TY - JOUR
T1 - A Leakage-Resilient ID-Based Authenticated Key Exchange Protocol with a Revocation Mechanism
AU - Tsai, Tung Tso
AU - Chuang, Yun Hsin
AU - Tseng, Yuh Min
AU - Huang, Sen Shan
AU - Hung, Ying Hao
N1 - Publisher Copyright:
© 2013 IEEE.
PY - 2021
Y1 - 2021
N2 - Establishing a session key (SSK) is very important for real-world deployment in open networks, which enables secure communication between remote parties. In the past, some authenticated key exchange (AKE) protocols have been proposed to generate a SSK, but the certificate management issue is inhered in the traditional public key infrastructure and must be addressed. To tackle this issue, the identity (ID)-based concept is added to AKE, called ID-AKE. Indeed, the security of the existing AKE/ID-AKE protocols is gaining increasing importance due to some new types of attacks, namely, side-channel attacks. In such attacks, adversaries could obtain secret keys' partial information during the execution of cryptographic protocols (including AKE/ID-AKE). To withstand such attacks, many leakage-resilient ID-AKE (LR-ID-AKE) protocols resisting side-channel attacks have been proposed. However, these existing LR-ID-AKE protocols have no efficient solution to revoke compromised users. In this article, the first LR-ID-AKE protocol with an efficient revocation mechanism, called LR-RID-AKE, is proposed. The proposed protocol is not only as secure as existing LR-ID-AKE protocols but also able to efficiently revoke compromised users from the system.
AB - Establishing a session key (SSK) is very important for real-world deployment in open networks, which enables secure communication between remote parties. In the past, some authenticated key exchange (AKE) protocols have been proposed to generate a SSK, but the certificate management issue is inhered in the traditional public key infrastructure and must be addressed. To tackle this issue, the identity (ID)-based concept is added to AKE, called ID-AKE. Indeed, the security of the existing AKE/ID-AKE protocols is gaining increasing importance due to some new types of attacks, namely, side-channel attacks. In such attacks, adversaries could obtain secret keys' partial information during the execution of cryptographic protocols (including AKE/ID-AKE). To withstand such attacks, many leakage-resilient ID-AKE (LR-ID-AKE) protocols resisting side-channel attacks have been proposed. However, these existing LR-ID-AKE protocols have no efficient solution to revoke compromised users. In this article, the first LR-ID-AKE protocol with an efficient revocation mechanism, called LR-RID-AKE, is proposed. The proposed protocol is not only as secure as existing LR-ID-AKE protocols but also able to efficiently revoke compromised users from the system.
UR - http://www.scopus.com/inward/record.url?scp=85115173845&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85115173845&partnerID=8YFLogxK
U2 - 10.1109/ACCESS.2021.3112900
DO - 10.1109/ACCESS.2021.3112900
M3 - Article
AN - SCOPUS:85115173845
SN - 2169-3536
VL - 9
SP - 128633
EP - 128647
JO - IEEE Access
JF - IEEE Access
ER -