Pub. online:6 May 2020Type:Research ArticleOpen Access
Volume 31, Issue 2 (2020), pp. 277–298
The vulnerable part of communications between user and server is the poor authentication level at the user’s side. For example, in e-banking systems for user authentication are used passwords that can be lost or swindled by a person maliciously impersonating bank.
To increase the security of e-banking system users should be supplied by the elements of public key infrastructure (PKI) but not necessary to the extent of standard requirements which are too complicated for ordinary users.
In this paper, we propose two versions of authenticated key agreement protocol (AKAP) which can be simply realized on the user’s side. AKAP is a collection of cryptographic functions having provable security properties.
It is proved that AKAP1 is secure against active adversary under discrete logarithm assumption when formulated certain conditions hold. AKAP2 provides user’s anonymity against eavesdropping adversary. The partial security of AKAP2 is investigated which relies on the security of asymmetric encryption function.