Source : Future Generation Computer Systems, Vol. 68, pp , 2017

Slides:

Advertisements

Similar presentations

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Advertisements

多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date ： Reporter : Hong Ji Wei Authors.

P RIVACY -P RESERVING A UTHENTICATION OF U SERS WITH S MART C ARDS U SING O NE -T IME C REDENTIALS Author: Jun-Cheol PARK Source: IEICE TRANS. INF&SYST.

A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中日期 :

A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.

電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.

Efficient key Distribution Schemes for Secure Media Delivery in Pay-TV Systems Source: IEEE TRANS. ON MULTIMEDIA, VOL. 6,NO. 5, OCTOBER 2004 Authors: Yu-Lun.

1 Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment Authors ： Han-Cheng Hsiang and Wei-Kuan Shih.

孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : in Computers & Security.

An Improved Smart Card Based Password Authentication Scheme with Provable Security Source:Computer Standards & Interfaces, Vol. 31, No. 4, pp ,

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

多媒體網路安全實驗室 A Strong User Authentication Framework for Cloud Computing Date ： Reporter : Hong Ji Wei Authors : Amlan Jyoti Choudhury, Mangal.

多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人：向峻霈.

1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.

多媒體網路安全實驗室 An Efficient RFID Authentication Protocol for Low-cost Tags Date ： Reporter : Hong Ji Wei Authors : Yanfei Liu From : 2008 IEEE/IFIP.

多媒體網路安全實驗室 A novel user authentication and privacy preserving scheme with smartcards for wireless communications 作者 :Chun-Ta Li,Cgeng-Chi Lee 出處 :Mathematical.

An ID-Based Mutual Authentication and Key Exchange Protocol for Low- Power Mobile Devices Authors: Tsu-Yang Wu and Yuh-Min Tseng Source: The Computer Journal.

Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :

A Secure Identification and Key Agreement Protocol with User Anonymity (SIKA) Authors: Kumar Mangipudi and Rajendra Katti Source: Computers & Security,

Department of Computer Engineering, Kyungpook National University Author : Eun-Jun Yoon, Wan-Soo Lee, Kee-Young Yoo Speaker : Wan-Soo Lee

Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.

SPEAKER: HONG-JI WEI DATE: Secure Anonymous Authentication Scheme with Roaming for Mobile Networks.

1 Adaptive key pre-distribution model for distributed sensor networks Author: C.-S. Laih, M.-K. Sun, C.-C. Chang and Y.-S. Han Source: IET Communications,

User authentication schemes with pseudonymity for ubiquitous sensor network in NGN Authors: Binod Vaidya, Joel J. Rodrigues and Jong Hyuk Park Source:

Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction.

A Novel Privacy Preserving Authentication and Access Control Scheme for Pervasive Computing Environments Authors: Kui Ren, Wenjing Lou, Kwangjo Kim, and.

1 Protecting Your Privacy with a Mobile Agent Device in RFID Environment Authors: Sang-Soo Yeo, Soo-Cheol Kim, Sung Kwon Kim, Gilcheol Park, Seok Soo Kim,

SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.

Threshold password authentication against guessing attacks in Ad hoc networks ► Chai, Zhenchuan; Cao, Zhenfu; Lu, Rongxing ► Ad Hoc Networks Volume: 5,

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 : Xiong Li, Yongping.

Threshold password authentication against guessing attacks in Ad hoc networks Authors: Zhenchuan Chai, Zhenfu Cao, Rongxing Lu Sources: Ad Hoc Networks,

A Secure Authentication Scheme with Anonymity for Wireless Communications IEEE COMMUNICATIONS LETTERS, VOL. 12, NO. 10, OCTOBER 2008 Chia-Chun Wu, Wei-Bin.

Non-PKI Methods for Public Key Distribution

Lightweight Mutual Authentication for IoT and Its Applications

A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications,

Source : IEEE Access, In Press, 2016

無線環境的認證方法及其在電子商務應用之研究

Cryptanalyses and improvements of two cryptographic key assignment schemes for dynamic access control in a user hierarchy Source: Computer & Security,

Author:YongBin Zhou, ZhenFeng Zhang, and DengGuo Feng Presenter:戴士桀

A lightweight authentication scheme based on self-updating strategy for space information network Source: International Journal Of Satellite Communications.

網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments

Cryptanalysis on Mu–Varadharajan's e-voting schemes

A secure and traceable E-DRM system based on mobile device

Efficient password authenticated key agreement using smart cards

A robust and anonymous patient monitoring system using wireless medical sensor networks Source: Future Generation Computer Systems, Available online 8.

A Secure Anonymity Preserving Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications, ahead of.

Security of a Remote Users Authentication Scheme Using Smart Cards

Efficient Time-Bound Hierarchical Key Assignment Scheme

Chair Professor Chin-Chen Chang Feng Chia University

Authors: Wei-Chi KU, Hao-Chuan TSAI, Maw-Jinn TSAUR

Privacy Preserving Ranked Multi-Keyword

Authors : Parwinder Kaur Dhillon and Sheetal Kalra

The Request for Better Measurement:

Source： Ad Hoc Networks, Vol. 71, pp , 2018

A Novel Latin Square-based Secret Sharing for M2M Communications

Lightweight IoT-based authentication scheme in cloud computing circumstance Source: Future Generation Computer Systems Volume 91, February 2019, Pages.

Lightweight IoT-based authentication scheme in cloud computing circumstance Source: Future Generation Computer Systems Volume 91, February 2019, Pages.

An efficient biometric based remote user authentication scheme for secure internet of things environment Source: Journal of Intelligent & Fuzzy Systems.

Authors：Debiao He, Sherali Zeadally, Neeraj Kumar and Wei Wu

An Improved Novel Key Management Protocol for RFID Systems

A lightweight biometrics based remote user authentication scheme for IoT services Source: Journal of Information Security and Applications Volume 34, Part.

Controllable and Trustworthy Blockchain-based Cloud Data Management

Authors: Yuh-Min TSENG, Tsu-Yang WU, Jui-DiWU

Source: Computer Networks Volume 149, 11 February 2019, Pages 29-42

II. REVIEW OF THE DAS ET AL. SCHEME

Improvement of Chien et al

Source: Sensors, Volume 19, Issue 9 (May )

Biometrics-based RSA Cryptosystem for Securing Real-Time Communication

Privacy Protection for E-Health Systems by

A lightweight authentication scheme with privacy protection for smart grid communications Source: Future Generation Computer Systems Volume 100, November.

Presentation transcript:

Provably Secure Authenticated Key Agreement Scheme for Distributed Mobile Cloud Computing Services Source : Future Generation Computer Systems, Vol. 68, pp. 74-88, 2017 Authors : Vanga Odelu, Ashok Kumar Das, Saru Kumari, Xinyi Huang and Mohammad Wazid Speaker : Hsiao-Ling Wu Date: 2017/06/01

Outline Review of Tsai-Lo’s scheme Proposed scheme Security analysis Performance analysis Conclusions

Review of Tsai-Lo’s scheme (1/7) Three phases: SCG setup phase Registration phase Authentication and key establishment phase Smart card generator (SCG) User (Ui) Server (Sj)

Review of Tsai-Lo’s scheme (2/7) Notations

Review of Tsai-Lo’s scheme (3/7) SCG setup phase Smart card generator (SCG)

Review of Tsai-Lo’s scheme (4/7) Registration phase User (Ui) Smart card generator (SCG) IDi Secure channel Ki = (s+H1(IDi))-1∙P Ki Secure channel Ei = Ki ⊕ h(pwi||fi) Store Ei on mobile device Server (Sj) Smart card generator (SCG) SIDj Secure channel Kj = (s+H1(SIDj))-1∙P Kj Secure channel

Review of Tsai-Lo’s scheme (5/7) Authentication and key establishment phase User (Ui) Ei = Ki ⊕ h(pwi||fi) Server (Sj) Kj

Review of Tsai-Lo’s scheme (6/7) Service provider impersonation attack User (Ui) Ei = Ki ⊕ h(pwi||fi) Attacker (A)

Review of Tsai-Lo’s scheme (7/7)

Proposed scheme(1/3) SCG setup phase Smart card generator (SCG)

Proposed scheme (2/3) Registration phase User (Ui) Smart card generator (SCG) IDi ( 𝜎 𝑖 , 𝜃 𝑖 ) = Gen(fi) 𝜎 𝑖 = Rep( 𝜃 𝑖 ||fi) Secure channel Ki,Lt = (s+H1(Idi||Lti))-1∙P Ki ( 𝜎 𝑖 , 𝜃 𝑖 ) = Gen(fi) Ei,Lt = Ki,Lt ⊕ h(pwi|| 𝜎 𝑖 ) ei = H5(IDi||pwi|| 𝜎 𝑖 ) Store { 𝜃 𝑖 , ei, Ei,Lt, Rep(∙), t}on mobile device Secure channel Server (Sj) Smart card generator (SCG) SIDj Secure channel Kj = (s+H1(SIDj))-1∙P Kj Secure channel

Proposed scheme (3/3) Authentication and key establishment phase Ei,Lt = Ki,Lt ⊕ h(pwi|| 𝜎 𝑖 ) ei = H5(IDi||pwi|| 𝜎 𝑖 ) User (Ui) Server (Sj) Kj 𝜎 𝑖 = Rep( 𝜃 𝑖 ||fi) Checks if ei = H5(IDi||pwi|| 𝜎 𝑖 )

Security analysis SCG: smart card generator; F1: whether provides user credentials’ privacy; F2 : whether provides SK-security; F3 : whether provides secure mutual authentication; F4 : whether prevents impersonation attack; F5 : whether provides user untraceability; F6 : whether supports for mobile user revocation. [3] J.L. Tsai, N.W. Lo, A privacy-aware authentication scheme for distributed mobile cloud computing services, IEEE Syst. J. 9 (3) (2015) 805–815. [33] Y.M. Tseng, S.S. Huang, T.T. Tsai, J.H. Ke, List-free ID-based mutual authentication and key agreement protocol for multiserver architectures, IEEE Trans. Emerging Top. Comput. 4 (1) (2016) 102–112.

Performance analysis

Conclusions In this paper, the authors have first analyzed Tsai–Lo’s authentication scheme and shown that their scheme is insecure against server impersonation attack. We have proposed an efficient provably secure mutual authentication and key agreement scheme.