Show simple item record

dc.contributor.advisorWolfe, Henry
dc.contributor.authorKeshariya, Astha
dc.date.available2011-02-06T21:58:38Z
dc.date.copyright2011
dc.identifier.citationKeshariya, A. (2011). Authenticated Trusted Server Controlled Key Establishment (Thesis, Doctor of Philosophy). University of Otago. Retrieved from http://hdl.handle.net/10523/557en
dc.identifier.urihttp://hdl.handle.net/10523/557
dc.description.abstractThe trusted server based key establishment protocols are well received by the research community. In this thesis we have discussed the benefits of asymmetric key based authentication scheme mediated by a trusted server which is known to all the users in a system. We have proposed a new trusted server based key establishment protocol (and named it AK-protocol) that makes use of well known certificate based authentication scheme (or ID based scheme when medium level of security is required), and the session key generation requires equal contribution of the trusted server and the participating clients. That is, the generation of ephemeral keys exclusively lies with the trusted server and the generation of a session key is completed only after clients have exchanged their ephemeral keys. We have analysed the AK-protocol for various properties, e.g., Perfect Forward Secrecy, Known Session-Key Security, Unknown Key Share Resilience, Key Control, Key Freshness, Key Compromise, Bandwidth Required, Scalability, Key Distribution, Central Directory Service, Non-Repudiation, Key Escrow, Desired properties from Three Party Authenticated Key Establishment (3PAKE) protocols and the Message Flow of the AK-protocol. We have also scrutinized the resilience of the AK-protocol when under different attack situations like Replay, Impersonation, DDoS attacks, including a specific situation where an attacker can craft protocol messages to mislead the clients. We have computed its Bit Complexity and evaluated the efforts required to carry out its Cryptanalysis. We have illustrated its practicability in different arenas. We executed a proof-of-concept implementation of the AK-protocol using Java on TCP, which showed us comparable results with SSL when the trusted server and v the participating clients were in the same network. We substantiated that it can be integrated with the existing 3-D Secure Protocol of Visa and MasterCard for online payment systems which when applied offers more reliable communication, cryptographically. We have also corroborated that the AK-protocol can be implemented with mobile payment systems with worked out examples of cryptographic mathematics involved in the protocol. Additionally, we have also suggested the use of AK-protocol in securing real-time mobile communications where the session key is generated using our protocol and a stream cipher algorithm, RC4 is used for encryption/decryption. We present three examples that illustrate the data flow, cryptographic mathematics involved in the AK-protocol.en_NZ
dc.format.mimetypeapplication/pdf
dc.language.isoenen_NZ
dc.publisherUniversity of Otago
dc.rightsAll items in OUR Archive are provided for private study and research purposes and are protected by copyright with all rights reserved unless otherwise indicated.
dc.rights.urihttp://www.otago.ac.nz/administration/policies/otago003228.html
dc.subjectAuthenticationen_NZ
dc.subjectKey Establishment protocolen_NZ
dc.subjectTrusted Serveren_NZ
dc.subject3-D Secureen_NZ
dc.subjectThird partyen_NZ
dc.titleAuthenticated Trusted Server Controlled Key Establishmenten_NZ
dc.typeThesis
dc.date.updated2011-02-04T14:15:52Z
thesis.degree.disciplineInformation Scienceen_NZ
thesis.degree.nameDoctor of Philosophyen_NZ
thesis.degree.grantorUniversity of Otagoen_NZ
thesis.degree.levelDoctoral Thesesen_NZ
otago.openaccessOpen
 Find in your library

Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record