{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,19]],"date-time":"2025-12-19T21:51:28Z","timestamp":1766181088524,"version":"build-2065373602"},"reference-count":39,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2018,3,28]],"date-time":"2018-03-28T00:00:00Z","timestamp":1522195200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001868","name":"National Science Council of Taiwan","doi-asserted-by":"publisher","award":["MOST 106-2221-E-018-001","MOST 106-2622-E-018-002-CC3"],"award-info":[{"award-number":["MOST 106-2221-E-018-001","MOST 106-2622-E-018-002-CC3"]}],"id":[{"id":"10.13039\/501100001868","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Symmetry"],"abstract":"<jats:p>A three-party Authenticated Key Agreement (AKA) protocol in the distributed computing environment is a client that requests services from an application server through an authentication server. The authentication server is responsible for authenticating the participating entities and helping them to construct a common session key. Adopting the Key Transfer Authentication Protocol (KTAP) in such an environment, the authentication server is able to monitor the communication messages to prevent and trace network crime. However, the session key in the KTAP setting is created only by the authentication server and is vulnerable to the resilience of key control. On the other hand, with the rapid growth of network technologies, mobile devices are widely used by people to access servers in the Internet. Many AKA protocols for mobile devices have been proposed, however, most protocols are vulnerable to Ephemeral Secret Leakage (ESL) attacks which compromise the private keys of clients and the session key by an adversary from eavesdropped messages. This paper proposes a novel ESL-secure ID-based three-party AKA protocol for mobile distributed computing environments based on ESL-secure ID-based Authenticated Key Exchange (ID-AKE) protocol. The proposed protocol solves the key control problem in KTAP while retaining the advantages of preventing and tracing network crime in KTAP and also resists ESL attacks. The AVISPA tool simulation results confirm the correctness of the protocol security analysis. Furthermore, we present a parallel version of the proposed ESL-secure ID-based three-party AKA protocol that is communication-efficient.<\/jats:p>","DOI":"10.3390\/sym10040084","type":"journal-article","created":{"date-parts":[[2018,3,29]],"date-time":"2018-03-29T05:26:37Z","timestamp":1522301197000},"page":"84","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":20,"title":["Ephemeral-Secret-Leakage Secure ID-Based Three-Party Authenticated Key Agreement Protocol for Mobile Distributed Computing Environments"],"prefix":"10.3390","volume":"10","author":[{"given":"Chao-Liang","family":"Liu","sequence":"first","affiliation":[{"name":"Department of Applied Informatics and Multimedia, Asia University, Lioufeng Rd., Wufeng, Taichung 413, Taiwan"}]},{"given":"Wang-Jui","family":"Tsai","sequence":"additional","affiliation":[{"name":"Department of Industrial Education and Technology, National Changhua University of Education, Changhua City 500, Taiwan"}]},{"given":"Ting-Yi","family":"Chang","sequence":"additional","affiliation":[{"name":"Department of Industrial Education and Technology, National Changhua University of Education, Changhua City 500, Taiwan"}]},{"given":"Ta-Ming","family":"Liu","sequence":"additional","affiliation":[{"name":"Department of Industrial Education and Technology, National Changhua University of Education, Changhua City 500, Taiwan"}]}],"member":"1968","published-online":{"date-parts":[[2018,3,28]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"106","DOI":"10.1016\/j.cose.2005.09.010","article-title":"Provably secure authenticated key exchange protocols for low power computing clients","volume":"25","author":"Wen","year":"2006","journal-title":"Comput. Secur."},{"key":"ref_2","unstructured":"Wong, D.S., and Chan, A.H. (2008, January 9\u201313). Efficient and mutually authenticated key exchange for low power computing devices. Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, Australia."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"178","DOI":"10.1007\/3-540-46088-8_17","article-title":"Mutual Authentication for Low-Power Mobile Devices","volume":"2339","author":"Jakobsson","year":"2002","journal-title":"Financ. Cryptogr."},{"key":"ref_4","first-page":"494","article-title":"ID-based Authenticated Key Agreement for Low-Power Mobile Devices","volume":"3574","author":"Choi","year":"2005","journal-title":"Inf. Sec. Priv."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"447","DOI":"10.1002\/dac.1268","article-title":"Towards generalized ID-based user authentication for mobile multi-server","volume":"25","author":"Chuang","year":"2012","journal-title":"Int. J. Commun. Syst."},{"key":"ref_6","first-page":"1062","article-title":"An efficient user authentication and key exchange protocol for mobile client\u2013server environment","volume":"53","author":"Wu","year":"2010","journal-title":"Comput. Netw."},{"key":"ref_7","unstructured":"Tseng, Y.M., and Tseng, L. (2014, January 24\u201326). Ephemeral-Secret-Leakage Secure ID-Based Authenticated Key Exchange Protocol for Mobile Client-Server Environments. Proceedings of the 24th Cryptology and Information Security Conference, Putrajaya, Malaysia."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"644","DOI":"10.1109\/TIT.1976.1055638","article-title":"New directions in cryptography","volume":"22","author":"Diffie","year":"1976","journal-title":"IEEE Trans. Inf. Theory"},{"key":"ref_9","first-page":"101","article-title":"Password Authentication Schemes: Current Status and Key Issues","volume":"3","author":"Tsai","year":"2006","journal-title":"IJINS"},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"47","DOI":"10.1007\/3-540-39568-7_5","article-title":"Identity-Based Cryptosystems and Signature Schemes","volume":"5","author":"Shamir","year":"1985","journal-title":"Adv. Cryptol."},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Boneh, D., and Franklin, M. (2001, January 19\u201323). Identity-Based Encryption from the Weil Pairing. Proceedings of the 21st Annual International Cryptology Conference, Santa Barbara, CA, USA.","DOI":"10.1007\/3-540-44647-8_13"},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Boneh, D., and Boyen, X. (2004, January 15\u201319). Secure Identity Based Encryption without Random Oracles. Proceedings of the 24th Annual International Cryptology Conference, Santa Barbara, CA, USA.","DOI":"10.1007\/978-3-540-28628-8_27"},{"key":"ref_13","unstructured":"Waters, B. (2005, January 22\u201326). Efficient Identity-Based Encryption without Random Oracles. Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark."},{"key":"ref_14","unstructured":"Gentry, C. (June, January 28). Practical Identity-Based Encryption without Random Oracles. Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, St. Petersburg, Russia."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"385","DOI":"10.1007\/10722028_23","article-title":"A One Round Protocol for Tripartite Diffie\u2013Hellman","volume":"1838","author":"Joux","year":"2000","journal-title":"Algorithm. Number Theory"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Al-Riyami, S., and Paterson, K. (2003, January 16\u201318). Tripartite Authenticated Key Agreement Protocols from Pairings. Proceedings of the 9th IMA International Conference, Cirencester, UK.","DOI":"10.1007\/978-3-540-40974-8_27"},{"key":"ref_17","first-page":"64","article-title":"Cryptanalysis of Tso et al.\u2019s ID-Based Tripartite Authenticated Key Agreement Protocol","volume":"4812","author":"Lim","year":"2007","journal-title":"Inf. Syst. Secur."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"244","DOI":"10.1016\/j.cose.2009.08.006","article-title":"Two proposed identity-based three-party authenticated key agreement protocols from pairings","volume":"29","author":"Welzer","year":"2010","journal-title":"Comput. Secur."},{"key":"ref_19","first-page":"927","article-title":"New identity-based three-party authenticated key agreement protocol with provable security","volume":"36","author":"Xiong","year":"2013","journal-title":"JNCA"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"97","DOI":"10.1016\/S0164-1212(03)00093-1","article-title":"Password-based user authentication and key distribution protocols for client\u2013server applications","volume":"72","author":"Yeh","year":"2004","journal-title":"J. Syst. Softw."},{"key":"ref_21","unstructured":"Kohl, J.T., Neuman, B.C., and Tso, T.Y. (1991). The evolution of the Kerberos authentication system. Distributed Open System, IEEE Computer Society Press."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"175","DOI":"10.1016\/j.compeleceng.2005.03.001","article-title":"Password authenticated key exchange protocols among diverse network domains","volume":"31","author":"Yeh","year":"2005","journal-title":"Comput. Electr. Eng."},{"key":"ref_23","unstructured":"Li, G. (1995, January 13\u201315). Optimal authentication protocols resistant to password guessing attacks. Proceedings of the Eighth IEEE Computer Security Foundations Workshop, Kerry, Ireland."},{"key":"ref_24","first-page":"991","article-title":"An Improvement of the Password-Based Authentication Protocol (K1P) on Security against Replay Attacks","volume":"82","author":"Kwon","year":"1999","journal-title":"IEICE Trans. Commun."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"304","DOI":"10.1049\/ip-com:19982282","article-title":"Authenticated key exchange protocols resistant to password guessing attacks","volume":"145","author":"Kwon","year":"1998","journal-title":"Commun. IEE Proc."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"217","DOI":"10.1016\/j.ins.2010.08.032","article-title":"A communication-efficient three-party password authenticated key exchange protocol","volume":"181","author":"Chang","year":"2011","journal-title":"Inf. Sci."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"1339","DOI":"10.1016\/j.camwa.2012.01.041","article-title":"Escrowable identity-based authenticated key agreement protocol with strong security","volume":"65","author":"Ni","year":"2013","journal-title":"Comput. Math. Appl."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"1157","DOI":"10.1016\/j.jss.2011.12.044","article-title":"A graphical-based password keystroke dynamic authentication system for touch screen handheld mobile devices","volume":"85","author":"Chang","year":"2012","journal-title":"J. Syst. Softw."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Blake-Wilson, S., and Menezes, A. (1999, January 17\u201318). Authenticated Diffe-Hellman Key Agreement Protocols. Proceedings of the Selected Areas in Cryptography, Kingston, Ontario, Canada.","DOI":"10.1007\/3-540-48892-8_26"},{"key":"ref_30","unstructured":"(2018, January 24). AVISPA v1.1 User Manual. Available online: http:\/\/www.avispa-project.org\/."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"1581","DOI":"10.1016\/j.jss.2007.11.720","article-title":"A round- and computation-efficient three-party authenticated key exchange protocol","volume":"81","author":"Chen","year":"2008","journal-title":"J. Syst. Softw."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"75","DOI":"10.1109\/4236.807015","article-title":"AAA protocols: Authentication, authorization, and accounting for the Internet","volume":"3","author":"Metz","year":"1999","journal-title":"IEEE Int. Comput."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"22","DOI":"10.1109\/MNET.2002.1081762","article-title":"AAA: A survey and a policy-based architecture and framework","volume":"16","author":"Rensing","year":"2002","journal-title":"IEEE Netw."},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Decugis, S. (2009, January 20\u201324). Towards a Global AAA Framework for Internet. Proceedings of the 2009 Ninth Annual International Symposium on Applications and the Internet, Bellevue, WA, USA.","DOI":"10.1109\/SAINT.2009.57"},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","article-title":"On the Security of Public Key Protocols","volume":"29","author":"Dolev","year":"1983","journal-title":"IEEE Inf. Theory Soc."},{"key":"ref_36","unstructured":"(2018, January 24). AVISPA Web tool. Automated Validation of Internet Security Protocols and Applications. Available online: http:\/\/www.avispa-project.org\/web-interface."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Scott, M., Costigan, N., and Abdulwahab, W. (2006, January 10\u201313). Implementing Cryptographic Pairings on Smartcards. Proceedings of the 8th International Workshop, Yokohama, Japan.","DOI":"10.1007\/11894063_11"},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"485","DOI":"10.1016\/j.comcom.2010.05.013","article-title":"TinyPBC: Pairings for authenticated identity-based non-interactive key distribution in sensor networks","volume":"34","author":"Oliveira","year":"2011","journal-title":"Comput. Commun."},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"264","DOI":"10.1007\/s11390-005-0264-1","article-title":"Implementation of Cryptosystem Based on Tate Pairing","volume":"20","author":"Hu","year":"2005","journal-title":"J. Comput. Sci. Technol."}],"container-title":["Symmetry"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-8994\/10\/4\/84\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T14:58:53Z","timestamp":1760194733000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-8994\/10\/4\/84"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,3,28]]},"references-count":39,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2018,4]]}},"alternative-id":["sym10040084"],"URL":"https:\/\/doi.org\/10.3390\/sym10040084","relation":{},"ISSN":["2073-8994"],"issn-type":[{"type":"electronic","value":"2073-8994"}],"subject":[],"published":{"date-parts":[[2018,3,28]]}}}