A provable secure authentication protocol given forward secure session key

초록

This paper proposes a key distribution and authentication protocol between user, service provider and key distribution center (KDC). This protocol is based on symmetric cryptosystem, challenge-response, Diffie-Hellman component and hash function. In proposed protocol, user and server update the session key under token-update operation, and user can process repeated efficient authentications by using updated session keys. Another merit is that KDC needs not to totally control the session key between user and server in proposed protocol. Even if an attacker steals the parameters from the KDC, the attacker still can not calculate session key. We use BAN logic to proof these merits of our proposed protocol. Also according to the comparison and analysis with other protocols, our proposed protocol provides good efficiency and forward secure session key. ? 2008 Springer-Verlag Berlin Heidelberg.