Cryptanalysis and Improvement of ECC Based Authentication and Key Exchanging Protocols†
AbstractElliptic curve cryptography (ECC) is extensively used in various multifactor authentication protocols. In this work, various recent ECC-based authentication and key exchange protocols are subjected to threat modeling and static analysis to detect vulnerabilities and to enhance them to be more secure against threats. This work demonstrates how currently-used ECC-based protocols are vulnerable to attacks. If protocols are vulnerable, damage could include critical data loss and elevated privacy concerns. The protocols considered in this work differ in their usage of security factors (e.g., passwords, pins and biometrics), encryption and timestamps. The threat model considers various kinds of attacks including denial of service, man in the middle, weak authentication and SQL injection. Countermeasures to reduce or prevent such attacks are suggested. Beyond cryptanalysis of current schemes and the proposal of new schemes, the proposed adversary model and criteria set forth provide a benchmark for the systematic evaluation of future two-factor authentication proposals. View Full-Text
Scifeed alert for new publicationsNever miss any articles matching your research from any publisher
- Get alerts for new papers matching your research
- Find out the new papers from selected authors
- Updated daily for 49'000+ journals and 6000+ publishers
- Define your Scifeed now
Roy, S.; Khatwani, C. Cryptanalysis and Improvement of ECC Based Authentication and Key Exchanging Protocols. Cryptography 2017, 1, 9.
Roy S, Khatwani C. Cryptanalysis and Improvement of ECC Based Authentication and Key Exchanging Protocols. Cryptography. 2017; 1(1):9.Chicago/Turabian Style
Roy, Swapnoneel; Khatwani, Chanchal. 2017. "Cryptanalysis and Improvement of ECC Based Authentication and Key Exchanging Protocols." Cryptography 1, no. 1: 9.
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.