| Guidelines on hybrid authentication and key management mechanisms in the client-server model |
 |
Client and server are often asymmetric regarding security credential management. Since in most cases there are many clients and a few servers, server credentials are distributed and managed with relatively low cost, but client credentials are apparently not. As most mobile services increasingly communicate security and privacy sensitive data, industry need to provide secure channel in client-server model using secure yet cost-effective methods addressing such asymmetric security requirements.
Passwords could be effective in terms of client credential management, and guidelines such as [ITU‑T X.1151] are available for password-authenticated key exchange protocols. When client credentials are compromised, however, the adversary could impersonate not only clients but also service providers. Such server impersonation attacks could be mitigated by using public key techniques for server authentication with low credential management cost.
Recommendation ITU-T X.1450 provides guidelines for hybrid authentication and key exchange mechanisms in the client-server model. The underlying mechanism suggests the use of shared secrets and public key techniques for authentication and key exchange. This Recommendation covers service scenarios, and security threats and methods to mitigate such attacks.
|
|
| Citation: |
https://handle.itu.int/11.1002/1000/13729 |
| Series title: |
X series: Data networks, open system communications and security
X.1300-X.1499: Secure applications and services (II)
X.1450-X.1459: Application Security (2) |
| Approval date: |
2018-10-14 |
| Provisional name: | X.hakm |
| Approval process: | AAP |
|
Status: |
In force |
|
Maintenance responsibility: |
ITU-T Study Group 17 |
|
Further details: |
Patent statement(s)
Development history
|
|
|
| Ed. |
ITU-T Recommendation |
Status |
Summary |
Table of Contents |
Download |
|
1
|
X.1450 (10/2018)
|
In force
|
here
|
here
|
here
|
| Title |
Approved on |
Download |
|
Guidelines for identity-based cryptosystems used for cross-domain secure communications
|
2023
|
here
|
|
Overview of hybrid approaches for key exchange with quantum key distribution
|
2022
|
here
|
|
Guidelines for security management of using artificial intelligence technology
|
2022
|
here
|
|
Successful use of security standards (2nd edition)
|
2020
|
here
|
|
Description of the incubation mechanism and ways to improve it
|
2020
|
here
|
|
Strategic approaches to the transformation of security studies
|
2020
|
here
|
|
