Password-Based SIMSec Protocol
Abstract
The purpose of the SIMSec protocol is to provide the infrastructure to enable secured access between the SIM (Subscriber Identity Module) card which doesn’t have an ephemeral key installed during production and the service provider. This infrastructure has a form based on agreements among the mobile network manufacturer, the user, the service provider and the card manufacturer. In order to secure transactions, authentication methods are used based on the fact that both parties can verify that they are the parties they claim to be. In this study, the key exchange and authentication models in the literature have been surveyed and the password-based authentication model is chosen. For the SIMSec protocol, the password-based authentication algorithm is integrated into the SIMSec protocol. Thanks to the proposed new structure, phase differences in the SIMSec protocol are shown. As a result, a new key exchange protocol is proposed for SIM cards.
Keywords
Supporting Institution
Project Number
References
- [1] C. Boyd and A. Mathuria, “Protocols for Authentication and Key Establishment,” Springer Science and Business Media, 2013. [2] P. W. Shor, “Algoritms for quantum computation: discrete logarithms and factoring,” IEEE Computer Society Press, pp. 124-134. [3] S. M. Bellovin and M. Merritt, “Encrypted key exchange: Password-based protocols secure against dictionary attacks, ” Computer Society Press, 1992, pp. 72-84. [4] M. Bellare, D. Pointcheval and P. Rogaway, “Authenticated key exchange secure against dictionary attacks,” Lecture Notes in Computer Science, vol. 1807, pp. 139-155, 2000. [5] V. Boyko, P. MacKenzie and S. Patel, “Provably secure password authenticated key exchange using Diffie-Hellman,” Lecture Notes in Computer Science, vol. 1807, pp. 156-171, 2000. [6] P. MacKenzie, “The PAK suite: Protocols for password-authenticated key exchange, ” Technical Report, 2002-46, DIMACS, October 2002. [7] P.MacKenzie. “More efficient password-authenticated key exchange,” In D. Naccache, editor, Topics in Cryptology - CT-RSA 2001, Lecture Notes in Computer Science, vol. 2020. [8] A. Lenstra and E. Verheul, “The XTR public key system,” Lecture Notes in Computer Science, vol. 1880, pp. 1-19, 2000. [9] C. P. Schnorr, “Efficient identification and signatures for smart cards,” In G. Brassard, editor, Advances in Cryptology - Crypto '89, Lecture Notes in Computer Science, vol. 435, pp. 239-252, 1990. [10] D. P. Jablon, “Strong password-only authenticated key exchange,” ACM Computer Communication Review, vol. 26(5), pp. 5-26, October 1996. [11] P. MacKenzie, “On the security of the SPEKE password - authenticated key exchange protocol,” July 2001. [12] D. Jablon, “IEEE. P1363.2 Standard specifications for password-based public-key cryptographic techniques,” Phoenix Technologies, December 2002. [13] C. Kaufman and R. Perlman, “PDM: A new strong password-based protocol,” In 10th USENIX Security Symposium, August 2001. [14] D. P. Jablon. “Extended password key exchange protocols immune to dictionary attack” In 6th International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 248-255. IEEE Press, 1997. [15] T. Wu, “The secure remote password protocol,” In Network and Distributed System Security Symposium, Internet Society, February 1998. [16] T. Kwon, “Ultimate solution to authentication via memorable password,” IEEE P1363 Standards Group contibution, 2000. [17] K. Ok, V. Coskun, S. B. Yarman, C. Cevikbas and B. Ozdenizci, “SIMSec; A key exchange protocol between SIM card and service provider,” Wireless Personal Communications, vol. 89(4), pp. 1371-1390, 2016.
Details
Primary Language
English
Subjects
-
Journal Section
Research Article
Publication Date
September 30, 2020
Submission Date
June 17, 2020
Acceptance Date
September 17, 2020
Published in Issue
Year 2020 Volume: 11 Number: 3