3rd International ICST Symposium on Information Assurance and Security

Research Article

A Secure Authenticated Key Agreement Protocol Based on Elliptic Curve Cryptography

  • @INPROCEEDINGS{10.1109/IAS.2007.57,
        author={Pierre E. ABI-CHAR and Abdallah  MHAMED and Bachar EL-HASSAN},
        title={A Secure Authenticated Key Agreement Protocol Based on Elliptic Curve Cryptography},
        proceedings={3rd International ICST Symposium on  Information Assurance and Security},
        publisher={IEEE},
        proceedings_a={IAS},
        year={2007},
        month={9},
        keywords={Authentication  Cryptographic protocols  Dictionaries  Elliptic curve cryptography  Mobile communication  Protection  Resists  Robustness  Wireless LAN  Wireless application protocol},
        doi={10.1109/IAS.2007.57}
    }
    
  • Pierre E. ABI-CHAR
    Abdallah MHAMED
    Bachar EL-HASSAN
    Year: 2007
    A Secure Authenticated Key Agreement Protocol Based on Elliptic Curve Cryptography
    IAS
    IEEE
    DOI: 10.1109/IAS.2007.57
Pierre E. ABI-CHAR1,*, Abdallah MHAMED2,*, Bachar EL-HASSAN3,*
  • 1: UMR CNRS 5157 GET/Institut National des Telecommunications ´ 9 rue C. Fourier - 91011 Evry CEDEX - France
  • 2: UMR CNRS 5157 GET/Institut National des Telecommunications 9 rue C. Fourier - 91011 Evry CEDEX - France
  • 3: Libanese University Faculty of Engineering Tripoli - Lebanon
*Contact email: pierre.abichar@int-edu.eu, abdallah.mhamed@int-edu.eu, bachar_elhassan@ul.edu.lb

Abstract

To provide secure communication for mobile devices, authenticated key agreement protocol is an important primitive for establishing session key. So far, several protocols have been proposed to provide robust mutual authentication and key establishment for wireless local area network (WLAN). In this paper we present a secure authenticated key agreement (EC-SAKA) protocol based on elliptic curve cryptography. Our proposed protocol provides secure mutual authentication, key establishment and key confirmation over an untrusted network. The new protocol achieves many of the required security and performance properties. It can resist dictionary attacks mounted by either passive or active networks intruders. It can resist man-in-the middle attack. It also offers perfect forward secrecy which protects past sessions and passwords against future compromise. In addition, it can resist known-key and resilience to server attack. Our proposed protocol uses the signature techniques of ECDSA and the authentication protocol SKA concept. We show that our protocol meets the above security attributes under the assumption that the elliptic curve discrete logarithm problem is secure. Our proposed protocol offers significantly improved performance in computational and communication load over comparably many authenticated key agreement protocols such as B-SPEKE, SRP, AMP, PAK-RY, PAK-X, SKA, LR-AKE and EC-SRP.