Reporter:Chien-Wen Huang

Slides:



Advertisements
Similar presentations
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
Advertisements

Secure Multiparty Computations on Bitcoin
Private Information Retrieval Benny Chor, Oded Goldreich, Eyal Kushilevitz and Madhu Sudan Journal of ACM Vol.45 No Reporter : Chen, Chun-Hua Date.
Efficient fault-tolerant scheme based on the RSA system Author: N.-Y. Lee and W.-L. Tsai IEE Proceedings Presented by 詹益誌 2004/03/02.
1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科 教授 (Prof. Jinn-Ke Jan) 陳育毅.
1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人:陳昱升.
Private Information Retrieval Amos Beimel – Ben-Gurion University Tel-Hai, June 4, 2003 This talk is based on talks by:
Theory I Algorithm Design and Analysis (9 – Randomized algorithms) Prof. Dr. Th. Ottmann.
Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.
Cong Wang1, Qian Wang1, Kui Ren1 and Wenjing Lou2
Information Security for Managers (Master MIS)
多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人:向峻霈.
1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.
EXTENDED PRIVATE INFORMATION RETRIEVAL (EPIR) AND ITS APPLICATION IN BIOMETRICS AUTHENTICATIONS AUTHOR: SUMUKHI CHANDRASHEKAR.
DRM Building Blocks - Protecting and Tracking Content Adopted from Chapter 5, Digital Rights Management Business and Technology.
Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
1 Practical Techniques for Searches on Encrypted Data Dawn Song, David Wagner, Adrian Perrig.
Efficient remote mutual authentication and key agreement Improvement of Chien et al. ’ s remote user authentication scheme using smart cards An efficient.
Phosphor A Cloud based DRM Scheme with Sim Card th International Asia-Pacific Web Conference Author : Peng Zou, Chaokun Wang, Zhang Liu, Dalei.
An ID-Based Mutual Authentication and Key Exchange Protocol for Low- Power Mobile Devices Authors: Tsu-Yang Wu and Yuh-Min Tseng Source: The Computer Journal.
Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :
多媒體網路安全實驗室 Protecting the Privacy of Users in e-Commerce Environment Date: Reporter:Chien-Wen Huang Author: Chun-Hua Chen and Gwoboa Horng 出處:
Authentication of Signaling in VoIP Applications Authors: Srinivasan et al. (MIT Campus of Anna University, India) Source: IJNS review paper Reporter:
1 Needham-Schroeder A --> S: A,B, N A S --> A: {N A,B,K AB,{K AB,A} KBS } KAS A --> B:{K AB,A} KBS B --> A:{N B } KAB A --> B:{N B -1} KAB.
Merkle trees Introduced by Ralph Merkle, 1979 An authentication scheme
Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.
多媒體網路安全實驗室 Anonymous ID Signature Scheme with Provable Identity Date: Reporter :Chien-Wen Huang 出處: 2008 Second International Conference on Future.
Data Integrity Proofs in Cloud Storage Author: Sravan Kumar R and Ashutosh Saxena. Source: The Third International Conference on Communication Systems.
COMP 424 Computer Security Lecture 09 & 10. Protocol ● An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task ●
多媒體網路安全實驗室 Practical Searching Over Encrypted Data By Private Information Retrieval Date: Reporter: Chien-Wen Huang 出處: GLOBECOM 2010, 2010 IEEE.
Secure Messenger Protocol using AES (Rijndael) Sang won, Lee
Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction.
多媒體網路安全實驗室 Anonymous Authentication Systems Based on Private Information Retrieval Date: Reporter: Chien-Wen Huang 出處: Networked Digital Technologies,
1 An Ordered Multi-Proxy Multi-Signature Scheme Authors: Min-Shiang Hwang, Shiang-Feng Tzeng, Shu-Fen Chiou Speaker: Shu-Fen Chiou.
Private Information Retrieval Based on the talk by Yuval Ishai, Eyal Kushilevitz, Tal Malkin.
SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.
TOMIN: Trustworthy Mobile Cash with Expiration-date Attached Author: Rafael Martínez-Peláez and Francisco Rico-Novella. Source: Journal of Software, 2010,
多媒體網路安全實驗室 Private Information Retrieval Scheme Combined with E- Payment in Querying Valuable Information Date: Reporter: Chien-Wen Huang 出處:
多媒體網路安全實驗室 An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security Date:2012/02/16.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Intrusion Resilience via the Bounded-Storage Model Stefan Dziembowski Warsaw University and CNR Pisa.
Apr 1, 2003Mårten Trolin1 Previous lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
An Efficient and Practical Authenticated Communication Scheme for Vehicular Ad Hoc Networks Source: IEEE Transactions on Vehicular Technology, Reviewing.
 A Two-level Protocol to Answer Private Location-based Queries Roopa Vishwanathan Yan Huang [RoopaVishwanathan, Computer Science and.
Data Security and Privacy Keke Chen
Non-PKI Methods for Public Key Distribution
Lightweight Mutual Authentication for IoT and Its Applications
Reporter :Chien-Wen Huang
A Practical Voting Scheme Using One Server with a Secure Coprocessor
Author:YongBin Zhou, ZhenFeng Zhang, and DengGuo Feng Presenter:戴士桀
Advanced Computer Networks
網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments
Cryptanalysis on Mu–Varadharajan's e-voting schemes
A secure and traceable E-DRM system based on mobile device
Hybrid Cloud Architecture for Software-as-a-Service Provider to Achieve Higher Privacy and Decrease Securiity Concerns about Cloud Computing P. Reinhold.
Source : Future Generation Computer Systems, Vol. 68, pp , 2017
Certificateless signature revisited
Efficient password authenticated key agreement using smart cards
A robust and anonymous patient monitoring system using wireless medical sensor networks Source: Future Generation Computer Systems, Available online 8.
A Secure Anonymity Preserving Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications, ahead of.
RSA and El Gamal Cryptosystems
pVault Sharing Architecture
Efficient CRT-Based RSA Cryptosystems
Network Security – Kerberos
Date:2011/09/28 報告人:向峻霈 出處: Ren-Chiun Wang  Wen-Shenq Juang 
Key Distribution Reference: Pfleeger, Charles P., Security in Computing, 2nd Edition, Prentice Hall, /18/2019 Ref: Pfleeger96, Ch.4.
Unit 8 Network Security.
Oblivious Transfer.
Cryptology Design Fundamentals
Privacy Protection for E-Health Systems by
Presentation transcript:

Reporter:Chien-Wen Huang Protecting the Privacy of Users in Retrieving Valuable Information by a PIR Scheme with Mutual Authentication by RSA Signature Algorithm Date:2010.10.1 Reporter:Chien-Wen Huang 出處:Innovative Computing, Information and Control, 2007. ICICIC '07. Second International Conference

The proposed PIR scheme Outline Introduction 1 Related work 2 3 The proposed PIR scheme Security Analysis of the proposed scheme and comparisons with others 4 Conclusions and Future Work 5

Private Information Retrieval (PIR) Introduction Motivation As the user query a patent but the server will not know which patent the user queried. Private Information Retrieval (PIR) Initial research of PIR was done by Chor et al.(1995) Beimel proposed several robust PIR schemes.(2004) Results A new one-server PIR scheme, with mutual authentication between the user and the server.

Computational Private Information Retrieval Related work Computational Private Information Retrieval Chor et al. introduced a c-PIR scheme(from information-theory security to computational security) Kushilevitz et al. proposed a CPIR scheme based on the quadratic residuosity assumption. Cachin et al. proposed a CPIR scheme which is based on the -Hiding assumption.

Private Information Retrieval Using a Secure Coprocessor (SC) An SC is a temper-proof device with small memory in it; it is designed to prevent anybody from accessing its memory. Conquers the problem of CPIR which can only deal with one bit per query. the communication complexity to O(1). the server’s computation complexity is still O(n).

For the reason of confusing the server, in the kth query, the SC must read previously accessed records,and one unread record.

The proposed PIR scheme

Registering phase: Preprocessing phase: User U calculates User U computes C1 = and send to SC. On receiving C1 , the SC decrypts C1with its private key SKSC and then stores to the ID file in server S. Preprocessing phase: The preprocessing phase is to produce a shuffled copy of DB in server S and a shuffled index in the SC.

Online-query phase: U selects a ru(a part of the session key)and sends C2= to the SC. The SC decrypts C2 with its private key SK SC to get IDU and ru. SC selects a rs random number(another part of the session key)and calculates the session key ,then send C3= to user. User U calculates the session key and decrypts (with K’).if the result= ru, user U send to the SC,otherwise not.

User calculates C4= and send to SC. SC checks whether if the answer is correct then go to next one,else stop the online-query. SC reads the Ri from the shuffled database according to the shuffled index and sends User U decrypts with K’.

Security Analysis of the proposed scheme and comparisons with others The proposed scheme is a mutual authentication scheme Lemma1. The proposed scheme correctly authenticates a legal user U. Proof:E can generate in step(5),s.t. ,E can be authenticated successfully in step(6).Thus,

Lemma2. The proposed scheme correctly authenticates Server S (with the SC in it). Proof: If the SC knows the secret key SKSC,it can decrypt C2 to obtain ru and calculate the session key user U calculates the session key Thus,the session keys Ksu and Kus are the same value. Theorem 3. The proposed scheme is a mutual authentication scheme.(Lemma1,2)

The proposed scheme is a secure scheme The key exchange scheme is secure if the following requirements are satisfied: If both participants honestly execute the scheme then the session key is K=Ksu = Kus. No one can calculate the session key except participants(U and SC in the Server S) The session key is indistinguishable from a truly random number.

Lemma 4. The proposed scheme satisfies the first requirement. Proof: Lemma 5. The proposed scheme satisfies the second requirement. Proof: (The random number ru is selected by user and encrypted by ) Lemma 6. The proposed scheme satisfies the third requirement Proof: ru,rs are two random numbers selected by user U and the SC The session key K is also a random number.

Comparisons with other schemes the proposed scheme, which uses only one server, is more practical in feasibility. It has mutual authentication and key agreement process, which makes it more robust in security than past schemes.

Conclusions and Future Work The proposed scheme is more practical than previous PIR k-server schemes and it has mutual authentication and key agreement process. It can not only apply in the environment mentioned above, but also other applications which need the privacy of users on the internet(e.g:e-voting).

Thank You !