Presentation is loading. Please wait.

Presentation is loading. Please wait.

多媒體網路安全實驗室 Anonymous Authentication Systems Based on Private Information Retrieval Date:2010.12.16 Reporter: Chien-Wen Huang 出處: Networked Digital Technologies,

Published byKristopher Owen Modified over 8 years ago

Similar presentations

Presentation on theme: "多媒體網路安全實驗室 Anonymous Authentication Systems Based on Private Information Retrieval Date:2010.12.16 Reporter: Chien-Wen Huang 出處: Networked Digital Technologies,"— Presentation transcript:

1 多媒體網路安全實驗室 Anonymous Authentication Systems Based on Private Information Retrieval Date:2010.12.16 Reporter: Chien-Wen Huang 出處: Networked Digital Technologies, 2009. NDT '09. First International Conference

2 多媒體網路安全實驗室 Outline Introduction 1 PIR Based Authentication 2 Authentication Protocol Preventing Replay Attacks 33 Authentication Protocol Anonymous against Authentication-Server 44 Conclusions and Future Work 35

3 多媒體網路安全實驗室 Introduction  Due to increase of data storage available and progress of data mining technologies.  We focus on authentication with three types of entities:  a user who sends an authentication request.  an authentication-server who receives and verifies the request.  a database who supplies the authentication-server with information for verifying the request.

4 多媒體網路安全實驗室  Novel authentication protocols that satisfy the following important properties:  secure against replay-attacks.  the database(s) cannot identify which user is authenticating(anonymity against the database(s)).  the authentication-server cannot identify to which user a given authentication-request corresponds (anonymity against the authentication-server).

5 多媒體網路安全實驗室 PIR Based Authentication  The simple protocol has properties that  the authentication-server does not need not to store a set of passwords of users.  the database cannot identify which user is authenticating with the authentication-server. 1.Users:A user U i is assigned a unique identifier 2.Authentication-Server:who has sent an authentication request with identifier i is truly user U i.

6 多媒體網路安全實驗室 3.Databases: A database D stores a set P ={p 1, p 2,..., p n } of passwords of users.  It is important for an authentication protocol to satisfy the following requirements:  Correctness:if, the probability that the user U i is rejected by S.  Soundness:if, the probability that the user U i is accepted by S.  Anonymity against Database:It is hard for the database D to compute any information about the identifier.

7 多媒體網路安全實驗室  Simple Authentication Protocol Based on PIR  Definition 1 A single-database PIR for consists of the following three functions: 1.Query function Q: 2.Answer function A: 3.Reconstruction function R:

8 多媒體網路安全實驗室  For any set  For any,any probabilistic polynomial- time algorithm B, and sufficiently large w

9 多媒體網路安全實驗室  Simple authentication protocol based on PIR

10 多媒體網路安全實驗室  Theorem 1 The simple authentication protocol based on PIR satisfies correctness and soundness.  Theorem 2 The simple authentication protocol based on PIR satisfies anonymity against database. Proof: it is hard for any polynomial-time algorithms to compute any information about i from q.

11 多媒體網路安全實驗室 Authentication Protocol Preventing Replay Attacks  Prevent the authentication-server from obtaining a password, and prevents replay- attacks.  Password Protection and Security against Replay-Attack 1.Password Protection: it is hard for the S to compute the user’s password. 2.Security against Replay-attacks: it is hard for any adversary who can obtain transcripts of previous communication.

12 多媒體網路安全實驗室  Challenge-Response Authentication Protocol We assume that there exists an ideal hash function s.t. 1.it is hard to guess the input from an output (one- wayness) 2.it is hard to find two inputs that hash to the same output(collision resistance) 3.it is hard to distinguish whether an outputs from the hash function or from true random function (pseudo-randomness).  Let be an ideal hash function.

13 多媒體網路安全實驗室  Challenge-Response Authentication Protocol Based on PIR

14 多媒體網路安全實驗室  Theorem 3 The challenge-response authentication protocol based on PIR satisfies correctness, soundness, anonymity against database, password protection, and security against replay-attack. Proof: 1.(Correctness and soundness)  If,then clearly, the probability that U i is rejected by S is negligible,

15 多媒體網路安全實驗室  (Anonymity against Database) Since r is random value,r clearly includes no information about i.  (Password Protection) Since and H is a one-way hash function, it is hard to compute p i from  (Security against Replay-attacks) since H has one- wayness and pseudo-randomnes.

16 多媒體網路安全實驗室 Authentication Protocol Anonymous against Authentication-Server  In addition to the four requirements shown in the previous sections, we consider the following requirement.  Anonymity against Authentication-Server : It is hard for the authentication-server S to compute any information about the identifier i.

17 多媒體網路安全實驗室  Definition 2: An information theoretical k- database PIR without identifiers in reconstruction  k query functions Q 1,…,Q k :  Answer functions, A :  Reconstruction function,R :

18 多媒體網路安全實驗室 These functions satisfy the following requirements:  For any set  For any,,  For any,

19 多媒體網路安全實驗室  Authentication Protocol Anonymous against Authentication-Server  The key idea of the authentication protocol is to use a public key encryption scheme: key generation algorithm K, encryption algorithm E, and decryption algorithm T 1.For any Where 2.Semantic secure

20 多媒體網路安全實驗室  PIR-Based Authentication Protocol Anonymous against Authentication-Server

21 多媒體網路安全實驗室  Theorem 4 The proposed protocol satisfies correctness,soundness, password protection, security against replay-attacks, anonymity against databases, and anonymity against authentication-server proof:(Correctness and Soundness)  It is clear that if (Anonymity against Authentication-Server)  Since the public encryption scheme is semantic secure.

22 多媒體網路安全實驗室 Conclusions and Future Work  a single database which satisfies correctness, soundness, anonymity against database, password protection, and security against replay-attacks.  multiple databases which satisfies anonymity against authentication-server in addition to the previous properties.  The authentication protocol proposed is based on an information theoretical PIR.

23 多媒體網路安全實驗室

Download ppt "多媒體網路安全實驗室 Anonymous Authentication Systems Based on Private Information Retrieval Date:2010.12.16 Reporter: Chien-Wen Huang 出處: Networked Digital Technologies,"

Similar presentations

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Many-to-one Trapdoor Functions and their Relations to Public-key Cryptosystems M. Bellare S. Halevi A. Saha S. Vadhan.

Many-to-one Trapdoor Functions and their Relations to Public-key Cryptosystems M. Bellare S. Halevi A. Saha S. Vadhan.
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CIS 5371 Cryptography 3b. Pseudorandomness.

CIS 5371 Cryptography 3b. Pseudorandomness.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Foundations of Cryptography Lecture 5 Lecturer: Moni Naor.

Foundations of Cryptography Lecture 5 Lecturer: Moni Naor.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : 2012.10.24 Reporter : Hong Ji Wei Authors.

多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : Reporter : Hong Ji Wei Authors.
Foundations of Cryptography Lecture 13 Lecturer: Moni Naor.

Foundations of Cryptography Lecture 13 Lecturer: Moni Naor.
Foundations of Cryptography Lecture 4 Lecturer: Moni Naor.

Foundations of Cryptography Lecture 4 Lecturer: Moni Naor.
多媒體網路安全實驗室 Source:International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH- MSP),2010 Sixth. Authors:Hsiang-Cheh.

多媒體網路安全實驗室 Source:International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH- MSP),2010 Sixth. Authors:Hsiang-Cheh.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
多媒體網路安全實驗室 Towards Secure and Effective Utilization over Encrypted Cloud Data 報告人 : 葉瑞群 日期 :2012/05/09 出處 :IEEE Transactions on Knowledge and Data Engineering.

多媒體網路安全實驗室 Towards Secure and Effective Utilization over Encrypted Cloud Data 報告人 : 葉瑞群 日期 :2012/05/09 出處 :IEEE Transactions on Knowledge and Data Engineering.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
Private Information Retrieval Benny Chor, Oded Goldreich, Eyal Kushilevitz and Madhu Sudan Journal of ACM Vol.45 No6. 1998 Reporter : Chen, Chun-Hua Date.

Private Information Retrieval Benny Chor, Oded Goldreich, Eyal Kushilevitz and Madhu Sudan Journal of ACM Vol.45 No Reporter : Chen, Chun-Hua Date.
Proactive Secure Mobile Digital Signatures Work in progress. Ivan Damgård and Gert Læssøe Mikkelsen University of Aarhus.

Proactive Secure Mobile Digital Signatures Work in progress. Ivan Damgård and Gert Læssøe Mikkelsen University of Aarhus.
Identity Based Encryption

Identity Based Encryption

Similar presentations

Ads by Google