Presentation is loading. Please wait.

Presentation is loading. Please wait.

無線通訊的安全技術及電子商務應用之研究 Security Technologies on Wireless Communications and Applications in Electronic Commerce 指導教授: 張真誠 教授 研究生: 李榮三 Dept. of Computer Science.

Published byChristopher Spencer Modified over 6 years ago

Similar presentations

Presentation on theme: "無線通訊的安全技術及電子商務應用之研究 Security Technologies on Wireless Communications and Applications in Electronic Commerce 指導教授: 張真誠 教授 研究生: 李榮三 Dept. of Computer Science."— Presentation transcript:

1 無線通訊的安全技術及電子商務應用之研究 Security Technologies on Wireless Communications and Applications in Electronic Commerce 指導教授: 張真誠 教授 研究生: 李榮三 Dept. of Computer Science and Information Engineering, National Chung Cheng University

2 Outline Part 1: Security Technologies for Wireless Communications
Part 2: Applications to Electronic Business MSN lab

3 Introduction Authentication & Data Integrity Electronic Commerce
Global system for mobile communications (GSM) Anonymous authentication mechanism Secure Communications for Ad Hoc Networks Electronic Commerce Electronic voting Oblivious transfer MSN lab

4 Efficient Authentication Protocols for GSM
LAI1 LAI2 LAI3 LAI4 LAI5 LAI6 VLR HLR MSN lab

5 Current GSM authentication system
HLR: The home location register VLR: The visitor location register IMSI: The international mobile subscriber module TMSI: The temporary mobile subscriber identity K: The secret key shared between MS and HLR A3( )/A8( ), A5( ): two one-way functions, en/decryption function MSN lab

6 Current GSM authentication system(1/2)
MS VLR HLR Request (TMSI, LAI) SRES=A3(R, K) IMSI Kc=A8(R, K) n sets {SRES,R,Kc} SRES’=A3(R, K) TMSI’, R Kc=A8(R, K) SRES’ SRES= SRES’ MSN lab

7 Current GSM authentication system(2/2)
MS VLR Request (TMSI’) SRES,R,Kc R SRES’=A3(R, K) SRES= SRES’ SRES’ Kc=A8(R, K) MSN lab

8 Drawbacks Unilateral authentication between VLR and MS
Storage overhead Bandwidth consumption MSN lab

9 Protocol 1 (Phase 1) MSN lab CERT_VLR=A3(R,K) CERT_VLR’=A3(R,K)
HLR Request (TMSI ,LAI,T) CERT_VLR=A3(R,K) IMSI, T CERT_VLR’=A3(R,K) Kc=A8(R, K) Kc=A8(R, K) CERT_VLR, R, Kc TMSI’, CERT_VLR, R, R1, T SRES’=A5(R1, Kc) SRES=A5(R1, Kc) SRES’ MSN lab

10 Protocol 1 (Phase 2) MSN lab CERT_VLR’j =A3(Tj,Kc) CERT_VLRj=A3(Tj,Kc)
Request (TMSI’, Tj) CERT_VLR’j =A3(Tj,Kc) CERT_VLRj=A3(Tj,Kc) CERT_VLRj, Rj, Tj SRES’j=A5(Rj, Kc) SRESj=A5(Rj, Kc) SRESj’ MSN lab

11 Protocol 2 (Phase 1) MSN lab CERT_VLR=A3(T, K) CERT_VLR’=A3(T, K)
HLR Request (TMSI ,LAI,T) CERT_VLR=A3(T, K) IMSI, T CERT_VLR’=A3(T, K) Kc=A8(R, K) Kc=A8(R, K) CERT_VLR, R, Kc TMSI’, CERT_VLR, R, T SRES’=A5(R||T, Kc) SRES=A5(R||T, Kc) SRES’ T TMSI’, T MSN lab

12 Request (TMSI’, SRESj, Tj)
Protocol 2 (Phase 2) MS VLR SRES’j=A5(Tj||Tj-1, Kc) Request (TMSI’, SRESj, Tj) SRES’j=A5(Tj||Tj-1, Kc) CERT_VLR’j =A3(Tj,Kc) CERT_VLRj, Rj, Tj CERT_VLRj=A3(Tj,Kc) Tj TMSI’, Tj MSN lab

13 Analyses Mutual Authentication Reduce storage overhead
Avoid bandwidth consumption Round efficiency (Protocol 2) MSN lab

14 Comparisons between current GSM authentication protocols and ours
Original [14] [15] [49] [51] Ours MA1 No Yes MA2 SSO SBC AC - MSN lab

15 Anonymous Authentication Scheme for Wireless Communications
To enhance the privacy of mobile subscriber Foreign Agent (FA)->VLR Home Agent (HA)->HLR MSN lab

16 The flowchart of Zhu and Ma’s scheme
MS FA HA n, EKL(r0), IDHA, TMS R1, n, EKL(r0), TMS, SIGFA, CertFA, TFA R2, [h(IDMU) || r0] KUFA,SIGHA, CertHA, THA EK(TCertMS) The flowchart of Zhu and Ma’s scheme MSN lab

17 The flowchart of our scheme
C1 = h(h(X)  r)  IDi MS FA HA IDHA, C1, r, EKMH(h(C1⊕T1) || N1 || T1) IDFA, EKFH(EKMH(h(C1⊕T1) || N1 || T1) || C1 || r || N2 || T2) ESK(h(N1) || TIDi), EKMH(h(N2) || T1+1) EKFH(h(N1) || T2+1), EKMH(h(N2) || T1+1) SK = h(h(N1)  h(N2)) The flowchart of our scheme MSN lab

18 Comparisons between related works and ours
154% 1.06% 1.45% [42] [43] Ours MS FA HA NA 1/2 2/1 1/1 NE 4 2 NS 1/0 0/1 2/2 NH 5 NO 3 1 MSN lab

19 Secure Communications for Cluster-based Ad Hoc Networks Using Node Identities
nodes Clusterhead Radio range The structure of NTDR MSN lab

20 Trust Authority (TA) ed  1 (mod ψ(N))
MIDi, Ki = e(logg(MIDi2)) modψ(N) CHIDj, CKj = e(logg(CHIDj2)) modψ(N) AUC=h(KMH) MSN lab

21 The authentication flowchart of our scheme
MIDi CHIDj CHIDj, CIDj MIDi, AUC, T The authentication flowchart of our scheme MSN lab

22 The communicating nodes are within one hop
clusterhead CHIDj CIDj nodes MID2 within one hop Limit of beacon messages MID1 The communicating nodes are within one hop MSN lab

23 The communicating process of Case 1
Cert=h(K12) MID1 MID2 MID1, T1, Cert The communicating process of Case 1 MSN lab

24 The communicating nodes are not within one hop
CIDj clusterhead CHIDj nodes within one hop limit of beacon messages MID1 MID2 The communicating nodes are not within one hop MSN lab

25 MSN lab

26 The communicating nodes are not within the same cluster
CID1 CID2 CHID2 CHID1 MID1 MID2 The communicating nodes are not within the same cluster MSN lab

27 MSN lab

28 Authentication Data-integrity Non-repudiation Non-impersonation
Mobile nodes in the same cluster Mobile nodes are in different clusters Non-repudiation Non-impersonation MSN lab

29 Performance comparisons of authentication phase
Role Scheme [76] Ours MIDi 3 PKI 1 exp + 2 sym + 2 h CHIDj MSN lab

30 Performance comparisons of communication phase
(Nodes in the same cluster) Role Scheme [76] Ours MID1 8 sym + 1h 2 sym + 1h CHID1 8 sym 4 sym MID2 MSN lab

31 Performance comparisons of communication phase
(Nodes in different clusters) Role Scheme [76] Ours MID1 8 sym + 1h 2 sym + 1h CHID1 8 sym 4 sym CHID2 MID2 4 sym + 1h MSN lab

32 An Anonymous Voting Mechanism Based on the Key Exchange Protocol
Previous works: PKI Blind signature Diffie-Hellman key exchange protocol MSN lab

33 Blind signature Signer: ed  1 (mod ψ(N))
Client: message m, random number r m' = mre mod N Signer: s' = (m')d =mdr mod N Client: s = s'r-1 mod N =((mre)d)r-1 N = md mod n MSN lab

34 Diffie-Hellman key exchange protocol
ga mod p Bob Alice gb mod p gab mod p MSN lab

35 Variant version yb=gxb mod p ya=gxa mod p gxaxb mod p ybxa mod p
Bob Alice yb=gxb mod p ya=gxa mod p yaxb mod p gxaxb mod p MSN lab

36 Requirements Anonymity
Fairness: no one can learn the temporary outcome Convenience Robustness: Mobility Uniqueness Completeness: only the eligible voter is allowed to vote Uncoercibility: each voter must be able to decide his intention Correctness Efficiency:within a reasonable period of time MSN lab

37 The whole structure of our proposed mechanism
MSN lab

38 Comparisons between our scheme and other related works
Requirement Scheme Ours [27] [3] [30] Anonymity Yes Fairness No Convenience High Low No mention Mid Robustness Mobility Uniqueness Completeness Uncoercibility Correctness Efficiency MSN lab

39 Choosing t-out-of-n Secrets by Oblivious Transfer
Request t messages messages Bob Alice 1. Correctness Stocks 2. Privacy of Bob Message query 3. Privacy of Alice MSN lab

40 Chinese Remainder Theorem (CRT)
To find a positive integer C that satisfies the following congruence, C ≡ 2 (mod 3), C ≡ 3 (mod 5), and C ≡ 3 (mod 7). MSN lab

41 Define Notations N: a large prime
e/d: the public/private key of Alice, a1, a2, …, an: n messages d1, d2, …, dn: n relatively prime numbers IDi: the identity of message ai b1, b2, …, bt: t messages that Bob expected to get MSN lab

42 Alice Step 1: Computes D = d1* d2* …* dn,
and constructs congruence system as, C ≡ a1 (mod d1), C ≡ a2 (mod d2), C ≡ an (mod dn). C = (D/d1)y1a1 + (D/d2)y2a2 + … + (D/dn)ynan mod D by CRT, where (D/di)yi ≡ 1 (mod di) MSN lab

43 Alice Step 2: Computes T1 = d1e mod N, T2 = d2e mod N, Tn = dne mod N,
Step 3: Publish MSN lab

44 Alice Bob Request C (ID1, T1) (ID2, T2) (IDn, Tn) C and n pairs
C and t pairs {1, 2, …, t} {β1, β2, …, βt} board MSN lab

45 Bob Step 1:(IDj, Tj), for j = 1, 2 to t Step 2:
1 = r1e * T1 mod N, 2 = r2e * T2 mod N, t = rte * Tt mod N, Step 3: Sends {1, 2, …, t} to Alice MSN lab

46 Alice Step 1: β1 = 1d = r1ed * T1d = r1 * T1d mod N,
βt = td= rted * Ttd = rt * Ttd mod N, Step 2: Sends {β1,β2, …, βt} to Bob MSN lab

47 Bob Step 1: d1 = r1-1 *β1 = T1d = d1 ed mod N,
dt = rt-1 *βt = Ttd = dt ed mod N. Step 2: b1 = C mod d1, b2 = C mod d2, bt = C mod dt. MSN lab

48 Comparisons Alice Bob Naor and Pinkas’s (t times) 4(t*n) exp 4t exp
Wakaha and Ryota’s 4n exp (3t + 1) exp Ours n+t exp t exp MSN lab

49 Conclusions and Future Works
Authentication GSM Ad hoc networks 3G,… Electronic commerce Electronic voting Oblivious transfer Electronic lottery MSN lab

50 無線通訊的安全技術及電子商務應用之研究 Security Technologies on Wireless Communications and Applications in Electronic Commerce Thanks!

Download ppt "無線通訊的安全技術及電子商務應用之研究 Security Technologies on Wireless Communications and Applications in Electronic Commerce 指導教授: 張真誠 教授 研究生: 李榮三 Dept. of Computer Science."

Similar presentations

1 9 4 5 1 8 8 6 E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April. 30. 2003 Seo, Seung-Hyun Dept. of Computer Science and.

E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April Seo, Seung-Hyun Dept. of Computer Science and.
By Md Emran Mazumder Ottawa University Student no: 6282845.

By Md Emran Mazumder Ottawa University Student no:
An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,

An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,
GSM Security and Encryption

GSM Security and Encryption
Extension of authentication protocol for GSM 報告者 : 廖翊均.

Extension of authentication protocol for GSM 報告者 : 廖翊均.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
研 究 生:蔡憲邦 指導教授:柯開維 博士 Design of Efficient and Secure Multiple Wireless Mesh Network 具安全性及自我組織能力的 無線網狀網路.

研 究 生:蔡憲邦 指導教授:柯開維 博士 Design of Efficient and Secure Multiple Wireless Mesh Network 具安全性及自我組織能力的 無線網狀網路.
Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.

Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
A Server-aided Signature Scheme Based on Secret Sharing for Mobile Commerce Source: Journal of Computers, Vol.19, No.1, April 2008 Author: Chin-Ling Chen,

A Server-aided Signature Scheme Based on Secret Sharing for Mobile Commerce Source: Journal of Computers, Vol.19, No.1, April 2008 Author: Chin-Ling Chen,
電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.

電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.
1 Blind Signatures 盲簽章 Chun-I Fan 范俊逸 E-Commerce & Security Engineering Lab. Department of Computer Science and Engineering National Sun Yat-Sen University.

1 Blind Signatures 盲簽章 Chun-I Fan 范俊逸 E-Commerce & Security Engineering Lab. Department of Computer Science and Engineering National Sun Yat-Sen University.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科 教授 (Prof. Jinn-Ke Jan) 陳育毅.

1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科 教授 (Prof. Jinn-Ke Jan) 陳育毅.
1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人:陳昱升.

1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人:陳昱升.
NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.

NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.
1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.

1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.
Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September 2007 1.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.

An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.

Similar presentations

Ads by Google