, Hyun-Sung Kim
, and Kee-Young Yoo
Department of Computer Engineering Kyungpook National University
Taegu, KOREA
Department of Computer Engineering Kyungil University
Kyungsansi, Kyungsangpookdo, KOREA
E-mail : yook@purple.knu.ac.kr
Sung-Woon Lee, Hyun-Sung Kim, and Kee-Young Yoo
Department of Computer Engineering Kyungpook National University
Taegu, KOREA
Department of Computer Engineering Kyungil University
Kyungsansi, Kyungsangpookdo, KOREA
E-mail : yook@purple.knu.ac.kr
It is necessary to verify the identities of the communicating parties when they initiate a connection. This authentication is usually provided in combination with a key agreement protocol between the parties. Techniques for user authentication are broadly based on one or more of the following categories: (1) what a user knows, (2) what a user is, or (3) what a user has. Among them, the first category is the most widely used method due to the advantages of simplicity, convenience, adaptability, mobility, and less hardware requirement. It requires users only to remember their knowledge such as a password. However, traditional password-based protocols are susceptible to off-line password guessing attacks (called dictionary attacks) because many users tend to choose memorable passwords of relatively low entropy.
In this paper, we proposes an efficient authenticated key agreement protocol called AKA, which provides mutual authentication and key agreement over an insecure channel between a client and a server knowing only a small password having low entropy. The proposed protocol is secure against passive and active attacks and provides perfect forward secrecy. In addition, the protocol provides the security in the case of server compromise. That means an attacker not being able to pose as a client after compromising the server, however, it would be trivial to pose as the server. However, AKA are not the most efficient method in the perspective of the total execution time because it does not provide parallelizability to each party. Thus, we propose a paralleliable AKA called P-AKA to speed up AKA scheme by supporting parallel computability to both parties. P-AKA can reduce the total execution time for AKA. The idea to make it parallelizable protocol is simple. P-AKA take up massage exchange of 4 steps rather than 3 steps in terms of communication steps to quickly compute the message having influence on execution of the opposite party and send it to him.
Compared to the existing well-known protocols as SNAPI-X, A-EKE, B-SPEKE, SRP, AMP, and PAK-X which were submitted to IEEE 1363.2, our protocols are more efficient.