Learn More
Remote user authentication and key agreement system through smartcard is a viable practical solution to validate the eligibility of a remote user and thus to provide a secure communication. This paper suggests a Secure Authenticated Key Exchange Protocol (SAKEP) for Credential Services. The major intrinsic worth of this scheme include that, the system do(More)
In this paper, we prove the security of the RSA-AKE protocol [9] in the random oracle model. The proof states that the RSA-AKE protocol is secure against an adversary who gets the client's stored secret or the server's RSA private key. To our best knowledge, the RSA-AKE protocol is the most efficient among their kinds (i.e., RSA and password based AKE(More)
In this paper, we propose a new leakage-resilient authentication and data management system that can be regarded as a prominent solution for secure public cloud storage where a cloud service provider completely maintains/controls authentication servers as well as storages. This system not only guarantees a higher level of security against active attacks as(More)
Authenticated key exchange (AKE) protocols are designed to allow mutual authentication and generation of a cryptographically-secure session key. We revisit the conventional AKE protocols employed in IEEE 802.1x for wireless security considering the following situation: (1) a user has some insecure devices with built-in memory capacity; (2) the counterpart(More)
Authenticated Key Establishment (AKE) protocols enable two entities, say a client (or a user) and a server, to share common session keys in an authentic way. In this paper, we review AKE protocols from a little bit different point of view, i.e. the relationship between information a client needs to possess (for authentication) and immunity to the respective(More)
SUMMARY Authenticated Key Establishment (AKE) protocols enable two entities, say a client (or a user) and a server, to share common session keys in an authentic way. In this paper, we review the previous AKE protocols, all of which turn out to be insecure, under the following realistic assumptions: (1) High-entropy secrets that should be stored on devices(More)
At Indocrypt 2005, Viet et al., [22] have proposed an anonymous password-authenticated key exchange (PAKE) protocol and its threshold construction both of which are designed for client's password-based authentication and anonymity against a passive server, who does not deviate the protocol. In this paper, we first point out that their threshold construction(More)