eng. 40(11), 3135–3149 (2015)
Avispa—a tool for automated validation of internet security protocols. http://www.avispa-project.org
de la Piedra, A.; Braeken, A.; Touhafi, A.: A performance comparison study of ECC and AES in commercial and research sensor nodes. IEEE EUROCON 2013, July 1–4 Croatia
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Chien, HY. Using the Modified Diffie–Hellman Problem to Enhance Client Computational Performance in a Three-Party Authenticated Key Agreement. Arab J Sci Eng 43, 637–644 (2018). https://doi.org/10.1007/s13369-017-2725-6
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13369-017-2725-6