Secure Password-Based Authenticated Group Key Agreement for Data-Sharing Peer-to-Peer Networks
نویسندگان
چکیده
We explore authenticated group key agreement in data-sharing Peer-to-Peer networks. We first propose a novel password-based authenticated group key agreement protocol with key confirmation. We present a formal statement of its security in a variant of the Bresson et al. security model adapted for the password-based setting. A discussion of the limitations of our protocol in the case where the group size becomes large is then presented. We conclude the paper with an enhanced version of the protocol, using a CAPTCHA technique, designed to make it more robust against online password guessing attacks.
منابع مشابه
Secure Communications over Insecure Channels Based on Short Authenticated Strings
We propose a way to establish peer-to-peer authenticated communications over an insecure channel by using an extra channel which can authenticate very short strings, e.g. 15 bits. We call this SAS-based authentication as for authentication based on Short Authenticated Strings. The extra channel uses a weak notion of authentication in which strings cannot be forged nor modified, but whose delive...
متن کاملA Novel Approach Towards Cost Effective Region-Based Group Key Agreement Protocol for Peer - to - Peer Information Sharing in Mobile Ad Hoc Networks
Peer-to-peer systems have gained a lot of attention as information sharing systems for the widespread exchange of resources and voluminous information that is easily accessible among thousands of users. However, current peer-to-peer information sharing systems work mostly on wired networks. With the growing number of communication-equipped mobile devices that can self-organize into infrastructu...
متن کاملKey agreement in peer-to-peer wireless networks
We present a set of simple techniques for key establishment over a radio link in peer-to-peer networks. Our approach is based on the Diffie-Hellman key agreement protocol, which is known to be vulnerable to the “man-in-the-middle” attack if the two users involved in the protocol do not share any authenticated information about each other (e.g., public keys, certificates, passwords, shared keys,...
متن کاملAn improved authentication protocol for session initiation protocol using smart card
The authenticated key agreement protocol is an important security protocol for the session initiation protocol, which allows the and the server to authenticate each other and generate a shared session key for privacy, integrity, and non-repudiation in their communications. Recently, Zhang et al. proposed a new authenticated key agreement protocol for the session initiation protocol using smart ...
متن کاملSAS-Based Authenticated Key Agreement
Key agreement protocols are frequently based on the Dif£e-Hellman protocol but require authenticating the protocol messages in two ways. This can be made by a cross-authentication protocol. Such protocols, based on the assumption that a channel which can authenticate short strings is available (SAS-based), have been proposed by Vaudenay. In this paper, we survey existing protocols and we propos...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006