Title :
An improved password-based authenticated email protocol
Author :
Zhang, Jianhong ; Chen, Hua
Author_Institution :
Coll. of Sci., North China Univ. of Technol., Beijing, China
Abstract :
Nowadays, email has become the most widely communication way in daily life. Recently, to improve security and efficiency of email system, Kwon et al. proposed a forward-secure password-based email protocol. Unfortunately, by analyzing the security of the scheme, we show that their protocol cannot resist to the forged message attack of the sender server, that is to say, the sender server can disguise as the sender to send a message to the receiver. Then we give the corresponding attack on their protocol. To overcome the flaw, we give an improved password-based authenticated email protocol. In the improved protocol, the sender adopts signcryption to send message in order to prevent the sender server´s forgery attack. The analysis of the improved protocol shows that the protocol is secure against the forged message attack of the sender server and can provide the following security properties: confidentiality, the sender´s authentication, forward secrecy and undeniability.
Keywords :
cryptographic protocols; electronic mail; message authentication; forged message attack; password-based authenticated email protocol; security properties; signcryption; Authentication; Communication system security; Cryptography; Educational institutions; Electronic mail; Forgery; Identity-based encryption; Internet; Protocols; Resists; authentication; email protocol; security analysis; undeniability;
Conference_Titel :
Information Management and Engineering (ICIME), 2010 The 2nd IEEE International Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-1-4244-5263-7
Electronic_ISBN :
978-1-4244-5265-1
DOI :
10.1109/ICIME.2010.5477942
