Presentation is loading. Please wait.

Presentation is loading. Please wait.

多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人:向峻霈.

Published byFranklin Bradford Modified over 9 years ago

Similar presentations

Presentation on theme: "多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人:向峻霈."— Presentation transcript:

1 多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人:向峻霈 出處 : Wen-Shenq Juang, Sian-Teng Chen, and Horng-Twu Liaw IEEE Transactions on Industrial Electronics, VOL.55, NO.6,2008

2 多媒體網路安全實驗室 Outline Introduction 1 Proposed scheme 2 Security Analysis 33 Functionality comparison 44 Conclusion 35 2

3 多媒體網路安全實驗室 Introduction  In various network environments, if a user needs to use or control a remote server  needs to pass the authentication scheme 3

4 多媒體網路安全實驗室 Introduction  Fan et al. proposed a robust remote authentication scheme with smart cards  Advantages  low computation for smart cards  no password table  passwords chosen by the users themselves  withstanding the replay attack  server authentication  withstanding the dictionary attack  revoking the lost cards without changing the users’ identities 4

5 多媒體網路安全實驗室 Introduction  Drawbacks  no ability of anonymity  higher computation and communication cost  no session key agreement  cannot prevent the insider attack 5

6 多媒體網路安全實驗室 Parameter generation phase  Server sets up the system parameters  Chooses a large prime number P  Fp :y 2 = x 3 +ax+b mod P  4a 3 +27b 2 mod P ≠ 0,  G is a generator point of a large order n  selects a random number x  Computes a corresponding public key Pk i = X i x G //X i -> secret key  (P S,P,E p,G,n) ->publish 6

7 多媒體網路安全實驗室 Registration phase 7 ClientServer { ID i,h( PW i || b) } b i =E s ( h(PW||b) ||ID i ||CI i || h(ID i ||CI i ||h(PW i ||b)) ) V i = h(ID i,s,CI i ) Card =( ID i,CI i,b i,v i ) Card =( ID i,CI i,b i,v i,b ) CIID 1ID 1 2ID 2 …… n ID n tag smart card Card =( ID i,CI i,b i,v i,b ) e = r * G c = r * P s = r * x * G //as a point over E p Precomputation Phasece use in the log-in phase

8 多媒體網路安全實驗室 Log-in phase 8 Server E vi (e),b i s->decrypts bi V i = h(ID i,s,CI i ) -> decrypts E vi (e) IDi is in the registration CIi is stored in the registration table ------------------check ok c = r * x * G M S = h(c || u || V i ) smart card e = r * G c = r * P s = r * x * G V i = h(ID i,s,CI i ) ID i ||CI i ||h(PW i ||b)) u,M s Checks M s M U = h(h(PW i ||b)||V i ||c||u) S k = h(V i,c,u) MUMU Checks Checks M U S k = h(V i,c,u)

9 多媒體網路安全實驗室 Password-Changing Phase 9 Server E sk (ID i,h(PW i *||b *)) b i * =E s ( h(PWi*||b*) ||ID i ||CI i || h(ID i ||CI i ||h(PW i *||b*)) ) smart card

10 多媒體網路安全實驗室 Security analysis  Mutual authentication  Preventing the replay attack  Preventing the insider attack  Preventing the Offline Dictionary Attack Without the Smart card  Preventing the Offline Dictionary Attack With the Smart Card 10

11 多媒體網路安全實驗室 Log-in phase 11 Server E vi (e),b i s->decrypts bi V i = h(ID i,s,CI i ) -> decrypts E vi (e) IDi is in the registration CIi is stored in the registration table ------------------check ok c = r * x * G M S = h(c || u || V i ) smart card e = r * G c = r * P s = r * x * G V i = h(ID i,s,CI i ) ID i ||CI i ||h(PW i ||b)) u,M s Checks M s M U = h(h(PW i ||b)||V i ||c||u) S k = h(V i,c,u) MUMU Checks Checks M U S k = h(V i,c,u) Mutual Authentication

12 多媒體網路安全實驗室 Log-in phase 12 Server E vi (e),b i s->decrypts bi V i = h(ID i,s,CI i ) -> decrypts E vi (e) IDi is in the registration CIi is stored in the registration table ------------------check ok c = r * x * G M S = h(c || u || V i ) smart card e = r * G c = r * P s = r * x * G V i = h(ID i,s,CI i ) ID i ||CI i ||h(PW i ||b)) u,M s Checks M s M U = h(h(PW i ||b)||V i ||c||u) S k = h(V i,c,u) MUMU Checks Checks M U S k = h(V i,c,u) Preventing the replay attack

13 多媒體網路安全實驗室 Registration phase 13 ClientServer { ID i,h( PW i || b) } b i =E s ( h(PW||b) ||ID i ||CI i || h(ID i ||CI i ||h(PW i ||b)) ) V i = h(ID i,s,CI i ) Card =( ID i,CI i,b i,v i ) Card =( ID i,CI i,b i,v i,b ) CIID 1ID 1 2ID 2 …… n ID n smart card Card =( ID i,CI i,b i,v i,b ) e = r * G c = r * P s = r * x * G //as a point over E p Precomputation Phasece use in the log-in phase Preventing the insider attack

14 多媒體網路安全實驗室 Log-in phase 14 Server E vi (e),b i s->decrypts bi V i = h(ID i,s,CI i ) -> decrypts E vi (e) IDi is in the registration CIi is stored in the registration table ------------------check ok c = r * x * G M S = h(c || u || V i ) smart card e = r * G c = r * P s = r * x * G V i = h(ID i,s,CI i ) ID i ||CI i ||h(PW i ||b)) u,M s Checks M s M U = h(h(PW i ||b)||V i ||c||u) S k = h(V i,c,u) MUMU Checks Checks M U S k = h(V i,c,u) Preventing the offline dictionary attack without the smart card

15 多媒體網路安全實驗室 Log-in phase 15 Server E vi (e),b i s->decrypts bi V i = h(ID i,s,CI i ) -> decrypts E vi (e) IDi is in the registration CIi is stored in the registration table ------------------check ok c = r * x * G M S = h(c || u || V i ) smart card e = r * G c = r * P s = r * x * G V i = h(ID i,s,CI i ) ID i ||CI i ||h(PW i ||b)) u,M s Checks M s M U = h(h(PW i ||b)||V i ||c||u) S k = h(V i,c,u) MUMU Checks Checks M U S k = h(V i,c,u) Preventing the Offline Dictionary Attack With the Smart Card

16 多媒體網路安全實驗室 Cost and Functionality Consideration 16

17 多媒體網路安全實驗室 17 E1: computation cost of registration E2: computation cost of the precomputation phase for the client E3: computation cost of login for the client E4: computation cost of login for the server

18 多媒體網路安全實驗室 Functionality comparison  C1 : low communication and computation cost  C2 : no password table  C3 : users can choose the password by themselves  C4 : no Time-Synchronization Problem  C5 : mutual authentication  C6 : revoking a lost card without changing the user’s identity  C7 : identity protection  C8 : session key agreement  C9 : preventing the offline dictionary attack with the secret information stored in the smart card 18

19 多媒體網路安全實驗室 Functionality comparison 19 Yang &Shieh scheme Hwang &Li scheme Fan et al scheme Juang scheme Sun scheme Chien et al scheme The propose d scheme C1XXOOOOO C2OOOOOOO C3OXXOXOO C4OXXOXXO C5XXOOXOO C6XXXXXXO C7XXXXXXO C8XXOOXXO C9XXXXXXO

20 多媒體網路安全實驗室 Conclusion  Low Communication and Computation Cost  No Password Table  Choosing and Changing of Passwords by Users  No Time-Synchronization Problem  Identity Protection  Revoking the Lost Cards Without Changing  Session Key Agreement 20

21 多媒體網路安全實驗室

Download ppt "多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人:向峻霈."

Similar presentations

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : 2012.10.24 Reporter : Hong Ji Wei Authors.

多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : Reporter : Hong Ji Wei Authors.
多媒體網路安全實驗室 Source:International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH- MSP),2010 Sixth. Authors:Hsiang-Cheh.

多媒體網路安全實驗室 Source:International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH- MSP),2010 Sixth. Authors:Hsiang-Cheh.
多媒體網路安全實驗室 Towards Secure and Effective Utilization over Encrypted Cloud Data 報告人 : 葉瑞群 日期 :2012/05/09 出處 :IEEE Transactions on Knowledge and Data Engineering.

多媒體網路安全實驗室 Towards Secure and Effective Utilization over Encrypted Cloud Data 報告人 : 葉瑞群 日期 :2012/05/09 出處 :IEEE Transactions on Knowledge and Data Engineering.
A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :11.23 1.

A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :
Computer and Information Security 期末報告 學號 92321501 姓名 莊玉麟.

Computer and Information Security 期末報告 學號 姓名 莊玉麟.
A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.

A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.
A Server-aided Signature Scheme Based on Secret Sharing for Mobile Commerce Source: Journal of Computers, Vol.19, No.1, April 2008 Author: Chin-Ling Chen,

A Server-aided Signature Scheme Based on Secret Sharing for Mobile Commerce Source: Journal of Computers, Vol.19, No.1, April 2008 Author: Chin-Ling Chen,
電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.

電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.
A password authentication scheme with secure password updating SEC 期末報告 學號: 89321037 姓名:翁玉芬.

A password authentication scheme with secure password updating SEC 期末報告 學號: 姓名:翁玉芬.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
1 Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment Authors : Han-Cheng Hsiang and Wei-Kuan Shih.

1 Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment Authors : Han-Cheng Hsiang and Wei-Kuan Shih.
Efficient Multi-server Password Authenticated Key Agreement Using Smart Cards Computer and Information Security 92321509 Ming-Hong Shih.

Efficient Multi-server Password Authenticated Key Agreement Using Smart Cards Computer and Information Security Ming-Hong Shih.
90321011 孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : 2003.11.26 in Computers & Security.

孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : in Computers & Security.
An Improved Smart Card Based Password Authentication Scheme with Provable Security Source:Computer Standards & Interfaces, Vol. 31, No. 4, pp. 723-728,

An Improved Smart Card Based Password Authentication Scheme with Provable Security Source:Computer Standards & Interfaces, Vol. 31, No. 4, pp ,
A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.
Improvement of Hwang-Lo-Lin scheme based on an ID-based cryptosystem No author given (Korea information security Agency) Presented by J.Liu.

Improvement of Hwang-Lo-Lin scheme based on an ID-based cryptosystem No author given (Korea information security Agency) Presented by J.Liu.
多媒體網路安全實驗室 A Strong User Authentication Framework for Cloud Computing Date : 2012.08.10 Reporter : Hong Ji Wei Authors : Amlan Jyoti Choudhury, Mangal.

多媒體網路安全實驗室 A Strong User Authentication Framework for Cloud Computing Date : Reporter : Hong Ji Wei Authors : Amlan Jyoti Choudhury, Mangal.
多媒體網路安全實驗室 A Security Framework of Group Location-Based Mobile Applications in Cloud Computing Date : 2012.07.17 Reporter : Hong Ji Wei Authors : Yu-Jia.

多媒體網路安全實驗室 A Security Framework of Group Location-Based Mobile Applications in Cloud Computing Date : Reporter : Hong Ji Wei Authors : Yu-Jia.

Similar presentations

Ads by Google