Abstract
ProVerif is an automatic protocol verifier that is usually used to find symbolic attacks in a protocol as described in the Dolev-Yao Security Model [7]. But according to its manual [2], it can also be used to verify some computation attacks such as those described in the Bellare-Rogaway (BR) or Canetti-Krawczyk (CK) Security Model [5]. This cryptographic tool does not recognize the laws of mathematics and the laws needed to be applied manually. This paper shows the security verification of authenticated MQV-based key exchange (AKE) protocols. We show the proof of correctness using this protocol verifier tool as well as some of the known computational attacks done by others such as Unknown-Key-Share attack using it. Included in our results are two MQV-based protocol variants: an identity based key agreement (FG IB-KA) and a certificateless identity authenticated based key agreement (CLAKA).
This manuscript was written during the second author’s visit to Information Security Lab, MIMOS Berhad. The authors appreciate the financial assistance from the Ministry of Education of Malaysia in supporting this work with the Fundamental Research Grant Scheme (FRGS/1/2019/ICT04/MMU/02/5). The authors would also like to thank Jason Chia for assisting in discussions on cryptography proof techniques.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Blanchet B (2016) Modeling and verifying security protocols with the applied pi calculus and proverif
Blanchet B, Smyth B, Cheval V, Sylvestre M (2020) Proverif 2.02 pl1: automatic cryptographic protocol verifier, user manual and tutorial
Boyd C, Mathuria A, Stebila D (2003) Protocols for authentication and key establishment, vol 1. Springer
Choo KKR (2006) Key establishment: proofs and refutations. PhD thesis, Queensland University of Technology
Choo KKR, Boyd C, Hitchcock Y (2005) Examining indistinguishability-based proof models for key establishment protocols. In: International conference on the theory and application of cryptology and information security, pp 585–604. Springer
Diffie W, Hellman M (1976) New directions in cryptography. IEEE Trans Inform Theory 22(6), 644–654
Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inform Theory 29(2), 198–208
Farouk A, Miri A, Fouad MM, Abdelhafez AA (2014) Efficient pairing-free, certificateless two-party authenticated key agreement protocol for grid computing. In: 2014 fourth international conference on digital information and communication technology and its applications (DICTAP), pp 279–284. IEEE
Fiore D, Gennaro R (2010) Making the diffie-hellman protocol identity-based. In: Cryptographers’ track at the RSA conference, pp 165–178. Springer
Fiore D, Gennaro R, Smart NP (2010) Constructing certificateless encryption and id-based encryption from id-based key agreement. In: International conference on pairing-based cryptography, pp 167–186. Springer
He D, Padhye S, Chen J (2012) An efficient certificateless two-party authenticated key agreement protocol. Comput Math Appl 64(6), 1914–1926
Kaliski BS Jr (2001) An unknown key-share attack on the mqv key agreement protocol. ACM Trans Inform Syst Secur (TISSEC) 4(3):275–288
Katz J, Lindell Y (2020) Introduction to modern cryptography. CRC Press
Menezes A (1997) Some new key agreement protocols providing implicit authentication. In: Workshop on selected areas in cryptography. CRC Press
Shashidhara R, Nayak SK, Das AK, Park Y (2021) On the design of lightweight and secure mutual authentication system for global roaming in resource-limited mobility networks. IEEE Access 9:12879–12895
Wu TY, Yang L, Lee Z, Chen CM, Pan JS, Islam S (2021) Improved ecc-based three-factor multiserver authentication scheme. Secur Commun Netw
Zhang J, Yang L, Gao X, Tang G, Zhang J, Wang Q (2021) Formal analysis of quic handshake protocol using symbolic model checking. IEEE Access (2021)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Yap, EY., Chin, JJ., Goh, A. (2021). Verifying MQV-Based Protocols Using ProVerif. In: Kim, H., Kim, K.J. (eds) IT Convergence and Security. Lecture Notes in Electrical Engineering, vol 782. Springer, Singapore. https://doi.org/10.1007/978-981-16-4118-3_6
Download citation
DOI: https://doi.org/10.1007/978-981-16-4118-3_6
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-4117-6
Online ISBN: 978-981-16-4118-3
eBook Packages: Computer ScienceComputer Science (R0)