Skip to main content

Authentication Protocols and Key Establishment

  • 1098 Accesses

Part of the Information Security and Cryptography book series (ISC)

Abstract

This chapter discusses authentication protocols involving cryptographic algorithms. The main focus is authenticated key establishment protocols seeking to establish a cryptographic key (secret) for subsequent secure communications, with assurance of the identity of the far-end party sharing the key. Several mainstream key establishment protocols are discussed, as well as examples of what can go wrong. We also discuss passwordauthenticated key exchange, designed to resist offline attacks even if users choose predictable passwords, as well as single sign-on (SSO) systems and related federated identity systems. A main objective is to highlight that even experts find it hard to avoid subtle errors in the design of authentication protocols; software designers should use standardized protocols and carefully scrutinized software libraries, and fully expect that any protocols they design themselves will almost surely contain hidden flaws.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-83411-1_4
  • Chapter length: 34 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   59.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-83411-1
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Hardcover Book
USD   79.99
Price excludes VAT (USA)

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. M. Abadi and R. M. Needham. Prudent engineering practice for cryptographic protocols. IEEE Trans. Software Eng., 22(1):6–15, 1996. See also (same authors and title): IEEE Symp. Security and Privacy, page 122–136, 1994.

    Google Scholar 

  2. M. Abdalla, F. Benhamouda, and P. MacKenzie. Security of the J-PAKE password-authenticated key exchange protocol. In IEEE Symp. Security and Privacy, pages 571–587, 2015.

    Google Scholar 

  3. R. J. Anderson and R. M. Needham. Programming Satan’s Computer. In Computer Science Today: Recent Trends and Developments, pages 426–440. 1995. Springer LNCS 1000.

    Google Scholar 

  4. R. J. Anderson and R. M. Needham. Robustness principles for public key protocols. In CRYPTO, pages 236–247, 1995.

    Google Scholar 

  5. R. J. Anderson and S. Vaudenay. Minding your p’s and q’s. In ASIACRYPT, pages 26–35, 1996..

    Google Scholar 

  6. S. M. Bellovin and M. Merritt. Encrypted key exchange: Password-based protocols secure against dictionary attacks. In IEEE Symp. Security and Privacy, pages 72–84, 1992.

    Google Scholar 

  7. S. M. Bellovin and M. Merritt. Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password file compromise. In ACM Comp. & Comm. Security (CCS), pages 244–250, 1993.

    Google Scholar 

  8. R. Bird, I. S. Gopal, A. Herzberg, P. A. Janson, S. Kutten, R. Molva, and M. Yung. Systematic design of two-party authentication protocols. In CRYPTO, pages 44–61, 1991.

    Google Scholar 

  9. C. Boyd and A. Mathuria. Protocols for Authentication and Key Establishment. Springer, 2003. Also second edition (2019) with Douglas Stebila.

    Google Scholar 

  10. W. E. Burr, D. F. Dodson, E. M. Newton, R. A. Perlner, W. T. Polk, S. Gupta, and E. A. Nabbus. NIST Special Pub 800-63-1: Electronic Authentication Guideline. U.S. Dept. of Commerce. Dec 2011 (121 pages), supersedes [11]; superseded by SP 800-63-2, Aug 2013 (123 pages), itself superseded by [20].

    Google Scholar 

  11. W. E. Burr, D. F. Dodson, and W. T. Polk. NIST Special Pub 800-63: Electronic Authentication Guideline. U.S. Dept. of Commerce. Ver. 1.0, Jun 2004 (53 pages), including Appendix A: Estimating Password Entropy and Strength (8 pages). Superseded by [10].

    Google Scholar 

  12. M. Burrows, M. Abadi, and R. M. Needham. A logic of authentication. ACM Trans. Comput. Syst., 8(1):18–36, 1990. See also (same authors and title) ACM SOSP, pages 1–13, 1989.

    Google Scholar 

  13. S. Chiasson, P. C. van Oorschot, and R. Biddle. A usability study and critique of two password managers. In USENIX Security, 2006.

    Google Scholar 

  14. W. Diffie, P. C. van Oorschot, and M. J. Wiener. Authentication and authenticated key exchanges. Designs, Codes and Cryptography, 2(2):107–125, 1992.

    Google Scholar 

  15. N. Ferguson and B. Schneier. Practical Cryptography. Wiley, 2003.

    Google Scholar 

  16. J. Fried, P. Gaudry, N. Heninger, and E. Thom´e. A kilobit hidden SNFS discrete logarithm computation. In EUROCRYPT, pages 202–231, 2017.

    Google Scholar 

  17. K. Gaarder and E. Snekkenes. Applying a formal analysis technique to the CCITT X.509 strong twoway authentication protocol. Journal of Cryptology, 3(2):81–98, 1991.

    Google Scholar 

  18. D. Gillmor. RFC 7919: Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS), Aug. 2016. Proposed Standard.

    Google Scholar 

  19. L. Gong, T. M. A. Lomas, R. M. Needham, and J. H. Saltzer. Protecting poorly chosen secrets from guessing attacks. IEEE J. Selected Areas in Commns, 11(5):648–656, 1993.

    Google Scholar 

  20. P. A. Grassi et al. NIST Special Pub 800-63-3: Digital Identity Guidelines. U.S. Dept. of Commerce. Jun 2017, supersedes [10]. Additional parts SP 800-63A: Enrollment and Identity Proofing, SP 800- 63B: Authentication and Lifecycle Management, SP 800-63C: Federation and Assertions.

    Google Scholar 

  21. F. Hao. RFC 8236: J-PAKE—Password-Authenticated Key Exchange by Juggling, Sept. 2017. Informational.

    Google Scholar 

  22. F. Hao and P. Ryan. Password authenticated key exchange by juggling. In 2008 Security Protocols Workshop, pages 159–171. Springer LNCS 6615 (2011).

    Google Scholar 

  23. F. Hao and P. Ryan. J-PAKE: Authenticated key exchange without PKI. Trans. Computational Science, 11:192–206, 2010. Springer LNCS 6480.

    Google Scholar 

  24. F. Hao and S. F. Shahandashti. The SPEKE protocol revisited. In Security Standardisation Research (SSR), pages 26–38, 2014. Springer LNCS 8893. See also: IEEE TIFS, 2018, “Analyzing and patching SPEKE in ISO/IEC”

    Google Scholar 

  25. D. P. Jablon. Strong password-only authenticated key exchange. Computer Communication Review, 26(5):5–26, 1996.

    Google Scholar 

  26. D. P. Jablon. Extended password key exchange protocols immune to dictionary attacks. In Workshop on Enabling Technologies/Infrastructure for Collaborative Enterprises (WET-ICE), pages 248–255, 1997.

    Google Scholar 

  27. C. Kaufman, R. Perlman, and M. Speciner. Network Security: Private Communications in a Public World (2nd edition). Prentice Hall, 2003.

    Google Scholar 

  28. A. Kumar, N. Saxena, G. Tsudik, and E. Uzun. Caveat emptor: A comparative study of secure device pairing methods. In IEEE Pervasive Computing and Comm. (PerCom 2009), pages 1–10, 2009.

    Google Scholar 

  29. L. Law, A. Menezes, M. Qu, J. A. Solinas, and S. A. Vanstone. An efficient protocol for authenticated key agreement. Designs, Codes and Cryptography, 28(2):119–134, 2003.

    Google Scholar 

  30. C. H. Lim and P. J. Lee. A key recovery attack on discrete log-based schemes using a prime order subgroup. In CRYPTO, pages 249–263, 1997.

    Google Scholar 

  31. S. Lucks. Open Key Exchange: How to defeat dictionary attacks without encrypting public keys. In Security Protocols Workshop, pages 79–90, 1997.

    Google Scholar 

  32. P. D. MacKenzie, S. Patel, and R. Swaminathan. Password-authenticated key exchange based on RSA. In ASIACRYPT, pages 599–613, 2000.

    Google Scholar 

  33. C. Mainka, V. Mladenov, J. Schwenk, and T. Wich. SoK: Single sign-on security—An evaluation of OpenID Connect. In IEEE Eur. Symp. Security & Privacy, pages 251–266, 2017.

    Google Scholar 

  34. A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996. Openly available, http://cacr.uwaterloo.ca/hac/.

    Google Scholar 

  35. R. M. Needham and M. D. Schroeder. Using encryption for authentication in large networks of computers. Comm. ACM, 21(12):993–999, 1978.

    Google Scholar 

  36. B. C. Neuman and T. Ts’o. Kerberos: An authentication service for computer networks. IEEE Communications Magazine, pages 33–38, Sept. 1994.

    Google Scholar 

  37. C. Neuman, T. Yu, S. Hartman, and K. Raeburn. RFC 4120: The Kerberos Network Authentication Service (V5), July 2005. Proposed Standard; obsoletes RFC 1510.

    Google Scholar 

  38. A. Pashalidis and C. J. Mitchell. A taxonomy of single sign-on systems. In Australasian Conf. on Info. Security & Privacy (ACISP), pages 249–264, 2003.

    Google Scholar 

  39. S. Patel. Number theoretic attacks on secure password schemes. In IEEE Symp. Security and Privacy, pages 236–247, 1997.

    Google Scholar 

  40. C. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4(3):161–174, 1991.

    Google Scholar 

  41. R. Shekh-Yusef, D. Ahrens, and S. Bremer. RFC 7616: HTTP Digest Access Authentication, Sept. 2015. Proposed Standard. Obsoletes RFC 2617.

    Google Scholar 

  42. M. Steiner, G. Tsudik, and M. Waidner. Refinement and extension of encrypted key exchange. ACM Operating Sys. Review, 29(3):22–30, 1995.

    Google Scholar 

  43. L. Valenta, D. Adrian, A. Sanso, S. Cohney, J. Fried, M. Hastings, J. A. Halderman, and N. Heninger. Measuring small subgroup attacks against Diffie-Hellman. In Netw. Dist. Sys. Security (NDSS), 2017.

    Google Scholar 

  44. P. C. van Oorschot. Extending cryptographic logics of belief to key agreement protocols. In ACM Comp. & Comm. Security (CCS), pages 232–243, 1993.

    Google Scholar 

  45. P. C. van Oorschot and M. J. Wiener. On Diffie-Hellman key agreement with short exponents. In EUROCRYPT, pages 332–343, 1996.

    Google Scholar 

  46. P. C. van Oorschot and M. J. Wiener. Parallel collision search with cryptanalytic applications. Journal of Cryptology, 12(1):1–28, 1999.

    Google Scholar 

  47. R. Wang, S. Chen, and X. Wang. Signing me onto your accounts through Facebook and Google: A traffic-guided security study of commercially deployed single-sign-on web services. In IEEE Symp. Security and Privacy, pages 365–379, 2012.

    Google Scholar 

  48. T.Wu. RFC 2945: The SRP Authentication and Key Exchange System, Sept. 2000. RFC 2944 (Telnet) and RFC 5054 (TLS) rely on SRP; see also http://srp.stanford.edu/ (Stanford SRP Homepage).

    Google Scholar 

  49. T. D. Wu. The secure remote password protocol. In Netw. Dist. Sys. Security (NDSS), 1998.

    Google Scholar 

  50. T. D. Wu. A real-world analysis of Kerberos password security. In Netw. Dist. Sys. Security (NDSS), 1999.

    Google Scholar 

  51. R. Zuccherato. RFC 2785: Methods for Avoiding the “Small-Subgroup” Attacks on the Diffie-Hellman Key Agreement Method for S/MIME, Mar. 2000. Informational.

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 The Author(s)

About this chapter

Verify currency and authenticity via CrossMark

Cite this chapter

van Oorschot, P.C. (2021). Authentication Protocols and Key Establishment. In: Computer Security and the Internet. Information Security and Cryptography. Springer, Cham. https://doi.org/10.1007/978-3-030-83411-1_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-83411-1_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-83410-4

  • Online ISBN: 978-3-030-83411-1

  • eBook Packages: Computer ScienceComputer Science (R0)