Elliptic Curve based Authenticated Key Agreement Protocol for Wireless Security

An authenticated key agreement (called AKA) protocol not only makes it possible for the involving parties to authenticate each other but also guarantees their subsequent secure channels with the generated session keys. This kind of AKA protocols may be a combination of authentication and the Diffie-Hellman protocol. For wireless security, it may be preferable to use password-based authentication and the elliptic curve Diffie-Hellman protocol both of which provide usability and efficiency, respectively. However, this combination sometimes results in insecurity against a special kind of off-line dictionary attacks known as "partition attacks". In this paper we propose an elliptic curve based AKA (EC-AKA) protocol secure against partition attacks and suitable for the following situation: (1) a client, who communicates with many different servers, remembers only one password and has insecure devices (e.g., mobile phones or PDAs); (2) the counterpart servers are not perfectly secure against several attacks (e.g., virus or hacker); (3) neither PKI (public key infrastructures) nor TRM (tamper-resistance modules) is available. The EC-AKA protocol achieves more strengthened security properties and efficiency compared with the existing AKA protocols (employed in the IEEE 802.1x)