A password authentication scheme with secure password updating SEC 期末報告學號： 89321037 姓名：翁玉芬.

Slides:

Advertisements

Similar presentations

Authentication Applications The Kerberos Protocol Standard

Advertisements

1 東南技術學院九十二學年度第二學期資工系第一次論文發表會 Analysis of an Improved Version of S/KEY One-Time Password Authentication Scheme Speaker: Maw-Jinn Tsaur

A key agreement protocol using mutual Authentication for Ad-Hoc Networks IEEE 2005 Authors : Chichun Lo, Chunchieh Huang, Yongxin Huang Date : 2005_11_29.

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

1 An Ultra-lightweight Authentication Protocol in RFID Speaker: 魏家惠.

Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date ： Reporter : Hong Ji Wei Authors.

An Improvement on Authenticated Key Agreement Scheme Authors: Chin-Chen Chang and Shih-Yi Lin Source: 2007 International Conference on Intelligent Pervasive.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中日期 :

Computer and Information Security 期末報告學號姓名莊玉麟.

1 Three-Party Encrypted Key Exchange Without Server Public-Keys C. L. Lin, H. M. Sun, M. Steiner, and T. Hwang IEEE COMMUNICATIONS LETTER, VOL. 5, NO.12,

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

CMSC 414 Computer and Network Security Lecture 15 Jonathan Katz.

1 Security analysis of an enhanced authentication key exchange protocol Authors ： H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date ： 2005/5/20.

A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.

電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

Analysis of Key Agreement Protocols Brita Vesterås Supervisor: Chik How Tan.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

Efficient Multi-server Password Authenticated Key Agreement Using Smart Cards Computer and Information Security Ming-Hong Shih.

1 An ID-based multisignature scheme without reblocking and predetermined signing order Chin-Chen Chang, Iuon-Chang Lin, and Kwok-Yan Lam Computer Standards.

An Improved Smart Card Based Password Authentication Scheme with Provable Security Source:Computer Standards & Interfaces, Vol. 31, No. 4, pp ,

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

國立清華大學資訊工程系資訊安全實驗室孫宏民 Phone: Network Security --- Network Security --- Key Establishment Protocols.

1 Security Weakness in a Three-Party Password-Based Key Exchange Protocol Using Weil Pairing From ： ePrint (August 2005) Author ： Junghyun Nam, Seungjoo.

An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks DAOJING HE, YI GAO, SAMMY CHAN, CHUN CHEN, JIAJUN BU Ad Hoc & Sensor Wireless.

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

多媒體網路安全實驗室 A Strong User Authentication Framework for Cloud Computing Date ： Reporter : Hong Ji Wei Authors : Amlan Jyoti Choudhury, Mangal.

多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人：向峻霈.

Cryptanalysis of Two Dynamic ID-based Authentication

A Risk Analysis Approach for Biometric Authentication Technology Author: Arslan Brömme Submission: International Journal of Network Security Speaker: Chun-Ta.

1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.

多媒體網路安全實驗室 An Efficient RFID Authentication Protocol for Low-cost Tags Date ： Reporter : Hong Ji Wei Authors : Yanfei Liu From : 2008 IEEE/IFIP.

1 Authentication and Digital Signature Schemes and Their Applications to E-commerce ( 身份認證與數位簽章技術及其在電子商務上的應用 ) Advisor: Chin-Chen Chang 1, 2 Student: Ya-Fen.

Session Initiation Protocol (SIP) 王承宇張永霖.

多媒體網路安全實驗室 A novel user authentication and privacy preserving scheme with smartcards for wireless communications 作者 :Chun-Ta Li,Cgeng-Chi Lee 出處 :Mathematical.

Efficient remote mutual authentication and key agreement Improvement of Chien et al. ’ s remote user authentication scheme using smart cards An efficient.

An ID-Based Mutual Authentication and Key Exchange Protocol for Low- Power Mobile Devices Authors: Tsu-Yang Wu and Yuh-Min Tseng Source: The Computer Journal.

Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :

WEP Protocol Weaknesses and Vulnerabilities

A Secure Identification and Key Agreement Protocol with User Anonymity (SIKA) Authors: Kumar Mangipudi and Rajendra Katti Source: Computers & Security,

1 Common Secure Index for Conjunctive Keyword-Based Retrieval over Encrypted Data Peishun Wang, Huaxiong Wang, and Josef Pieprzyk: SDM LNCS, vol.

Authentication of Signaling in VoIP Applications Authors: Srinivasan et al. (MIT Campus of Anna University, India) Source: IJNS review paper Reporter:

Denial-of-Service, Address Ownership,and,Early Authentication in IPv6 World (An Approach) Aditya Vutukuri From article by Pekka Nikander Ericsson Research.

1 Efficient User Authentication and Key Management for Peer-to- Peer Live Streaming Systems Authors: X. Liu, Y. Hao, C. Lin, and C. Du Source: Tsinghua.

Department of Computer Engineering, Kyungpook National University Author : Eun-Jun Yoon, Wan-Soo Lee, Kee-Young Yoo Speaker : Wan-Soo Lee

多媒體網路安全實驗室 Robust authentication and key agreement scheme preserving Date:2011/11/05 報告人：向峻霈出處 : Ren-Chiun Wang Wen-Shenq Juang Chin-Laung Lei Computer.

SPEAKER: HONG-JI WEI DATE: Secure Anonymous Authentication Scheme with Roaming for Mobile Networks.

Password-only Authenticated Key Agreement Protocols Based on Self-certified Approach Tzong-Chen Wu and Yen-Ching Lin Department of Information Management.

A flexible biometrics remote user authentication scheme Authors: Chu-Hsing Lin and Yi-Yi Lai Sources: Computer Standards & Interfaces, 27(1), pp.19-23,

User authentication schemes with pseudonymity for ubiquitous sensor network in NGN Authors: Binod Vaidya, Joel J. Rodrigues and Jong Hyuk Park Source:

1 Signature Protocol for Peer-to- peer Massively Multiplayer Online Games Speaker: Shu-Fen Chiou ( 邱淑芬 )

MSN lab1 A novel deniable authentication protocol using generalized ElGamal signature scheme Source: Information Sciences, vol. 177, pp , 2007.

Password-based user authentication and key distribution protocols for client-server applications Authors: Her-Tyan Yeh and Hung-Min Sun Sources: The Journal.

Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction.

RSA-based password authenticated key exchange protocol Presenter: Jung-wen Lo( 駱榮問 )

SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.

RFID Paper presentation The Security of EPC Gen2 Compliant RFID Protocols Source ： Applied Cryptography and Network Security, VOL. 5037, 2008, pp

Threshold password authentication against guessing attacks in Ad hoc networks ► Chai, Zhenchuan; Cao, Zhenfu; Lu, Rongxing ► Ad Hoc Networks Volume: 5,

多媒體網路安全實驗室 An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security Date:2012/02/16.

Threshold password authentication against guessing attacks in Ad hoc networks Authors: Zhenchuan Chai, Zhenfu Cao, Rongxing Lu Sources: Ad Hoc Networks,

KERBEROS. Introduction trusted key server system from MIT.Part of project Athena (MIT).Developed in mid 1980s. provides centralised private-key third-party.

Non-PKI Methods for Public Key Distribution

Efficient password authenticated key agreement using smart cards

Authors: Wei-Chi KU, Hao-Chuan TSAI, Maw-Jinn TSAUR

Authors：Debiao He, Sherali Zeadally, Neeraj Kumar and Wei Wu

Date:2011/09/28 報告人：向峻霈出處: Ren-Chiun Wang Wen-Shenq Juang

Published in 2016 International Computer Symposium (ICS) Authors

Presentation transcript:

A password authentication scheme with secure password updating SEC 期末報告學號：姓名：翁玉芬

Source Chun-Li Lin and Tzonelih Hwang, Computers & Security, Vol.22, No.1, pp , 2003

Outline Introduction Peryravian-Zunic’s Scheme Hwang-Yen’s Scheme Proposed Scheme Conclusions

Introduction Password scheme  Password authentication protocol replay attack password search attack stolen-verifier attack  Password change protocol denial of service attack  Key distribution forward secrecy Peyarian -Zunic Hwang -Yen Proposed scheme Password authentication Yes Password change Yes Key distribution Yes

Introduction (cont.) Notations  id: user number  pw: password  K s : the server public key  {M}K s : Encryption of M with K s  rc: random number generated by client  rs: random number generated by server  H(.) : one-way hash function

Peyarian-Zunic’s Scheme – password transmission ClientServer id, rc rs id, H( H( id, pw), rc, rs) Access granted or denied. stolen-verifier attack

Peyarian-Zunic’s Scheme – password change ClientServer id, rc rs Access granted or denied id, H( H( id, pw), rc, rs), denial of service attack

Hwang-Yen’s Scheme –password transmission ClientServer id, { rc, pw}K s id, H (rc, rs) Access granted or denied, H ( rs)

Hwang-Yen’s Scheme -Key distribution ClientServer id, { rc, pw}K s receive rc generate rc generate rs, H ( rs) receive rs id, H (rc, rs) Access granted or denied Compute H (rc,rs) Compute H (rc,rs) one-time token No forward secrecy

Hwang-Yen’s Scheme -password change ClientServer id, { rc, pw}K s Access granted or denied, H( rs) id, H(rc, rs), denial of service attack

Proposed Scheme –password change ClientServer id, { rc, pw}K s Access granted or denied, H( rs) id, H(rc, rs), H( H( new_pw), rs)

Proposed Scheme –key distribution ClientServer generate x generate y id, Receive receive Access granted or denied id, Compute

Conclusions The password change protocol can protest against denial of service attack The key distribution protocol can propose forward secrecy