Open Access Open Access  Restricted Access Subscription Access

Reduce the Memory Used in Key Management for Security Systems


Affiliations
1 Department of Computer Science, Sheba Region University, Marib, Yemen
 

Nowadays, most of the applications are distributed and require two or more parties to establish a secure communication channel over an open network. Key management is one of the major security issues in such applications. A good security system should reduce more complex problems related to the proper key management and secure-saving of a little number of secret keys at every endpoint. So it is difficult to save one key secretly, and the difficulty will be more and more if the number of secret keys increased. In the literature, many schemes have been proposed for key distribution and management. Although, such schemes have reduced the number of secret keys stored at the users to only one key, Key Distribution Center (KDC), known here as Key Managing Center (KMC), still maintains a shared secret key with each user in the network. In this paper, we propose a method to reduce the number of secret keys stored at the KDC to only one key, regardless of the network size. In the proposed method, the KMC will store a unique stuff data for every user. The user's secret key will be generated by taking the stuff data, adding the lifetime of the secret key, and then hashing the resulting string using the manager secret key. The output digest will be used as the user's secret key. By this way, KMC will only store one key called the manager secret key. Furthermore, we will combine the proposed method with our previous work to build an efficient key management model. Analysis and experimental results indicate that the developed model is highly secure, practical and efficient.

Keywords

Key Management, Key Distribution, Key Storage, Public Key Cryptography, Symmetric Key Cryptography, Formal Verification.
User
Notifications
Font Size

  • D. P. Sumalatha and D. C. K. Priya, "A Prototype Implementation for Public Key Infrastructure Based on Transport Layer Security," International Journal of Emerging Trends & Technology in Computer Science (IJETTCS), vol. 6, pp. 83-88, September - October 2017.
  • R. Abobeah, M. Ezz, and H. Harb, "Public-key cryptography techniques evaluation," International Journal of Computer Networks and Applications, vol. 2, pp. 64-75, 2015.
  • S. Sharma, "Cryptography: An art of writing a secret code," International Journal of Computer Science & Technology, vol. 8, pp. 26-30, 2017.
  • K. H. K. Alibraheemi, "Robust Biometrics-Based Authentication Scheme for Cryptographic Keys Distribution," International Journal of Applied Engineering Research, vol. 13, pp. 1415-1420, 2018.
  • W. Stallings, Cryptography and Network Security: Principles and Practice: Pearson Prentice Hall, 2017.
  • Jincy Sebastian and S. Jose, "Implementation of Two-Server Password-Based Authentication," International Journal of Innovative Research in Computer and Communication Engineering, vol. 3, pp. 11608-11614, 2015.
  • M. Khalifa, "Enhanced Kerberos Authentication For Distributed Environment Using Two Phases Security," An international journal of advanced computer technology, vol. 6, pp. 2323-2329, 2017.
  • S. Arora and M. Hussain, "Secure session key sharing using symmetric key cryptography," in 2018 International Conference on Advances in Computing, Communications and Informatics (ICACCI), 2018, pp. 850-855.
  • S. Budiyanto, G. B. Santosa, and F. R. I. Mariati, "Upgrading the S-NCI Key Establishment Protocol Scheme to be Secure and Applicable," in IOP Conference Series: Materials Science and Engineering, 2018, p. 012002.
  • M. Narendra and S. S. Raja, "A Study of Using Authenticated Key Exchange Protocols to Boost The Efficiency of Parallel Network File System," Journal of Critical Reviews, vol. 7, pp. 1883-1890, 2020.
  • M. D. Nath and S. Karforma, "Object-Oriented Modelling Of Kerberos Based Authentication Process In E-Banking Transaction," International Journal of Computer Sciences and Engineering, vol. 6, pp. 1-5, 2018.
  • Z. Tbatou, A. Asimi, Y. Asimi, Y. Sadqi, and A. Guezzaz, "A New Mutuel Kerberos Authentication Protocol for Distributed Systems," Int. J. Netw. Secur., vol. 19, pp. 889-898, 2017.
  • L. Wu, J. Fan, Y. Xie, and J. Wang, "An improved authentication and key agreement scheme for session initial protocol," KSII Transactions on Internet and Information Systems (TIIS), vol. 11, pp. 4025-4042, 2017.
  • K. Bakare, S. Junaidu, and M. Ahmed, "Improved Secure Biometric Authentication Protocol," International Journal of Applied Information Systems, vol. 12, pp. 49-56, 2020.
  • T. A. Khaleel, "Analysis and Implementation of Kerberos Protocol in Hybrid Cloud Computing Environments," Engineering and Technology Journal, vol. 39, pp. 41-52, 2021.
  • Z. Tbatou, A. Asimi, C. E. Balmany, and Y. Asimi, "A Novel Architecture of a Strong and Mutual Authentication Protocol for Distributed Systems," Engineering Letters, vol. 28, 2020.
  • P. Bhadle, S. Gugale, S. Trar, H. Kaur, and S. Salve, "Kerberos Authentication System using Public key Encryption," International Journal of Computer Science and Information Technologies, vol. 5, pp. 1930-1933, 2014.
  • J. Sun and Z. Gao, "Improved mobile application security mechanism based on Kerberos," in Proceedings of 2019 4th international workshop on materials engineering and computer sciences, 2019, pp. 108-112.
  • J. G. Dastidar, "An Authentication Protocol based on Kerberos," Journal of Engineering Research and Application, vol. 7, pp. 70-74, 2017.
  • A. Jesudoss and N. Subramaniam, "Enhanced Kerberos authentication for distributed environment," Journal of Theoretical and Applied Information Technology (JTAIT), vol. 69, pp. 368-374, 2014.
  • H. Saputra and Z. Zhao, "Long term key management architecture for SCADA systems," in 2018 IEEE 4th World Forum on Internet of Things (WF-IoT), 2018, pp. 314-319.
  • A. Yasser, Alahmadi and N. Saleh, Alassali, "An Improved Key Distribution Protocol Using Symmetric Key Cryptography," International Journal of Computer Sciences and Engineering (IJCSE), vol. 8, pp. 21-26, 2020.
  • G. Dua, N. Gautam, D. Sharma, and A. Arora, "Replay attack prevention in Kerberos authentication protocol using triple password," International Journal of Computer Networks & Communications (IJCNC), vol. 2, pp. 59-70, 2013.
  • P. Shalini and M. Kushwaha, "Mutual Authentication and Secure Key Distribution in Distributed Computing Environment," International Journal of Advanced Research in Engineering and Technology (IJARET), vol. 11, pp. 378-390, 2020.
  • V. Lozupone, "Analyze encryption and public key infrastructure (PKI)," International Journal of Information Management, vol. 38, pp. 42-44, 2018.
  • R. Amin, P. Lohani, M. Ekka, S. Chourasia, and S. Vollala, "An enhanced anonymity resilience security protocol for vehicular ad-hoc network with Scyther simulation," Computers & Electrical Engineering, vol. 82, p. 106554, 2020.
  • M. Safkhani, N. Bagheri, and M. Shariat, "On the security of rotation operation based ultra-lightweight authentication protocols for RFID systems," Future Internet, vol. 10, pp. 1-15, 2018.
  • M. H. Alzuwaini and A. A. Yassin, "An Efficient Mechanism to Prevent the Phishing Attacks," Iraqi Journal for Electrical & Electronic Engineering, vol. 17, 2021.
  • S. Bojjagani, D. D. Brabin, and P. V. Rao, "PhishPreventer: a secure authentication protocol for prevention of phishing attacks in mobile environment with formal verification," Procedia Computer Science, vol. 171, pp. 1110-1119, 2020.
  • E. Munivel and A. Kannammal, "New authentication scheme to secure against the phishing attack in the mobile cloud computing," Security and Communication Networks, vol. 2019, pp. 1-11, 2019.

Abstract Views: 357

PDF Views: 2




  • Reduce the Memory Used in Key Management for Security Systems

Abstract Views: 357  |  PDF Views: 2

Authors

Yasser Ali Alahmadi
Department of Computer Science, Sheba Region University, Marib, Yemen
Mokhtar Alsorori
Department of Computer Science, Sheba Region University, Marib, Yemen
Saleh Noman Alassali
Department of Computer Science, Sheba Region University, Marib, Yemen

Abstract


Nowadays, most of the applications are distributed and require two or more parties to establish a secure communication channel over an open network. Key management is one of the major security issues in such applications. A good security system should reduce more complex problems related to the proper key management and secure-saving of a little number of secret keys at every endpoint. So it is difficult to save one key secretly, and the difficulty will be more and more if the number of secret keys increased. In the literature, many schemes have been proposed for key distribution and management. Although, such schemes have reduced the number of secret keys stored at the users to only one key, Key Distribution Center (KDC), known here as Key Managing Center (KMC), still maintains a shared secret key with each user in the network. In this paper, we propose a method to reduce the number of secret keys stored at the KDC to only one key, regardless of the network size. In the proposed method, the KMC will store a unique stuff data for every user. The user's secret key will be generated by taking the stuff data, adding the lifetime of the secret key, and then hashing the resulting string using the manager secret key. The output digest will be used as the user's secret key. By this way, KMC will only store one key called the manager secret key. Furthermore, we will combine the proposed method with our previous work to build an efficient key management model. Analysis and experimental results indicate that the developed model is highly secure, practical and efficient.

Keywords


Key Management, Key Distribution, Key Storage, Public Key Cryptography, Symmetric Key Cryptography, Formal Verification.

References





DOI: https://doi.org/10.22247/ijcna%2F2021%2F209707