多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人:向峻霈.

Slides:



Advertisements
Similar presentations
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
Advertisements

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : Reporter : Hong Ji Wei Authors.
多媒體網路安全實驗室 Source:International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH- MSP),2010 Sixth. Authors:Hsiang-Cheh.
多媒體網路安全實驗室 Towards Secure and Effective Utilization over Encrypted Cloud Data 報告人 : 葉瑞群 日期 :2012/05/09 出處 :IEEE Transactions on Knowledge and Data Engineering.
A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :
Computer and Information Security 期末報告 學號 姓名 莊玉麟.
A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.
A Server-aided Signature Scheme Based on Secret Sharing for Mobile Commerce Source: Journal of Computers, Vol.19, No.1, April 2008 Author: Chin-Ling Chen,
電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.
A password authentication scheme with secure password updating SEC 期末報告 學號: 姓名:翁玉芬.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
1 Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment Authors : Han-Cheng Hsiang and Wei-Kuan Shih.
Efficient Multi-server Password Authenticated Key Agreement Using Smart Cards Computer and Information Security Ming-Hong Shih.
孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : in Computers & Security.
An Improved Smart Card Based Password Authentication Scheme with Provable Security Source:Computer Standards & Interfaces, Vol. 31, No. 4, pp ,
A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.
Improvement of Hwang-Lo-Lin scheme based on an ID-based cryptosystem No author given (Korea information security Agency) Presented by J.Liu.
多媒體網路安全實驗室 A Strong User Authentication Framework for Cloud Computing Date : Reporter : Hong Ji Wei Authors : Amlan Jyoti Choudhury, Mangal.
多媒體網路安全實驗室 A Security Framework of Group Location-Based Mobile Applications in Cloud Computing Date : Reporter : Hong Ji Wei Authors : Yu-Jia.
Cryptanalysis of Two Dynamic ID-based Authentication
1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.
多媒體網路安全實驗室 An Efficient RFID Authentication Protocol for Low-cost Tags Date : Reporter : Hong Ji Wei Authors : Yanfei Liu From : 2008 IEEE/IFIP.
1 Authentication and Digital Signature Schemes and Their Applications to E-commerce ( 身份認證與數位簽章技術及其在電子商務上的應用 ) Advisor: Chin-Chen Chang 1, 2 Student: Ya-Fen.
An Authenticated Payword Scheme without Public Key Cryptosystems Author: Chia-Chi Wu, Chin-Chen Chang, and Iuon-Chang Lin. Source: International Journal.
多媒體網路安全實驗室 A novel user authentication and privacy preserving scheme with smartcards for wireless communications 作者 :Chun-Ta Li,Cgeng-Chi Lee 出處 :Mathematical.
Efficient remote mutual authentication and key agreement Improvement of Chien et al. ’ s remote user authentication scheme using smart cards An efficient.
An ID-Based Mutual Authentication and Key Exchange Protocol for Low- Power Mobile Devices Authors: Tsu-Yang Wu and Yuh-Min Tseng Source: The Computer Journal.
Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :
多媒體網路安全實驗室 Protecting the Privacy of Users in e-Commerce Environment Date: Reporter:Chien-Wen Huang Author: Chun-Hua Chen and Gwoboa Horng 出處:
A Secure Identification and Key Agreement Protocol with User Anonymity (SIKA) Authors: Kumar Mangipudi and Rajendra Katti Source: Computers & Security,
1 Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards 使用在 smart cards 的強韌及高效率密碼驗證金鑰協定 IEEE Transactions on Industrial Electronics,
Enhanced secure anonymous authentication scheme for roaming service in global mobility networks Hyeran Mun, Kyusuk Han, Yan Sun Lee, Chan Yeob Yeun, Hyo.
Authentication of Signaling in VoIP Applications Authors: Srinivasan et al. (MIT Campus of Anna University, India) Source: IJNS review paper Reporter:
多媒體網路安全實驗室 Certificateless multi-proxy signature Date:2011/04/08 報告人:向峻霈 出處 : Zhengping Jin, Qiaoyan Wen: Computer Communications, pp ,2011.
Department of Computer Engineering, Kyungpook National University Author : Eun-Jun Yoon, Wan-Soo Lee, Kee-Young Yoo Speaker : Wan-Soo Lee
多媒體網路安全實驗室 Robust authentication and key agreement scheme preserving Date:2011/11/05 報告人:向峻霈 出處 : Ren-Chiun Wang Wen-Shenq Juang Chin-Laung Lei Computer.
Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.
SPEAKER: HONG-JI WEI DATE: Secure Anonymous Authentication Scheme with Roaming for Mobile Networks.
多媒體網路安全實驗室 Mobility Assisted Secret Key Generation Using Wireless Link Signatures Date: Reporter : Hong Ji Wei Auther : Junxing Zhang Kasera,
多媒體網路安全實驗室 Anonymous ID Signature Scheme with Provable Identity Date: Reporter :Chien-Wen Huang 出處: 2008 Second International Conference on Future.
Password-only Authenticated Key Agreement Protocols Based on Self-certified Approach Tzong-Chen Wu and Yen-Ching Lin Department of Information Management.
多媒體網路安全實驗室 Routing Through the Mist: Privacy Preserving Communication in Ubiquitous Computing Environments Date:2011/05/05 報告人:向峻霈 出處 : Jalal Al-Muhtadi,
A flexible biometrics remote user authentication scheme Authors: Chu-Hsing Lin and Yi-Yi Lai Sources: Computer Standards & Interfaces, 27(1), pp.19-23,
User authentication schemes with pseudonymity for ubiquitous sensor network in NGN Authors: Binod Vaidya, Joel J. Rodrigues and Jong Hyuk Park Source:
多媒體網路安全實驗室 Practical Searching Over Encrypted Data By Private Information Retrieval Date: Reporter: Chien-Wen Huang 出處: GLOBECOM 2010, 2010 IEEE.
Secure Messenger Protocol using AES (Rijndael) Sang won, Lee
Password-based user authentication and key distribution protocols for client-server applications Authors: Her-Tyan Yeh and Hung-Min Sun Sources: The Journal.
Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction.
多媒體網路安全實驗室 Anonymous Authentication Systems Based on Private Information Retrieval Date: Reporter: Chien-Wen Huang 出處: Networked Digital Technologies,
RSA-based password authenticated key exchange protocol Presenter: Jung-wen Lo( 駱榮問 )
SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.
多媒體網路安全實驗室 Source: IEICE Trans. Fundamentals, Vol. E90-A, No. 4, April 2007, pp Authors:Hong Lin Jin, Masaaki Fujiyoshi, Hitoshi Kiya Speaker:Cheng.
Threshold password authentication against guessing attacks in Ad hoc networks ► Chai, Zhenchuan; Cao, Zhenfu; Lu, Rongxing ► Ad Hoc Networks Volume: 5,
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 : Xiong Li, Yongping.
多媒體網路安全實驗室 Private Information Retrieval Scheme Combined with E- Payment in Querying Valuable Information Date: Reporter: Chien-Wen Huang 出處:
多媒體網路安全實驗室 An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security Date:2012/02/16.
Threshold password authentication against guessing attacks in Ad hoc networks Authors: Zhenchuan Chai, Zhenfu Cao, Rongxing Lu Sources: Ad Hoc Networks,
A Secure and Efficient Application Download Architecture in 3G Mobile Environment Speaker: Kuo-Zhe Chiou Laboratory of Cryptography and Information Security.
A Secure Authentication Scheme with Anonymity for Wireless Communications IEEE COMMUNICATIONS LETTERS, VOL. 12, NO. 10, OCTOBER 2008 Chia-Chun Wu, Wei-Bin.
An Efficient and Practical Authenticated Communication Scheme for Vehicular Ad Hoc Networks Source: IEEE Transactions on Vehicular Technology, Reviewing.
多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/12 報告人:向峻霈.
A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications,
網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments
Efficient password authenticated key agreement using smart cards
Security of a Remote Users Authentication Scheme Using Smart Cards
Authors:Debiao He, Sherali Zeadally, Neeraj Kumar and Wei Wu
Date:2011/09/28 報告人:向峻霈 出處: Ren-Chiun Wang  Wen-Shenq Juang 
Improvement of Chien et al
Privacy Protection for E-Health Systems by
Presentation transcript:

多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人:向峻霈 出處 : Wen-Shenq Juang, Sian-Teng Chen, and Horng-Twu Liaw IEEE Transactions on Industrial Electronics, VOL.55, NO.6,2008

多媒體網路安全實驗室 Outline Introduction 1 Proposed scheme 2 Security Analysis 33 Functionality comparison 44 Conclusion 35 2

多媒體網路安全實驗室 Introduction  In various network environments, if a user needs to use or control a remote server  needs to pass the authentication scheme 3

多媒體網路安全實驗室 Introduction  Fan et al. proposed a robust remote authentication scheme with smart cards  Advantages  low computation for smart cards  no password table  passwords chosen by the users themselves  withstanding the replay attack  server authentication  withstanding the dictionary attack  revoking the lost cards without changing the users’ identities 4

多媒體網路安全實驗室 Introduction  Drawbacks  no ability of anonymity  higher computation and communication cost  no session key agreement  cannot prevent the insider attack 5

多媒體網路安全實驗室 Parameter generation phase  Server sets up the system parameters  Chooses a large prime number P  Fp :y 2 = x 3 +ax+b mod P  4a 3 +27b 2 mod P ≠ 0,  G is a generator point of a large order n  selects a random number x  Computes a corresponding public key Pk i = X i x G //X i -> secret key  (P S,P,E p,G,n) ->publish 6

多媒體網路安全實驗室 Registration phase 7 ClientServer { ID i,h( PW i || b) } b i =E s ( h(PW||b) ||ID i ||CI i || h(ID i ||CI i ||h(PW i ||b)) ) V i = h(ID i,s,CI i ) Card =( ID i,CI i,b i,v i ) Card =( ID i,CI i,b i,v i,b ) CIID 1ID 1 2ID 2 …… n ID n tag smart card Card =( ID i,CI i,b i,v i,b ) e = r * G c = r * P s = r * x * G //as a point over E p Precomputation Phasece use in the log-in phase

多媒體網路安全實驗室 Log-in phase 8 Server E vi (e),b i s->decrypts bi V i = h(ID i,s,CI i ) -> decrypts E vi (e) IDi is in the registration CIi is stored in the registration table check ok c = r * x * G M S = h(c || u || V i ) smart card e = r * G c = r * P s = r * x * G V i = h(ID i,s,CI i ) ID i ||CI i ||h(PW i ||b)) u,M s Checks M s M U = h(h(PW i ||b)||V i ||c||u) S k = h(V i,c,u) MUMU Checks Checks M U S k = h(V i,c,u)

多媒體網路安全實驗室 Password-Changing Phase 9 Server E sk (ID i,h(PW i *||b *)) b i * =E s ( h(PWi*||b*) ||ID i ||CI i || h(ID i ||CI i ||h(PW i *||b*)) ) smart card

多媒體網路安全實驗室 Security analysis  Mutual authentication  Preventing the replay attack  Preventing the insider attack  Preventing the Offline Dictionary Attack Without the Smart card  Preventing the Offline Dictionary Attack With the Smart Card 10

多媒體網路安全實驗室 Log-in phase 11 Server E vi (e),b i s->decrypts bi V i = h(ID i,s,CI i ) -> decrypts E vi (e) IDi is in the registration CIi is stored in the registration table check ok c = r * x * G M S = h(c || u || V i ) smart card e = r * G c = r * P s = r * x * G V i = h(ID i,s,CI i ) ID i ||CI i ||h(PW i ||b)) u,M s Checks M s M U = h(h(PW i ||b)||V i ||c||u) S k = h(V i,c,u) MUMU Checks Checks M U S k = h(V i,c,u) Mutual Authentication

多媒體網路安全實驗室 Log-in phase 12 Server E vi (e),b i s->decrypts bi V i = h(ID i,s,CI i ) -> decrypts E vi (e) IDi is in the registration CIi is stored in the registration table check ok c = r * x * G M S = h(c || u || V i ) smart card e = r * G c = r * P s = r * x * G V i = h(ID i,s,CI i ) ID i ||CI i ||h(PW i ||b)) u,M s Checks M s M U = h(h(PW i ||b)||V i ||c||u) S k = h(V i,c,u) MUMU Checks Checks M U S k = h(V i,c,u) Preventing the replay attack

多媒體網路安全實驗室 Registration phase 13 ClientServer { ID i,h( PW i || b) } b i =E s ( h(PW||b) ||ID i ||CI i || h(ID i ||CI i ||h(PW i ||b)) ) V i = h(ID i,s,CI i ) Card =( ID i,CI i,b i,v i ) Card =( ID i,CI i,b i,v i,b ) CIID 1ID 1 2ID 2 …… n ID n smart card Card =( ID i,CI i,b i,v i,b ) e = r * G c = r * P s = r * x * G //as a point over E p Precomputation Phasece use in the log-in phase Preventing the insider attack

多媒體網路安全實驗室 Log-in phase 14 Server E vi (e),b i s->decrypts bi V i = h(ID i,s,CI i ) -> decrypts E vi (e) IDi is in the registration CIi is stored in the registration table check ok c = r * x * G M S = h(c || u || V i ) smart card e = r * G c = r * P s = r * x * G V i = h(ID i,s,CI i ) ID i ||CI i ||h(PW i ||b)) u,M s Checks M s M U = h(h(PW i ||b)||V i ||c||u) S k = h(V i,c,u) MUMU Checks Checks M U S k = h(V i,c,u) Preventing the offline dictionary attack without the smart card

多媒體網路安全實驗室 Log-in phase 15 Server E vi (e),b i s->decrypts bi V i = h(ID i,s,CI i ) -> decrypts E vi (e) IDi is in the registration CIi is stored in the registration table check ok c = r * x * G M S = h(c || u || V i ) smart card e = r * G c = r * P s = r * x * G V i = h(ID i,s,CI i ) ID i ||CI i ||h(PW i ||b)) u,M s Checks M s M U = h(h(PW i ||b)||V i ||c||u) S k = h(V i,c,u) MUMU Checks Checks M U S k = h(V i,c,u) Preventing the Offline Dictionary Attack With the Smart Card

多媒體網路安全實驗室 Cost and Functionality Consideration 16

多媒體網路安全實驗室 17 E1: computation cost of registration E2: computation cost of the precomputation phase for the client E3: computation cost of login for the client E4: computation cost of login for the server

多媒體網路安全實驗室 Functionality comparison  C1 : low communication and computation cost  C2 : no password table  C3 : users can choose the password by themselves  C4 : no Time-Synchronization Problem  C5 : mutual authentication  C6 : revoking a lost card without changing the user’s identity  C7 : identity protection  C8 : session key agreement  C9 : preventing the offline dictionary attack with the secret information stored in the smart card 18

多媒體網路安全實驗室 Functionality comparison 19 Yang &Shieh scheme Hwang &Li scheme Fan et al scheme Juang scheme Sun scheme Chien et al scheme The propose d scheme C1XXOOOOO C2OOOOOOO C3OXXOXOO C4OXXOXXO C5XXOOXOO C6XXXXXXO C7XXXXXXO C8XXOOXXO C9XXXXXXO

多媒體網路安全實驗室 Conclusion  Low Communication and Computation Cost  No Password Table  Choosing and Changing of Passwords by Users  No Time-Synchronization Problem  Identity Protection  Revoking the Lost Cards Without Changing  Session Key Agreement 20

多媒體網路安全實驗室