Augmented encrypted key exchange using RSA encryption

Author

Barmawi, Ari Musriami ; Takada, Shingo ; Doi, Norihisa

Author_Institution

Dept. of Comput. Sci., Keio Univ., Kanagawa, Japan

Volume

2

fYear

1997

fDate

1-4 Sep 1997

Firstpage

490

Abstract

The augmented encrypted key exchange (A-EKE) uses a shared secret key for encryption. The A-EKE uses the hash of sender´s password as the shared secret key. By using Simmon´s attack the sender´s password can be broken. If this is accomplished, the attacker is able to know the communicating parties session key used after authentication as well as in the authentication of the sender. Furthermore, using the broken session key and the password, the attacker can impersonate the real sender. To prevent this from happening, we propose a method to keep the session key and sender´s password secret even if the attacker can break the shared secret key. This is accomplished by using RSA encryption. In our proposed scheme we use public keys which will be kept by the communicating parties and will be exchanged indirectly, i.e. instead of sending the whole public key the two parties will send the number which determines their public key, along with the shared key

Keywords

message authentication; public key cryptography; RSA encryption; Simmon´s attack; augmented encrypted key exchange; broken session key; communicating parties session key; public keys; sender authentication; sender password; shared secret key; Authentication; Computer science; Computer security; Cryptography; Galois fields; Information science; Public key;

fLanguage

English

Publisher

ieee

Conference_Titel

Personal, Indoor and Mobile Radio Communications, 1997. Waves of the Year 2000. PIMRC '97., The 8th IEEE International Symposium on

Conference_Location

Helsinki

Print_ISBN

0-7803-3871-5

Type

conf

DOI

10.1109/PIMRC.1997.631052

Filename

631052