Augmented encrypted key exchange using RSA encryption

Ari Musriami Barmawi, Shingo Takada, Norihisa Doi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

The Augmented Encrypted Key Exchange (A-EKE) uses a shared secret key for encryption. A-EKE uses the hash of sender's password as the shared secret key. By using Simmon's Attack the sender's password can be broken. If this is accomplished, the attacker is able to know the communicating parties' session key used after authentication as well as in the authentication of the sender. Furthermore, using the broken session key and the password, the attacker can impersonate the real sender. To prevent this from happening, we propose a method to keep the session key and sender's password secret even if the attacker can break the shared secret key. This is accomplished by using RSA encryption. In our proposed scheme we use public keys which will be kept by the communicating parties and will be exchanged indirectly, i.e. instead of sending the whole public key, the two parties will send the number which determines their public key, along with the shared key.

Original languageEnglish
Title of host publicationIEEE International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC
PublisherIEEE
Pages490-494
Number of pages5
Volume2
Publication statusPublished - 1997
EventProceedings of the 1997 International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC'97. Part 2 (of 3) - Helsinki, Finl
Duration: 1997 Sep 11997 Sep 4

Other

OtherProceedings of the 1997 International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC'97. Part 2 (of 3)
CityHelsinki, Finl
Period97/9/197/9/4

Fingerprint

Authentication
Cryptography

ASJC Scopus subject areas

  • Engineering(all)

Cite this

Barmawi, A. M., Takada, S., & Doi, N. (1997). Augmented encrypted key exchange using RSA encryption. In IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC (Vol. 2, pp. 490-494). IEEE.

Augmented encrypted key exchange using RSA encryption. / Barmawi, Ari Musriami; Takada, Shingo; Doi, Norihisa.

IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC. Vol. 2 IEEE, 1997. p. 490-494.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Barmawi, AM, Takada, S & Doi, N 1997, Augmented encrypted key exchange using RSA encryption. in IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC. vol. 2, IEEE, pp. 490-494, Proceedings of the 1997 International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC'97. Part 2 (of 3), Helsinki, Finl, 97/9/1.
Barmawi AM, Takada S, Doi N. Augmented encrypted key exchange using RSA encryption. In IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC. Vol. 2. IEEE. 1997. p. 490-494
Barmawi, Ari Musriami ; Takada, Shingo ; Doi, Norihisa. / Augmented encrypted key exchange using RSA encryption. IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC. Vol. 2 IEEE, 1997. pp. 490-494
@inproceedings{212b5deaf7ea4572bce0e7904fc60100,
title = "Augmented encrypted key exchange using RSA encryption",
abstract = "The Augmented Encrypted Key Exchange (A-EKE) uses a shared secret key for encryption. A-EKE uses the hash of sender's password as the shared secret key. By using Simmon's Attack the sender's password can be broken. If this is accomplished, the attacker is able to know the communicating parties' session key used after authentication as well as in the authentication of the sender. Furthermore, using the broken session key and the password, the attacker can impersonate the real sender. To prevent this from happening, we propose a method to keep the session key and sender's password secret even if the attacker can break the shared secret key. This is accomplished by using RSA encryption. In our proposed scheme we use public keys which will be kept by the communicating parties and will be exchanged indirectly, i.e. instead of sending the whole public key, the two parties will send the number which determines their public key, along with the shared key.",
author = "Barmawi, {Ari Musriami} and Shingo Takada and Norihisa Doi",
year = "1997",
language = "English",
volume = "2",
pages = "490--494",
booktitle = "IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC",
publisher = "IEEE",

}

TY - GEN

T1 - Augmented encrypted key exchange using RSA encryption

AU - Barmawi, Ari Musriami

AU - Takada, Shingo

AU - Doi, Norihisa

PY - 1997

Y1 - 1997

N2 - The Augmented Encrypted Key Exchange (A-EKE) uses a shared secret key for encryption. A-EKE uses the hash of sender's password as the shared secret key. By using Simmon's Attack the sender's password can be broken. If this is accomplished, the attacker is able to know the communicating parties' session key used after authentication as well as in the authentication of the sender. Furthermore, using the broken session key and the password, the attacker can impersonate the real sender. To prevent this from happening, we propose a method to keep the session key and sender's password secret even if the attacker can break the shared secret key. This is accomplished by using RSA encryption. In our proposed scheme we use public keys which will be kept by the communicating parties and will be exchanged indirectly, i.e. instead of sending the whole public key, the two parties will send the number which determines their public key, along with the shared key.

AB - The Augmented Encrypted Key Exchange (A-EKE) uses a shared secret key for encryption. A-EKE uses the hash of sender's password as the shared secret key. By using Simmon's Attack the sender's password can be broken. If this is accomplished, the attacker is able to know the communicating parties' session key used after authentication as well as in the authentication of the sender. Furthermore, using the broken session key and the password, the attacker can impersonate the real sender. To prevent this from happening, we propose a method to keep the session key and sender's password secret even if the attacker can break the shared secret key. This is accomplished by using RSA encryption. In our proposed scheme we use public keys which will be kept by the communicating parties and will be exchanged indirectly, i.e. instead of sending the whole public key, the two parties will send the number which determines their public key, along with the shared key.

UR - http://www.scopus.com/inward/record.url?scp=0031337582&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0031337582&partnerID=8YFLogxK

M3 - Conference contribution

VL - 2

SP - 490

EP - 494

BT - IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC

PB - IEEE

ER -