Abstract
In recent years, instant messaging (IM) has increasingly become a popular communication technology around the world, and the enterprise instant messaging (EIM) system is one of IM’s applications for enterprise use. The existing studies of EIM systems are directed at the design of functional components and the process of communication, which are usually based on XMPP protocol suite. However, in this paper, the security of EIM is more concerned from another perspective, which is the problem of identity authentication and key agreement between users and services. Several EIM systems are based on public key infrastructure (PKI) to achieve the high-security requirements of enterprises, while identity-based cryptography (IBC) brings new development direction for EIM systems. Although most of the EIM applications are applied independently in different enterprises, users’ heterogeneous cross-domain service access has become an inevitable trend. However, there is still no heterogeneous cross-domain authentication protocol between the PKI domain and the IBC domain having been proposed. Therefore, in order to address this problem, a novel and detailed heterogeneous cross-domain authenticated key agreement scheme is proposed in this paper. By utilizing the PKI-based distributed trust model and the access authorization tickets, this scheme can realize interconnection and seamless authentication between the PKI domain and the IBC domain. Analysis shows that the proposed scheme is theoretically correct, while guaranteeing high security and efficiency.
Similar content being viewed by others
References
Day, M.; Rosenberg, J.; Sugano, H.: A model for presence and instant messaging (2000)
Nardi, B.A.; Whittaker, S.; Bradner, E.: Interaction and outeraction: instant messaging in action. In: Proceedings of the 2000 ACM Conference on Computer Supported Cooperative Work, pp. 79–88. ACM (2000)
Dudziak, T.J.; Patel, B.; Kupsh, J.: Enterprise instant message aggregator. US Patent 7,890,084 (15 Feb 2011)
Snork Research, “What is enterprise IM?”. http://www.sonork.com/eng/what_is_eim.html 15 Aug 2007
Osterman Research, “Instant messaging: enterprise market needs and trends. http://www.ostermanresearch.com/execsum/or_im03es.pdf 19 Feb 2008
Rana, M.E.; Wei, G.; Hoornaert, P.: An enterprise instant messaging (EIM) solution to cater issues associated with instant messaging (IM) in business. In: IEEE Student Conference on Research and Development (2015)
Zhou, W.Q.; Wang, L.Q.; Zhou, T.; et al.: Research and application on enterprise instant messaging system based on XMPP. J. Jilin Univ. 28(01), 106–111 (2010)
Nie, P.: An open standard for instant messaging: eXtensible messaging and presence protocol (XMPP). University of Helsinki Department of Computer Science (2004)
Saint-Andre, P.: Extensible messaging and presence protocol (XMPP): core. University of Helsinki Department of Computer Science (2004)
Schoen, I.; Boberski, M.: Secure PKI proxy and method for instant messaging clients. US Patent Application 10/133,202 (26 Apr 2002)
Housely, R.; Ford, W.; Polk, W.; et al.: Internet X. 509 public key infrastructure[J]. Internet Engineering Task Force Draft, PKIX Working group, work in progress (1999)
Adams, C.; et al.: Internet X. 509 public key infrastructure certificate management protocol (CMP). No. RFC 4210 (2005)
Shamir, A.: Identity-Based Cryptosystems and Signature Schemes. Advances in Cryptology. Springer, Berlin (1985)
Boneh, D.; Franklin, M.; Identity-based encryption from the Weil pairing. In: Advances in Cryptology—CRYPTO 2001, pp. 213–229. Springer, Berlin (2001)
Stochosky, M.: Peer-to-peer identity-based activity sharing. US Patent Application 10/781,029 (17 Feb 2004)
Appenzeller, G.; Pauker, M.J.; Spies, T.; et al.: Identity-based-encryption messaging system. US Patent 7,571,321 (4 Aug 2009)
Fan, Y.: Study of the gateway for instant messaging systems based on XMPP. Appl. Electr. Tech. 33(10), 123–124 (2007)
Linn, J.: Trust models and management in public-key infrastructures. RSA Laboratories (12, 2000)
Liu, H.; Luo, P.; Wang, D.: A scalable authentication model based on public keys. J. Netw. Comput. Appl. 31(4), 375–386 (2008)
Zhang, W.; Wang, X.; Khan, M.K.: A virtual bridge certificate authority-based cross-domain authentication mechanism for distributed collaborative manufacturing systems. Secur. Commun. Netw. 8(6), 937–951 (2015)
Li, F.; Xiong, P.; Jin, C.: Identity-based deniable authentication for ad hoc networks. Computing 96(9), 843–853 (2014)
Das, M.L.; Saxena, A.; Gulati, V.P.; et al.: A novel remote user authentication scheme using bilinear pairings. Comput. Secur. 25(3), 184–189 (2006)
Chou, C.H.; Tsai, K.Y.; Lu, C.F.: Two ID-based authenticated schemes with key agreement for mobile environments. J. Supercomput. 66(2), 973–988 (2013)
Farash, M.S.; Attari, M.A.: A secure and efficient identity-based authenticated key exchange protocol for mobile client–server networks. J. Supercomput. 69(1), 395–411 (2014)
Cao, X.; Kou, W.; Du, X.: A pairing-free identity-based authenticated key agreement protocol with minimal message exchanges. Inf. Sci. 180(15), 2895–2903 (2010)
Hua-Xi, P.: An identity-based authentication model for multi-domain. Chin. J. Comput. 8, 003 (2006)
Yu, R.; Yuan, J.; Du, G.; et al.: An identity-based mechanism for enhancing SIP security. In: 2012 IEEE 3rd International Conference on Software Engineering and Service Science (ICSESS), pp. 447–451. IEEE (2012)
He, D.; Zeadally, S.; Kumar, N.; et al.: Anonymous authentication for wireless body area networks with provable security. IEEE Syst. J. PP(99), 1–12 (2016). doi:10.1109/JSYST.2016.2544805
Chaudhry, S.A.: A secure biometric based multi-server authentication scheme for social multimedia networks. Multimedia Tools Appl. 75(20), 12705–12725 (2016)
Dolev, D.; Yao, A.C.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)
Ding, Y.: An improvement of GNY logic for the reflection attacks. J. Comput. Sci. Technol. 14(6), 619–623 (1999)
Dojen, R.; Jurcut, A.; Coffey, T.; Gyorodi, C.: On establishing and fixing a parallel session attack in a security protocol. In: Badica, C., Mangioni, G., Carchiolo, V., Burdescu, D.D. (eds.) Intelligent Distributed Computing, Systems and Applications. Springer, Berlin (2008)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Yuan, C., Zhang, W. & Wang, X. EIMAKP: Heterogeneous Cross-Domain Authenticated Key Agreement Protocols in the EIM System. Arab J Sci Eng 42, 3275–3287 (2017). https://doi.org/10.1007/s13369-017-2447-9
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13369-017-2447-9