TY - JOUR
T1 - A hybrid session key exchange algorithm for highly-sensitive IP-based institutional communications
AU - Zhuang, Zheng Yun
AU - Hsu, Yi Chang
AU - Nurmi, Kimmo
AU - Chen, Yung Chih
AU - Liu, Hsing Hua
AU - Tseng, Tzu Shan
N1 - Publisher Copyright:
© 2017, Springer-Verlag Berlin Heidelberg.
PY - 2018/1/1
Y1 - 2018/1/1
N2 - Session key exchange has become an addressed topic in the field of communications security, particularly for the IP-based call session that travels through the public network. This paper proposes a hybrid algorithm for session key exchange. The algorithm is designed based on most of the well-proven algorithms, including RSA, D-H, MAC authentication and SHA one-way function, and most of the popular security concepts such as digital signature, digital certificates and verifications under PKI. With an integration of these security concepts and algorithms, the proposed algorithm inherits the properties of these algorithms and realizes highly secure session key exchanging, to meet the required security level of institutions for sensitive communications. It not only improves the possible deficiencies of the algorithms that are singly based on RSA or D-H, but also expands the limits when a hybrid algorithm is applied. Moreover, using MAC codes to ensure the authenticity of the call itself (in addition to ensuring the authenticity of the call parties) meets the communications security concern (in addition to the information security concerns) which relevant algorithms might fail to consider.
AB - Session key exchange has become an addressed topic in the field of communications security, particularly for the IP-based call session that travels through the public network. This paper proposes a hybrid algorithm for session key exchange. The algorithm is designed based on most of the well-proven algorithms, including RSA, D-H, MAC authentication and SHA one-way function, and most of the popular security concepts such as digital signature, digital certificates and verifications under PKI. With an integration of these security concepts and algorithms, the proposed algorithm inherits the properties of these algorithms and realizes highly secure session key exchanging, to meet the required security level of institutions for sensitive communications. It not only improves the possible deficiencies of the algorithms that are singly based on RSA or D-H, but also expands the limits when a hybrid algorithm is applied. Moreover, using MAC codes to ensure the authenticity of the call itself (in addition to ensuring the authenticity of the call parties) meets the communications security concern (in addition to the information security concerns) which relevant algorithms might fail to consider.
UR - http://www.scopus.com/inward/record.url?scp=85010976460&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85010976460&partnerID=8YFLogxK
U2 - 10.1007/s00542-016-3263-y
DO - 10.1007/s00542-016-3263-y
M3 - Article
AN - SCOPUS:85010976460
SN - 0946-7076
VL - 24
SP - 273
EP - 283
JO - Microsystem Technologies
JF - Microsystem Technologies
IS - 1
ER -