Leakage-Resilient Authenticated Key Establishment Protocols

  • SeongHan Shin
  • Kazukuni Kobara
  • Hideki Imai
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2894)

Abstract

Authenticated Key Establishment (AKE) protocols enable two entities, say a client (or a user) and a server, to share common session keys in an authentic way. In this paper, we review AKE protocols from a little bit different point of view, i.e. the relationship between information a client needs to possess (for authentication) and immunity to the respective leakage of stored secrets from a client side and a server side. Since the information leakage would be more conceivable than breaking down the underlying cryptosystems, it is desirable to enhance the immunity to the leakage. First and foremost, we categorize AKE protocols according to how much resilience against the leakage can be provided. Then, we propose new AKE protocols that have immunity to the leakage of stored secrets from a client and a server (or servers), respectively. And we extend our protocols to be possible for updating secret values registered in server(s) or password remembered by a client.

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • SeongHan Shin
    • 1
  • Kazukuni Kobara
    • 1
  • Hideki Imai
    • 1
  1. 1.Institute of Industrial ScienceThe University of TokyoTokyoJapan

Personalised recommendations