Key Exchange Protocol Research Articles

Provably Quantum Secure Three-Party Mutual Authentication and Key Exchange Protocol Based on Modular Learning with Error

With the rapid development of quantum computers, post-quantum cryptography (PQC) has become critical technology in the security field. PQC includes cryptographic techniques that are secure against quantum-computer-based attacks, utilizing methods such as code-based, isogeny-based, and lattice-based approaches. Among these, lattice-based cryptography is the most extensively studied due to its ease of implementation and efficiency. As quantum computing advances, the need for secure communication protocols that can withstand quantum computer-based threats becomes increasingly important. Traditional two-party AKE protocols have a significant limitation: the security of the entire system can be compromised if either of the communicating parties behaves maliciously. To overcome this limitation, researchers have proposed three-party AKE protocols, where a third party acts as an arbiter or verifier. However, we found that a recently proposed three-party AKE protocol is vulnerable to quantum-computer-based attacks. To address this issue, we propose a provably quantum secure three-party AKE protocol based on MLWE. The proposed scheme leverages the user’s biometric information and the server’s master key to prevent the exposure of critical parameters. We analyzed the security of the protocol using simulation tools such as the Burrows–Abadi–Needham (BAN) logic, Real-or-Random (RoR) model, and Automated Validation of Internet Security Protocols and Applications (AVISPA). Furthermore, comparative analysis with similar protocols demonstrates that our protocol is efficient and suitable.

AnonMAKE: Toward Secure and Anonymous Mutually Authenticated Key Exchange Protocol for Vehicular Communications

AnonMAKE: Toward Secure and Anonymous Mutually Authenticated Key Exchange Protocol for Vehicular Communications

Emergency Medical Access Control System Based on Public Blockchain

IT has made significant progress in various fields over the past few years, with many industries transitioning from paper-based to electronic media. However, sharing electronic medical records remains a long-term challenge, particularly when patients are in emergency situations, making it difficult to access and control their medical information. Previous studies have proposed permissioned blockchains with limited participants or mechanisms that allow emergency medical information sharing to pre-designated participants. However, permissioned blockchains require prior participation by medical institutions, and limiting sharing entities restricts the number of potential partners. This means that sharing medical information with local emergency doctors becomes impossible if a patient is unconscious and far away from home, such as when traveling abroad. To tackle this challenge, we propose an emergency access control system for a global electronic medical information system that can be shared using a public blockchain, allowing anyone to participate. Our proposed system assumes that the patient wears a pendant with tamper-proof and biometric authentication capabilities. In the event of unconsciousness, emergency doctors can perform biometrics on behalf of the patient, allowing the family doctor to share health records with the emergency doctor through a secure channel that uses the Diffie-Hellman (DH) key exchange protocol. The pendant’s biometric authentication function prevents unauthorized use if it is stolen, and we have tested the blockchain’s fee for using the public blockchain, demonstrating that the proposed system is practical.

On the Solutions of Linear Systems over Additively Idempotent Semirings

The aim of this article is to solve the system XA=Y, where A=(ai,j)∈Mn×m(S), Y∈Sm and X is an unknown vector of a size n, with S being an additively idempotent semiring. If the system has solutions, then we completely characterize its maximal one, and in the particular case where S is a generalized tropical semiring, a complete characterization of its solutions is provided as well as an explicit bound of the computational cost associated with its computation. Finally, we show how to apply this method to cryptanalyze two different key exchange protocols defined for a finite case and the tropical semiring, respectively.

An Improved Multi-Chaotic Public Key Algorithm Based on Chebyshev Polynomials

Due to the similar characteristics of chaotic systems and cryptography, public key encryption algorithms based on chaotic systems are worth in-depth research and have high value for the future. Chebyshev polynomials have good properties and are often used in the design of public key algorithms. This paper improves the Bose Multi-Chaotic Public Key Cryptographic Algorithm (BMPKC) by applying Chebyshev polynomials. The proposed algorithm (CMPKC-) introduces the selective coefficient based on the properties of Chebyshev polynomials, allowing the special functions that need to be negotiated in the original system to be freely and randomly chosen as Chebyshev polynomials, and can also be expanded to m levels. The improved cryptographic algorithm also utilizes chaotic hash functions and logistic mapping to generate pseudo-random sequences and overcomes shortcomings of the Bose algorithm by iteratively iterating the selected Chebyshev polynomials based on the number of 0s or 1s in the pseudo-random sequence, thus providing better security. Analysis and software testing results indicate that this algorithm has strong robustness against brute force attacks, achieving a higher attack time for breaking the private key compared to the CEPKC, BMPKC, and CMPKC algorithms. Compared to the CMPKC algorithm, our proposal algorithm achieves better performance in the encryption and decryption phases. Furthermore, we combine this Multi-Chaotic System Key Exchange Protocol with the Advanced Encryption Standard (AES) algorithm, while providing a demonstration, offering more possibilities for practical applications of this system.

Cryptanalysis of a key exchange protocol based on a modified tropical structure

Cryptanalysis of a key exchange protocol based on a modified tropical structure

Representations of group actions and their applications in cryptography

Cryptographic group actions provide a flexible framework that allows the instantiation of several primitives, ranging from key exchange protocols to PRFs and digital signatures. The security of such constructions is based on the intractability of some computational problems. For example, given the group action (G,X,⋆), the weak unpredictability assumption (Alamati et al. (2020) [1]) requires that, given random xi's in X, no probabilistic polynomial time algorithm can compute, on input {(xi,g⋆xi)}i=1,…,Q and y, the set element g⋆y.In this work, we study such assumptions, aided by the definition of group action representations and a new metric, the q-linear dimension, that estimates the “linearity” of a group action, or in other words, how much it is far from being linear. We show that under some hypotheses on the group action representation, and if the q-linear dimension is polynomial in the security parameter, then the weak unpredictability and other related assumptions cannot hold. This technique is applied to some actions from cryptography, like the ones arising from the equivalence of linear codes, as a result, we obtain the impossibility of using such actions for the instantiation of certain primitives.As an additional result, some bounds on the q-linear dimension are given for classical groups, such as Sn, GL(Fn) and the cyclic group Zn acting on itself.

A Quantum-Resistant Identity Authentication and Key Agreement Scheme for UAV Networks Based on Kyber Algorithm

Unmanned aerial vehicles (UAVs) play a critical role in various fields, including logistics, agriculture, and rescue operations. Effective identity authentication and key agreement schemes are vital for UAV networks to combat threats. Current schemes often employ algorithms like elliptic curve cryptography (ECC) and Rivest–Shamir–Adleman (RSA), which are vulnerable to quantum attacks. To address this issue, we propose LIGKYX, a novel scheme combining the quantum-resistant Kyber algorithm with the hash-based message authentication code (HMAC) for enhanced security and efficiency. This scheme enables the mutual authentication between UAVs and ground stations and supports secure session key establishment protocols. Additionally, it facilitates robust authentication and key agreement among UAVs through control stations, addressing the critical challenge of quantum-resistant security in UAV networks. The proposed LIGKYX scheme operates based on the Kyber algorithm and elliptic curve Diffie–Hellman (ECDH) key exchange protocol, employing the HMAC and pre-computation techniques. Furthermore, a formal verification tool validated the security of LIGKYX under the Dolev–Yao threat model. Comparative analyses on security properties, communication overhead, and computational overhead indicate that LIGKYX not only matches or exceeds existing schemes but also uniquely counters quantum attacks effectively, ensuring the security of UAV communication networks with a lower time overhead for authentication and communication.

Lattice-based device-to-device authentication and key exchange protocol for IoT system

Lattice-based device-to-device authentication and key exchange protocol for IoT system

Two party key exchange protocol based on duo circulant matrices for the IoT environment

Two party key exchange protocol based on duo circulant matrices for the IoT environment

A key exchange protocol and a cryptosystem based on the generalized decomposition problem

The most crucial factor in the internet-based environment is the encryption and security of personal data. In this paper, a key exchange protocol based on Generalized Decomposition Problem (GDP) over semiring is proposed. The security and complexity analysis of the proposed protocol is examined. Also, based on the proposed key exchange protocol, an ElGamal cryptosystem for securing Sensitive Health Information (SHI) in Healthcare systems is presented. Abbreviations: CSP: conjugacy search problem; DHP: diffie hellman problem; DLP: discrete logarithm problem; DP: decomposition problem; FDLP: factorization discrete logarithm problem; GDP: generalized decomposition problem; RSA: rivest shamir adleman; SHI: sensitive health information.

A Secure Key Exchange Protocol and a Public Key Cryptosystem for Healthcare Systems

Diffie-Hellman (DH) is the reason for the existence of a solution to the key distribution problem, where two parties can mutually set up a shared secret key over an insecure channel without any previous communication. In this study, a novel key exchange protocol based on the difficulty of the Discrete Logarithm Problem with Factor Problem (DLPFP) utilizing matrices in non-commutative semigroup over semiring is proposed. The security and complexity analyses of the protocol are discussed. Also, an ElGamal cryptosystem based on a group of invertible matrices and DLPFP over a semiring to encrypt the Sensitive Health Information (SHI) in healthcare systems is suggested.

Cloud Service Authentication Based On Advanced Encryption Standard (AES) For Ensure Privacy

Considering the possible consequences of illegal access, cloud service authentication privacy must be guaranteed. Negative actors might get access to private information without the right authentication procedures, which could result in monetary losses, harm to one’s reputation, and legal repercussions. This paper proposed using the advanced encryption standard (AES) algorithm for cloud service authentication to guarantee privacy and alleviate these problems. Providing a safe and effective authentication process that ensures user data privacy is the main goal of this framework. To encrypt user credentials and other authentication related data before sending it to the cloud service provider, the proposed framework makes use of the AES algorithm. With the use of an encryption key, the data is rendered unintelligible even in the event that it is intercepted. In order to guard against man in the middle attacks and eavesdropping, the authentication system also includes secure key exchange protocols and secure communication routes. Organizations may feel secure and in control of their data stored in the cloud by implementing this cloud service authentication architecture. It provides a strong barrier against breaches of privacy, illegal access, and data breaches. A workable and efficient way to guarantee privacy and safeguard sensitive data is to employ the AES algorithm for cloud service authentication. Through the use of this framework, businesses may take use of cloud computing’s advantages while retaining control over their data and lowering the danger of illegal access.

On the decisional problem based on matrix power function defined over non-commutative group

In this paper, we perform statistical analysis for the decisional problem which is fundamental for the security of the key exchange protocol based on matrix power function. We have proven previously that the considered decisional problem is NP-complete and hence our proposal could potentially be quantum-safe. However, we did not explore the dependence of the complexity of the considered problem on the security parameters. Here we show that for small matrices certain information could be gained from the distribution of the entries of the public key matrices. On the other hand, we show that as the size of the matrices grows, the public key matrices are indistinguishable from truly random matrices.

Secure Key Exchange in Tropical Cryptography: Leveraging Efficiency with Advanced Block Matrix Protocols

In the quest for robust and efficient digital communication, this paper introduces cutting-edge key exchange protocols leveraging the computational prowess of tropical semirings and the structural resilience of block matrices. Moving away from the conventional use of finite fields, these protocols deliver markedly faster processing speeds and heightened security. We present two implementations of our concept, each utilizing a different platform for the set of commuting matrices: one employing tropical polynomials of matrices and the other employing Linde–de la Puente matrices. The inherent simplicity of tropical semirings leads to a decrease in operational complexity, while using block matrices enhances our protocols’ security profile. The security of these protocols relies on the Matrix Decomposition Problem. In addition, we provide a comparative analysis of our protocols against existing matrix block-based protocols in finite fields. This research marks a significant shift in cryptographic protocol design, is specifically tailored for demanding engineering applications, and sets a new standard in secure and efficient digital communication.

Towards improving the security of wireless networks using secured session keys

ABSTRACT Wireless Networks are mostly based on the IEEE 802.11 standards and with so many applications being wireless, without proper security, sensitive information may be at risk. Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA) are two of the most commonly used mechanisms for implementing security in wireless networks. However, research has shown that both of these can be cracked quite easily within a short period as these mechanisms use a key-based security implementation for performing operations. The key can be found by capturing a few packets and hence security is compromised. In this study, the solution that is proposed by generating a secured session key using the Advanced Encryption Standard (AES) algorithm, which is valid only for a specific session and cannot be cracked easily by the intruder, and hence will not affect the security of the entire network. The key exchange is made by the Diffie-Hellman key exchange protocol. The proposed solution was implemented over a network and found to be secure.

Cryptanalysis with improvement on lattice‐based authenticated key exchange protocol for mobile satellite communication networks

SummaryThe mobile satellite communication (MSC) system represents a crucial means of communication, facilitating connections between mobile users and network control centres through satellites. Given the wireless nature of satellite communication, ensuring communication security is paramount for maintaining accountability. Key exchange and authentication (KEA) mechanisms are commonly employed to secure data transmitted over insecure or open channels. Developing a lattice‐based KEA protocol for MSC systems is imperative to achieve both quantum security and efficient communication. In this direction, Yadav et al. devised ring learning with an error‐based KEA technique to ensure a quantum‐safe environment. Their scheme is quantum‐safe and satisfies desirable security attributes but has low efficiency in computation. Moreover, we have identified that their scheme is susceptible to denial of service attack and session key established at user and NCC ends is different. To overcome the flaws of Yadav et al., we propose a lattice‐based KEA protocol for the MSC system to improve computation efficiency, and get resistance against key mismatch attack. The security analysis of the proposed scheme is presented in the random oracle model. Comparative study is also presented to observe advantages in computation efficiency.

Cryptographic Signature Scheme for Mobile Edge Computing Using DLFP Over Semiring

The Undeniable Signature Scheme (USS) was first introduced by chaum and van in 1989. The advantage of the (USS) scheme is the signer’s co-operation during the verification process. In this paper, the Discrete Logarithm Problem with Factor Problem (DLFP) is introduced. It’s security and complexity is analyzed. Then, based on (DLFP), a key exchange protocol is given. An undeniable signature scheme based on DLFP over semiring is proposed along with illustration we have also given application of the proposed USS in Mobile Edge Computing (MEC). Then the proposed scheme’s security and complexity is examined.

On the tropical two-sided discrete logarithm and a key exchange protocol based on the tropical algebra of pairs

Since the existing tropical cryptographic protocols are either susceptible to the Kotov-Ushakov attack and its generalization, or to attacks based on tropical matrix periodicity and predictive behavior, several attempts have been made to propose protocols that resist such attacks. Despite these attempts, many of the proposed protocols remain vulnerable to attacks targeting the underlying hidden problems, one of which we call the tropical two-sided discrete logarithm with shift. An illustrative case is the tropical Stickel protocol, which, when formulated with a single monomial instead of a polynomial, becomes susceptible to attacks based on solutions of the above mentioned tropical version of discrete logarithm. In this paper we will formally introduce the tropical two-sided discrete logarithm with shift, discuss how it is solved, and subsequently demonstrate an attack on a key exchange protocol based on the tropical semiring of pairs. This particular protocol is compromised due to the existence of efficient (albeit heuristic) solution of the tropical two-sided logarithm problem, and this highlights the ongoing challenges in search of a “good” key exchange protocol in tropical cryptography.

Authorization of Aadhar data using Diffie Helman key with enhanced security concerns

In today’s digital era, the security of sensitive data such as Aadhaar data is of utmost importance. To ensure the privacy and integrity of this data, a conceptual framework is proposed that employs the Diffie-Hellman key exchange protocol and Hash-based Message Authentication Code (HMAC) to enhance the security. The proposed system begins with the preprocessing phase, which includes removing noise, standardizing formats and validating the integrity of the data. Next, the data is segmented into appropriate sections to enable efficient storage and retrieval in the cloud. Each segment is further processed to extract meaningful features, ensuring that the relevant information is preserved while reducing the risk of unauthorized access. For safeguarding the stored Aadhaar data, the system employs the Diffie-Hellman key exchange protocol which allows the data owner and the cloud service provider to establish a shared secret key without exposing it to potential attackers. Additionally, HMAC is implemented to verify the identity of users during the login process. HMAC enhances security by leveraging cryptographic hash functions and a shared secret key to produce a distinct code for each login attempt. This mechanism effectively protects the confidentiality and integrity of stored data. The combination of Diffie-Hellman key exchange and HMAC authentication provides a robust security framework for Aadhaar data. It ensures that the data remains encrypted and inaccessible without the secret key, while also verifying the identity of users during the login process. This comprehensive approach helps preventing unauthorized access thereby protecting against potential attacks, instilling trust and confidence in the security of Aadhaar data stored in the cloud. Results of the article depict that the proposed scheme achieve 0.19 s of encryption time and 0.05 s of decryption time.