Related papers: Cryptanalysis of an Identity-Based Authenticated K…
Recently, Abdalla et al. proposed a new gateway-oriented password-based authenticated key exchange (GPAKE) protocol among a client, a gateway, and an authentication server, where each client shares a human-memorable password with a trusted…
The rapid development of IoT networks has led to a research trend in designing effective security features for them. Due to the power-constrained nature of IoT devices, the security features should remain as lightweight as possible.…
In recent years, several protocols for password-based authenticated key exchange have been proposed. These protocols aim to be secure even though the sample space of passwords may be small enough to be enumerated by an off-line adversary.…
Authenticated Key Exchange (AKE) between any two entities is one of the most important security protocols available for securing our digital networks and infrastructures. In PQCrypto 2023, Bruckner, Ramacher and Striecks proposed a novel…
Quantum Key Exchange (QKE, also known as Quantum Key Distribution or QKD) allows communicating parties to securely establish cryptographic keys. It is a well-established fact that all QKE protocols require that the parties have access to an…
Recently, two certificateless three-party authenticated key agreement protocols were proposed, and both protocols were claimed they can meet the desirable security properties including forward security, key compromise impersonation…
Authenticated Key Exchange (AKE) establishes shared ('symmetric') cryptographic keys which are essential for secure online communication. AKE protocols can be constructed from public-key cryptography like Key Encapsulation Mechanisms…
To remove key escrow problem and avoid the need of secure channel in ID based cryptosystem Lee et al. proposed a secure key issuing protocol. However we show that it suffers from impersonation, insider attacks and incompetency of the key…
In a 2005 IACR report, Wang published an efficient identity-based key agreement protocol (IDAK) suitable for resource constrained devices. The author shows that the IDAK key agreement protocol is secure in the Bellare-Rogaway model with…
Simple Password Exponential Key Exchange (SPEKE) is a well-known Password Authenticated Key Exchange (PAKE) protocol that has been used in Blackberry phones for secure messaging and Entrust's TruePass end-to-end web products. It has also…
In this writing, we introduce a novel biometric-authenticated key exchange protocol that allows secure and privacy-preserving key establishment between a stateless biometric sensing system and a "smart" user token that possesses biometric…
The commitment-based AKE model provides a formal security framework for key exchange protocols that avoid long-term cryptographic material, achieving authentication through a final out-of-band verification of session-derived values. Within…
In this work we construct an alternative model for Authenticated Key Exchange, intended to build a theoretic security framework for protocols whose characteristics may not always concur with the specifics of already existing models for…
Motivated by the Quantum Key Distribution (QKD) protocol, introduced in 1984 in the seminal paper of Bennett and Brassard, we investigate in this paper the achievability of unconditionally secure password-authenticated quantum key exchange…
Data privacy and authentication are two main security requirements for remote access and cloud services. While QKD has been explored to address data privacy concerns, oftentimes its use is separate from the client authentication protocol…
Though not yet widely deployed, password-authenticated key exchange (PAKE) protocols have been the subject of several recent standardization efforts, partly because of their resistance against various guessing attacks, but also because they…
In order to prevent eavesdropping and tampering, the network security protocols use a handshake with an asymmetric cipher to establish a session-specific shared key with which further communication is encrypted using a symmetric cipher. The…
Asymmetric password based key exchange is a key exchange protocol where a client and a server share a low entropic password while the server additionally owns a high entropic secret for a public key. There are simple solutions for this…
Non-interactive key exchange (NIKE) enables two or multiple parties (just knowing the public system parameters and each other's public key) to derive a (group) session key without the need for interaction. Recently, NIKE in multi-party…
With rapid increase of mobile computing and wireless network linkage, the information exchange between connected systems and within groups increases heavily. Exchanging confidential information within groups via unsecured communication…