Submit

Login Login

Register Register

Home / Journals / CMC / Online First / doi:10.32604/cmc.2024.052405
Journal Menu
Special Issues
Table of Content

All issues

Online First

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Open Access

ARTICLE

Design of an Efficient and Provable Secure Key Exchange Protocol for HTTP Cookies

Waseem Akram1, Khalid Mahmood2, Hafiz Burhan ul Haq3, Muhammad Asif3, Shehzad Ashraf Chaudhry4,5, Taeshik Shon6,*
1 Graduate School of Engineering Science and Technology, National Yunlin University of Science and Technology, Yunlin, 64002, Taiwan
2 Future Technology Research Center, National Yunlin University of Science and Technology, Yunlin, 64002, Taiwan
3 Department of Computer Science, Lahore Garrison University, Lahore, 54920, Pakistan
4 Department of Computer Science and Information Technology, College of Engineering, Abu Dhabi University, Abu Dhabi, 69911, United Arab Emirates
5 Department of Software Engineering, Faculty of Engineering and Architecture, Nisantasi University, Istanbul, 34398, Turkey
6 Department of Cybersecurity, Ajou University, Suwon, 16499, Republic of Korea
* Corresponding Author: Taeshik Shon. Email: email

Computers, Materials & Continua https://doi.org/10.32604/cmc.2024.052405

Received 01 April 2024; Accepted 20 June 2024; Published online 12 July 2024

Abstract

Cookies are considered a fundamental means of web application services for authenticating various Hypertext Transfer Protocol (HTTP) requests and maintains the states of clients’ information over the Internet. HTTP cookies are exploited to carry client patterns observed by a website. These client patterns facilitate the particular client’s future visit to the corresponding website. However, security and privacy are the primary concerns owing to the value of information over public channels and the storage of client information on the browser. Several protocols have been introduced that maintain HTTP cookies, but many of those fail to achieve the required security, or require a lot of resource overheads. In this article, we have introduced a lightweight Elliptic Curve Cryptographic (ECC) based protocol for authenticating client and server transactions to maintain the privacy and security of HTTP cookies. Our proposed protocol uses a secret key embedded within a cookie. The proposed protocol is more efficient and lightweight than related protocols because of its reduced computation, storage, and communication costs. Moreover, the analysis presented in this paper confirms that proposed protocol resists various known attacks.

Keywords

Cookies; authentication protocol; impersonation attack; ECC

  • 348

    View

  • 11

    Download

  • 0

    Like

Related articles
Copyright© 2024 Tech Science Press
© 1997-2024 TSP (Henderson, USA) unless otherwise stated

Share Link