International Journal of Advanced Science and Engineering Research
For Queries/Clarification
alameenpublications@gmail.com
e-ISSN 2455-9288
alameenpublications@gmail.com
e-ISSN 2455-9288
ijaser
IJASER publishes high-quality, original research papers, brief reports, and critical reviews in all theoretical, technological, and interdisciplinary studies that make up the fields of advanced science and engineering and its applications.
Authenticated encryption key is shared to ensure the secure communication between two parties. Password Authenticated Key Exchange (PAKE) protocols are employed for the key exchange process. Single server and multiple server PAKE models are employed in the network services. In single server PAKE model all the password information are maintained and verified by the single server only. The client password information is distributed in to N servers under the multi server PAKE model. The multi server PAKE is divided into two categories such as Threshold PAKE and Two server PAKE schemes. The threshold based PAKE scheme uses N servers to cooperatively share and authenticate the client passwords. Two servers are adapted for the client authentication under the Two server PAKE scheme.
The client splits its password and stores two shares of its password in the two servers respectively. The two server PAKE scheme handles the password verification and key distribution process. The Identity based 2 Server Password Authenticated Key Exchange (ID2SPAKE) protocol is constructed with identity based security schemes. Two compilers are used in the ID2SPAKE protocol. The first compiler is built on identity-based signature (IBS) scheme. Diffie-Hellman key exchange protocol is used for the authentication in Identity Based Signature model. The second compiler is constructed based on identity-based encryption (IBE). The one-time public key encryption scheme is used to protect the messages from the servers to the client.
Identity based Multi Server PAKE (IDMSPAKE) scheme is build to authenticate users with N servers. Dynamic authentication server selection scheme is integrated with the IDMSPAKE scheme. Digital signature based data verification process is supported for the message communication process. The Advanced Encryption Standard (AES), RSA and Secure Hash Algorithm (SHA) methods are used in the system.
[1] Yi, San Ling, and Huaxiong Wang. “Efficient Two-Server Password Only Authenticated Key Exchange”, IEEE Transactions On Parallel And Distributed Systems, Vol. 24, No. 9, September 2013
[2] X. Yi, R. Tso, and E. Okamoto, “ID-Based Group Password-Authenticated Key Exchange,” Proc. Fourth Int’l Workshop Security: Advances in Information and Computer Security (IWSEC ’09), pp. 192-211, 2009.
[3] X. Yi, R. Tso, and E. Okamoto, “Three-Party Password-Authenticated Key Exchange without Random Oracles,” Proc. Int’l Conf. Security and Cryptography (SECRYPT ’11), pp. 15-24, 2011.
[4] X. Yi, R. Tso, and E. Okamoto, “Identity-Based Password- Authenticated Key Exchange for Client/Server Model,” Proc. Int’l Conf. Security and Cryptography, pp. 45-54, 2012.
[5] J. Bender, M. Fischlin, and D. Kugler. Security analysis of the PACE key-agreement protocol. In Proc. ISC’09, pages 33-48, 2009.
[6] X. Yi, R. Tso and E. Okamoto. ID-based group password authenticated key exchange. In Proc. IWSEC’09, pages 192-211, 2009.
[7] X. Yi, R. Tso and E. Okamoto. Identity-based password authenticated key exchange for client/server model. In SECRYPT’ 12, pages 45-54, 2012.
[8] X. Yi, S. Ling, and H. Wang. Efficient two-server password-only authenticated key exchange. IEEE Trans. Parallel Distrib. Syst. 24(9): 1773-1782, 2013.
[9] X. Yi, F. Hao and E. Bertino. ID-based two-server password authenticated key exchange. In ESORICS’14,pages257-276,2014.
-->