Title: A highly secure three-party authentication key exchange protocol and its application in e-business communication with ECK model
Authors: Chien-Ming Wang; Chih-Hung Wang
Addresses: Department of Computer Science and Information Engineering, National Chiayi University, Chiayi, Taiwan ' Department of Computer Science and Information Engineering, National Chiayi University, Chiayi, Taiwan
Abstract: Since for the e-business development, users sometimes need to share sensitive personal information through a public network, they do not want their privacy information revealed by the malicious attackers. In 2007, LaMacchia et al. proposed a two-party authentication key exchange (2PAKE) protocol under the security assumption of extended Canetti-Krawczyk (ECK) model. Although the ECK model is well designed to guarantee security in a two-party key exchange, it is not suitable in several other real situations with more parties, such as in auction, space communication, and internet of things (IoT), among others. Considering these problems, we first propose several ECK-based three-party authentication key exchange protocols, which provide personal privacy security protection and increase the usability of the authentication key exchange protocols. We also discuss three cases in different application environments. Moreover, the pairing operations are used in some cases if the application situations require less communication steps.
Keywords: extended Canetti-Krawczyk model; ECK; three-party authentication key exchange; 3PAKE; Diffie-Hellman assumptions; pairing algorithm.
International Journal of Information and Computer Security, 2021 Vol.16 No.3/4, pp.399 - 419
Received: 28 Jun 2019
Accepted: 18 Jan 2020
Published online: 15 Nov 2021 *