Toward a secure Kerberos key exchange with smart cards

被引:0
|
作者
Nikos Mavrogiannopoulos
Andreas Pashalidis
Bart Preneel
机构
[1] KU Leuven,Department of Electrical Engineering/COSIC
[2] iMinds,undefined
来源
International Journal of Information Security | 2014年 / 13卷
关键词
Kerberos; Smart cards; PKINIT;
D O I
暂无
中图分类号
学科分类号
摘要
Public key Kerberos (PKINIT) is a standard authentication and key establishment protocol. Unfortunately, it suffers from a security flaw when combined with smart cards. In particular, temporary access to a user’s card enables an adversary to impersonate that user for an indefinite period of time, even after the adversary’s access to the card is revoked. In this paper, we extend Shoup’s key exchange security model to the smart card setting and examine PKINIT in this model. Using this formalization, we show that PKINIT is indeed flawed, propose a fix, and provide a proof that this fix leads to a secure protocol.
引用
收藏
页码:217 / 228
页数:11
相关论文
共 50 条
  • [1] Toward a secure Kerberos key exchange with smart cards
    Mavrogiannopoulos, Nikos
    Pashalidis, Andreas
    Preneel, Bart
    INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2014, 13 (03) : 217 - 228
  • [2] Security implications in Kerberos by the introduction of smart cards
    Mavrogiannopoulos, Nikos
    Pashalidis, Andreas
    Preneel, Bart
    7TH ACM SYMPOSIUM ON INFORMATION, COMPUTER AND COMMUNICATIONS SECURITY (ASIACCS 2012), 2012,
  • [3] A secure remote mutual authentication and key agreement without smart cards
    Hsiang, Han-Cheng
    Shih, Wei-Kuan
    Information Technology Journal, 2009, 8 (03) : 333 - 339
  • [4] Practical and Secure Recovery of Disk Encryption Key Using Smart Cards
    Omote, Kazumasa
    Kato, Kazuhiko
    IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2010, E93D (05): : 1080 - 1086
  • [5] Efficient three-party key exchange using smart cards
    Jaung, WS
    IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, 2004, 50 (02) : 619 - 624
  • [6] Reliable and secure operation of smart cards
    Henn, HH
    DEPENDABLE COMPUTING - EDCC-3, 1999, 1667 : 3 - 3
  • [7] Secure Secret-Key Management of Kerberos Service
    Cao, Lai-Cheng
    EMERGING RESEARCH IN ARTIFICIAL INTELLIGENCE AND COMPUTATIONAL INTELLIGENCE, 2011, 237 : 76 - 83
  • [8] Secure Authentication Process In Smart Cards
    Nivetha, S.
    Elizabeth, N. Edna
    Padmasha, T. Prasanya
    Gohulalakshmi, I.
    PROCEEDINGS OF THE 10TH INTERNATIONAL CONFERENCE ON INTELLIGENT SYSTEMS AND CONTROL (ISCO'16), 2016,
  • [9] A secure and efficient authenticated key exchange scheme for smart grid
    Xia, Zhe
    Liu, Tao
    Wang, Jingjing
    Chen, Shi
    HELIYON, 2023, 9 (07)
  • [10] A secure password-based authentication and key agreement scheme using smart cards
    Mishra, Dheerendra
    Das, Ashok Kumar
    Chaturvedi, Ankita
    Mukhopadhyay, Sourav
    JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2015, 23 : 28 - 43
12345