A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

Slides:



Advertisements
Similar presentations
1 東南技術學院九十二學年度第二學期 資工系第一次論文發表會 Analysis of an Improved Version of S/KEY One-Time Password Authentication Scheme Speaker: Maw-Jinn Tsaur
Advertisements

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.
A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :
Computer and Information Security 期末報告 學號 姓名 莊玉麟.
An Authentication Scheme for Mobil Satellite Communication Systems Advisor: Prof. Jen-Chang Liu Graduate Student: Yi-Ching Chen( 陳怡靜 ) Date: 2004/05/26.
A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.
電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.
A password authentication scheme with secure password updating SEC 期末報告 學號: 姓名:翁玉芬.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
Efficient fault-tolerant scheme based on the RSA system Author: N.-Y. Lee and W.-L. Tsai IEE Proceedings Presented by 詹益誌 2004/03/02.
1 Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment Authors : Han-Cheng Hsiang and Wei-Kuan Shih.
Efficient Multi-server Password Authenticated Key Agreement Using Smart Cards Computer and Information Security Ming-Hong Shih.
孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : in Computers & Security.
An Improved Smart Card Based Password Authentication Scheme with Provable Security Source:Computer Standards & Interfaces, Vol. 31, No. 4, pp ,
Improvement of Hwang-Lo-Lin scheme based on an ID-based cryptosystem No author given (Korea information security Agency) Presented by J.Liu.
1 Security Weakness in a Three-Party Password-Based Key Exchange Protocol Using Weil Pairing From : ePrint (August 2005) Author : Junghyun Nam, Seungjoo.
An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks DAOJING HE, YI GAO, SAMMY CHAN, CHUN CHEN, JIAJUN BU Ad Hoc & Sensor Wireless.
多媒體網路安全實驗室 A Strong User Authentication Framework for Cloud Computing Date : Reporter : Hong Ji Wei Authors : Amlan Jyoti Choudhury, Mangal.
1 Further cryptanalysis of fingerprint-based remote user authentication scheme using smartcards Authors: W.C Ku, S.T. Chang,and M.H. Chiang Source: Electronics.
多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人:向峻霈.
Cryptanalysis of Two Dynamic ID-based Authentication
1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.
Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September
多媒體網路安全實驗室 A novel user authentication and privacy preserving scheme with smartcards for wireless communications 作者 :Chun-Ta Li,Cgeng-Chi Lee 出處 :Mathematical.
Efficient remote mutual authentication and key agreement Improvement of Chien et al. ’ s remote user authentication scheme using smart cards An efficient.
An ID-Based Mutual Authentication and Key Exchange Protocol for Low- Power Mobile Devices Authors: Tsu-Yang Wu and Yuh-Min Tseng Source: The Computer Journal.
Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :
Cryptanalysis and Improvement of an Access Control in User Hierarchy Based on Elliptic Curve Cryptosystem Reporter : Tzer-Long Chen Information Sciences.
A Secure Identification and Key Agreement Protocol with User Anonymity (SIKA) Authors: Kumar Mangipudi and Rajendra Katti Source: Computers & Security,
1 Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards 使用在 smart cards 的強韌及高效率密碼驗證金鑰協定 IEEE Transactions on Industrial Electronics,
Enhanced secure anonymous authentication scheme for roaming service in global mobility networks Hyeran Mun, Kyusuk Han, Yan Sun Lee, Chan Yeob Yeun, Hyo.
Department of Computer Engineering, Kyungpook National University Author : Eun-Jun Yoon, Wan-Soo Lee, Kee-Young Yoo Speaker : Wan-Soo Lee
多媒體網路安全實驗室 Robust authentication and key agreement scheme preserving Date:2011/11/05 報告人:向峻霈 出處 : Ren-Chiun Wang Wen-Shenq Juang Chin-Laung Lei Computer.
Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.
SPEAKER: HONG-JI WEI DATE: Secure Anonymous Authentication Scheme with Roaming for Mobile Networks.
Password-only Authenticated Key Agreement Protocols Based on Self-certified Approach Tzong-Chen Wu and Yen-Ching Lin Department of Information Management.
A flexible biometrics remote user authentication scheme Authors: Chu-Hsing Lin and Yi-Yi Lai Sources: Computer Standards & Interfaces, 27(1), pp.19-23,
A new provably secure certificateless short signature scheme Authors: K.Y. Choi, J.H. Park, D.H. Lee Source: Comput. Math. Appl. (IF:1.472) Vol. 61, 2011,
User authentication schemes with pseudonymity for ubiquitous sensor network in NGN Authors: Binod Vaidya, Joel J. Rodrigues and Jong Hyuk Park Source:
Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction.
RSA-based password authenticated key exchange protocol Presenter: Jung-wen Lo( 駱榮問 )
1 An Ordered Multi-Proxy Multi-Signature Scheme Authors: Min-Shiang Hwang, Shiang-Feng Tzeng, Shu-Fen Chiou Speaker: Shu-Fen Chiou.
SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.
RFID Paper presentation The Security of EPC Gen2 Compliant RFID Protocols Source : Applied Cryptography and Network Security, VOL. 5037, 2008, pp
Threshold password authentication against guessing attacks in Ad hoc networks ► Chai, Zhenchuan; Cao, Zhenfu; Lu, Rongxing ► Ad Hoc Networks Volume: 5,
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 : Xiong Li, Yongping.
Threshold password authentication against guessing attacks in Ad hoc networks Authors: Zhenchuan Chai, Zhenfu Cao, Rongxing Lu Sources: Ad Hoc Networks,
A Secure Authentication Scheme with Anonymity for Wireless Communications IEEE COMMUNICATIONS LETTERS, VOL. 12, NO. 10, OCTOBER 2008 Chia-Chun Wu, Wei-Bin.
A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications,
A lightweight authentication scheme based on self-updating strategy for space information network Source: International Journal Of Satellite Communications.
網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments
Efficient password authenticated key agreement using smart cards
A robust and anonymous patient monitoring system using wireless medical sensor networks Source: Future Generation Computer Systems, Available online 8.
Security of a Remote Users Authentication Scheme Using Smart Cards
Authors: Wei-Chi KU, Hao-Chuan TSAI, Maw-Jinn TSAUR
An efficient biometric based remote user authentication scheme for secure internet of things environment Source: Journal of Intelligent & Fuzzy Systems.
Authors:Debiao He, Sherali Zeadally, Neeraj Kumar and Wei Wu
Date:2011/09/28 報告人:向峻霈 出處: Ren-Chiun Wang  Wen-Shenq Juang 
Controllable and Trustworthy Blockchain-based Cloud Data Management
Improvement of recently proposed Remote User Authentication Schemes
Authors: Yuh-Min TSENG, Tsu-Yang WU, Jui-DiWU
II. REVIEW OF THE DAS ET AL. SCHEME
Improvement of Chien et al
Biometrics-based RSA Cryptosystem for Securing Real-Time Communication
Privacy Protection for E-Health Systems by
Presentation transcript:

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications Vol. 32, issue4, 4 March 2009, p.p

outline Introduction Review Das et al ’s scheme Wang et al ’s scheme Analysis 2

Introduction Remote authentication – a mechanism to authenticate remote users over insecure communication network

Introduction (Lamport) 4 User Server Registration Login & Auth

Introduction 1981: Lamport proposed one-time password remote authentication scheme 2000: Hwang and Li proposed a new remote user authentication scheme using smart cards (based on Elgamal) 2004: Das et al. proposed a dynamic id-based remote user authentication scheme (based on One-way hash) 2005: Liao et al proposed an improved scheme by Das 2007: Liao and Wang’s scheme (verify on smart card) 2009: Wang et al.'s scheme (modify Das’s scheme)

Review of Das et al’s scheme(1/3) Registration phase User Server

Review of Das et al’s scheme(2/3) Login & verify phase User Server

Review of Das et al’s scheme(3/3) Password Change phase User Smart card 8

Security Flaw (1/3) The user’s authentication is independent of password. Server

Security Flaw (2/3) In Registration phase, sending of PW to the user is redundant. User Server

Security Flaw (3/3) Impersonate server attack User Server

Wang et al’s scheme(1/2) Registration phase User Server 12

Wang et al’s scheme(2/2) Login & verify phase User Server

Security analysis 14 Overcome an user authentication is independent of password: Withstand replay attack: Withstand impersonation server attack: When the user wants to change the password PW to new password PW new without taking any assistance from the remote system.

Conclusions A remote user authentication method that removes all those security flaws. Provide a more secure and efficient scheme to be applied to password authentication. 15

Remark (password guessing & impersonation attack) If a valid user determine the hash of the secret value h(x) by intercepting Ni and obtain the value y, then he can impersonate server/user. User Server

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.