Secure Key Exchange Against Man-in-the-Middle Attack: Modified Diffie-Hellman Protocol
DOI:
https://doi.org/10.26555/jiteki.v7i3.22210Keywords:
Key exchange, Diffie-Hellman protocol, Cryptography, Security, Secure communicationAbstract
One of the most famous key exchange protocols is Diffie-Hellman Protocol (DHP) which is a widely used technique on which key exchange systems around the world depend. This protocol is simple and uncomplicated, and its robustness is based on the Discrete Logarithm Problem (DLP). Despite this, he is considered weak against the man-in-the-middle attack. This article presents a completely different version of the DHP protocol. The proposed version is based on two verification stages. In the first step, we check if the pseudo-random value α that Alice sends to Bob has been manipulated! In the second step, we make sure that the random value β that Bob sends to Alice is not manipulated. The man-in-the-middle attacker Eve can impersonate neither Alice nor Bob, manipulate their exchanged values, or discover the secret encryption key.References
R. C. Merkle, “Secure communications over insecure channels, â€Communications of the ACM., vol. 21, pp. 294-299, 1978. https://doi.org/10.1145/359460.359473
B. Barak, and M. Mahmoody, “Merkle puzzles are optimal-an O(n 2)-query attack on Any Key Agreement from Random oracle,†Journal of Cryptology, vol. 30, pp. 699-734, 2017. https://doi.org/10.1007/s00145-016-9233-9
A. Joux, “The Weil and Tate Pairings as Building Blocks for Public Key Cryptosystems,†Fieker C., Kohel D.R. (eds) Algorithmic Number Theory. ANTS 2002. Lecture Notes in Computer Science, Springer, Berlin, Heidelberg., vol 2369, pp. 20-32, 2002. https://doi.org/10.1007/3-540-45455-1_3
B. Dan and S. Alice, “Applications of Multilinear Forms to Cryptography,†Contemporary Mathematics, vol. 324, pp. 71-90, 2003. https://dx.doi.org/10.1090/conm/324/05731
K. Boris, C. W. L. Charles, H. Raphael, and G. Nicolas, “Provably secure and practical quantum key distribution over 307 km of optical fibre,†Nature Photonics, vol. 9, pp. 163–168, 2015. https://doi.org/10.1038/nphoton.2014.327
H. B. Charles, “Quantum cryptography using any two nonorthogonal state,†Physical Review Letters., vol. 68, pp. 3121–3124, 1992. https://doi.org/10.1103/PhysRevLett.68.3121
S. Valerio, A. Antonio, R. Grégoire, and G. Nicolas, “Quantum Cryptography Protocols Robust against Photon Number Splitting Attacks for Weak Laser Pulse Implementations,†Physical Review Letters, vol. 92, p. 057901, 2004. https://doi.org/10.1103/PhysRevLett.92.057901
M. Kara, A. Laouid, R. Euler, M. A. Yagoub, A. Bounceur, M. Hammoudeh, and S. Medileh, “A Homomorphic Digit Fragmentation Encryption Scheme Based on the Polynomial Reconstruction Problem,†The 4th International Conference on Future Networks and Distributed Systems (ICFNDS), vol. 1, pp. 1-6, 2020, https://doi.org/10.1145/3440749.3442592
M. Kara, A. Laouid, M. A. Yagoub, R. Euler, S. Medileh, M. Hammoudeh, and A. Bounceur, “A fully homomorphic encryption based on magic number fragmentation and Elâ€Gamal encryption: Smart healthcare use case,†Expert Systems, vol. 1, pp. e12767, 2021. https://doi.org/10.1111/exsy.12767
M. Kara, A. Laouid, M. AlShaikh, M. Hammoudeh, A. Bounceur, R. Euler, A. Amamra, and B. Laouid, “A Compute and Wait in PoW (CW-PoW) Consensus Algorithm for Preserving Energy Consumption,†Applied Sciences, vol. 11, pp. 6750, 2021. https://doi.org/10.3390/app11156750
A. Abusukhon, and B. Hawashin, “A Secure Network Communication Protocol Based on Text to Barcode Encryption Algorithm,†International Journal of Advanced Computer Science and Applications (IJACSA), vol. 6, pp. 64-70. 2015. https://doi.org/10.14569/IJACSA.2015.061209
A. Abusukhon, M. N. Anwar, Z. Mohammad, and B. Alghannam, “A hybrid network security algorithm based on Diffie Hellman and Text-to-Image Encryption algorithm,†Journal of Discrete Mathematical Sciences and Cryptography, vol. 22, pp. 65-81, 2019. https://doi.org/10.1080/09720529.2019.1569821
M. Kumar, A. Iqbal, and P. Kumar, “A new RGB image encryption algorithm based on DNA encoding and elliptic curve Diffie–Hellman cryptography,†Signal Processing, vol. 125, pp. 187-202, 2016. https://doi.org/10.1016/j.sigpro.2016.01.017
S. Wang, Z. Cao, M. A. Strangio, and L. Wang, “Cryptanalysis and improvement of an elliptic curve Diffie-Hellman key agreement protocol,†IEEE communications letters, vol. 12, pp. 149-151, 2008. https://doi.org/10.1109/LCOMM.2008.071307
L. Law, A. Menezes, Qu. Minghua, J. Solinas, and S. Vanstone, “An Efficient Protocol For Authenticated Key Agreement,†Designs, Codes and Cryptography, vol. 28, pp. 119–134, 2003. https://doi.org/10.1023/A:1022595222606
Q. Xie, D. S. Wong, G. Wang, X. Tan, K. Chen, and L. Fang, “Provably secure dynamic ID-based anonymous two-factor authenticated key exchange protocol with extended security model,†IEEE Transactions on Information Forensics and Security., vol. 12, pp. 1382-1392, 2017. https://doi.org/10.1109/TIFS.2017.2659640
M. A. Simplicio Jr, M. V. Silva, R. C. Alves, and T. K. Shibata, “Lightweight and escrow-less authenticated key agreement for the internet of things,†Computer Communications, vol. 98, pp. 43-51, 2017. https://doi.org/10.1016/j.comcom.2016.05.002
N. N. Anandakumar, M. P. L. Das, S. K. Sanadhya, and M. S. Hashmi, “Reconfigurable hardware architecture for authenticated key agreement protocol over binary edwards curve,†ACM Transactions on Reconfigurable Technology and Systems (TRETS), vol. 11, pp. 1-19, 2018. https://doi.org/10.1145/3231743
W. Fusheng, Z. Huanguo, N. Mingtao, W. Jun and J. Zhaoxu, "A Novel Key Agreement Protocol Based on RET Gadget Chains for Preventing Reused Code Attacks," IEEE Access, vol. 6, pp. 70820-70830, 2018. https://doi.org/10.1109/ACCESS.2018.2879852
A. ABUSUKHON, Z. MOHAMMAD, and A. AL-THAHER, “Efficient and secure key exchange protocol based on elliptic curve and security models,†2019 IEEE Jordan International Joint Conference on Electrical Engineering and Information Technology (JEEIT), IEEE, vol. 2019, pp. 73-78, 2019. https://doi.org/10.1109/JEEIT.2019.8717496
K. Seyhan, T. N. Nguyen, S. Akleylek, K. Cengiz, and S. H. Islam, “Bi-GISIS KE: Modified key exchange protocol with reusable keys for IoT security,†Journal of Information Security and Applications, vol. 58, pp. 102788, 2021. https://doi.org/10.1016/j.jisa.2021.102788
G. S. Gaba, G. Kumar, H. Monga, T. -H. Kim, M. Liyanage and P. Kumar, "Robust and Lightweight Key Exchange (LKE) Protocol for Industry 4.0," IEEE Access, vol. 8, pp. 132808-132824, 2020. https://doi.org/10.1109/ACCESS.2020.3010302
K. AMINE, “Diffie-Hellman key exchange through Steganographied images,†Brasilia, vol. 10, pp. 147-160, 2018. https://doi.org/10.6025/pca/2018/7/2/68-78
M. M. Emam, A. A. Aly, and F. A. Omara, “An improved image steganography method based on LSB technique with random pixel selection,†International Journal of Advanced Computer Science and Applications, vol. 7, pp. 361-366, 2016. https://doi.org/10.14569/issn.2156-5570
C. Hsu, T. Le, C. Lu, T. Lin and T. Chuang, "A Privacy-Preserved E2E Authenticated Key Exchange Protocol for Multi-Server Architecture in Edge Computing Networks," IEEE Access, vol. 8, pp. 40791-40808, 2020, https://doi.org/10.1109/ACCESS.2020.2976431
M. Tanveer, A. H. Zahid, M. Ahmad, A. Baz and H. Alhakami, "LAKE-IoD: Lightweight Authenticated Key Exchange Protocol for the Internet of Drone Environment," IEEE Access, vol. 8, pp. 155645-155659, 2020, https://doi.org/10.1109/ACCESS.2020.3019367
H. Wu and B. Preneel, “AEGIS: A fast authenticated encryption algorithm,†International Conference on Selected Areas in Cryptography, Springer, Berlin, Heidelberg, vol. 8282, pp. 185-201, 2013. https://doi.org/10.1007/978-3-662-43414-7_10
C. M. Chen, Y. Huang, K. H. Wang, S. Kumari, and M. E. Wu, “A secure authenticated and key exchange scheme for fog computing,†Enterprise Information Systems, vol. 15, pp. 1200-1215, 2021. https://doi.org/10.1080/17517575.2020.1712746
X. Jia, D. He, N. Kumar, and K. K. R. Choo, “Authenticated key agreement scheme for fog-driven IoT healthcare system,†Wireless Netw., vol. 25, pp. 4737–4750, 2019. https://doi.org/10.1007/s11276-018-1759-3
Y. Luo, W. M. Zheng, and Y. C. Chen, “An anonymous authentication and key exchange protocol in smart grid,†Journal of Network Intelligence, vol. 6, pp. 206-215, 2021. http://bit.kuas.edu.tw/~jni/2021/vol6/s2/05-v6n2-0185_r01.pdf
M. R. Mishra, and J. Kar, “A study on diffie-hellman key exchange protocols,†International Journal of Pure and Applied Mathematics, vol. 114, pp. 179-189, 2017. https://doi.org/10.12732/ijpam.v114i2.2
K. A. Kumari, G. S. Sadasivam, and L. Rohini, “An Efficient 3D Elliptic Curve Diffie–Hellman (ECDH) Based Two-Server Password-Only Authenticated Key Exchange Protocol with Provable Security,†IETE Journal of Research, vol. 62, pp. 762-773, 2016. https://doi.org/10.1080/03772063.2016.1176539
H. Yu, and Y. Kim, “New RSA encryption mechanism using one-time encryption keys and unpredictable bio-signal for wireless communication devices,†Electronics, vol. 9, no. 2, pp. 246, 2020. https://doi.org/10.3390/electronics9020246
J. H. Seo, “Efficient digital signatures from RSA without random oracles,†Information Sciences, vol. 512, pp. 471-480, 2020. https://doi.org/10.1016/j.ins.2019.09.084
S. Venkatraman, and A. Overmars, “New method of prime factorisation-based attacks on RSA Authentication in IoT,†Cryptography, vol. 3, pp. 20, 2019. https://doi.org/10.3390/cryptography3030020
R. Thiyagarajan, and B. M. Priya, “An enhancement of EAACK using P2P ACK and RSA public key cryptography,†Measurement, vol. 136, pp. 116-121, 2019. https://doi.org/10.1016/j.measurement.2018.12.031
M. Mumtaz, and L. Ping, “Forty years of attacks on the RSA cryptosystem: A brief survey,†Journal of Discrete Mathematical Sciences and Cryptography, vol. 22, pp. 9-29, 2019. https://doi.org/10.1080/09720529.2018.1564201
M. Suárez-Albela, P. Fraga-Lamas, and T. M. Fernández-Caramés, “A practical evaluation on RSA and ECC-based cipher suites for IoT high-security energy-efficient fog and mist computing devices,†Sensors, vol. 18, pp. 3868, 2018. https://doi.org/10.3390/s18113868
Y. Wang, H. Zhang and H. Wang, "Quantum polynomial-time fixed-point attack for RSA," China Communications, vol. 15, pp. 25-32, 2018, https://doi.org/10.1109/CC.2018.8300269
Downloads
Published
How to Cite
Issue
Section
License
Authors who publish with JITEKI agree to the following terms:
- Authors retain copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (CC BY-SA 4.0) that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
This work is licensed under a Creative Commons Attribution 4.0 International License