Mutual Authentication and Session Key Establishment for Secure Communication using Generalized Digital Certificate

Full Text (PDF, 1118KB), PP.23-31

Views: 0 Downloads: 0

Author(s)

Balaji V Durgawad 1,* Mohammed Aijaz Ahmed 2 D. Rajya Lakshmi 3 Sayed Abdul Sattar 4

1. Department of Computer Engineering, Gramin Polytechnic, Vishnupuri, Nanded

2. Department of Computer Science and Engineering, GITAM University, Vishakapatnam

3. University College of Engineering, Vizainagram, JNTU Kakinada

4. Nawab Shah Alam Khan College of Engineering & Technology, JNTU Hyderabad

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2017.08.04

Received: 16 Apr. 2017 / Revised: 9 May 2017 / Accepted: 13 May 2017 / Published: 8 Aug. 2017

Index Terms

PKI, public key digital certificate, generalized digital certificate, identity forgery, authentication and session key

Abstract

Public–key digital certificates are being used in public key infrastructure to provide authentication of the user’s public key. Public key digital certificates like X.509 are used to bind a public key to its user. This kind of certificates cannot be used for user authentication. Such use may lead to forgery of user’s identity. Lein et al proposed a authentication scheme based on Generalized Digital Certificates (GDC). A GDC consists of user’s public information like digital birth certificate, digital identity, etc. and the digital signature of trusted third party generated from that public information. The GDC based scheme provides user authentication and allows for session key establishment. The scheme is secure against forgery of user’s identity but it does not provide mutual authentication. The scheme proposed in this paper not only provides mutual authentication and session key but also it preserves the security strength of Lein et al’s GDC based scheme.

Cite This Paper

Balaji V Durgawad, Mohammed Aijaz Ahmed, D. Rajya Lakshmi, Sayed Abdul Sattar, "Mutual Authentication and Session Key Establishment for Secure Communication using Generalized Digital Certificate", International Journal of Computer Network and Information Security(IJCNIS), Vol.9, No.8, pp.23-31, 2017. DOI:10.5815/ijcnis.2017.08.04

Reference

[1]Network Working Group, “Internet X.509 public key infrastructure certificate and crl profile, RFC: 2459," Jan. 1999.
[2]LeinHarn and JianRen, “Generalized Digital Certificate For User Authentication And Key establishment for secure communication,” IEEE Trans. on wireless communication,vol.,10,No.7,July2011.
[3]T. A. ElGamal, “A public-key cryptosystem and a signature scheme based on discrete logarithms," IEEE Trans. Inf. Theory, vol. 31, no. 4,pp. 469-472, 1985.
[4]Bismin.V.Sherif and Andrews Jose, “Secure Communication using generalized Digital Certificate”, International Journal of Computer Applications Technology and Research, Volume 2-Issue 4,396- 399, 2013.
[5]M.V.Kishore, G.Pandit Samuel, N.AdityaSundar, M.Enayath Ali, Y.LalithaVarma “A Novel Methodology for Secure Communications and Prevention of Forgery Attacks,” International Journal of Computer Applications (0975 – 8887) Volume 96– No.22, June 2014.
[6]SharinaToor, KesavaRaoSeerapu, Y.Rameshkumar, “A Novel Secured Data Communication and Prevention of Forgery Attacks Using Digital Certificates,” international Journal of Computer Science and Information Technologies, Vol. 5 (5), 2014, 6410-6415.
[7]en.wikipedia.org/wiki/Discrete-logarithm
[8]A. Shamir, “Identity-based cryptosystems and signature schemes," in Advances in Cryptology: Proc. Crypto’84, Lecture Notes in Computer Science vol. 196, (Berlin), pp. 47-53, Springer-Verlag, 1985.
[9]W. Diffle and M. E. Hellman, “New directions in cryptography," IEEE Trans.Inf. Theory, vol. 22, pp. 644-654, 1976.
[10]W. Diffle and M. E. Hellman, “New directions in cryptography," IEEE Trans. Inf. Theory, vol. 22, pp. 644-654, 1976.
[11]M. Jakobsson, K. Sako, and R. Impagliazzo, “Designated verifier proofs and their applications," Advances in Cryptology - EUROCRYPT, pp. 143-154, 1996. LNCS Vol 1070.
[12]C. Schnorr, “Efficient signature generation by smart cards," J. Cryptology, vol. 4, no. 3, pp. 161-174, 1991.
[13]F. Laguillaumie and D. Vergnaud, “Designated verifier signatures: anonymity and efficient construction from any bilinear map." IACR eprint.
[14]R. Steinfeld, L. Bull, H. Wang, and J. Pieprzyk, “Universal designated verifier signatures," in Asiacrypt’03, vol. LNCS 2894, pp. 523-542, 2003.
[15]L. Harn, J. Ren, and C. Lin, “Design of DL-based certificateless digitalsignatures," J. Syst. Software, vol. 82, pp. 789-793, 2009.
[16]Al-Riyami, S., Paterson, K, “Certificateless public key cryptography,”Advancesin Cryptology – AsiaCrypt, LNCS, vol. 2894. Springer-Verlag, pp. 452–473, 2003.
[17]L. Harn and Y. Xu,“Design of Generalized ElGamal type digital Signature scheme based on discrete Logarithm," ELECTRONICS LETTERS, vol. 30 , no. 24, 1994,2025-2026.
[18]Rivest R. L.Shamir A. and Adelman L, “A Method for obtaining digital signatures and public key cryptosystems,"commun. SCM, 1978, 21, (2), pp.120-126.
[19]R. Lidl and H. Niederreiter, Finite Fields. Cambridge University Press, 2000.
[20]Rashmi singh, shiv kumar “Elgamal?s Algorithm in Cryptography” International Journal of Scientific & Engineering Research Volume 3, Issue 12, December-2012.
[21]Pohlig, S. and M.E. Hellman, “An improved algorithm for computing logarithms over GF (p) and its cryptographic significance,” IEEE Transactions on Information Theory, vol. IT-24, 1978, pp. 106-110.
[22]A. Shamir and Y. Tauman, “Improved online/offline signature schemes," in Proc. 21st Annual International Cryptology Conf. Advance Cryptology, p. 355-367, Springer-Verlag, 2001.
[23]H. Krawczyk and T. Rabin, “Chameleon signatures," in Proc. Symp. Netw. Distributed Syst. Security (NDSS00), (Internet Society), pp. 143-154, Feb.
[24]Dr. S. Santhosh Baboo,K. Gokulraj, “An Enhanced Dynamic Mutual Authentication Scheme for Smart Card Based Networks,” I. J. Computer Network and Information Security, 2012, 4, 30-38.