Presentation is loading. Please wait.

Presentation is loading. Please wait.

多媒體網路安全實驗室 A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for mobile Networks 作者 :Zhiguo Wan,Kui Ren,Bart.

Published byDiana Lyons Modified over 8 years ago

Similar presentations

Presentation on theme: "多媒體網路安全實驗室 A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for mobile Networks 作者 :Zhiguo Wan,Kui Ren,Bart."— Presentation transcript:

1 多媒體網路安全實驗室 A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for mobile Networks 作者 :Zhiguo Wan,Kui Ren,Bart Preneel 出處 :ACM Transactions on Knowledge Discovery from Data TKDD(2008) 日期 :2012/07/18 報告人 : 葉瑞群

2 多媒體網路安全實驗室 Outline INTRODUCTION 1 REALATED WORK 2 PRELIMINARY 33 THE HIERARCHICAL ID-BASED ANONYMOUS ROAMING PROTOCOL 44 2 ANALYSIS 35 CONCLUSION 46

3 多媒體網路安全實驗室 INTRODUCTION(1/5)  As the fast development of wireless technology, various wireless networks with higher data rate and broader communication range have been deployed and used in our daily life, including telecommunication systems (e.g. 3G etc.), WLAN (e.g. 802.11), WMAN (e.g. WiMAX). 3

4 多媒體網路安全實驗室 INTRODUCTION(2/5) 4

5 多媒體網路安全實驗室 INTRODUCTION(3/5)  Privacy protection comes in different levels. A good anonymity requirement classification has been proposed in,in which different anonymity requirements are grouped into five classes from the weakest to the strongest one. 5

6 多媒體網路安全實驗室 INTRODUCTION(4/5)  C1: Any user is anonymous and his activities are unlinkable to eavesdroppers.  C2: In addition to C1 anonymity, any user is anonymous and his activities are unlinkable to foreign servers.  C3: In addition to C2 anonymity, relationship anonymity between the user and servers from eavesdroppers.  C4: In addition to C3 anonymity, the home server is anonymous to foreign servers.  C5: In addition to C4 anonymity, any user is anonymous and his activities are unlinkable to his home server. but foreign servers are allowed to know the identity of the home server. 6

7 多媒體網路安全實驗室 INTRODUCTION(5/5)  In our scheme,we use a 2-layer hierarchical ID-based cryptosystem in which a trusted party acts as the root authority, each domain server acts as the second-layer authority, and the roaming user is the end user. 7

8 多媒體網路安全實驗室 REALATED WORK(1/2)  The Global System for Mobile (GSM) communication system is the first radio network providing anonymity to subscribers. In GSM, after a roaming subscriber authenticates himself to a foreign network using his IMSI (International Mobile Subscriber Identifier), he is assigned a series of TMSI’s (Temporary Mobile Subscriber Identifier). 8

9 多媒體網路安全實驗室 REALATED WORK(2/2)  The third generation mobile cellular communication system UMTS, though improved from the security mechanism of GSM, uses the same mechanism to provide anonymity for subscribers. 9

10 多媒體網路安全實驗室 PRELIMINARY(1/1) Nymi - The i-th pseudonym of user U s - Master secret held by a root server K S - Secret key of domain S, derived from the master secret K - A roaming user’s real ID-based private key ki - A roaming user’s ID-based private key for Nymi sks, sku - The session key computed by the server and the user h - A linear e-one-way hash function from G1 × Zq →G1 H 1 - A hash function maps from {0, 1} to G1 H 2 - A hash function maps from {0, 1} to Zq H 3 - A hash function maps from G2 to {0, 1} m for some m H 4 - A hash function maps from {0, 1} to {0, 1} l for some security parameter l 10

11 多媒體網路安全實驗室 THE HIERARCHICAL ID-BASED ANONYMOUS ROAMING PROTOCOL(1/3)  a domain server S is assigned a domain key KS = sH1(S). Then a user U can register at a domain server and present a number of pseudonyms Nym1,...Nymn to the server.  The domain server then generates keys for the user U as ki = h(KS,H2(S||Nymi)) for each pseudonym Nymi. 11

12 多媒體網路安全實驗室 THE HIERARCHICAL ID-BASED ANONYMOUS ROAMING PROTOCOL(2/3) 12

13 多媒體網路安全實驗室 THE HIERARCHICAL ID-BASED ANONYMOUS ROAMING PROTOCOL(3/3) 13

14 多媒體網路安全實驗室 Discussion(1/2)  In the above authentication protocol, we have not dealt with the ID-based private key distribution problem and the non-repudiation problem.  After successful execution of the roaming authentication protocol, non-repudiation should be provided in the following service request protocol. In this step, we also use oneway hash chains to implement non-repudiation. 14

15 多媒體網路安全實驗室 Discussion(2/2) 15

16 多媒體網路安全實驗室 ANALYSIS(1/3) Security  The foreign server does not need to verify any certificate as in traditional public key cryptosystems. These benefits attribute to the hierarchical ID-based encryption system. 16

17 多媒體網路安全實驗室 ANALYSIS(2/3) Privacy  For an eavesdropper of the protocol, the user’s pseudonym and his home domain identity are protected with the foreign server’s ID-based public key. As a result, no outsider can discover who the roaming user is and which domain this user belongs to. 17

18 多媒體網路安全實驗室 ANALYSIS(3/3) Performance 18

19 多媒體網路安全實驗室 CONCLUSION(1/1)  The proposed scheme provides user anonymity against the foreign server and his home server, and moreover,it does not need the home server online for authentication between the user and the foreign server. 19

20 多媒體網路安全實驗室

Download ppt "多媒體網路安全實驗室 A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for mobile Networks 作者 :Zhiguo Wan,Kui Ren,Bart."

Similar presentations

Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.

Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.
Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen.

Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen.
An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,

An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,
GSM Security and Encryption

GSM Security and Encryption
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
A Versatile Storage System for Future Networking Architecture Prof. Xiaohua Jia City University of Hong Kong 1.

A Versatile Storage System for Future Networking Architecture Prof. Xiaohua Jia City University of Hong Kong 1.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
Www.mobilevce.com © 2004 Mobile VCE June 2004 Security – Requirements and approaches to securing future mobile services Malcolm K Payne BT.

© 2004 Mobile VCE June 2004 Security – Requirements and approaches to securing future mobile services Malcolm K Payne BT.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.

Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Ubiquitous Access Control Workshop 1 7/17/06 Access Control and Authentication for Converged Networks Z. Judy Fu John Strassner Motorola Labs {judy.fu,

Ubiquitous Access Control Workshop 1 7/17/06 Access Control and Authentication for Converged Networks Z. Judy Fu John Strassner Motorola Labs {judy.fu,
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
SECURITY IN MOBILE NETWORKS BY BHONGIRI ANAND RAJ VENKAT PAVAN RAVILISETTY NAGA MOHAN MADINENI.

SECURITY IN MOBILE NETWORKS BY BHONGIRI ANAND RAJ VENKAT PAVAN RAVILISETTY NAGA MOHAN MADINENI.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Inter-Domain Identity-Based Authenticated Key Agreement Protocols from Weil Pairing Authors: Hong-bin Tasi, Yun-Peng Chiu and Chin-Laung Lei From:ISC2006.

Inter-Domain Identity-Based Authenticated Key Agreement Protocols from Weil Pairing Authors: Hong-bin Tasi, Yun-Peng Chiu and Chin-Laung Lei From:ISC2006.
1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科 教授 (Prof. Jinn-Ke Jan) 陳育毅.

1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科 教授 (Prof. Jinn-Ke Jan) 陳育毅.
APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services Zhichao Zhu and Guohong Cao Department of Computer Science and.

APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services Zhichao Zhu and Guohong Cao Department of Computer Science and.

Similar presentations

Ads by Google