Due to the rapid growth in technology, the development and use of cryptosystems has become plays an important role in networked and distributed applications. To get the benefits of such applications, the principals will cooperate by exchanging information over an open networks such as the internet. A key distribution protocol is an essential component of any cryptosystem to generation and sharing of cryptographic keys between the principals involved in the network securely. In the current days, there are a number of key distribution protocols that have been developed and implemented. However, the most of such protocols were found to be prone to several attacks a long time after deployment. In this paper, the key distribution protocol is designed to improve the Nomaskd protocol. The two protocols are analyzed and verified by a formal verification tool called Scyther, the verification results show that the Nomaskd protocol does not fulfill the strong authentication goals, whereas the improved protocol fulfill these goals.

Key distribution, Formal verification, Symmetric key cryptography, Nomaskd protocol, Scyther tool

[1] A.J. Menezes, P.C. Van Oorschot and S.A. Vanstone, "Handbook of Applied Cryptography", 5th Edition, CRC Press, Inc, United States, 2001.
[2] A. Aasarmya and S. Agarwal, "Improving Security for Data Migration in Cloud Computing using Randomized Encryption Technique", International Journal of Computer Sciences and Engineering,Vol.7, Issue.8, pp.39-43, 2019.
[3] S. Verma, R. Choubey and R. Soni, "An Efficient Developed New Symmetric Key Cryptography Algorithm for Information Security", International Journal of Emerging Technology and Advanced Engineering, Vol.2, No.7, pp.18-21, 2012.
[4] N. Srilatha, M. Deepthi and I.R. Reddy, "Robust Quantum Key Distribution Based on Two Level QDNA Technique to Generate Encrypted Key", International Journal of Computer Sciences and Engineering,Vol.5, Issue.2, pp.15-19, 2017.
[5] W. Diffie and M. Hellman, "New directions in cryptography", IEEE Transaction on Information Theory, Vol.22, Issue.6, pp.644-654, 1976.
[6] W. Stallings, "Cryptography and Network Security", principles and practices, 7th Edition, Pearson Prentice Hall, 2017.
[7] R.M. Needham and M.D. Schroeder, "Using encryption for authentication in large networks of computers", Communications of the ACM, Vol.21, Issue.12, pp.993-999, 1978.
[8] D. Otway and O. Rees, "Efficient and timely mutual authentication", ACM SIGOPS Operating Systems Review, Vol.21, Issue.1, pp.8-10, 1987.
[9] J. G. Steiner, B. C. Neuman, and J. I. Schiller, "Kerberos: An Authentication Service for Open Network Systems", USENIX Winter, pp.191-202, 1988.
[10] M. Burrows, M. Abadi and R. Needham, "A Logic of Authentication", Proceedings of the Royal Society of London Mathematical, Physical and Engineering Sciences, Vol.426, No.1871, pp.233-271, 1989.
[11] Shalini and M. Kushwaha, "Mutual Authentication and Secure Key Distribution in Distributed Computing Environment", International Journal of Advanced Research in Engineering and Technology (IJARET), Vol.11, Issue.5, pp.378-390, 2020.
[12] C. Cremers and S. Mauw, "Operational semantics and verification of security protocols", Springer Science & Business Media, 2012.
[13] D.E. Denning and G.M. Sacco,"Timestamps in key distribution protocols", Communications of the ACM, Vol.24, No.8, pp.533–536, 1981.
[14] K. Liu, J. Ye and Y. Wang, "The Security Analysis on Otway-Rees Protocol Based on BAN Logic", IEEE 4th International Conference on Computational and Information Sciences (ICCIS), Chongqing, China, pp.341-344, 2012.
[15] D. Dolev and A. Yao, "On the security of public key Protocols", IEEE Transactions on Information Theory, Vol. 29, No.12, pp.198-208, 1983.
[16] N. Dalal, J. Shah, K. Hisaria and D. Jinwala, "A Comparative Analysis of Tools for Verification of Security Protocols", Int. J. Communications, Network and System Sciences (IJCNS), Vol.3, Issue.10, pp.779-787, 2010.
[17] N. Kahya, N. Ghoualmi and P. Lafourcade, "Secure Key Management Protocol In Wimax", International Journal of Network Security & Its Application, Vol.4, No.6, 2012.