1 Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards 使用在 smart cards 的強韌及高效率密碼驗證金鑰協定 IEEE Transactions on Industrial Electronics,

Slides:

Advertisements

Similar presentations

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

Advertisements

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

A Cryptographic Key Management Solution for HIPAA Privacy/Security Regulations 針對 HIPAA 隱私 / 安全規則的一種密碼金鑰管理方法 IEEE Transactions on Information Technology.

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

A PASS Scheme in Clouding Computing - Protecting Data Privacy by Authentication and Secret Sharing Jyh-haw Yeh Dept. of Computer Science Boise State University.

Cross-Realm Password-Based Server Aided Key Exchange Source: WISA 2010, LNCS 6513, pp. 322–336, 2011(0) Author: Kazuki Yoneyama Presenter: Li-Tzu Chang.

A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中日期 :

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

An Authentication Scheme for Mobil Satellite Communication Systems Advisor: Prof. Jen-Chang Liu Graduate Student: Yi-Ching Chen( 陳怡靜 ) Date: 2004/05/26.

A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.

電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

1 Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment Authors ： Han-Cheng Hsiang and Wei-Kuan Shih.

Introduction to Signcryption November 22, /11/2004 Signcryption Public Key (PK) Cryptography Discovering Public Key (PK) cryptography has made.

Efficient Multi-server Password Authenticated Key Agreement Using Smart Cards Computer and Information Security Ming-Hong Shih.

孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : in Computers & Security.

More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

An Improved Smart Card Based Password Authentication Scheme with Provable Security Source:Computer Standards & Interfaces, Vol. 31, No. 4, pp ,

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

A New Two-Server Approach for Authentication with Short Secrets John Brainard, Ari Juels,Burt Kaliski and Michael Szydlo RSA Laboratories To appear in.

Authentication System

Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.

Improvement of Hwang-Lo-Lin scheme based on an ID-based cryptosystem No author given (Korea information security Agency) Presented by J.Liu.

An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks DAOJING HE, YI GAO, SAMMY CHAN, CHUN CHEN, JIAJUN BU Ad Hoc & Sensor Wireless.

多媒體網路安全實驗室 A Strong User Authentication Framework for Cloud Computing Date ： Reporter : Hong Ji Wei Authors : Amlan Jyoti Choudhury, Mangal.

多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人：向峻霈.

Cryptanalysis of Two Dynamic ID-based Authentication

1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.

1 Authentication and Digital Signature Schemes and Their Applications to E-commerce ( 身份認證與數位簽章技術及其在電子商務上的應用 ) Advisor: Chin-Chen Chang 1, 2 Student: Ya-Fen.

多媒體網路安全實驗室 A novel user authentication and privacy preserving scheme with smartcards for wireless communications 作者 :Chun-Ta Li,Cgeng-Chi Lee 出處 :Mathematical.

Efficient remote mutual authentication and key agreement Improvement of Chien et al. ’ s remote user authentication scheme using smart cards An efficient.

Cryptography and Network Security (CS435) Part Eight (Key Management)

Yu-Li Lin and Chien-Lung Hsu Department of Information Management, Chang-Gung University Information Science(SCI) Reporter: Tzer-Long Chen.

Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.

Enhanced secure anonymous authentication scheme for roaming service in global mobility networks Hyeran Mun, Kyusuk Han, Yan Sun Lee, Chan Yeob Yeun, Hyo.

1 Lecture 9: Cryptographic Authentication objectives and classification one-way –secret key –public key mutual –secret key –public key establishing session.

Department of Computer Engineering, Kyungpook National University Author : Eun-Jun Yoon, Wan-Soo Lee, Kee-Young Yoo Speaker : Wan-Soo Lee

多媒體網路安全實驗室 Robust authentication and key agreement scheme preserving Date:2011/11/05 報告人：向峻霈出處 : Ren-Chiun Wang Wen-Shenq Juang Chin-Laung Lei Computer.

Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.

SPEAKER: HONG-JI WEI DATE: Secure Anonymous Authentication Scheme with Roaming for Mobile Networks.

Password-only Authenticated Key Agreement Protocols Based on Self-certified Approach Tzong-Chen Wu and Yen-Ching Lin Department of Information Management.

1 Commutative Encryption and Watermarking in Video Compression 交換式加密及浮水印法應用在視頻壓縮 IEEE Transactions on Circuits and Systems for Video Technology, VOL. 17,

User authentication schemes with pseudonymity for ubiquitous sensor network in NGN Authors: Binod Vaidya, Joel J. Rodrigues and Jong Hyuk Park Source:

Password-based user authentication and key distribution protocols for client-server applications Authors: Her-Tyan Yeh and Hung-Min Sun Sources: The Journal.

Interleaving and Collusion Attacks on a Dynamic Group Key Agreement Scheme for Low-Power Mobile Devices * Junghyun Nam 1, Juryon Paik 2, Jeeyeon Kim 2,

Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction.

1 Analysis of Fractional Window Recoding Methods and Their Application to Elliptic Curve Cryptosystems 片斷視窗編碼法的分析及應用到 ECC IEEE Transactions on Computers,

SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.

Threshold password authentication against guessing attacks in Ad hoc networks ► Chai, Zhenchuan; Cao, Zhenfu; Lu, Rongxing ► Ad Hoc Networks Volume: 5,

1 Chapter 3-3 Key Distribution. 2 Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution.

Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 : Xiong Li, Yongping.

多媒體網路安全實驗室 An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security Date:2012/02/16.

Threshold password authentication against guessing attacks in Ad hoc networks Authors: Zhenchuan Chai, Zhenfu Cao, Rongxing Lu Sources: Ad Hoc Networks,

Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.

Lightweight Mutual Authentication for IoT and Its Applications

A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications,

無線環境的認證方法及其在電子商務應用之研究

網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments

Efficient password authenticated key agreement using smart cards

A robust and anonymous patient monitoring system using wireless medical sensor networks Source: Future Generation Computer Systems, Available online 8.

Security of a Remote Users Authentication Scheme Using Smart Cards

Authors：Debiao He, Sherali Zeadally, Neeraj Kumar and Wei Wu

Date:2011/09/28 報告人：向峻霈出處: Ren-Chiun Wang Wen-Shenq Juang

A lightweight biometrics based remote user authentication scheme for IoT services Source: Journal of Information Security and Applications Volume 34, Part.

Privacy Protection for E-Health Systems by

Presentation transcript:

1 Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards 使用在 smart cards 的強韌及高效率密碼驗證金鑰協定 IEEE Transactions on Industrial Electronics, VOL.55, NO.6,June 2008 Author: Wen-Shenq Juang, Sian-Teng Chen, and Horng-Twu Liaw Adviser ：鄭錦楸教授 Reporter ：林彥宏

2 Outline Introduction Proposed Scheme the parameter generation phase the registration phase the precomputation phase the log-in phase the password-changing phase Security Analysis Cost and Functionality Consideration Conclusions

3 Introduction robust remote authentication scheme with smart cards Advantages: low computation for smart cards no password table passwords chosen by the users themselves withstanding the replay attack server authentication withstanding the dictionary attack revoking the lost cards without changing the users’ identities

4 Introduction Drawbacks: no ability of anonymity higher computation and communication cost no session key agreement cannot prevent the insider attack

5 Proposed Scheme base on elliptic curve cryptosystems consists of five phases: the parameter generation phase the registration phase the precomputation phase the log-in phase the password-changing phase

6 Proposed Scheme the parameter generation phase: server select a large prime, and server finds a point, server selects a random number as its private key server computers the public key publishes parameters

7 Proposed Scheme the registration phase: User iServer tag

8 Proposed Scheme the precomputation phase : User iServer

9 Proposed Scheme the log-in phase : User iServer Password authentication tag registrationregistration table

10 Proposed Scheme the password-changing phase: User i Log in Server

11 Security Analysis Mutual Authentication Preventing the Replay Attack Preventing the Insider Attack Preventing the Offline Dictionary Attack Without the Smart Card Preventing the Offline Dictionary Attack With the Smart Card

12 Security Analysis Mutual Authentication A:user, B:server A can compute the session key and will believe then use to authentication that A believes B believes B can compute the session key and will believe then use to authentication that B believes A believes AB AB AB AB AB

13 Security Analysis Preventing the Replay Attack attacker tries to imitate the user to log in to the server by resending the messages use nonces to prevent this kind of attack smart card chooses nonces and computers ; the second nonce is selected by the server

14 Security Analysis Preventing the Insider Attack the user’s password is obtained by the server in the registration phase registration phase will generate a random number ;then Preventing the Offline Dictionary Attack Without the Smart Card attacker can get the tapped messages and attempts to guess the user’s password from the tapped messages if the attacker intercepts the message

15 Security Analysis Preventing the Offline Dictionary Attack With the Smart Card called the smart-card-lost problem only the server can use the secret key to decrypt and obtain

16 Cost and Functionality Consideration Low Communication and Computation Cost No Password Table Choosing and Changing of Passwords by Users No Time-Synchronization Problem Identity Protection Revoking the Lost Cards Without Changing the User’s Identity Session Key Agreement

17 Cost and Functionality Consideration Low Communication and Computation Cost shorter key-size and faster computation suitable for small-memory device Time of crack (ns)RSA bit-lengthECC bit-lengthRSA/ECC ： 1 6 ： 1 7 ： 1 10 ： 1 35 ： 1

18 Cost and Functionality Consideration C1: the password length C2: memory for storing the cryptographic parameters in a smart card C3: communication cost of Login for cryptographic parameters

19 Cost and Functionality Consideration No Password Table server only needs to keep a registration table to store each card’s identifier card sent to server Choosing and Changing of Passwords by Users provide a password-changing phase for users No Time-Synchronization Problem in the log-in phase, they use two nonces to prevent the replay attack

20 Cost and Functionality Consideration Identity Protection user’s identity in their scheme is included in Revoking the Lost Cards Without Changing the User’s Identity if the user loses his smart card, server will set and issue a new smart card to the user Session Key Agreement the user and the server both can agree on a session key after the log-in phase.

21 Cost and Functionality Consideration E1: computation cost of registration E2: computation cost of the precomputation phase for the client E3: computation cost of login for the client E4: computation cost of login for the server

22 Cost and Functionality Consideration C1: low communication and computation cost C2: no password table C3: users can choose the password by themselves C4: no Time-Synchronization ProblemC5: mutual authentication C6: revoking a lost card without changing the user’s identity C7: identity protectionC8: session key agreement C9: preventing the offline dictionary attack with the secret information stored in the smart card

23 Conclusions they have proposed an efficient and robust user authentication and key agreement scheme provide identity protection, session key agreement and low communication and computation cost very useful in limited computation and communication resource environments