Title: A highly secure three-party authentication key exchange protocol and its application in e-business communication with ECK model

Authors: Chien-Ming Wang; Chih-Hung Wang

Addresses: Department of Computer Science and Information Engineering, National Chiayi University, Chiayi, Taiwan ' Department of Computer Science and Information Engineering, National Chiayi University, Chiayi, Taiwan

Abstract: Since for the e-business development, users sometimes need to share sensitive personal information through a public network, they do not want their privacy information revealed by the malicious attackers. In 2007, LaMacchia et al. proposed a two-party authentication key exchange (2PAKE) protocol under the security assumption of extended Canetti-Krawczyk (ECK) model. Although the ECK model is well designed to guarantee security in a two-party key exchange, it is not suitable in several other real situations with more parties, such as in auction, space communication, and internet of things (IoT), among others. Considering these problems, we first propose several ECK-based three-party authentication key exchange protocols, which provide personal privacy security protection and increase the usability of the authentication key exchange protocols. We also discuss three cases in different application environments. Moreover, the pairing operations are used in some cases if the application situations require less communication steps.

Keywords: extended Canetti-Krawczyk model; ECK; three-party authentication key exchange; 3PAKE; Diffie-Hellman assumptions; pairing algorithm.

DOI: 10.1504/IJICS.2021.118965

International Journal of Information and Computer Security, 2021 Vol.16 No.3/4, pp.399 - 419

Received: 28 Jun 2019
Accepted: 18 Jan 2020

Published online: 15 Nov 2021 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article