Enhancing the Resistance of a Provably Secure Key Agreement Protocol to a Denial-of-Service Attack

Hirose, Shouichi; Matsuura, Kanta

doi:10.1007/978-3-540-47942-0_15

Shouichi Hirose⁶ &
Kanta Matsuura⁷

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1726))

Included in the following conference series:

International Conference on Information and Communications Security

497 Accesses
3 Citations

Abstract

In this manuscript, two key agreement protocols which are resistant to a denial-of-service attack are constructed from a key agreement protocol in [9] provably secure against passive and active attacks. The denial-of-service attack considered is the resource-exhaustion attack on a responder. By the resource-exhaustion attack, a malicious initiator executes a key agreement protocol simultaneously as many times as possible to exhaust the responder’s resources and to disturb executions of it between honest initiators and the responder. The resources are the storage and the CPU. The proposed protocols are the first protocols resistant to both the storage-exhaustion attack and the CPU-exhaustion attack. The techniques used in the construction are stateless connection, weak key confirmation, and enforcement of heavy computation. The stateless connection is effective to enhancing the resistance to the storage-exhaustion attack. The weak key confirmation and the enforcement of heavy computation are effective to enhancing the resistance to the CPU-exhaustion attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Aura, T., Nikander, P.: Stateless connections. In: Han, Y., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 87–97. Springer, Heidelberg (1997)
Chapter Google Scholar
Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62–73 (1993)
Google Scholar
Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30–45. Springer, Heidelberg (1997)
Google Scholar
Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Infor. Theory IT-22, 644–654 (1976)
Article MATH MathSciNet Google Scholar
Diffie, W., van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Designs, Codes and Cryptography 2(2), 107–125 (1992)
Article MathSciNet Google Scholar
Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993)
Google Scholar
ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory IT-31(4), 469–472 (1985)
Article MATH MathSciNet Google Scholar
Harkins, D., Carrel, D.: The internet key exchange (IKE). RFC2409 (1998)
Google Scholar
Hirose, S., Yoshida, S.: An authenticated Diffie-Hellman key agreement protocol secure against active attacks. In: Imai, H., Zheng, Y. (eds.) PKC 1998. LNCS, vol. 1431, pp. 135–148. Springer, Heidelberg (1998)
Chapter Google Scholar
Just, M., Vaudenay, S.: Authenticated multi-party key agreement. In: Kim, K.-c., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 36–49. Springer, Heidelberg (1996)
Chapter Google Scholar
Karn, P., Simpson, W.: Photuris: Session-key management protocol. RFC2522 (1999)
Google Scholar
Law, L., Menezes, A., Qu, M., Solinas, J., Vanstone, S.: An efficient protocol for authenticated key agreement. Technical Report CORR98-05, Department of C&O, University of Waterloo (1998)
Google Scholar
Schnorr, C.P.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, Heidelberg (1990)
Google Scholar

Download references

Author information

Authors and Affiliations

Graduate School of Informatics, Kyoto University, Kyoto, 606-8501, Japan
Shouichi Hirose
Institute of Industrial Science, University of Tokyo, Tokyo, 106-8558, Japan
Kanta Matsuura

Authors

Shouichi Hirose
View author publications
You can also search for this author in PubMed Google Scholar
Kanta Matsuura
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Macquarie University, Sydney, Australia
Vijay Varadharajan
Centre for Computer and Information Security Research School of Computer Science and Software Engineering, University of Wollongong, Australia
Yi Mu

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Hirose, S., Matsuura, K. (1999). Enhancing the Resistance of a Provably Secure Key Agreement Protocol to a Denial-of-Service Attack. In: Varadharajan, V., Mu, Y. (eds) Information and Communication Security. ICICS 1999. Lecture Notes in Computer Science, vol 1726. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-47942-0_15

Download citation

DOI: https://doi.org/10.1007/978-3-540-47942-0_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66682-0
Online ISBN: 978-3-540-47942-0
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics