Enhanced of Key Agreement Protocols Resistant to a Denial-of-Service Attack
نویسندگان
چکیده
In this manuscript, two key agreement protocols which are resistant to a denial-of-service attack are constructed from a key agreement protocol in [9] provably secure against passive and active attacks. The denial-of-service attack considered is the resource-exhaustion attack on a responder. By the resource-exhaustion attack, a malicious initiator executes a key agreement protocol simultaneously as many times as possible to exhaust the responder’s resources and to disturb executions of it between honest initiators and the responder. The resources are the storage and the CPU. The proposed protocols are the first protocols resistant to both the storage-exhaustion attack and the CPU-exhaustion attack. The techniques used in the construction are stateless connection, weak key confirmation, and enforcement of heavy computation. The stateless connection is effective to enhancing the resistance to the storage-exhaustion attack. The weak key confirmation and the enforcement of heavy computation are effective to enhancing the resistance to the CPU-exhaustion attack. key words: key agreement protocol, denial-of-service (DoS) attack, resource-exhaustion attack, Diffie-Hellman key agreement protocol
منابع مشابه
Efficient authenticated key agreement protocols resistant to a denial-of-service attack
Malicious intruders may launch as many invalid requests as possible without establishing a server connection to bring server service to a standstill. This is called a denial-of-service (DoS) or distributed DoS (DDoS) attack. Until now, there has been no complete solution to resisting a DoS/DDoS attack. Therefore, it is an important network security issue to reduce the impact of a DoS/DDoS attac...
متن کاملResolution of ISAKMP/Oakley Key-Agreement Protocol Resistant against Denial-of-Service Attack
|Key-agreement protocol will play an important role as an entrance to secure communication over the Internet. Speci cally, ISAKMP(Internet Security Association and Key Management Protocol)/Oakley key-agreement is currently a leading approach for communication between two parties. Basic idea of ISAKMP/Oakley is an authenticated Di eHellman (DH) key-agreement protocol. This authentication owes a ...
متن کاملProtocol Engineering for Protection against Denial-of-Service Attacks
Denial-of-service attacks (DoS) and distributed denial-of-service attacks (DDoS) attempt to temporarily disrupt users or computer resources to cause service unavailability to legitimate users in the internetworking system. The most common type of DoS attack occurs when adversaries flood a large amount of bogus data to interfere or disrupt the service on the server. The attack can be either a si...
متن کاملTowards Denial-of-Service-Resilient Key Agreement Protocols
Denial of service resilience is an important practical consideration for key agreement protocols in any hostile environment such as the Internet. There are well-known models that consider the security of key agreement protocols, but denial of service resilience is not considered as part of these models. Many protocols have been argued to be denial-of-service-resilient, only to be subsequently b...
متن کاملA protected password change protocol
Some protected password change protocols were proposed. However, the previous protocols were easily vulnerable to several attacks such as denial of service, password guessing, stolen-verifier and impersonation attacks etc. Recently, Chang et al. proposed a simple authenticated key agreement and protected password change protocol for enhancing the security and efficiency. In this paper, authors ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Fundam. Inform.
دوره 61 شماره
صفحات -
تاریخ انتشار 2004