Summary
The 2018 International Symposium on Information Theory and Its Applications (ISITA2018)
2018
Session Number:Mo-PM-2-2
Session:
Number:Mo-PM-2-2.2
Secure Hybrid Authentication Protocols against Malicious Key Generation Center
SeongHan Shin,
pp.213-217
Publication Date:2018/10/18
Online ISSN:2188-5079
DOI:10.34385/proc.55.Mo-PM-2-2.2
PDF download
Summary:
In this paper, we revisit the simplified PWIBSAKE (Sim-PWIBS) protocol [7] constructed from password authentication and identity-based signature. First, we show that the Sim-PWIBS protocol is insecure meaning that a malicious KGC (Key Generation Center) can find out session keys and all clients’ passwords by impersonating the server. Then, we propose two secure simplified PWIBS-AKE (called, PAKEwIBS1 and PAKEwIBS2) protocols that prevents such malicious KGC’s passive/active attacks. Also, we show that there is a trade-off between the PAKEwIBS1 and PAKEwIBS2 protocols in terms of computation costs of client and communication costs.