Presentation is loading. Please wait.

Presentation is loading. Please wait.

Password-based user authentication and key distribution protocols for client-server applications Authors: Her-Tyan Yeh and Hung-Min Sun Sources: The Journal.

Published byStephen Bishop Modified over 9 years ago

Similar presentations

Presentation on theme: "Password-based user authentication and key distribution protocols for client-server applications Authors: Her-Tyan Yeh and Hung-Min Sun Sources: The Journal."— Presentation transcript:

1 Password-based user authentication and key distribution protocols for client-server applications Authors: Her-Tyan Yeh and Hung-Min Sun Sources: The Journal of Systems and Software, Vol.72, pp.97-103, 2004. Adviser: Min-Shiang Hwang Speaker: Chun-Ta Li Date: 2004/11/04

2 2 Outline IntroductionIntroduction Description of notations and security requirementsDescription of notations and security requirements Key transfer authentication protocol (KTAP)Key transfer authentication protocol (KTAP) Key agreement authentication protocol (KAAP)Key agreement authentication protocol (KAAP) ConclusionsConclusions CommentsComments

3 3 Introduction Password-based mechanismPassword-based mechanism –User authentication –Password guessing attacks –Server can use strong cryptographic secret Session key creationSession key creation –Key transfer protocol (two-party, three-party) –Key agreement protocol (two-party, three-party) three-party three-party KTAP KAAP

4 4 Introduction (cont.) Key Transfer Authentication Protocol (KTAP)Key Transfer Authentication Protocol (KTAP) Key Agreement Authentication Protocol (KAAP)Key Agreement Authentication Protocol (KAAP) Authentication Server Client Application Server Authentication Server Client Application Server authentication session key (K) authentication X 1 = g x mod P session key (K) Y 1 = g y mod P, K = g xy mod P session key (K) X1X1X1X1 Y1Y1Y1Y1

5 5 Description of notations and security requirements NotationsNotations –A: Client –B: AP server –S: Trust authentication server –P A : Password shared between A and S –S B : Secret key shared between B and S –K S : Public key of the trust authentication server –x, y, ra, rb: Random numbers –[info] K : Symmetric encryption with key K –{info} K : Asymmetric encryption with the Public key K

6 6 Description of notations and security requirements (cont.) Security requirementsSecurity requirements –Guessing attacks On-line guessing attackOn-line guessing attack Off-line guessing attackOff-line guessing attack –Replay attacks – Perfect forward secrecy AssumptionAssumption –All principals know the server’s public key Ks in the system –A poorly chosen password P A chosen by A is known to S via a secure channel –The application server’s secret key S B is known to S via a secure channel

7 7 Key transfer authentication protocol (KTAP) B (Application server) A (Client) S (Trust authentication server) {A, B, P A, ra} K S [A, B, [A, K] ra, K] S B [A, K] ra,[B, rb] K rb h(K): session key

8 8 Key transfer authentication protocol (cont.) Security analysisSecurity analysis –Guessing attacks -- P A in Message 1 is used only to authenticate A’s statusP A in Message 1 is used only to authenticate A’s status –Replay attacks Attacker can get is {[A, B, [A, K] ra, K] S B, [A, K] ra, [B, rb] K }Attacker can get is {[A, B, [A, K] ra, K] S B, [A, K] ra, [B, rb] K } –Perfect forward secrecy Attacker can know PA: doesn’t know server’s private keyAttacker can know PA: doesn’t know server’s private key unknown {A, B, P A, ra} K S unknown

9 9 Key transfer authentication protocol (cont.) Comparison with the related worksComparison with the related works

10 10 Key agreement authentication protocol (KAAP) B (Application server) A (Client) S (Trust authentication server) {A, B, P A, ra, g x } K S [A, g x ] S B g y, [B, rb] K rb K= g xy (session key)

11 11 Key agreement authentication protocol (cont.) Security analysisSecurity analysis –Guessing attacks -- P A in Message 1 is used only to authenticate A’s statusP A in Message 1 is used only to authenticate A’s status The attacker must also guess the value of raThe attacker must also guess the value of ra –Replay attacks (forge K`) Attacker can get is {{A, B, P A, ra, g x }, [A, g x ] S B, [B, rb] K }Attacker can get is {{A, B, P A, ra, g x }, [A, g x ] S B, [B, rb] K } –Perfect forward secrecy Attacker can know PA: doesn’t know server’s private keyAttacker can know PA: doesn’t know server’s private key {A, B, P A, ra, g x } K S unknown unknown unknown

12 12 Key agreement authentication protocol (cont.) Comparison with the related worksComparison with the related works

13 13 Conclusions Authors introduced key distribution protocols: KTAP and KAAPAuthors introduced key distribution protocols: KTAP and KAAP These two protocols can be applied to various communication systems in distributed computing environmentsThese two protocols can be applied to various communication systems in distributed computing environments

14 Thanks for your attention

Download ppt "Password-based user authentication and key distribution protocols for client-server applications Authors: Her-Tyan Yeh and Hung-Min Sun Sources: The Journal."

Similar presentations

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
1 東南技術學院九十二學年度第二學期 資工系第一次論文發表會 Analysis of an Improved Version of S/KEY One-Time Password Authentication Scheme Speaker: Maw-Jinn Tsaur 2004.05.12.

1 東南技術學院九十二學年度第二學期 資工系第一次論文發表會 Analysis of an Improved Version of S/KEY One-Time Password Authentication Scheme Speaker: Maw-Jinn Tsaur
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.

Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.

Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.
Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.
1 Three-Party Encrypted Key Exchange Without Server Public-Keys C. L. Lin, H. M. Sun, M. Steiner, and T. Hwang IEEE COMMUNICATIONS LETTER, VOL. 5, NO.12,

1 Three-Party Encrypted Key Exchange Without Server Public-Keys C. L. Lin, H. M. Sun, M. Steiner, and T. Hwang IEEE COMMUNICATIONS LETTER, VOL. 5, NO.12,
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
Online Security Tuesday April 8, 2003 Maxence Crossley.

Online Security Tuesday April 8, 2003 Maxence Crossley.
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.

1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.
8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.

8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Network Security--- User Authentication and Key Agreement Protocols

Network Security--- User Authentication and Key Agreement Protocols
A Secure Network Access Protocol (SNAP) A. F. Al Shahri, D. G. Smith and J. M. Irvine Proceedings of the Eighth IEEE International Symposium on Computers.

A Secure Network Access Protocol (SNAP) A. F. Al Shahri, D. G. Smith and J. M. Irvine Proceedings of the Eighth IEEE International Symposium on Computers.
A password authentication scheme with secure password updating SEC 期末報告 學號: 89321037 姓名:翁玉芬.

A password authentication scheme with secure password updating SEC 期末報告 學號: 姓名:翁玉芬.
Analysis of Key Agreement Protocols Brita Vesterås Supervisor: Chik How Tan.

Analysis of Key Agreement Protocols Brita Vesterås Supervisor: Chik How Tan.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

Similar presentations

Ads by Google