多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/12 報告人:向峻霈.

Slides:



Advertisements
Similar presentations
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
Advertisements

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : Reporter : Hong Ji Wei Authors.
多媒體網路安全實驗室 Source:International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH- MSP),2010 Sixth. Authors:Hsiang-Cheh.
多媒體網路安全實驗室 Towards Secure and Effective Utilization over Encrypted Cloud Data 報告人 : 葉瑞群 日期 :2012/05/09 出處 :IEEE Transactions on Knowledge and Data Engineering.
A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :
Computer and Information Security 期末報告 學號 姓名 莊玉麟.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.
1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人:陳昱升.
Improvement of Hwang-Lo-Lin scheme based on an ID-based cryptosystem No author given (Korea information security Agency) Presented by J.Liu.
多媒體網路安全實驗室 A Strong User Authentication Framework for Cloud Computing Date : Reporter : Hong Ji Wei Authors : Amlan Jyoti Choudhury, Mangal.
多媒體網路安全實驗室 A Security Framework of Group Location-Based Mobile Applications in Cloud Computing Date : Reporter : Hong Ji Wei Authors : Yu-Jia.
多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人:向峻霈.
Cryptanalysis of Two Dynamic ID-based Authentication
1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.
多媒體網路安全實驗室 An Efficient RFID Authentication Protocol for Low-cost Tags Date : Reporter : Hong Ji Wei Authors : Yanfei Liu From : 2008 IEEE/IFIP.
多媒體網路安全實驗室 A novel user authentication and privacy preserving scheme with smartcards for wireless communications 作者 :Chun-Ta Li,Cgeng-Chi Lee 出處 :Mathematical.
Efficient remote mutual authentication and key agreement Improvement of Chien et al. ’ s remote user authentication scheme using smart cards An efficient.
An ID-Based Mutual Authentication and Key Exchange Protocol for Low- Power Mobile Devices Authors: Tsu-Yang Wu and Yuh-Min Tseng Source: The Computer Journal.
Signcryption Parshuram Budhathoki Department of Mathematical Sciences Florida Atlantic University April 18, 2013
Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :
多媒體網路安全實驗室 Protecting the Privacy of Users in e-Commerce Environment Date: Reporter:Chien-Wen Huang Author: Chun-Hua Chen and Gwoboa Horng 出處:
Yu-Li Lin and Chien-Lung Hsu Department of Information Management, Chang-Gung University Information Science(SCI) Reporter: Tzer-Long Chen.
A Secure Identification and Key Agreement Protocol with User Anonymity (SIKA) Authors: Kumar Mangipudi and Rajendra Katti Source: Computers & Security,
1 Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards 使用在 smart cards 的強韌及高效率密碼驗證金鑰協定 IEEE Transactions on Industrial Electronics,
多媒體網路安全實驗室 Certificateless multi-proxy signature Date:2011/04/08 報告人:向峻霈 出處 : Zhengping Jin, Qiaoyan Wen: Computer Communications, pp ,2011.
Two-tier authentication for cluster and individual sets in mobile ad hoc networks Authors: Yuh-Ren Tsai and Shiuh-Jeng Wang Sources: Computer Networks,
Department of Computer Engineering, Kyungpook National University Author : Eun-Jun Yoon, Wan-Soo Lee, Kee-Young Yoo Speaker : Wan-Soo Lee
多媒體網路安全實驗室 Ontological recommendation multi-agent for Tainan City travel Date : Speaker : Hong Ji Wei Authors : Chang-Shing, Lee,Young-Chung.
多媒體網路安全實驗室 Robust authentication and key agreement scheme preserving Date:2011/11/05 報告人:向峻霈 出處 : Ren-Chiun Wang Wen-Shenq Juang Chin-Laung Lei Computer.
Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.
SPEAKER: HONG-JI WEI DATE: Secure Anonymous Authentication Scheme with Roaming for Mobile Networks.
多媒體網路安全實驗室 Mobility Assisted Secret Key Generation Using Wireless Link Signatures Date: Reporter : Hong Ji Wei Auther : Junxing Zhang Kasera,
多媒體網路安全實驗室 Anonymous ID Signature Scheme with Provable Identity Date: Reporter :Chien-Wen Huang 出處: 2008 Second International Conference on Future.
多媒體網路安全實驗室 Routing Through the Mist: Privacy Preserving Communication in Ubiquitous Computing Environments Date:2011/05/05 報告人:向峻霈 出處 : Jalal Al-Muhtadi,
多媒體網路安全實驗室 Practical Searching Over Encrypted Data By Private Information Retrieval Date: Reporter: Chien-Wen Huang 出處: GLOBECOM 2010, 2010 IEEE.
Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction.
多媒體網路安全實驗室 Anonymous Authentication Systems Based on Private Information Retrieval Date: Reporter: Chien-Wen Huang 出處: Networked Digital Technologies,
RSA-based password authenticated key exchange protocol Presenter: Jung-wen Lo( 駱榮問 )
1 An Ordered Multi-Proxy Multi-Signature Scheme Authors: Min-Shiang Hwang, Shiang-Feng Tzeng, Shu-Fen Chiou Speaker: Shu-Fen Chiou.
SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.
多媒體網路安全實驗室 Source: IEICE Trans. Fundamentals, Vol. E90-A, No. 4, April 2007, pp Authors:Hong Lin Jin, Masaaki Fujiyoshi, Hitoshi Kiya Speaker:Cheng.
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 : Xiong Li, Yongping.
多媒體網路安全實驗室 Private Information Retrieval Scheme Combined with E- Payment in Querying Valuable Information Date: Reporter: Chien-Wen Huang 出處:
多媒體網路安全實驗室 An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security Date:2012/02/16.
A Secure Authentication Scheme with Anonymity for Wireless Communications IEEE COMMUNICATIONS LETTERS, VOL. 12, NO. 10, OCTOBER 2008 Chia-Chun Wu, Wei-Bin.
CS480 Cryptography and Information Security Huiping Guo Department of Computer Science California State University, Los Angeles 14. Digital signature.
An Efficient and Practical Authenticated Communication Scheme for Vehicular Ad Hoc Networks Source: IEEE Transactions on Vehicular Technology, Reviewing.
Chapter 5 Network Security Protocols in Practice Part I
A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications,
Source: The Journal of Systems and Software, Vol. 73, 2004, pp.507–514
Author:YongBin Zhou, ZhenFeng Zhang, and DengGuo Feng Presenter:戴士桀
Reporter:Chien-Wen Huang
網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments
A secure and traceable E-DRM system based on mobile device
Source : Future Generation Computer Systems, Vol. 68, pp , 2017
CS480 Cryptography and Information Security
Efficient password authenticated key agreement using smart cards
A robust and anonymous patient monitoring system using wireless medical sensor networks Source: Future Generation Computer Systems, Available online 8.
IEEE TRANSACTIONS ON INFORMATION THEORY, JULY 1985
Practical E-Payment Scheme
Date:2011/09/28 報告人:向峻霈 出處: Ren-Chiun Wang  Wen-Shenq Juang 
An Improved Novel Key Management Protocol for RFID Systems
DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S
Authors: Yuh-Min TSENG, Tsu-Yang WU, Jui-DiWU
Source: Sensors, Volume 19, Issue 9 (May )
Biometrics-based RSA Cryptosystem for Securing Real-Time Communication
Privacy Protection for E-Health Systems by
A lightweight authentication scheme with privacy protection for smart grid communications Source: Future Generation Computer Systems Volume 100, November.
Presentation transcript:

多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/12 報告人:向峻霈 出處 : Chien-Lung Hsu Yu-Hao Chuang Information Sciences pp ,2009

多媒體網路安全實驗室 Outline Introduction 1 Related work 2 Proposed scheme 33 Functionality comparison 44 Conclusion 35 2

多媒體網路安全實驗室 Introduction  The distributed computer networks  allow hosts and user terminals connected into the same network  share information and computing power 3

多媒體網路安全實驗室 4 Introduction (2/2)  Security problems in the distributed computer networks  user identification  key distribution  user anonymity

多媒體網路安全實驗室 Related work  Review of the Yang et al. and Mangipudi– Katti schemes 5

多媒體網路安全實驗室 Key generation phase  SCPC sets up the system parameters  N j =p j *q j  selects two integers e j and d j such that e j d j =1 mod φ(N j )  φ(N j ) = (p j -1)(q j -1)  chooses a generator g in the field Z N j  a hash function H(m) on a message  a symmetric-key cryptosystem such as AES  public parameters=>e j, N j, g j, and ID j  secret =>d j,p j,q j 6

多媒體網路安全實驗室 Anonymous user identification and key agreement phase-(Yang et al. scheme) 7 ClientServer Service request Z = g k ‧ S j -1 mod N M2 =(Z) a = Z e ‧ ID j mod N K ij = a t mod N w =g et mod N x = g t ‧ S i H(w,T) y = E k i| (ID i ) M3 = (w,x,y,T) K i| = w k mod N D k ij (y) -> ID i 檢查 ID 表是否存在 w ID i H(w,T) mod N = x e mod N Accepts this login request

多媒體網路安全實驗室 Anonymous user identification and key agreement phase-(SIKA) 8 ClientServer Service request S j = ID j d mod N Z = g k ‧ S j -1 mod N u = g j v v = H(Z,T,ID j )d j M2 =(Z,T,u) u = H(Z,T,ID j ) u e j mod N j = g j u mod N j a = Z e ‧ ID j mod N K ij = a t mod N w =g et mod N x = g t ‧ S i H(w,T’) y = E ki| (ID i ) M3 = (x,y,p,T’) K ij = w k mod N D ki| (y) -> ID i 檢查 ID 表是否存在 w ID i H(w,T’) mod N = x e mod N Accepts this login request

多媒體網路安全實驗室 Anonymous user identification and key agreement phase 9 ClientServer Service request S j = ID j d mod N Z = g k ‧ S j mod N M2 =(Z) a = Z e ‧ ID -1 j mod N K ij = a t mod N w =g et mod N x = S j h(K ij ||Z||w||T) mod N y = E kij (ID i ) M3 = (w,x,y,T) K ij = w k mod N D kij (y) -> ID i ID i h(K ij ||Z||w||T) mod N = x e mod N D i = h(K ij || T’ || Z || ID i || ID j ) D’ i = h(K ij || T’ || Z || ID i || ID j ) D’ i = D i M4=(D i,T’)

多媒體網路安全實驗室 Security analysis  Security of the private keys  Security of the session keys  Security of user identification  Security of user anonymity  Prevention of a DoS attack 10

多媒體網路安全實驗室 Anonymous user identification and key agreement phase 11 ClientServer Service request S j = ID j d mod N Z = g k ‧ S j -1 mod N M2 =(Z) a = Z e ‧ ID -1 j mod N K ij = a t mod N w =g et mod N x = S j h(K ij ||Z||w||T) mod N y = E kij (ID i ) M3 = (w,x,y,T) K ij = w k mod N D kij (y) -> ID i ID i h(K ij ||Z||w||T) mod N = x e mod N D i = h(K ij || T’ || Z || ID i || ID j ) D’ i = h(K ij || T’ || Z || ID i || ID j ) D’ i = D i M4=(D i,T’) Security of the private keys

多媒體網路安全實驗室 Anonymous user identification and key agreement phase 12 ClientServer Service request S j = ID j d mod N Z = g k ‧ S j -1 mod N M2 =(Z) a = Z e ‧ ID -1 j mod N K ij = a t mod N w =g et mod N x = S j h(K ij ||Z||w||T) mod N y = E kij (ID i ) M3 = (w,x,y,T) K ij = w k mod N D kij (y) -> ID i ID i h(K ij ||Z||w||T) mod N = x e mod N D i = h(K ij || T’ || Z || ID i || ID j ) D’ i = h(K ij || T’ || Z || ID i || ID j ) D’ i = D i M4=(D i,T’) Security of the session keys

多媒體網路安全實驗室 Anonymous user identification and key agreement phase 13 ClientServer Service request S j = ID j d mod N Z = g k ‧ S j -1 mod N M2 =(Z) a = Z e ‧ ID -1 j mod N K ij = a t mod N w =g et mod N x = S j h(K ij ||Z||w||T) mod N y = E kij (ID i ) M3 = (w,x,y,T) K ij = w k mod N D kij (y) -> ID i ID i h(K ij ||Z||w||T) mod N = x e mod N D i = h(K ij || T’ || Z || ID i || ID j ) D’ i = h(K ij || T’ || Z || ID i || ID j ) D’ i = D i M4=(D i,T’) Security of user identification

多媒體網路安全實驗室 Anonymous user identification and key agreement phase 14 ClientServer Service request S j = ID j d mod N Z = g k ‧ S j -1 mod N M2 =(Z) a = Z e ‧ ID -1 j mod N K ij = a t mod N w =g et mod N x = S j h(K ij ||Z||w||T) mod N y = E kij (ID i ) M3 = (w,x,y,T) K ij = w k mod N D kij (y) -> ID i ID i h(K ij ||Z||w||T) mod N = x e mod N D i = h(K ij || T’ || Z || ID i || ID j ) D’ i = h(K ij || T’ || Z || ID i || ID j ) D’ i = D i M4=(D i,T’) Security of user annymity //the adversary will face the problems of solving the DLP

多媒體網路安全實驗室 Anonymous user identification and key agreement phase 15 ClientServer Service request S j = ID j d mod N Z = g k ‧ S j -1 mod N M2 =(Z) a = Z e ‧ ID -1 j mod N K ij = a t mod N w =g et mod N x = S j h(K ij ||Z||w||T) mod N y = E kij (ID i ) M3 = (w,x,y,T) K ij = w k mod N D kij (y) -> ID i ID i h(K ij ||Z||w||T) mod N = x e mod N D i = h(K ij || T’ || Z || ID i || ID j ) D’ i = h(K ij || T’ || Z || ID i || ID j ) D’ i = D i M4=(D i,T’) Prevention of a DoS attack //Z,T,ID j

多媒體網路安全實驗室 Functionality comparison  T h : the time for executing a one-way hash function  T inv : the time for executing a modular inverse computation  T mul : the time for executing a modular multiplication computation  T exp : the time for executing a modular exponentiation computation  T enc : the time for executing a symmetric-key encryption  T dec : the time for executing a symmetric-key decryption  |x| : the bit length of x 16

多媒體網路安全實驗室 Communi cation costs Computational complexities 年份 UiPj The Lee -Chang4|N| + |T|T h + 5T mul + 5T exp T h + T inv + 2T mul + 4T exp 1999 The Wu–Hsu3|N| + |T|T h + T inv + 3T mul + 4T exp T h + T inv + 2T mul + 4T exp 2004 The Yang et al. 3|N| + |T| + |IDi| T enc + T h + 3T mul + 5T exp T dec + T h + T inv + 2T mul + 4T exp 2004 The Mangipudi– Katti 4|N| + 2|T| + |IDi| T enc + 2T h + 3T mul + 7T exp T dec + 2T h + T inv + 3T mul + 5T exp 2006 The proposed 3|N| + |T| + |IDi| T enc + T h + T inv + 2T mul + 4T exp T dec + T h + T mul + 4T exp 2009 The proposed scheme against a DoS attacka 4|N| + 2|T| + |IDi| T enc + 2T h + T inv + 2T mul + 6T exp T dec + 2T h + 2T mul + 5T exp

多媒體網路安全實驗室 Functionality comparison  C1 : Prevention of a replay attack.  C2 : Prevention of a compromising attack ?  C3 : Prevention of an identity disclosure attack  C4 : Prevention of an impersonation attack  C5 : Prevention of a compromising attack ?  C6 : Prevention of a DoS attack  C7 : Mutual authentication  C8 : Session key establishment  C9 : Session key confirmation from the user to the service provider  C10 : Session key confirmation from the service provider to the user 18

多媒體網路安全實驗室 Functionality comparison The Lee-Chang scheme The Wu–Hsu scheme Yang et al.’s scheme The Mangipudi –Katti scheme The proposed scheme C1OOOOO C2OXOOO C3XXXXO C4XXOOO C5OXOOO C6XXXOO C7XXXOO C8OOOOO C9XXOOO C10XXXXO 19

多媒體網路安全實驗室 Conclusion  Yang et al.’s scheme suffers from identity disclosure attack and DoS attack.  The proposed scheme can withstand the possible attacks and achieve mutual authentication. 20

多媒體網路安全實驗室

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.