Design And Security Analysis Of Anonymous Authenticated Key Exchange Protocols

With the rapid popularization and application of the network technology, the disclosure ofusers’ privacy has become an important security issue which seriously restricts the healthydevelopment of network and society. Anonymous authenticated key exchange (AAKE)protocols are the ones that add a new security property—anonymity to the traditional AKEprotocols in order to achieve authentication and communication security while hiding the realidentity of the participant and protecting users’ privacy. In recent years, anonymity is always thehot spot in the field of AKE research, which has important practical significance and extensiveapplication prospects.This thesis aims at the studies on the design and security analysis of AAKE protocols basedon different application backgrounds. In this thesis, some weaknesses of several existing AAKEprotocols are pointed out. To perfect the security of AAKE protocols, several more efficient andsecure AAKE protocols are proposed, and the security proofs of them are presented. Majorcontributions endeavored are as follows:Firstly, the two party AAKE protocol between the user and server is studied. By pointingout that the AAKE protocol designed by Sun et al. in2009can not achieve user untraceability,an improved protocol based on CDH problem is proposed. Not only achieves this improvedprotocol user anonymity and untraceability, but also is the number of the communication roundsless than Sun et al.’s protocol. Furthermore, the semantic security and anonymity of theimproved protocol are strictly proved in the random oracle model.Secondly, it is worthwhile to consider the AAKE protocol in wireless roaming networks. Afew security flaws in two recent anonymous authentication schemes are pointed out, which arerespectively designed by Khan et al. in2010and Yoon et al. in2011. For example, unable toachieve user anonymity; the leakage of session key between the mobile user and the foreignagent in the case of the lost of the mobile user’s smart card; the risk of suffering from off-linedictionary attacks; vulnerability to user impersonation attacks and deposit-case attacks; unable tosatisfy user untraceability, etc. To overcome these problems, an improved scheme is proposedand a formal proof for the security of this improved scheme is given. This scheme provideshigher security assurance while the cost of communication and computation is not increased.Finally, the anonymous user authentication scheme in wireless sensor networks (WSN) isstudied to ensure the security of the real-time communication between users and sensor nodes.By analyzing the security of He et al.’s scheme, some security weaknesses of their scheme arepointed out, such as lacking user anonymity, vulnerability to user impersonation attacks and GW-node bypassing attacks, and so on. For the energy-efficient consideration for users in WSN,an improved scheme is presented based on one-way hash function and symmetric cryptosystemwhich not only achieves stronger security and user anonymity, but also has computationalreasonable consumptions.