An Enhanced ID-based Deniable Authentication Protocol on Pairings
Deniability is defined as a privacy property which enables protocol principals to deny their involvement after they had taken part in a particular protocol run. Lately, Chou et al. had proposed their ID-based deniable authentication protocol after proving the vulnerability to Key-Compromise Impersonation (KCI) attack in Cao et al.'s protocol. In addition, they claimed that their protocol is not only secure, but also able to achieve both authenticity and deniability properties. However, in this paper, we demonstrate that Chou et al.'s protocol is not flawless as it remains insecure due to its susceptibility to the KCI attack. Based on this, we propose an enhanced scheme which will in fact preserves the authenticity, the deniability and the resistance against the KCI attack.
An Enhanced One-round Pairing-based Tripartite Authenticated Key Agreement Protocol
A tripartite authenticated key agreement protocol is generally designed to accommodate the need of three specific entities in communicating over an open network with a shared secret key, which is used to preserve data confidentiality and integrity. Since Joux proposed the first pairing-based one-round tripartite key agreement protocol in 2000, numerous authenticated protocols have been proposed after then. However, most of them have turned out to be flawed due to their inability in achieving some desirable security attributes. In 2005, Lin-Li had identified the weaknesses of Shim's protocol and subsequently proposed their improved scheme by introducing an extra verification process. In this paper, we prove that Lin-Li's improved scheme remains insecure due to its susceptibility to the insider impersonation attack. Based on this, we propose an enhanced scheme which will not only conquer their defects, but also preserves the desired security attributes of a key agreement protocol.
Secure Deniable Authenticated Key Establishment for Internet Protocols
In 2005, Boyd et al.'s deniable authenticated key establishment protocols for Internet Key Exchange (IKE) have been infiltrated by Chou et al. with the key-compromise impersonation (KCI) attack. In order to conquer their defects, we propose two protocol variants based on Boyd et al.'s deniable schemes for IKE in order to protect against the KCI attack and the man-in-the-middle (MITM) attack, while preserving the deniability and authenticity.