Download presentation
Presentation is loading. Please wait.
Published byNicholas Perkins Modified over 8 years ago
1
A Secure Identification and Key Agreement Protocol with User Anonymity (SIKA) Authors: Kumar Mangipudi and Rajendra Katti Source: Computers & Security, vol. 25, 2006, pp. 420-425 Presenter: Jung-wen Lo ( 駱榮問 ) Date: 2008/12/12
2
2 Outline Introduction Yang et al.’s scheme DoS Attack on Yang et al.’s scheme SIKA scheme Conclusions & Comment Improved SIKA scheme
3
3 Introduction Login Process User ’ s private information leaking Review WB Lee and CC Chang, “ User identification and key distribution maintaining anonymity for distributed computer network ” Computer Systems Science and Engineering, 15(4), 2000, pp.113 – 6 Impersonation attack TS Wu and CL Hsu, “ Efficient user identification scheme with key distribution preserving anonymity for distributed computer networks, ” Computer & Security, 23(2), 2004, pp.120 – 125 Server obtains user ’ s token Y Yang, S Wang, F Bao, J Wang and RH Deng, “ New efficient user identification and key distribution scheme providing enhanced security. ” Computer & Security, 23(8), 2004, pp. 697-704 User anonymity, User identification and Key agreement Vulnerable to a Denial-of-Service (DoS) attack
4
4 Notation (e,N),d: Public key & private key SCPC: Smart Card Producing Center P i : Secret token (P i =ID i d mod N) E k (.),D k (.): Symmetric-key cryptosystem H(.): Hash function ID i : Identity of user U i or server S i K ij : Session key T: Time stamp k,t: Random numbers
5
5 Yang et al.’s scheme UiUi SCPC Random t a=z e ID j mod N K ij =a t mod N x=g et mod N p=g t P i H(x,T) mod N y=E Kij (ID i ) Random k z=g k P j -1 mod N K ij =x k mod N ID ’ i =D Kij (y) xID ’ i H(x,T) ?=p e mod N M1(req.) M2(z) M3(x,y,p,T) Key Generation Phase Key Agreement Phase SjSj P i =ID i d mod N UiUi p e =(g t P i H(x,T) ) e = g et P i e H(x,T) =x (ID i d ) e H(x,T) =x (ID i ) H(x,T) {(e,N),d} a=z e ID j =(g k (ID j d ) -1 ) e ID j =g ke
6
6 DoS Attack on Yang et al.’s scheme UiUi SCPC Random t a ’ =z ’ e ID j mod N K ’ ij =a ’ t mod N x=g et mod N p=g t P i H(x,T) mod N y ’ =E K ’ ij (ID i ) Random k z=g k P j -1 mod N K ij =x k mod N ID ’ i =D Kij (y ’ ) xID ’ i H(x,T) ?=p e mod N M1(req.) M2 ’ (z ’ ) M3(x,y ’,p,T) Key Generation Phase Key Agreement Phase SjSj P i =ID i d mod N UiUi M2(z) {(e,N),d} Attacker
7
7 SIKA scheme UiUi SCPC Random t u=H(z,T,ID s ) w e s mod N s ?=g s u mod N s a=z e ID j mod N K ij =a t mod N x=g et mod N p=g t P i H(x,T) mod N y=E Kij (ID i ) Random k z=g k P j -1 mod N u=H(z,T,ID s ) v=ud s w=g s v mode N s K ij =x k mod N ID ’ i =D Kij (y) xID ’ i H(x,T) ?=p e mod N M1(req.) M2(z,T,w) M3(x,y,p,T) Key Generation Phase Key Agreement Phase SjSj P i =ID i d mod N UiUi {(e,N),d} {(e s,N s ),d s },g s w e s =(g s v ) e s =(g s ud s ) e s =g s u
8
8 Conclusions & Comment Conclusions Inherited security Enhanced security No DoS attack Comments Always has DoS attack Lots M1 makes server busy Efficiency improvement Improved SIKA scheme
9
9 UiUi SCPC Random t w ’ =H(z,T) W ’ ?=w a=z e ID j mod N K ij =a t mod N x=g et mod N p=g t P i H(x,T) mod N y=E Kij (ID i ||z ) Random k z=g k P j -1 mod N w=H(z,T) K ij =x k mod N ID ’ i ||z =D Kij (y) xID ’ i H(x,T) ?=p e mod N M1(req.) M2(z,T,w) M3(x,y,p,T) Key Generation Phase Key Agreement Phase SjSj P i =ID i d mod N UiUi {(e,N),d} {(e s,N s ),d s },g s
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.