National Changhua University of Education Institutional Repository : Item 987654321/12155
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 6507/11669
Visitors : 29917150      Online Users : 462
RC Version 3.2 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Adv. Search
LoginUploadHelpAboutAdminister
NCUEIR > College of Science > math > Periodical Articles >  Item 987654321/12155

Please use this identifier to cite or link to this item: http://ir.ncue.edu.tw/ir/handle/987654321/12155

Title: Efficient Authenticated Key Agreement Protocols Resistant to a Denial-of-service Attack
Authors: Tseng, Yuh-Min
Contributors: 數學系
Date: 2005-05
Issue Date: 2012-07-03T03:44:29Z
Publisher: John Wiley & Sons, Inc.
Abstract: Malicious intruders may launch as many invalid requests as possible without establishing a server connection to bring server service to a standstill. This is called a denial-of-service (DoS) or distributed DoS (DDoS) attack. Until now, there has been no complete solution to resisting a DoS/DDoS attack. Therefore, it is an important network security issue to reduce the impact of a DoS/DDoS attack. A resource-exhaustion attack on a server is one kind of denial-of-service attack. In this article we address the resource-exhaustion problem in authentication and key agreement protocols. The resource-exhaustion attack consists of both the CPU-exhaustion attack and the storage-exhaustion attack. In 2001, Hirose and Matsuura proposed an authenticated key agreement protocol (AKAP) that was the first protocol simultaneously resistant to both the CPU-exhaustion attack and the storage-exhaustion attack. However, their protocol is time-consuming for legal users in order to withstand the DoS attack. Therefore, in this paper, we propose a slight modification to the Hirose-Matsuura protocol to reduce the computation cost. Both the Hirose-Matsuura and the modified protocols provide implicit key confirmation. Also, we propose another authenticated key agreement protocol with explicit key confirmation. The new protocol requires less computation cost. Because DoS/DDoS attacks come in a variety of forms, the proposed protocols cannot fully disallow a DoS/DDoS attack. However, they reduce the effect of such an attack and thus make it more difficult for the attack to succeed.
Relation: International Journal of Network Management, 15(3): 193-202
Appears in Collections:[math] Periodical Articles

Files in This Item:

File SizeFormat
index.html0KbHTML574View/Open


All items in NCUEIR are protected by copyright, with all rights reserved.

 

DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback