Performance Analysis Of 3pek Exchange Protocol Using Parallel Message Transmission Technique

Performance Analysis Of 3pek Exchange Protocol Using Parallel Message Transmission Technique

1P.Rajkumar, 2C.Manoharan and 3M.Ananthi 1,3Department of Computer Science and Engineering,

INFO Institute of Engineering, Coimbatore, Tamil Nadu, India.

2Department of Mechanical Engineering,

Annai Mathammal sheela Engineering College, Tamil Nadu, India.

Abstract

This paper presents the Performance analysis of three party Encrypted key exchange protocol using parallel message transmission Technique. Three party Encrypted key exchange protocol was proposed and it was claimed to be secure and efficient practically. An undetectable online password guessing attack on the above protocol was demonstrated and it has overridden the claim of three party key exchange protocols. Parallel message transmission protocol has been proposed to eliminate undetectable online password guessing attack.

Keywords: parallel message transmission, 3PEKE.

1. Introduction

   In Cryptography, a password- authenticated key agreement is an interactive method for two or more parties to communicate. The key exchange protocol is one of the most elegant ways of establishing secure communication between pair of users by using the session key. The session key which is exchanged between two users, assures the secure communication for later sessions. In the line of key exchange protocol development, password based key exchange mechanism achieved attention due to its simplicity and wide range of applicability, as it requires the users to remember the password. Such protocol should not be vulnerable to any type of off-

   line, undetectable or detectable on-line password guessing attacks, since the passwords are of low entropy. The password guessing attacks can be divided into three classes, namely

   Detectable on-line password guessing attacks

   Undetectable on-line password guessing attacks

   Off-line password guessing attacks.

   Such password guessing attacks are undesirable in communication network and it reduces the network efficiency, for that intensive research work has been undertaken in the development of secure and efficient key exchange protocol.

2. Literature review

   The review of Literature given in this section is centered upon various key exchange protocols for secured communication. Since the first proposal of Bellovin and Merrit (1992) Password Authenticated Key Exchange (PAKE), many efficient key exchange protocols based on password have been developed. The two party key exchange protocols were extended to three party, in which the two parties initially communicate the passwords with the trusted server securely. Later the server authenticates the client when they want to agree upon a session key. The three party protocol is introduced by Steiner et al

   (1995). Subsequently Ding and Hoster (1995) published on-line and off-line guessing attacks on Steiners protocol. Later Lin et al (2001) proposed two versions of improved three party protocol one with servers public key and another without.

   Chang and Chang (2004) proposed a novel three party encrypted key exchange protocol without server public key and claimed the protocol is secure, efficient and practical. Unlike their claims, Yoon and Yoo (2008) pointed out an Undetectable on-line password guessing attack on their protocol, in which one party is able to know the other partys password and furthermore they presented an improved version of it to avoid the above attacks. Lo and Yeh (2009) pointed out undetectable password guessing attack on Yoon and Yoo protocol and proposed an enhanced protocol. But the enhanced protocol falls to Undetectable On- line password guessing attack, if client B intercepts the message coming from client A. To eliminate this Undetectable on-line password guessing attack, an extension is done on the existing protocol.

3. Objective of this study

   1. To design a Key exchange protocol which is in-vulnerable to undetectable on- line password attack with reduced transmission round for secured communication.

   2. To fabricate parallel message transmission technique that achieves better performance efficiency by requiring fewer transmission rounds.

   3. To design three party key exchange protocols that does not use servers public key.

   4. To verify that the protocol is secure, efficient and practical, with reduced modular exponential operation on server side.

4. Motivation

   Over recent years cryptography have become popular tremendously. A password authenticated key agreement method is an interactive method for two or more parties to establish cryptographic keys based on one or more partys knowledge of a password. In the most stringent password- only security models, there is no requirement for the user of the method to remember any secret or public data other than the password. Password Authenticated Key Exchange (PAKE) is where two or more parties, based only on their knowledge of a password, establish a cryptographic key using an exchange of message, such that an unauthorized party (one who controls the communication channel but does not possess the password) cannot participate in the method and is constrained as much as possible from guessing the password. Two forms of PAKE area Balanced and Augmented methods. Balanced PAKE allows parties that use the same password to negotiate and authenticate a shared key.

   Encrypted Key Exchange (EKE), PAK and PPK, SPEKE (Simple Password Exponential Key Exchange), J-PAKE (Password Authenticated Key Exchange by Juggling), Augmented PAKE is a variation applicable to client /server scenarios, in which an attacker must perform a successful brute-force attack in order to masquerade as the client using stolen server data.

   Although several of the forms of EKE were later found to be flawed, the surviving, refined and enhanced forms of EKE effectively make this the first method to amplify a shared password into a shared key, where the shared key may subsequently be used to provide a Zero- knowledge password proof or other functions. In the most general form of EKE, at least one party encrypts an ephemeral (one time) public key using a password, and sends it to a second party, who decrypts it and uses it to

   negotiate a shared key with the first party. Steiner et al (1995) proposed 3PEKE protocol. Lin et al (2000) showed that 3- PEKE suffers not only undetectable on-line password guessing attacks but also off-line password guessing attacks. Evidence indicates that key exchange protocols are vulnerable to un-detectable on-line password guessing attacks and the above forms the foundation for the works presented here.

5. Proposed protocol

   In this section, a new protocol namely three party Encrypted key exchange protocol has been proposed and it is implemented using parallel message transmission technique. In the Encrypted key exchange protocol each participant only shares a password in advance with the trusted server that helps any two participants to establish a session key. Parallel message transmission mechanism is to achieve fewer transmission rounds where two clients make request to the server simultaneously and the server responds to both the clients parallely (i.e. AS and BS).

   There are four steps in the proposed protocol.

   Here Client A and B communicates with the server S parallely.

   Step 2:

   Once receiving the message sent from A and B , S first utilizes a trapdoor to obtain NAIDA and NBIDB from FS(NAIDA) and FS(NBIDB) then retrieves NA= NAID AIDA and NB= NBIDBIDB,

   p>respectively. Next it uses the passwords pwA and pwB and decrypts EpwA(KAsNA) and EpwB(KBsNB), respectively, and gets KASNA and KBSNB. Now, KAS=KASNANA and KBS=KBSNBNB

   A

   will be determined. fKAS(NA) and fKBS(NB) are computed. S verifies whether computed value f KAS(NA)(or fKBS(NB)) and received value fKAS(NA) (or fKBS(NB)) are identical or not. If this verification holds, S continues the residual procedures of this protocol. Otherwise, S terminates this protocol at current session. Next, S computes NBRS, N RS, and corresponding hashed credential fKAS(IDA, IDB, KAS, NBRS) and fKBS(IDA,

   A B

   IDB, K BS, N RS). Finally, S sends {N RS, fKAS(IDA, ID B, KAS, NBRS) } to A and

   A KBS A B BS A

   {N RS,f (ID , ID , K , N RS)} to B

   simultaneously.

   S A: NBRS, fKAS(IDA, IDB, KAS, NBRS),

   Step 1:

   S B: N

   RS, f

   (ID

   , ID , K

   , N RS).

   A

   Client A generates two random numbers RA and rA,and calculates EpwA(KASN A), FS(NAIDA) and fKAS(NA), where NA=gRA (mod p) and KAS=N rA (mod p). Next, A sends these three messages to S via his/her own private communication channel.

   AS: IDA, IDB, IDS, EpwA(KAsNA), FS(NAIDA), fKAS(NA).

   Meanwhile, client B calculates NB=gRB(mod p), KBS=NBrB (mod p), EpwB(KBSNB),

   FS(NBIDB) and fKBS(NB) with two newly generated random numbers RB and rB. Then, B transmits EpwB(KBSNB), FS(NBIDB) and fKBS(NB) to S via his/her own private communication channel.

   BS: IDA, IDB, IDS, EpwB(KBSNB), FS(NBIDB), fKBS(NB).

   A KBS A B BS A

   Step 3:

   A

   A

   Upon obtaining the transmitted messages sent from S, B first verifies fKBS(IDA, IDB, KBS, N RS) to authenticate S. If this verification is passed, B believes the received N RS is valid and then computes the session key K= (NARS)RB (mod p) and fK(IDB, K). Otherwise, B terminates this protocol.

   B A: fK(IDB, K)

   B sends the fK(ID B, K) to A. Note that fK(IDB, K) will be used by client A to verify the legality of client B and the established session key K. At the same time, A verifies fKAS(IDA, IDB, KAS, NBRS) to authenticate S. If this verification does not hold, A terminates this protocol. Otherwise, A

   computes the session key K=(NBRS)RA (mod

   p) and fK(IDA, K).

   Step 4:

   A B: fK(IDA, K).

   A

   Finally, A sends the fK(IDA, K) to B. After A and B successfully examine the validation of the incoming messages fK(IDB, K) and fK(IDA, K), both of them can ensure that they actually share the secret session key K= (NBRS)RA (mod p)=(N RS)RB(mod p) at present. Otherwise, the protocol will be terminated.

6. Performance and Analysis

   The development of an efficient protocol should take the number of transmission rounds (and steps) and the computation complexity into account. Figure 1. Shows the performance comparison analyses of the transmission round in the enhanced protocol and existing protocol. From the view point of the transmission round, the enhanced protocol adopts the parallel message transmission mechanism (i.e. AS and BS) to achieve fewer transmission rounds than the existing protocols (i.e. ABS).

   Figure 1: Transmission round in Existing and Proposed Protocol

   The modular exponential operations are reduced since client A sends EpwA(KASNA), FS(NAIDA), fKAS(NA) to

   S and client B sends EpwB(KBSNB), F S(NBIDB), f KBS(NB) to S. S decrypts EpwA(KASN A) and EpwB(KBSN B) and gets KASNA and KBSNB respectively. Next S extracts NA and NB from FS(NAIDA), FS(NBIDB) and IDA,IDB.

   Now, KAS and KBS NANA and KBS=KBSNBNB. Since EpwA(KASNA), FS(NAIDA), EpwB(KBSNB),F S(NBIDB)

   are arranged in a proper sequence two modular exponential operations are reduced on the server side as shown in Figure 2, and hence computation complexity is reduced.

   The purpose of experimental results is to show the total running time needed for the operations involved in various steps of the proposed protocol. A data set is generated for problem (p) of size 2048 bits. The steps in the protocol are: TDF, pseudorandom hash function, computing NA, computing KAS, symmetric encryption.

   Figure 2: Performance Analysis

7. Conclusion

   Parallel Message Transmission technique for encrypted key exchange protocol, which is in-vulnerable to undetectable on-line password attacks, with reduced transmission rounds has been proposed. The designed protocol is developed with reduced modular exponential operations on the server side. The protocol achieves better performance efficiency by requiring only four transmission rounds and the performance is analyzed on a set of experiments. The results show that the protocol is secure, efficient and practical.

8. References

1. K. Kobara and H. Imai. Pretty-simple password-authenticated key exchange under standard assumptions. IEICE Transactions, E85-A (10):2229-2237,

   Oct. 2002

2. M. Abdalla and D. Pointcheval. Simple Password-Based Encrypted Key Exchange Protocols. Proc. of Topics in Cryptology – CT-RSA 2005, LNCS 3376, pp. 191-208,

3. E.J. Yoon, K.Y. Yoo. Improving the novel three-party encrypted key exchange protocol. Computer Stan-dards and Interfaces, 30, 2008, 309-314.

4. W. Diffie, M. Hellman. New Directions in cryptography. IEEE Transactions on Information theory, Vol. 22, No. 6, 1976, 644-654.

5. Y. Ding, P. Horster. Undetectable Online password guessing attacks. ACM operating systems Review, Vol. 29, No. 4,pp 77-86 (1995)

6. Rajkumar and C.Manoharan, Parallel Message Transmission Technique for Password Key Exchange Protocol European Journal of Scientific Research, Vol.77 No.4 (2012), pp.471-476.

7. Fuw-Yi Yang, Improvement on a Trap door Hash Function, International Journal on Network Security, Vol 9, No 1, pp 17-21,(2009).