Title :
Key-exchange authentication using shared secrets
Author :
Badra, Mohamad ; Hajjeh, Ibrahim
Author_Institution :
Comput. Sci. & Network Dept., Ecole Nat. Superieure des Mines deTelecommun., Paris, France
fDate :
3/1/2006 12:00:00 AM
Abstract :
Transport Layer Security standard provides connection security with peer entity authentication, data confidentiality and integrity, key generation and distribution, and security parameters negotiation. Its native integration in browsers and Web servers makes TLS the most frequently deployed security protocol. The TLS specifications use public-key certificates for mutual authentication and key establishment. We extend the TLS protocol with a new authentication scheme based on an out-of-band shared secret. Our extension, the TLS key-exchange method (KEM), ensures an end-to-end authenticated session-key exchange and allows identity protection, perfect forward secrecy (PFS), and anonymity. Furthermore, it reduces message flow and thus bandwidth on both wired and wireless networks.
Keywords :
IEEE standards; data integrity; message authentication; mobile communication; public key cryptography; telecommunication security; TLS key-exchange method; TLS protocol; Transport Layer Security standard; data anonymity; data confidentiality; data integrity; identity protection; key-exchange authentication; message authentication; public-key certificates; security parameter negotiation; Access protocols; Authentication; Certification; Communication system security; Cryptographic protocols; Data security; Phase shift keying; Protection; Public key cryptography; Wireless networks; Authentication and key exchange protocols; Wireless communications; Wireless security;
