Leakage-Resilient Authenticated Key Establishment Protocols [chapter]

SeongHan Shin, Kazukuni Kobara, Hideki Imai
2003 Lecture Notes in Computer Science  
Authenticated Key Establishment (AKE) protocols enable two entities, say a client (or a user) and a server, to share common session keys in an authentic way. In this paper, we review AKE protocols from a little bit different point of view, i.e. the relationship between information a client needs to possess (for authentication) and immunity to the respective leakage of stored secrets from a client side and a server side. Since the information leakage would be more conceivable than breaking down
more » ... he underlying cryptosystems, it is desirable to enhance the immunity to the leakage. First and foremost, we categorize AKE protocols according to how much resilience against the leakage can be provided. Then, we propose new AKE protocols that have immunity to the leakage of stored secrets from a client and a server (or servers), respectively. And we extend our protocols to be possible for updating secret values registered in server(s) or password remembered by a client.
doi:10.1007/978-3-540-40061-5_10 fatcat:lesfykc63ja4veoixx3vdrbrza