11 Efficient and Secure Certificateless Authentication and Key Agreement Protocol for Hybrid P2P Network Authors: Z. B. Xu and Z. W. Li Source: The 2nd.

Slides:



Advertisements
Similar presentations
Key Management Nick Feamster CS 6262 Spring 2009.
Advertisements

Public Key Cryptography Nick Feamster CS 6262 Spring 2009.
Boneh-Franklin Identity-based Encryption. 2 Symmetric bilinear groups G = ágñ, g p = 1 e: G G G t Bilinear i.e. e(u a, v b ) = e(u, v) ab Non-degenerate:
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Pairwise Key Agreement in Broadcasting Networks Ik Rae Jeong.
1 P2P Reputation Management Using Distributed Identities and Decentralized Recommendation Chains Authors: P. Dewan and P. Dasgupta Source: IEEE Transactions.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
Digital Signatures and applications Math 7290CryptographySu07.
Public Key Algorithms …….. RAIT M. Chatterjee.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Weakness of Shim’s New ID- base Tripartite Multiple-key Agreement Protocol Authors: J.S. Chou, C.H.Lin and C.H. Chiu ePrint/2005/457 Presented by J. Liu.
1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date :
Identity-based authenticated key agreement protocol based on Weil pairing N.P.Smart ELECTRONICS LETTERS 20 th June 2002 vol.38 No13 p Present by.
1 Intro To Encryption Exercise Problem Alice and Bob wish to play the game Paper, Rock and Scissors. What may be the problems with the game? The.
Analysis of Key Agreement Protocols Brita Vesterås Supervisor: Chik How Tan.
Certificateless Authenticated Two-Party Key Agreement Protocols
Inter-Domain Identity-Based Authenticated Key Agreement Protocols from Weil Pairing Authors: Hong-bin Tasi, Yun-Peng Chiu and Chin-Laung Lei From:ISC2006.
Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings.
CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.
Chapter 9 Cryptographic Protocol Cryptography-Principles and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li.
Key Distribution CS 470 Introduction to Applied Cryptography
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
CPE5021 Advanced Network Security --- Advanced Cryptography: Elliptic Curve Cryptography --- Lecture 3 CPE5021 Advanced Network Security --- Advanced Cryptography:
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
Network and Communications Network Security Department of Computer Science Virginia Commonwealth University.
1 A Collaboration Scheme for Making Peer-to-Peer Anonymous Routing Resilient Authors: X. Wang and J. Luo Source: 12th International Conference on Computer.
Key Management and Diffie- Hellman Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 12/3/2009 INCS 741: Cryptography 12/3/20091Dr. Monther.
1 A secure model for controlling the hubs in P2P wireless network based on trust value Authors: Y. Liu, N. Xiong, K. Xu, J. H. Park, and C. Lin Source:
An ID-Based Mutual Authentication and Key Exchange Protocol for Low- Power Mobile Devices Authors: Tsu-Yang Wu and Yuh-Min Tseng Source: The Computer Journal.
Cryptography and Network Security (CS435) Part Eight (Key Management)
Center for Information Security Technologies ID-based Authenticated Key Exchange for Low-Power Mobile Devices K. Y. Choi, J. Y. Hwang, D. H. Lee CIST,
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Cryptography and Network Security Chapter 10
Cryptography and Network Security Key Management and Other Public Key Cryptosystems.
1 A peer mutual authentication method on super peer based peer-to- peer network Authors: Byeong-Thaek Oh, Sang-Bong Lee, and Ho-Jin Park Source: IEEE International.
Scott CH Huang COM 5336 Lecture 7 Other Public-Key Cryptosystems Scott CH Huang COM 5336 Cryptography Lecture 7.
ECE509 Cyber Security : Concept, Theory, and Practice Key Management Spring 2014.
Cryptanalysis of Some Proxy Signature Schemes without Certificates Wun-She Yap, Swee-Huay Heng Bok-Min Goi Multimedia University.
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
Identity based signature schemes by using pairings Parshuram Budhathoki Department of Mathematical Science FAU 02/21/2013 Cyber Security Seminar, FAU.
Password-only Authenticated Key Agreement Protocols Based on Self-certified Approach Tzong-Chen Wu and Yen-Ching Lin Department of Information Management.
An Improved Efficient Secret Handshakes Scheme with Unlinkability Author: Jie Gu and Zhi Xue Source: IEEE Comm. Letters 15 (2) (2011) Presenter: Yu-Chi.
A new provably secure certificateless short signature scheme Authors: K.Y. Choi, J.H. Park, D.H. Lee Source: Comput. Math. Appl. (IF:1.472) Vol. 61, 2011,
Pairing based IBE. Some Definitions Some more definitions.
Key Management Network Systems Security Mort Anvari.
1 Authenticated Key Exchange Rocky K. C. Chang 20 March 2007.
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 Chapter 3-3 Key Distribution. 2 Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution.
Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:
Key Generation Protocol in IBC Author : Dhruti Sharma and Devesh Jinwala 論文報告 2015/12/24 董晏彰 1.
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
Key distribution Ján Kotrady. Content: What is key distribution? Key agreement and distribution Basic algorithm – Diffie-Hellman Basic attacks – Man in.
Key Management public-key encryption helps address key distribution problems have two aspects of this: – distribution of public keys – use of public-key.
Information Security Lab. Dept. of Computer Engineering 251/ 278 PART II Asymmetric Ciphers Key Management; Other CHAPTER 10 Key Management; Other Public.
Boneh-Franklin Identity Based Encryption Scheme
Certificateless signature revisited
SAKAWP: Simple Authenticated Key Agreement Protocol Based on Weil Pairing Authors: Eun-Jun Yoon and Kee-Young Yoo Src: International Conference on Convergence.
Identity-based deniable authentication protocol
Source: Ad Hoc Networks, Vol. 71, pp , 2018
Key Management Network Systems Security
Authors:Debiao He, Sherali Zeadally, Neeraj Kumar and Wei Wu
Secure Diffie-Hellman Algorithm
Presentation transcript:

11 Efficient and Secure Certificateless Authentication and Key Agreement Protocol for Hybrid P2P Network Authors: Z. B. Xu and Z. W. Li Source: The 2nd IEEE International Conference on Information Management and Engineering (ICIME), pp , 2010 Speaker: Shu-Fen Chiou ( 邱淑芬 )

2 Introduction Alice Bob Key Generation Center (KDC) Certificate C A Certificate C B Mutual authentication with certificates Certificateless Public Key Cryptography

3 Alice Key Generation Center Master-key: s KGC public key: P 0 =sP Partial private key D A = sQ A Where Q A =H 1 (ID A ) Private key S A = Public key P A = x A P CL-PKC (Certificateless Public Key Cryptography) 3 Bob Partial private key D B = sQ B Where Q B =H 1 (ID B ) Private key S B = Public key P B = x B P Based on ECC

4 Hybrid P2P network In the same domain In different domain

5 Requirements Certificateless Implicit key authentication Perfect forward secrecy Known-key secrecy Key-compromise impersonation Unknown key-share resilience Known session-specific temporary information security No key control 5

6 Proposed scheme In the same domain 6

77 K 1 =K A1 =e(Q B, P 0 ) a =e(Q B, P) sa =e(sQ B, aP) =e(D B, T A )=K B1 P 0 =sP D A = sQ A D B = sQ B K 2 = K A2 =e(D A, T B ) =e(sQ A, bP) =e(Q A, P) sb =e(Q A, P 0 ) b =K B2 K 3 = K A3 =x A -2 M B =x A -2 x B -1 P A =x A -1 x B -1 P =(x A -1. x B P).x B -1 x B -1 =x B -2 M A =K B3 K 4 = K A4 =aT B =abP=bT A =K B4 K 5 = K A5 =aP B =ax B P=x B T A =K B5 K 6 = K A6 =x A T B =x A bP=bP A =K B6 b

8 Proposed scheme Across the domain Alice P 1 =s 1 P D A = s 1 Q A Q A =H 1 (ID A ) S A = P A = x A P T A =aP M A =x A -1 P B P 2 =s 2 P D B = s 2 Q B Q B =H 1 (ID B ) S B = P B = x B P T B =bP M B =x b -1 P A K A1 =e(Q B, P 2 ) a =e(Q B, P) s 2 a K A2 =e(D A, T B )=e(s 1 Q A, bP)=e(Q A, P) s 1 b T A, M A T B, M B K B1 =e(D B, T A ) =e(s2Q B, aP)=e(QB, P) s 2 a K B2 =e(Q A, P 1 ) b =e(Q A, P) s 1 b K 1 ’=K A1 =K B1 =e(Q B, P) s 2 a K 2 ’=K A2 =K B2 =e(Q A, P) s 1 b SK=K AB =K BA =H 2 (K 1 ’||K 2 ’||K 3 ||K 4 || K 5 ||K 6 ||T A ||T B )

9 Analysis Implicit key authentication Eve personate Bob: Eve computes T E =eP and M E =X E -1 P A, Eve cannot compute K A5 or K B5. (DLP problem) Perfect forward secrecy Eve knows S A, S B, and s. But he needs to solve abP. (CDH problem) Known-key secrecy Each run, a, b are random and secret. Even if session has been compromised, Eve cannot compute the past or future session keys. 9 K A5 =aP B =ax B P=x B T A =K B5

10 Analysis Key-compromise impersonation Eve replace the Bob’s public key P B =x e P, Eve cannot compute K A1 or K B1. Eve knows s, but he cannot generate K A5 or K B5. Unknown key-share resilience Including the identity information, the Eve cannot ask Alice to share a session key to him, while Alice thinks that Eve is Bob. Known session-specific temporary information security Eve get the ephemeral keys of Alice and Bob. He cannot compute the partial session key K 3. No key control Since a result of using a randomly selected ephemeral key in generating the common session key, neither peer can decide the final key. K A3 =x A -2 M B =x A -2 x B -1 P A =x A -1 x B -1 P =(x A -1. x B P).x B -1 x B -1 =x B -2 M A =K B3

11 Comment Reduce the keys (K 1 -K 6 ) with session key. SK=K AB =K BA =H 2 (K 1 ||K 2 ||K 3 ||K 4 ||K 5 ||K 6 ||T A ||T B ) SK=K AB =K BA =H 2 (K 1 ||K 2 ||T A ||T B )

12 Discrete Logarith problem (DLP) Given, find an element a, such that g a = q EC Discrete Logarithm problem Given, find an element a, such that aP = Q EC Computational Diffie-Hellman (CDH) problem Given, compute abP Bilinear Diffie-Hellman (BDH) problem Given, compute ê(P,P) abc DLP > CDHP > BDHP example: ê(abP,cP) = ê(P,cP) ab = ê(P,P) abc Computational Problems