Authenticated key exchange for wireless security

Author

Imai, Hideki ; Shin, SeongHan ; Kobara, Kazukuni

Author_Institution

Inst. of Ind. Sci., Univ. of Tokyo, Japan

Volume

2

fYear

2005

fDate

13-17 March 2005

Firstpage

1180

Abstract

Authenticated key exchange (AKE) protocols are designed to allow mutual authentication and generation of a cryptographically-secure session key. We revisit the conventional AKE protocols employed in IEEE 802.1x for wireless security considering the following situation: (1) a user has some insecure devices with built-in memory capacity; (2) the counterpart server is not perfectly secure; (3) neither PKI (public key infrastructure) nor TRM (tamper-resistant module) is available. In addition, the paper introduces a new kind of AKE protocol, which is secure against an active attacker in the above-mentioned situation, in order to enhance the overall security level and usability of passwords. For authenticity, the user´s password is combined with an additional secret stored on insecure mobile devices. Nevertheless, the user remembers only one relatively short password while maintaining its connections with a variety of different servers.

Keywords

cryptography; mobile radio; protocols; telecommunication security; IEEE 802.1x; PKI; authenticated key exchange protocols; cryptographically-secure session key generation; insecure mobile devices; mutual authentication; passwords; privacy; public key infrastructure; tamper-resistant module; wireless security; Access protocols; Authentication; Communication system security; Cryptographic protocols; Dictionaries; Network servers; Public key; Transmission line measurements; Wireless application protocol; Wireless networks;

fLanguage

English

Publisher

ieee

Conference_Titel

Wireless Communications and Networking Conference, 2005 IEEE

ISSN

1525-3511

Print_ISBN

0-7803-8966-2

Type

conf

DOI

10.1109/WCNC.2005.1424676

Filename

1424676