Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authors: Yuh-Min TSENG, Tsu-Yang WU, Jui-DiWU

Similar presentations


Presentation on theme: "Authors: Yuh-Min TSENG, Tsu-Yang WU, Jui-DiWU"— Presentation transcript:

1 A Pairing-Based User Authentication Scheme for Wireless Clients with Smart Cards
Authors: Yuh-Min TSENG, Tsu-Yang WU, Jui-DiWU Source: Informatica: International Journal, Vol.19, No.2, pp , 2008

2 Outline Introduction The Giri–Srivastava scheme The proposed scheme
Conclusions Comments

3 Introduction Das, M.L., A. Saxena, V.P. Gulati and D.B. Phatak (2006).
A novel remote user authentication scheme using bilinear pairings. Computers and Security, 25(3), 184–189. forgery attack computational cost multi-server Giri, D., and P.D. Srivastava (2006). An improved remote user authentication scheme with smart cards using bilinear pairings. In Cryptology ePrint Archive. The proposed scheme

4 Bilinear Pairings Bilinear Pairing
Let G1, G2 be cyclic groups of same order q. G1 : an additive group E(Fp) G2 : a multiplicative group P : a generator of G1 Definition A bilinear map Bilinear: Non-degenerate: Computability: 4

5 Notations RS : a registration server SS : a service server
Ui : a legal user IDi: the identity of the user Ui IDss: the identity of the service server SS pwi: the password of the user Ui P: a generator of the group G1 s: the master private key of the RS in Zq∗ PRS: the public key of the RS s.t. PRS = s · P H1(): a one-way hash function {0,1}* → {0, 1}n H2(): a map-to-point function {0,1}*→ G1 T: a current time stamp ⊕: a simple XOR operation in G1

6 Framework 3 roles: 4 phases: Ui SS RS The registration phase
The login phase The verification phase The password change phase

7 The Giri–Srivastava Scheme

8 The Registration Phase
Registration Server RS User Ui Smart card:

9 The login and verification phase
User Ui Server Smart card: Choose r T ?

10 The password change Phase
The smart card performs: Smart card:

11 The proposed scheme

12 The Registration Phase
Registration Server RS User Ui (s.QIDi) Wi

13 The login and verification phase
Regi Wi

14 The password change Phase
The smart card performs: Smart card:

15 Security proof Computational Diffie–Hellman (CDH) problem:
Given P, xP, yP ∈ G1, finding xyP. Computational Diffie–Hellman (CDH) assumption: No probabilistic algorithm can solve the CDH problem with non-negligible advantage within polynomial time.

16 A can generate two valid message
Challenger C (P, xP, yP) PRS = xP QIDi = H2(IDi) = yP Login rT, xT U = rT · QIDi, V = (rT + h) · xT H1( ) L1:(τ,Rh) τ = (IDi, IDSS, T, U) Rh T σ = (IDi, IDSS, T, U, V ) IDi IDSS Attacker A Forking Lemma A can generate two valid message σ = (IDi, IDSS, T, U, V ) and σ = (IDi, IDSS, T, U, V ) xyP xyP = (V − V')/(h − h')

17 Discussions Eviction mechanism Clock synchronization problem
A black ID list A positive list Clock synchronization problem The smart card should acquire a time stamp or a random challenge from the server Increase extra transmission between the user and server but it does not affect the computational cost required by the smart card Smart card security Poor reparability Insider attack

18 Performance(1/2) TGe: the time of executing the bilinear pairing operation e: G1 × G1 → G2 TGmul: the time for point scalar multiplication on the group G1 TGH: the time of executing the map-to-point hash function H2() TGadd: the time for point addition on the group G1 TH: the time of executing the one way hash function H1() Tmul: the time for modular multiplication in Zq

19 Performance(2/2)

20 Conclusions Mutual authentication Session key establishment


Download ppt "Authors: Yuh-Min TSENG, Tsu-Yang WU, Jui-DiWU"

Similar presentations


Ads by Google