Presentation is loading. Please wait.

Presentation is loading. Please wait.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September 2007 1.

Similar presentations


Presentation on theme: "Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September 2007 1."— Presentation transcript:

1 Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September 2007 1

2  Preliminaries  Introduction  Security requirements  Proposed Scheme : AAKE-R  Analysis  Conclusion 2

3  Data Confidentiality – keeping information secret from all but who are authorized to it Eavesdropping A B C 3

4  Authentication – corroboration of identity of entity Impersonation AB C 4

5  a.k.a Secret key cryptosystem Symmetric encryption for data confidentiality Message Authentication Code (MAC) for Authentication 5

6  a.k.a Public key cryptosystem Asymmetric encryption for data confidentiality Digital signature scheme for Authentication 6

7 Symmetric key cryptosystem Asymmetric key cryptosystem Computation speedFastSlow Key distributionDifficultEasy The number of entire keysn(n-1)/22n 7 Comparison table

8  Key distribution in symmetric setting is a problem  Two different types of key  Long-term key ▪ Set up initial key for each entity ▪ Key Pre-distribution System  Session (short-term) key ▪ After long-term key set up, share secret information among 2 or multi entities ▪ Key Establishment System  Authenticated key exchange is a solution to establish session key 8

9  In asymmetric setting, two entities authenticate each other and establish session key using digital signature scheme.  Key transport: one party creates and transfers it to the other(s)  Key exchange: a shared secret is derived by two or more parties as a function of information contributed by. No party can determine the resulting value. 9

10 To authenticate each other, these values should be signed using digital signature scheme 10

11  A cryptographic hash function is a transformation that takes an input and returns a fixed-size string, which is called the hash value  One-wayness – calculating H(x) = y is easy, but given y, to find x is difficult  Collision free – Two different x1, x2 cannot have the same hash value y 11

12  A technology lets a user originally subscribed to a network can travel to another network administrated by a different operator and access services provided by this network as a visiting user or a guest  User can enjoy a much broader coverage in terms of services or geographical areas without being limited by that of their own networks 12

13 Home server Foreign server Roaming user Home service area Foreign service area 13

14  Server Authentication – The user is sure about the identity of the foreign server  Subscription validation – The foreign server is sure about the identity of the home server of the user  Key Establishment – The user and the foreign server establish a random session key which is known only to them and is derived from contributions of both of them. In particular, the home server should not obtain the session key  User Anonymity – Besides the user and the home server, no one including the foreign serve can tell the identity of the user  User Untraceability – Besides the user and the home server, no one including the foreign server is able to identify any previous protocol runs which have the same user involved 14

15 15 Notation table

16  AKE (Authenticated Key Exchange)  AAKE (Anonymous Authenticated Key Exchange)  AKT (Authenticated Key Transport) 16

17  There is a direct link between roaming user and foreign server and another direct link between home server and foreign server  Roaming user know the public key of foreign server  Each user knows its home server’s public key and each server knows the public keys of all its subscribers  All servers know the public keys of all other servers in roaming network 17

18 18

19 19

20 Server AuthenticationSubscription validation Key EstablishmentUser Anonymity & User traceability 20

21 21

22  A secure and generic AAKE-R construction using AAKE and AKT as building blocks  It satisfies the security requirements of AAKE-R suggested by the authors 22

23  User privacy violation – The home server can track roaming user  They do not suggest detailed performance evaluation. I think the overhead is big due to several asymmetric computation 23

24  Addressing user tracking problem by home server  Study of additional requirements such as supporting differentiated access  Try to find a way to reduce the number of asymmetric computation modifying AAKE-R or design novel AAKE-R that has lower computation overhead even though it satisfies same requirements 24


Download ppt "Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September 2007 1."

Similar presentations


Ads by Google