多媒體網路安全實驗室 A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for mobile Networks 作者 :Zhiguo Wan,Kui Ren,Bart.

Slides:

Advertisements

Similar presentations

Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.

Advertisements

Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen.

An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,

GSM Security and Encryption

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

A Versatile Storage System for Future Networking Architecture Prof. Xiaohua Jia City University of Hong Kong 1.

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

© 2004 Mobile VCE June 2004 Security – Requirements and approaches to securing future mobile services Malcolm K Payne BT.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

Ubiquitous Access Control Workshop 1 7/17/06 Access Control and Authentication for Converged Networks Z. Judy Fu John Strassner Motorola Labs {judy.fu,

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

SECURITY IN MOBILE NETWORKS BY BHONGIRI ANAND RAJ VENKAT PAVAN RAVILISETTY NAGA MOHAN MADINENI.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Inter-Domain Identity-Based Authenticated Key Agreement Protocols from Weil Pairing Authors: Hong-bin Tasi, Yun-Peng Chiu and Chin-Laung Lei From:ISC2006.

1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科教授 (Prof. Jinn-Ke Jan) 陳育毅.

APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services Zhichao Zhu and Guohong Cao Department of Computer Science and.

NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From ： Proceeding of the First International Conference on Security and Privacy for.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.

Key Management in Cryptography

1 Authentication Protocols Celia Li Computer Science and Engineering York University.

Wireless Network Security By Patrick Yount and CIS 4360 Fall 2009 CIS 4360 Fall 2009.

An Efficient Identity-based Cryptosystem for

GSM Network Security ‘s Research Project By: Jamshid Rahimi Sisouvanh Vanthanavong 1 Friday, February 20, 2009.

GSM: The European Standard for Mobile Telephony Presented by Rattan Muradia Requirement for course CSI 5171 Presented by Rattan Muradia Requirement for.

1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Security Chapter 8.

3Com Confidential Proprietary 3G CDMA AAA Function Yingchun Xu 3COM.

Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

Introduction to Public Key Infrastructure January 2004 CSG Meeting Jim Jokl.

2003/12/291 Security Aspects of 3G-WLAN Interworking 組別： 2 組員：陳俊文 , 李奇勇 , 黃弘光 , 林柏均

KAIS T Wireless Network Security and Interworking Minho Shin, et al. Proceedings of the IEEE, Vol. 94, No. 2, Feb Hyeongseop Shim NS Lab, Div. of.

Cellular Access Control and Charging for Mobile Operator Wireless Local Area Networks H. Haverinen, J. Mikkonen and T. Takamaki, Nokia Wei-Jen, Lin Advanced.

Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :

A security framework combining access control and trust management for mobile e-commerce applications Gregor v.Bochmann, Zhen Zhang, Carlisle Adams School.

Wireless Network Security and Interworking

4.1 Security in GSM Security services – access control/authentication user  SIM (Subscriber Identity Module): secret PIN (personal identification number)

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.

Security Protection on Trust Delegated Medical Data in Public Mobile Networks Dasun Weerasinghe, Muttukrishnan Rajarajan and Veselin Rakocevic Mobile Networks.

Enhanced secure anonymous authentication scheme for roaming service in global mobility networks Hyeran Mun, Kyusuk Han, Yan Sun Lee, Chan Yeob Yeun, Hyo.

Chapter 4 Using Encryption in Cryptographic Protocols & Practices.

Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.

Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.

Authentication protocol providing user anonymity and untraceability in wireless mobile communication systems Computer Networks Volume: 44, Issue: 2, February.

多媒體網路安全實驗室 Anonymous ID Signature Scheme with Provable Identity Date： Reporter :Chien-Wen Huang 出處： 2008 Second International Conference on Future.

Chapter 4 - X.509 Authentication TE-405 Network Security and Management Fall Dr. Faisal Kakar

Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction.

A Novel Privacy Preserving Authentication and Access Control Scheme for Pervasive Computing Environments Authors: Kui Ren, Wenjing Lou, Kwangjo Kim, and.

Omniran CF00 1 Key Concepts of Authentication and Trust Establishment Date: Authors: NameAffiliationPhone Max RiegelNokia Networks+49.

SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.

Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.

Fall 2006CS 395: Computer Security1 Key Management.

Key Management and Distribution Anand Seetharam CST 312.

VANETs. Agenda System Model → What is VANETs? → Why VANETs? Threats Proposed Protocol → AOSA → SPCP → PARROTS Evaluation → Entropy → Anonymity Set → Tracking.

Key Generation Protocol in IBC Author ： Dhruti Sharma and Devesh Jinwala 論文報告 2015/12/24 董晏彰 1.

Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.

Meeting Reports  A new delegation-based authentication protocol for use in portable communication systems IEEE Transactions on Wireless Communications,

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

Presented by Edith Ngai MPhil Term 3 Presentation

LM 7. Cellular Network Security

Presentation transcript:

多媒體網路安全實驗室 A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for mobile Networks 作者 :Zhiguo Wan,Kui Ren,Bart Preneel 出處 :ACM Transactions on Knowledge Discovery from Data TKDD(2008) 日期 :2012/07/18 報告人 : 葉瑞群

多媒體網路安全實驗室 Outline INTRODUCTION 1 REALATED WORK 2 PRELIMINARY 33 THE HIERARCHICAL ID-BASED ANONYMOUS ROAMING PROTOCOL 44 2 ANALYSIS 35 CONCLUSION 46

多媒體網路安全實驗室 INTRODUCTION(1/5)  As the fast development of wireless technology, various wireless networks with higher data rate and broader communication range have been deployed and used in our daily life, including telecommunication systems (e.g. 3G etc.), WLAN (e.g ), WMAN (e.g. WiMAX). 3

多媒體網路安全實驗室 INTRODUCTION(2/5) 4

多媒體網路安全實驗室 INTRODUCTION(3/5)  Privacy protection comes in different levels. A good anonymity requirement classification has been proposed in,in which different anonymity requirements are grouped into five classes from the weakest to the strongest one. 5

多媒體網路安全實驗室 INTRODUCTION(4/5)  C1: Any user is anonymous and his activities are unlinkable to eavesdroppers.  C2: In addition to C1 anonymity, any user is anonymous and his activities are unlinkable to foreign servers.  C3: In addition to C2 anonymity, relationship anonymity between the user and servers from eavesdroppers.  C4: In addition to C3 anonymity, the home server is anonymous to foreign servers.  C5: In addition to C4 anonymity, any user is anonymous and his activities are unlinkable to his home server. but foreign servers are allowed to know the identity of the home server. 6

多媒體網路安全實驗室 INTRODUCTION(5/5)  In our scheme,we use a 2-layer hierarchical ID-based cryptosystem in which a trusted party acts as the root authority, each domain server acts as the second-layer authority, and the roaming user is the end user. 7

多媒體網路安全實驗室 REALATED WORK(1/2)  The Global System for Mobile (GSM) communication system is the first radio network providing anonymity to subscribers. In GSM, after a roaming subscriber authenticates himself to a foreign network using his IMSI (International Mobile Subscriber Identifier), he is assigned a series of TMSI’s (Temporary Mobile Subscriber Identifier). 8

多媒體網路安全實驗室 REALATED WORK(2/2)  The third generation mobile cellular communication system UMTS, though improved from the security mechanism of GSM, uses the same mechanism to provide anonymity for subscribers. 9

多媒體網路安全實驗室 PRELIMINARY(1/1) Nymi - The i-th pseudonym of user U s - Master secret held by a root server K S - Secret key of domain S, derived from the master secret K - A roaming user’s real ID-based private key ki - A roaming user’s ID-based private key for Nymi sks, sku - The session key computed by the server and the user h - A linear e-one-way hash function from G1 × Zq →G1 H 1 - A hash function maps from {0, 1} to G1 H 2 - A hash function maps from {0, 1} to Zq H 3 - A hash function maps from G2 to {0, 1} m for some m H 4 - A hash function maps from {0, 1} to {0, 1} l for some security parameter l 10

多媒體網路安全實驗室 THE HIERARCHICAL ID-BASED ANONYMOUS ROAMING PROTOCOL(1/3)  a domain server S is assigned a domain key KS = sH1(S). Then a user U can register at a domain server and present a number of pseudonyms Nym1,...Nymn to the server.  The domain server then generates keys for the user U as ki = h(KS,H2(S||Nymi)) for each pseudonym Nymi. 11

多媒體網路安全實驗室 THE HIERARCHICAL ID-BASED ANONYMOUS ROAMING PROTOCOL(2/3) 12

多媒體網路安全實驗室 THE HIERARCHICAL ID-BASED ANONYMOUS ROAMING PROTOCOL(3/3) 13

多媒體網路安全實驗室 Discussion(1/2)  In the above authentication protocol, we have not dealt with the ID-based private key distribution problem and the non-repudiation problem.  After successful execution of the roaming authentication protocol, non-repudiation should be provided in the following service request protocol. In this step, we also use oneway hash chains to implement non-repudiation. 14

多媒體網路安全實驗室 Discussion(2/2) 15

多媒體網路安全實驗室 ANALYSIS(1/3) Security  The foreign server does not need to verify any certificate as in traditional public key cryptosystems. These benefits attribute to the hierarchical ID-based encryption system. 16

多媒體網路安全實驗室 ANALYSIS(2/3) Privacy  For an eavesdropper of the protocol, the user’s pseudonym and his home domain identity are protected with the foreign server’s ID-based public key. As a result, no outsider can discover who the roaming user is and which domain this user belongs to. 17

多媒體網路安全實驗室 ANALYSIS(3/3) Performance 18

多媒體網路安全實驗室 CONCLUSION(1/1)  The proposed scheme provides user anonymity against the foreign server and his home server, and moreover,it does not need the home server online for authentication between the user and the foreign server. 19

多媒體網路安全實驗室