|
Ede, C. C.
Department of Computer Engineering, Michael Okpara University of Agriculture, Umudike, Abia State Nigeria.
ABSTRACT
This research paper focused on investigating the
method of authenticated key exchange, a protocol where communicating parties
generate and exchange secret session keys for authentication. We examined the Two-Server Password-Only Authenticated Key Exchange by
Xun Yi, San Ling, and Huaxiong Wang, a two-server password-only
authenticated key exchange protocol. In the protocol, each communicating party
generates a shared key such that in the result of their computations, they
arrive at the same session key. This analysis was deemed very relevant because
failure to arrive at a shared session key
is a chief design weakness in any cryptosystem. We employed numerical examples
to assist in proving the efficiency of the protocol. In our computations with
randomly selected numerical values as suggested by the protocol, it failed to
arrive at a common session key. It was discovered that this failure was a
result of not considering the congruency of the powers modulo Euler’s totient
function while selecting parameters at random for the computations. We,
therefore, proposed that the parameters whose inverse is involved in the
computation should be chosen such that its multiplicative inverse modulo
Euler’s totient function exists instead of selecting them at random. In another
numerical example, we employed this restriction in selecting parameters for
computations and it resulted in a more secure and efficient protocol.
Keywords: Authenticated key exchange protocol, two-server authentication, secret session keys, password-only authentication
https://doi.org/10.33922/j.ujet_v8i1_8
|
View: 114 | Download: 15
Published
Wednesday, June 08, 2022
Issue
Vol. 8 No. 1, June 2022
Article Section
GENERAL
The contents of the articles are the sole opinion of the author(s) and not of UJET.
|
