Improvement of Hwang-Lo-Lin scheme based on an ID-based cryptosystem No author given (Korea information security Agency) Presented by J.Liu.

Slides:

Advertisements

Similar presentations

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Advertisements

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

Public Key Cryptosystems - RSA Receiver Sender Eavesdroppe r p q p q p q p and q prime.

LOGO Multi-user Broadcast Authentication in Wireless Sensor Networks ICU Myunghan Yoo.

Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.

Computer and Information Security 期末報告學號姓名莊玉麟.

HW6 due tomorrow Teams T will get to pick their presentation day in the order Teams T will get to pick their presentation day in the orderQuestions? Review.

1 Security analysis of an enhanced authentication key exchange protocol Authors ： H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date ： 2005/5/20.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.

Introduction to Modern Cryptography Homework assignments.

Announcements: 1. HW6 due now 2. HW7 posted Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions.

1 An ID-based multisignature scheme without reblocking and predetermined signing order Chin-Chen Chang, Iuon-Chang Lin, and Kwok-Yan Lam Computer Standards.

An Improved Smart Card Based Password Authentication Scheme with Provable Security Source:Computer Standards & Interfaces, Vol. 31, No. 4, pp ,

Security Arguments for Digital Signatures and Blind Signatures Journal of Cryptology, (2000) 13: Authors: D. Pointcheval and J. Stern Presented.

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人：陳昱升.

Security Arguments for Digital Signatures and Blind Signatures Journal of Cryptology, (2000) 13: Authors: D. Pointcheval and J. Stern Presented.

Introduction to Modern Cryptography, Lecture 9 More about Digital Signatures and Identification.

Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.

Diffie-Hellman Key Exchange

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

Public Key Model 8. Cryptography part 2.

Information Security and Management 13. Digital Signatures and Authentication Protocols Chih-Hung Wang Fall

Bob can sign a message using a digital signature generation algorithm

The RSA Algorithm Rocky K. C. Chang, March

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人：向峻霈.

1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.

HW6 due tomorrow Teams T will get to pick their presentation day in the order Teams T will get to pick their presentation day in the order Teams mostly.

1 Authentication and Digital Signature Schemes and Their Applications to E-commerce ( 身份認證與數位簽章技術及其在電子商務上的應用 ) Advisor: Chin-Chen Chang 1, 2 Student: Ya-Fen.

多媒體網路安全實驗室 A novel user authentication and privacy preserving scheme with smartcards for wireless communications 作者 :Chun-Ta Li,Cgeng-Chi Lee 出處 :Mathematical.

Topic 22: Digital Schemes (2)

Digital Signatures A primer 1. Why public key cryptography? With secret key algorithms Number of key pairs to be generated is extremely large If there.

Networks Management and Security Lecture 3.

Signcryption Parshuram Budhathoki Department of Mathematical Sciences Florida Atlantic University April 18, 2013

Yu-Li Lin and Chien-Lung Hsu Department of Information Management, Chang-Gung University Information Science(SCI) Reporter: Tzer-Long Chen.

Center for Information Security Technologies ID-based Authenticated Key Exchange for Low-Power Mobile Devices K. Y. Choi, J. Y. Hwang, D. H. Lee CIST,

Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.

Linkability of Some Blind Signature Schemes Swee-Huay Heng 1, Wun-She Yap 1 Khoongming Khoo 2 1 Multimedia University, 2 DSO National Laboratories.

1 一個新的代理簽章法 A New Proxy Signature Scheme 作者 : 洪國寶, 許琪慧, 郭淑娟與邱文怡報告者 : 郭淑娟.

Two-tier authentication for cluster and individual sets in mobile ad hoc networks Authors: Yuh-Ren Tsai and Shiuh-Jeng Wang Sources: Computer Networks,

Department of Computer Engineering, Kyungpook National University Author : Eun-Jun Yoon, Wan-Soo Lee, Kee-Young Yoo Speaker : Wan-Soo Lee

Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.

Cryptanalysis of Some Proxy Signature Schemes without Certificates Wun-She Yap, Swee-Huay Heng Bok-Min Goi Multimedia University.

1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,

Identity based signature schemes by using pairings Parshuram Budhathoki Department of Mathematical Science FAU 02/21/2013 Cyber Security Seminar, FAU.

Prepared by Dr. Lamiaa Elshenawy

A flexible biometrics remote user authentication scheme Authors: Chu-Hsing Lin and Yi-Yi Lai Sources: Computer Standards & Interfaces, 27(1), pp.19-23,

Secure Messenger Protocol using AES (Rijndael) Sang won, Lee

Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction.

Key Management Network Systems Security Mort Anvari.

1 An Ordered Multi-Proxy Multi-Signature Scheme Authors: Min-Shiang Hwang, Shiang-Feng Tzeng, Shu-Fen Chiou Speaker: Shu-Fen Chiou.

SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

COM 5336 Lecture 8 Digital Signatures

Threshold password authentication against guessing attacks in Ad hoc networks ► Chai, Zhenchuan; Cao, Zhenfu; Lu, Rongxing ► Ad Hoc Networks Volume: 5,

1 Chapter 3-3 Key Distribution. 2 Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution.

1 The RSA Algorithm Rocky K. C. Chang February 23, 2007.

Cryptography and Network Security Chapter 13

An Efficient and Practical Authenticated Communication Scheme for Vehicular Ad Hoc Networks Source: IEEE Transactions on Vehicular Technology, Reviewing.

Non-PKI Methods for Public Key Distribution

Author:YongBin Zhou, ZhenFeng Zhang, and DengGuo Feng Presenter:戴士桀

Cryptanalysis on Mu–Varadharajan's e-voting schemes

Security of a Remote Users Authentication Scheme Using Smart Cards

IEEE TRANSACTIONS ON INFORMATION THEORY, JULY 1985

Date:2011/09/28 報告人：向峻霈出處: Ren-Chiun Wang Wen-Shenq Juang

Cryptology Design Fundamentals

Cryptology Design Fundamentals

Presentation transcript:

Improvement of Hwang-Lo-Lin scheme based on an ID-based cryptosystem No author given (Korea information security Agency) Presented by J.Liu

Outline Introduction Review of the Hwang-Lo-Lin scheme Cryptanalysis The modified ID-based identification scheme Security analysis Performance analysis Conclusions

Introduction ID-based public key cryptosystem. Maurer-Yacobi(1996)  Tseng-Jan(1998)  Hwang-Lo-Lin(2004)  Horng-Liu-Liu(2005)  This Letter(2005) Hwang et al. developed the improved scheme was suitable for the wireless environment.

Review of the Hwang-Lo-Lin scheme TA setup the system parameters as following: 1.N = p 1  p 2  p 3  p 4, where p i are primes and their decimal digits are between 60-70, (p i -1)/2 are odd and pair wise relatively prime. 2.DLP is feasible but factoring N is infeasible. 3.g is a primitive root in each GF(p i ). 4.h(.) is an one way hash function. 5.ed = 1 mod  (N) and tv = 1 mod  (N).

Cont 6.ID b, ID m : identity of base station(BS) and mobile device(M), respectively. 7.s b = et  log g (ID b 2 ) mod  (N) is secret key for BS. 8.s m = et  log g (ID m 2 ) mod  (N) is secret key for M. 9.T: timestamp {N, g, e, h(.)}are public parameters and keep {p 1, p 2, p 3, p 4, t, v, d } secret.

Login and authentication 1.Choose k  R Z N *, computes Y = (ID m 2 ) k mod N, Z = (ID b 2 ) ks m T mod N 2.Sends {ID m, Y, Z, T } to BS. 3.BS computes Z’ = (Y) s b T, checks Z = Z’ If yes then… else…. ?

Key points

Cryptanalysis Attacker forge {ID m, Y 1, Z 1, T’ } from a valid login message {ID m, Y, Z, T } by Y 1 = Y rT mod N and Z 1 = Z rT’ mod N.

The modified ID-based identification scheme The parameters are the same of Hwang’s scheme, but the 4 primes have bit size more than 1024 bits. (DLP OK? about 300 decimal digits) 1.M sends {ID m, Z, T} to BS, where Z = H((ID b 2 ) s m T mod N) 2.BS verifies by Z = H((ID m 2 ) s b T mod N)

Security analysis 1.Passive replay attack: Changes timestamp T. H((ID m 2 ) s b T mod N)  H((ID m 2 ) s b T’ mod N) 2.Active replay attack: The attacker can not change Z and T without s m and s b. 3.ID-stolen attack: The same with 2.

Performance analysis Without random number generator(hash function). Shorter message length (1/2). Fewer exponential operation (2  1). More suitable in wireless environment.

Conclusion Secure More suitable.