International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Chris J. Mitchell

Publications

Year
Venue
Title
2005
FSE
2005
FSE
2005
EPRINT
Cryptanalysis of an anonymous wireless authentication and conference key distribution scheme
Qiang Tang Chris J. Mitchell
In this paper we analyse an anonymous wireless authentication and conference key distribution scheme which is also designed to provide mobile participants with user identification privacy during the conference call. The proposed scheme consists of three sub-protocols: the Call Set-Up Authentication Protocol, the Hand-Off Authentication Protocol, and the Anonymous Conference Call Protocol. We show that the proposed scheme suffers from a number of security vulnerabilities.
2005
EPRINT
Cryptanalysis of two identification schemes based on an ID-based cryptosystem
Qiang Tang Chris J. Mitchell
Two identification schemes based on the Maurer-Yacobi ID-based cryptosystem are analysed and shown to suffer from serious security problems.
2005
EPRINT
Enhanced password-based key establishment protocol
Qiang Tang Chris J. Mitchell
In this paper we analyse a password-based authenticated key establishment protocol due to Laih, Ding and Huang, which enables a user to authenticate himself to a server and negotiate a shared session key. This protocol is also designed to guarantee that a human being is actually involved in an ongoing protocol execution. However we show that the protocol suffers from offline dictionary attacks. We propose an enhanced password-based authenticated key establishment protocol which is secure against offline dictionary attacks, and that possesses an additional feature guaranteeing that a user is involved in each protocol execution.
2005
EPRINT
On the security of some password-based key agreement schemes
Qiang Tang Chris J. Mitchell
In this paper we show that two potential security vulnerabilities exist in the strong password-only authenticated key exchange scheme due to Jablon. Two standardised schemes based on Jablon's scheme, namely the first password-based key agreement mechanism in ISO/IEC FCD 11770-4 and the scheme BPKAS-SPEKE in IEEE P1363.2 also suffer from one or both of these security vulnerabilities. We further show that other password-based key agreement mechanisms, including those in ISO/IEC FCD 11770-4 and IEEE P1363.2, also suffer from these two security vulnerabilities. Finally, we propose means to remove these security vulnerabilities.
2005
EPRINT
Weaknesses in a leakage-resilient authenticated key transport protocol
Qiang Tang Chris J. Mitchell
In this paper we demonstrate the existence of a number of weaknesses in a leakage-resilient authenticated key transport (RSA-AKE) protocol due to Shin, Kobara and Imai.
2005
EPRINT
Security properties of two provably secure conference key agreement protocols
Qiang Tang Chris J. Mitchell
In this paper we analyse the security of two authenticated group key agreement schemes based on the group key agreement protocol of Burmester and Desmedt. One scheme was proposed by Burmester and Desmedt, and uses a separate authentication scheme to achieve authentication among the participants. We show that this scheme suffers from a number of security vulnerabilities. The other scheme was generated using the general protocol compiler of Katz and Yung. We show that in some circumstances, even if key confirmation is implemented, this scheme still suffers from insider attacks (which are not covered by the security model used by Katz and Yung).
2005
EPRINT
Efficient Compilers for Authenticated Group Key Exchange
Qiang Tang Chris J. Mitchell
In this paper we propose two compilers which are designed to transform a group key exchange protocol secure against any passive adversary into an authenticated group key exchange protocol with key confirmation which is secure against any passive adversary, active adversary, or malicious insider. We show that the first proposed compiler gives protocols that are more efficient than those produced by the compiler of Katz and Yung. The second proposed compiler further reduces the computational complexity of the output protocols by using a Trusted Third Party (TTP). We moreover show that, although the protocols produced by the novel compilers have lower computational complexity than the protocols produced by the Katz-Yung compiler, the protocols nevertheless achieve key confirmation, unlike the protocols output by the Katz-Yung compiler.
2005
JOFC
2004
EPRINT
Rethinking the security of some authenticated group key agreement schemes
Qiang Tang Chris J. Mitchell
In this paper we analyse three improved authenticated group key agreement schemes, all of which are based on the conference key distribution systems proposed by Burmester and Desmedt. We show that all the schemes suffer from a type of impersonation attack, although these schemes are claimed to be secure.
2000
CRYPTO
1990
JOFC
1990
JOFC
1989
EUROCRYPT

Program Committees

Crypto 1996
Crypto 1992