1 Three-Party Authenticated Key Agreements and Its Applications- PCSs Roaming Protocol 李添福 (Tian-Fu Lee) 國立成功大學資訊工程博士 Cryptography/ Network security/ Wireless.

Slides:

Advertisements

Similar presentations

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

Advertisements

An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,

A Cryptographic Key Management Solution for HIPAA Privacy/Security Regulations 針對 HIPAA 隱私 / 安全規則的一種密碼金鑰管理方法 IEEE Transactions on Information Technology.

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Efficient Private Techniques for Verifying Social Proximity Michael J. Freedman and Antonio Nicolosi Discussion by: A. Ziad Hatahet.

Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.

1 Three-Party Encrypted Key Exchange Without Server Public-Keys C. L. Lin, H. M. Sun, M. Steiner, and T. Hwang IEEE COMMUNICATIONS LETTER, VOL. 5, NO.12,

FIT3105 Smart card based authentication and identity management Lecture 4.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

An Authentication Scheme for Mobil Satellite Communication Systems Advisor: Prof. Jen-Chang Liu Graduate Student: Yi-Ching Chen( 陳怡靜 ) Date: 2004/05/26.

A Server-aided Signature Scheme Based on Secret Sharing for Mobile Commerce Source: Journal of Computers, Vol.19, No.1, April 2008 Author: Chin-Ling Chen,

Network Security--- User Authentication and Key Agreement Protocols

電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科教授 (Prof. Jinn-Ke Jan) 陳育毅.

An Improved Smart Card Based Password Authentication Scheme with Provable Security Source:Computer Standards & Interfaces, Vol. 31, No. 4, pp ,

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

國立清華大學資訊工程系資訊安全實驗室孫宏民博士 Phone: Authenticated Key Exchange Protocols.

國立清華大學資訊工程系資訊安全實驗室孫宏民 Phone: Network Security --- Network Security --- Key Establishment Protocols.

1 Security Weakness in a Three-Party Password-Based Key Exchange Protocol Using Weil Pairing From ： ePrint (August 2005) Author ： Junghyun Nam, Seungjoo.

An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks DAOJING HE, YI GAO, SAMMY CHAN, CHUN CHEN, JIAJUN BU Ad Hoc & Sensor Wireless.

Chapter 10: Authentication Guide to Computer Network Security.

Information Security for Managers (Master MIS)

An Efficient Identity-based Cryptosystem for

Electronic Identity Cards for User Authentication—Promise and Practice IEEE Security & Privacy January/February 2012 Author : Andreas Poller, Ulrich Waldmann,

多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人：向峻霈.

1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September

1 Authentication and Digital Signature Schemes and Their Applications to E-commerce ( 身份認證與數位簽章技術及其在電子商務上的應用 ) Advisor: Chin-Chen Chang 1, 2 Student: Ya-Fen.

Cryptography, Authentication and Digital Signatures

©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.

多媒體網路安全實驗室 A novel user authentication and privacy preserving scheme with smartcards for wireless communications 作者 :Chun-Ta Li,Cgeng-Chi Lee 出處 :Mathematical.

Efficient remote mutual authentication and key agreement Improvement of Chien et al. ’ s remote user authentication scheme using smart cards An efficient.

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :

CIST/ETRI/ISIT/KDDI/Kyusyu Univ./NICT Joint Research Workshop on Ubiquitous Network Security 2005 Verifier-Based Password-Authenticated Key Exchange Jeong.

A Secure Identification and Key Agreement Protocol with User Anonymity (SIKA) Authors: Kumar Mangipudi and Rajendra Katti Source: Computers & Security,

Security Protection on Trust Delegated Medical Data in Public Mobile Networks Dasun Weerasinghe, Muttukrishnan Rajarajan and Veselin Rakocevic Mobile Networks.

Authentication of Signaling in VoIP Applications Authors: Srinivasan et al. (MIT Campus of Anna University, India) Source: IJNS review paper Reporter:

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.

Authentication protocol providing user anonymity and untraceability in wireless mobile communication systems Computer Networks Volume: 44, Issue: 2, February.

Sunday, December 20, 2015 ARCHITECTURE OF A SERVER- AIDED SIGNATURE SERVICE (SASS) FOR MOBILE NETWORKS Source: P. Lorenz and P. Dini (Eds.): ICN 2005,

Secure Messenger Protocol using AES (Rijndael) Sang won, Lee

BlindLocation: Supporting User Location Privacy in Mobile Database Using Blind Signature Source: Journal of Computer Science and Technology, reviewing.

Password-based user authentication and key distribution protocols for client-server applications Authors: Her-Tyan Yeh and Hung-Min Sun Sources: The Journal.

Interleaving and Collusion Attacks on a Dynamic Group Key Agreement Scheme for Low-Power Mobile Devices * Junghyun Nam 1, Juryon Paik 2, Jeeyeon Kim 2,

Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction.

A Novel Privacy Preserving Authentication and Access Control Scheme for Pervasive Computing Environments Authors: Kui Ren, Wenjing Lou, Kwangjo Kim, and.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 : Xiong Li, Yongping.

多媒體網路安全實驗室 Private Information Retrieval Scheme Combined with E- Payment in Querying Valuable Information Date： Reporter: Chien-Wen Huang 出處:

多媒體網路安全實驗室 An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security Date:2012/02/16.

Meeting Reports  A new delegation-based authentication protocol for use in portable communication systems IEEE Transactions on Wireless Communications,

多媒體網路安全實驗室 A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for mobile Networks 作者 :Zhiguo Wan,Kui Ren,Bart.

A Secure and Efficient Application Download Architecture in 3G Mobile Environment Speaker: Kuo-Zhe Chiou Laboratory of Cryptography and Information Security.

Pertemuan #8 Key Management Kuliah Pengaman Jaringan.

A Secure Authentication Scheme with Anonymity for Wireless Communications IEEE COMMUNICATIONS LETTERS, VOL. 12, NO. 10, OCTOBER 2008 Chia-Chun Wu, Wei-Bin.

A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications,

Source : IEEE Access, In Press, 2016

A lightweight authentication scheme based on self-updating strategy for space information network Source: International Journal Of Satellite Communications.

網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments

Efficient password authenticated key agreement using smart cards

A Secure Anonymity Preserving Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications, ahead of.

Source： Ad Hoc Networks, Vol. 71, pp , 2018

An efficient biometric based remote user authentication scheme for secure internet of things environment Source: Journal of Intelligent & Fuzzy Systems.

Authors：Debiao He, Sherali Zeadally, Neeraj Kumar and Wei Wu

Privacy Protection for E-Health Systems by

Presentation transcript:

1 Three-Party Authenticated Key Agreements and Its Applications- PCSs Roaming Protocol 李添福 (Tian-Fu Lee) 國立成功大學資訊工程博士 Cryptography/ Network security/ Wireless networks communication/ Algorithmic graph theory/ Database and data engineering

2 Outlines Three-Party Authenticated Key Agreements (3PAKA) Applications Portable Communication Systems (PCSs) Roaming Protocol RFID Protocol E-Payment Protocol Electronic Medical Record Security and Privacy Vehicular Mobile Network Proposed PCSs Roaming Protocol Delegation-Based Authentication Protocol for PCSs Security discussion Computational comparison & Experimental Results Conclusions

3 Three-Party Authenticated Key Agreements An authenticated key agreement protocol is an interactive method for two or more parties to determine session keys based on their secret keys or public/private keys. Authentication Key agreement / key exchange SK Secure communication Trusted server

4 Portable Communication Systems Roaming Protocol Mobile Station Visited NetworkHome Network PDA cellular phone notebook

5 RFID Protocol TagReaderDatabase Server

6 E-Payment Protocol Buyer Seller E-Bank

7 醫療資訊安全 - 電子病歷安全與隱私 (Electronic Medical Record Security and Privacy) IC card Hospital 政府衛生行政單位電子病歷 Database 健保機關一般民眾

8 Vehicular Mobile Network

9 Proposed PCSs Roaming Protocol  Delegation-Based Authentication Protocol for PCSs

10 Delegation-Based Authentication Protocol for PCSs Registration On-line authentication process i-th Off-line authentication process

11 Delegation-Based Authentication Protocol for PCSs MSVN HN Delegation (  (x),K) (x,v=g x ) Public key (v) Proxy signature Verify the signature by v

12 On-line authentication process Sing  (msg.),K Verify K MS ( ,K) VN (K VH ; pk:v) HN ( ,K VH ) K  ID MS SK,h(token) SK, token Obtain SK

13 i-th Off-line authentication process E SK i (token i,h(token i+1 )) Verify token i Keep h(token i+1 ) Compute SK i+1 MS (SK i, token i ) VN (SK i, h(token i )) HN Compute SK i+1

14 comparison Previous Scheme: token i and token i+1 are independent.  HN can forge token i  Have not non-repudiation  Charge Problem : Mobile users deny has used services and refuse to pay. Overcharge mobile users for services that he did not request. [IEEE Trans. Wireless Commun. 2005] Proposed Scheme: All token i are chained by backward hash-chain and are decided by MS.  HN cannot forge token i  Have non-repudiation  Pre-Compute and reduce the computational cost in MS. [IEEE Trans. Wireless Commun. 2009]

15 i-th Off-line authentication process E SK i (token i ) Verify token i Keep token i = h(token i+1 ) Compute SK i+1 MS (SK i, token i ) VN (SK i, h(token i )) HN Compute SK i+1 Pre-compute and store h (1) (n 1 ), h (2) (n 1 ) (=token n ), …, h (n) (n 1 )(=token 2 ), h (n+1) (n 1 )(=token 1 ) token 1

16 Security Discussion GSMMGSMPublic-key based scheme Lee & Yeh's Scheme Proposed Scheme Identity privacy No Yes Non-repudiation No YesNoYes Mutual-authen. (MS-VN) No Yes Easy key management Yes NoYes Low computational load Yes NoYes Good commu. efficiency Yes NoYes

17 Computational comparison of MS * : Can be pre-computed in this entry. hash functionsecret-key computation (encryption/decryption) public-key computation (signature/verification) GSM 2(n+1)1(n+1)0 MGSM 1(n+1) 0 Public-key based scheme 002n2n Lee & Yeh's scheme On-line 211Pre.* Off-line 3n3nn0 Proposed schemeOn-line (n+1)Pre. * +211Pre.* Off-line nn0

18 Experimental Results

19 Experimental Results

20 Conclusions Three-party authenticated key agreements and its applications Proposed secure and efficient delegation- based authentication protocol for PCSs Future researches Vehicular Mobile Network Electronic Medical Record Security and Privacy

21 References Lee, T.-F., Hwang, T. and Lin C.-L. “Enhanced Three-Party Encrypted Key Exchange without Server Public Keys,” Computers & Security, Volume: 23, Issue: 7, pp , October, Wen, H.-A., Lee, T.-F. and Hwang, T. “A Provably Secure Three-Party Password-based Authenticated Key Exchange Protocol Using Weil Pairing,” IEE Proc. Communications, Vol. 152, No. 2, pp , April Lee, T.-F., Liu, J.-L., Sung, M.-J., Yang, S.-B. and Chen, C.-M., “Communication-Efficient Three- Party Protocols for Authentication and Key Agreement”, Computers and Mathematics with Applications, Vol. 58, No, 4, pp , August, Lee, T.-F., Chang, C.-C. and Hwang, T. “Private Authentication Techniques for the Global Mobility Network,” Wireless Personal Communications, Vol. 35,Issue: 4, pp , December Lee, W.-B. and Yeh, C.-K., “A new delegation-based authentication protocol for use in portable communication systems,” IEEE Trans. Wireless Commun., vol. 4, no.1, pp.57-64, January Lee, T.-F., Chang, S.-H., Hwang, T. and Chong, S.-K., “Enhanced Delegation-Based Authentication Protocol for PCSs”, IEEE Trans. Wireless Commun., Vol.8, No. 5, pp , May 2009.