1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科教授 (Prof. Jinn-Ke Jan) 陳育毅.

Slides:

Advertisements

Similar presentations

E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April Seo, Seung-Hyun Dept. of Computer Science and.

Advertisements

Anonymity without Sacrificing Performance Enhanced Nymble System with Distributed Architecture CS 858 Project Presentation Omid Ardakanian * Nam Pham *

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

Secure Multiparty Computations on Bitcoin

1 An Ultra-lightweight Authentication Protocol in RFID Speaker: 魏家惠.

A Pairing-Based Blind Signature

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Digital Signatures and Hash Functions. Digital Signatures.

1 Secure Credit Card Transactions on an Untrusted Channel Source: Information Sciences in review Presenter: Tsuei-Hung Sun ( 孫翠鴻 ) Date: 2010/9/24.

LOGO Multi-user Broadcast Authentication in Wireless Sensor Networks ICU Myunghan Yoo.

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中日期 :

FIT3105 Smart card based authentication and identity management Lecture 4.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

研究生：蔡憲邦指導教授：柯開維博士 Design of Efficient and Secure Multiple Wireless Mesh Network 具安全性及自我組織能力的無線網狀網路.

A Server-aided Signature Scheme Based on Secret Sharing for Mobile Commerce Source: Journal of Computers, Vol.19, No.1, April 2008 Author: Chin-Ling Chen,

電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.

RFID Security and Privacy Part 2: security example.

1 Blind Signatures 盲簽章 Chun-I Fan 范俊逸 E-Commerce & Security Engineering Lab. Department of Computer Science and Engineering National Sun Yat-Sen University.

Design, Implementation, and Experimentation on Mobile Agent Security for Electronic Commerce Applications Anthony H. W. Chan, Caris K. M. Wong, T. Y. Wong,

Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.

Anonymity and Security in Public Internet Forums Ho-fung LEUNG Senior Member, IEEE Dept. of Computer Science & Engineering The Chinese University of Hong.

APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services Zhichao Zhu and Guohong Cao Department of Computer Science and.

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

Identity Base Threshold Proxy Signature Jing Xu, Zhenfeng Zhang, and Dengguo Feng Form eprint Presented by 魏聲尊.

YA-TRAP: Yet Another Trivial RFID Authentication Protocol Gene Tsudik International Conference on Pervasive Computing and Communications, PerCom 2006.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

- 1 - Secure and Serverless RFID Authentication and Search Protocols Chiu C. Tan, Bo Sheng, and Qun Li IEEE Transactions on Wireless Communication APRIL.

Digital Cash By Gaurav Shetty. Agenda Introduction. Introduction. Working. Working. Desired Properties. Desired Properties. Protocols for Digital Cash.

多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人：向峻霈.

1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September

多媒體網路安全實驗室 An Efficient RFID Authentication Protocol for Low-cost Tags Date ： Reporter : Hong Ji Wei Authors : Yanfei Liu From : 2008 IEEE/IFIP.

1 Authentication and Digital Signature Schemes and Their Applications to E-commerce ( 身份認證與數位簽章技術及其在電子商務上的應用 ) Advisor: Chin-Chen Chang 1, 2 Student: Ya-Fen.

Copyright Protection Allowing for Fair Use Team 9 David Dobbs William Greenwell Jennifer Kahng Virginia Volk.

1 Three-Party Authenticated Key Agreements and Its Applications- PCSs Roaming Protocol 李添福 (Tian-Fu Lee) 國立成功大學資訊工程博士 Cryptography/ Network security/ Wireless.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

An ID-Based Mutual Authentication and Key Exchange Protocol for Low- Power Mobile Devices Authors: Tsu-Yang Wu and Yuh-Min Tseng Source: The Computer Journal.

Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :

Shanti Bramhacharya and Nick McCarty. This paper deals with the vulnerability of RFIDs A Radio Frequency Identifier or RFID is a small device used to.

Enhanced secure anonymous authentication scheme for roaming service in global mobility networks Hyeran Mun, Kyusuk Han, Yan Sun Lee, Chan Yeob Yeun, Hyo.

1 一個新的代理簽章法 A New Proxy Signature Scheme 作者 : 洪國寶, 許琪慧, 郭淑娟與邱文怡報告者 : 郭淑娟.

Digital Signatures, Message Digest and Authentication Week-9.

1 Efficient User Authentication and Key Management for Peer-to- Peer Live Streaming Systems Authors: X. Liu, Y. Hao, C. Lin, and C. Du Source: Tsinghua.

© copyright NTT Information Sharing Platform Laboratories Cryptographic Approach to “Privacy-Friendly” Tags Miyako Ohkubo, Koutarou Suzuki, and Shingo.

Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.

SPEAKER: HONG-JI WEI DATE: Secure Anonymous Authentication Scheme with Roaming for Mobile Networks.

Prepared by Dr. Lamiaa Elshenawy

A new provably secure certificateless short signature scheme Authors: K.Y. Choi, J.H. Park, D.H. Lee Source: Comput. Math. Appl. (IF:1.472) Vol. 61, 2011,

© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.

Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction.

1 An Ordered Multi-Proxy Multi-Signature Scheme Authors: Min-Shiang Hwang, Shiang-Feng Tzeng, Shu-Fen Chiou Speaker: Shu-Fen Chiou.

Security  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.

SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 : Xiong Li, Yongping.

Hash-based Enhancement of Location Privacy for Radio- Frequency Identification Devices using Varying Identifiers Author ： Dirk Henrici and Paul Muller.

TOMIN: Trustworthy Mobile Cash with Expiration-date Attached Author: Rafael Martínez-Peláez and Francisco Rico-Novella. Source: Journal of Software, 2010,

多媒體網路安全實驗室 Private Information Retrieval Scheme Combined with E- Payment in Querying Valuable Information Date： Reporter: Chien-Wen Huang 出處:

多媒體網路安全實驗室 An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security Date:2012/02/16.

Meeting Reports  A new delegation-based authentication protocol for use in portable communication systems IEEE Transactions on Wireless Communications,

多媒體網路安全實驗室 A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for mobile Networks 作者 :Zhiguo Wan,Kui Ren,Bart.

無線環境的認證方法及其在電子商務應用之研究

網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments

By Hyun-Chul Kim, Hong-Woo Lee, Kyung-Seok Lee, Moon-Seog Jun

Presentation transcript:

1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科教授 (Prof. Jinn-Ke Jan) 陳育毅教授 ( Prof. Yu-Yi Chen) 研究生 : 陳昕逸 (Shin-I Chen)

2 Outline Agent-based Electronic Commerce Transaction  Introduction  Privacy issue of agent-based system  Wang’s scheme  Our scheme  Analysis  Conclusion RFID system  Introduction  Location privacy issue of RFID system  Previous schemes  Our scheme  Analysis  Conclusion

Part 1: Privacy Issues of Agent-based Electronic Commerce Transaction

4 Service Provider Introduction What is Agent-based Electronic Commerce Transaction??? I want to buy a Sony DVD player User User Agent Sony DVD player?

5 Privacy Issues of agent-based system User PlatformSP Platform User Agent SP Agent User Service Provider User Agent SP Agent

6 Service Provider Privacy Issues of agent-based system TTP User User Agent Agent Home

7 Servers Wang’s scheme CMC Customer Agent Home 1.Register ID Return a pseudonym 2.Apply for a agent Return Transaction ID I want to buy a Sony DVD player 3.Agent Executing 4.Order Verification

8 Preliminaries Customer CMC Agent Home Servers

9 Registration Phase 1.Send 2.Send a random message 3.Send 1.Register Customer’s identity 2.Varify Customer’s Key Pair 3.Generate pseudonym CMC Public List 4.check Customer

10 Mobile Agent issuing Customer 1.Apply for a agent using pseudonym (Problem 1) 2.Receive Transaction ID (Problem 2) 3.Shopping agent issuing 1.Send 2.Send 3.Send Agent Home CMC 4.check

11 Server Executing the Agent 1.Send the purchase message to the server 2.Generate the bid message and sign it (Problem 3) 3.Return signed bid message Agent 1.Send 2.Send

12 Order Verification 1.Return bid message 2.Varify bid message Agent 1.Send Custome r Check 2.Calculate

13 Problems of Wang’s protocol 1.CMC should keep online 2. CMC will be the bottle neck while a mass of connection CMC Agent Home Public List CustomerA Check

14 Problems of Wang’s protocol 1.Transaction ID, should be changed in each session Customer Agent Home 2.Apply for a agent Return Transaction ID

15 Problems of Wang’s protocol 1.A transaction key pair should be generate Servers Agent Home

16 Servers Our protocol CMC Customer Agent Home 1.Registeration Return a signature 2.Apply for a agent Return Shuffled Transaction ID I want to find a cheapest Sony DVD player 4.Result reporting 3.Agent executing

17 Preliminaries Customer CMC Agent Home Servers

18 Registration Phase Customer 1.Send 2.Send 1.Register personal identity 2.Return corresponding signature CMC

19 Agent issuing Phase 1.Apply for an agent-service 2.Generate a shuffled transaction number 3.Signed the query message 1.Send 2.Send 4.Send Customer Agent Home Check

20 Executing the Agent 1.Receive query message and verify it 2.Generate bid message and sign it 3.Attach the bid message Check 2.Send Server Agent 1.Send

21 Our protocol 1.Agent reports the results to AH 2.AH send a list of bid message 3.Customer choose favorite purchase Agent Customer Favorite purchase 4.Send full message with signature Agent Home Check

22 Analysis (1/4) Anonymity –Customer’s identity is only known by the trusted CMC. CMC knows AH knows Servers know –Transaction number will be changed in each session. Customer generates in each session. Transaction number

23 Analysis (2/4) Unforgeability –Each message is signed by the creator Query message is signed by the customer Bid message is signed by the server

24 Analysis (3/4) Non-repudiation –Query message is signed by the customer –Bid message is signed by the server –No one can tamer the message. It means the original creator of the message can not repudiate the message.

25 Analysis (4/4) Feasibility –AH need not to contact with CMC to check the validity of Customer. –AH verify the customer using CMC’s public key –We avoid CMC to be a bottle neck.

Conclusion We propose the a secure scheme on agent- based electronic commerce transaction with privacy protection. In our scheme, we solve the bottle neck problem of CMC and enhance the privacy protection of customers.

Part 2: Location Privacy Issue of RFID System

28 Introduction RFID TAG Terminal with a reader Database Server Request Unique Code Information

Location privacy issue of RFID system Just Reader Unjust Reader Interceptor

30 Previous schemes(1/4) Hash chain RFID TAG Terminal with a reader Database Server Hash circuit 1.Request ID 2. 4.Return information 3.For each ID in database

31 Previous schemes(2/4) Random Hash lock RFID TAG Terminal with a reader Database Server Hash circuit and Random number generator 1.Request ID 2. 4.Return information 3.For each ID in database Interceptor knows Forward secrecy?

32 Previous schemes(3/4) Random ID Update RFID TAG Terminal with a reader Database Server Hash circuit IdentityArrayInfo. …. ………. IdentityArrayIndex

33 Previous schemes(3/4) RFID TAG Terminal with a reader Database Server Hash circuit 1.Request ID 2. 4.Return information 3.For each ID in database Random ID Update Interceptor knows ?

34 Previous schemes(3/4) RFID TAG Terminal with a reader Database Server Hash circuit 4.Return information Random ID Update Update array= Update identity= Update array= Update identity=

35 Previous schemes(3/4) RFID TAG Terminal with a reader Database Server Hash circuit 1.Request ID 4.Return information For each ID in database Random ID Update Interceptor Replay attack?Efficiency?

36 Previous schemes(4/4) RFID TAG Terminal with a reader Database Server 1.Location privacy: Requirements 2.Replay attack: Interceptor knows 3.Forward secrecy: ? 4.Feasibility: high-efficiency and low-cost

37 Our scheme RFID TAG Terminal with a reader Database Server Hash circuit IdentityInfo.Common secrete …. ………. IdentityCommon secrete Index

38 Our scheme RFID TAG Terminal with a reader Database Server Hash circuit Reading Phase

39 Our scheme RFID TAG Terminal with a reader Database Server Hash circuit 4.Return information Reading Phase 3.

40 Our scheme RFID TAG Terminal with a reader Database Server Hash circuit Updating Phase New common secreteupdate common secrete as 4.Return information

41 Analysis (1/4) Location privacy –In step 2 of reading phase, the tag should generate the response values and as follows. –Clearly, the two values will be different and independent in each access since the involved random number and the one-way hash value

42 Analysis (2/4) Replay attack – In step 3 of reading phase, the reader forwards the challenge number and the tag’s response values to the database server. Then the database server reveals the secret identity of the tag as follows. –It may exist a legitimate secret identity in the database, but it can not pass the following verification.

43 Analysis (3/4) Forward secrecy –For each session to authenticate an tag, the tag should generate the following two values and. –Even if the long term key had leaked out, it will not cause the values of the future session can be conquered. Suppose the common secret is still kept secret.

44 Analysis (4/4) Feasibility –In our scheme, the database need not to compare the emitted data with all hash values of identities. –The database authenticate a user using following equation.

45 Conclusion We propose a secure scheme on RFID system with location privacy protection. In our scheme, we achieve all security requirements such as location privacy, replay attack, and forward secrecy. Moreover our scheme is more efficient than others.

46 Thank You

47 Server Problems of Wang’s protocol 2.Next transaction, should be changed 1.After transaction, Server may knows the relationship between Customer Agent Home Apply for a agent Return Transaction ID

48 Introduction Coil RAM or/and ROM processor RFID TAG Terminal with a reader Database Server

Location privacy issue of RFID system Just Reader Unjust Reader Interceptor

50 Our scheme RFID TAG Terminal with a reader Database Server Hash circuit Reading Phase Interceptor 4.

51 Our scheme RFID TAG Terminal with a reader Database Server Hash circuit Reading Phase Interceptor 4.Return information

52 Our scheme RFID TAG Terminal with a reader Database Server Hash circuit Reading Phase Interceptor knows ? 4.Return information Common secrete should keep secrete