For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Key Agreement Protocols Resistant to a Denial-of-Service Attack
Shouichi HIROSE Kanta MATSUURA
IEICE TRANSACTIONS on Information and Systems
Publication Date: 2001/04/01
Print ISSN: 0916-8532
Type of Manuscript: PAPER
Category: Applications of Information Security Techniques
key agreement protocol, denial-of-service (DoS) attack, resource-exhaustion attack, Diffie-Hellman key agreement protocol,
Full Text: PDF>>
In this manuscript, two key agreement protocols which are resistant to a denial-of-service attack are constructed from a key agreement protocol in  provably secure against passive and active attacks. The denial-of-service attack considered is the resource-exhaustion attack on a responder. By the resource-exhaustion attack, a malicious initiator executes a key agreement protocol simultaneously as many times as possible to exhaust the responder's resources and to disturb executions of it between honest initiators and the responder. The resources are the storage and the CPU. The proposed protocols are the first protocols resistant to both the storage-exhaustion attack and the CPU-exhaustion attack. The techniques used in the construction are stateless connection, weak key confirmation, and enforcement of heavy computation. The stateless connection is effective to enhancing the resistance to the storage-exhaustion attack. The weak key confirmation and the enforcement of heavy computation are effective to enhancing the resistance to the CPU-exhaustion attack.