Security analysis and improvement of Smart Card-Based Authenticated Key Exchange protocol with CAPTCHAs for wireless mobile network

Author

Saeed, Maryam ; Shahhoseini, Hadi Shahriar

Author_Institution

Iran Univ. of Sci. & Technol., Tehran, Iran

fYear

2011

fDate

June 28 2011-July 1 2011

Firstpage

652

Lastpage

657

Abstract

In 2010, Fan et al. proposed a Smart Card-Based Authenticated Key Exchange protocol with CAPTCHAs for wireless mobile networks. In this paper, it is shown that their proposed protocol is vulnerable to Key Compromise Impersonation (KCI) and ephemeral key compromise impersonation attacks while it does not provide the key confirmation attribute. Furthermore, it is inefficient due to number redundancy of rounds and computational costs. To overcome these weaknesses, two secure and efficient smart card-based Authenticated Key Exchange (AKE) protocols combined with CAPTCHAs are proposed for wireless mobile networks that provide many security attributes while they have a remarkable efficiency when compared with Fan et al.´s protocol in the terms of communication costs and computational complexities.

Keywords

cryptographic protocols; mobile radio; smart cards; telecommunication security; CAPTCHA; authenticated key exchange protocol; key compromise impersonation; key confirmation attribute; security analysis; smart card; wireless mobile network; Communication system security; Protocols; Resilience; Security; Servers; Smart cards; Wireless communication; Attacks; Authenticated key exchange; CAPTCHA; Smart card; Wireless mobile network;

fLanguage

English

Publisher

ieee

Conference_Titel

Computers and Communications (ISCC), 2011 IEEE Symposium on

Conference_Location

Kerkyra

ISSN

1530-1346

Print_ISBN

978-1-4577-0680-6

Electronic_ISBN

1530-1346

Type

conf

DOI

10.1109/ISCC.2011.5983913

Filename

5983913