Efficient remote mutual authentication and key agreement Improvement of Chien et al. ’ s remote user authentication scheme using smart cards An efficient.

Slides:



Advertisements
Similar presentations
AUTHENTICATION AND KEY DISTRIBUTION
Advertisements

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.
1 東南技術學院九十二學年度第二學期 資工系第一次論文發表會 Analysis of an Improved Version of S/KEY One-Time Password Authentication Scheme Speaker: Maw-Jinn Tsaur
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :
Computer and Information Security 期末報告 學號 姓名 莊玉麟.
A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
1 A secure broadcasting cryptosystem and its application to grid computing Eun-Jun Yoon, Kee-Young Yoo Future Generation Computer Systems (2010),doi: /j.future
1 Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment Authors : Han-Cheng Hsiang and Wei-Kuan Shih.
Efficient Multi-server Password Authenticated Key Agreement Using Smart Cards Computer and Information Security Ming-Hong Shih.
孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : in Computers & Security.
An Improved Smart Card Based Password Authentication Scheme with Provable Security Source:Computer Standards & Interfaces, Vol. 31, No. 4, pp ,
A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.
1 Security Weakness in a Three-Party Password-Based Key Exchange Protocol Using Weil Pairing From : ePrint (August 2005) Author : Junghyun Nam, Seungjoo.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人:向峻霈.
Cryptanalysis of Two Dynamic ID-based Authentication
A Risk Analysis Approach for Biometric Authentication Technology Author: Arslan Brömme Submission: International Journal of Network Security Speaker: Chun-Ta.
1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.
多媒體網路安全實驗室 A novel user authentication and privacy preserving scheme with smartcards for wireless communications 作者 :Chun-Ta Li,Cgeng-Chi Lee 出處 :Mathematical.
Key Agreement Guilin Wang School of Computer Science 12 Nov
Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :
CIST/ETRI/ISIT/KDDI/Kyusyu Univ./NICT Joint Research Workshop on Ubiquitous Network Security 2005 Verifier-Based Password-Authenticated Key Exchange Jeong.
1 Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards 使用在 smart cards 的強韌及高效率密碼驗證金鑰協定 IEEE Transactions on Industrial Electronics,
Enhanced secure anonymous authentication scheme for roaming service in global mobility networks Hyeran Mun, Kyusuk Han, Yan Sun Lee, Chan Yeob Yeun, Hyo.
Authentication of Signaling in VoIP Applications Authors: Srinivasan et al. (MIT Campus of Anna University, India) Source: IJNS review paper Reporter:
Two-tier authentication for cluster and individual sets in mobile ad hoc networks Authors: Yuh-Ren Tsai and Shiuh-Jeng Wang Sources: Computer Networks,
Department of Computer Engineering, Kyungpook National University Author : Eun-Jun Yoon, Wan-Soo Lee, Kee-Young Yoo Speaker : Wan-Soo Lee
多媒體網路安全實驗室 Robust authentication and key agreement scheme preserving Date:2011/11/05 報告人:向峻霈 出處 : Ren-Chiun Wang Wen-Shenq Juang Chin-Laung Lei Computer.
Secure and efficient key management in mobile ad hoc networks Authors: Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, and Spyros Magliveras Sources:
Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.
SPEAKER: HONG-JI WEI DATE: Secure Anonymous Authentication Scheme with Roaming for Mobile Networks.
Key management for wireless sensor networks Sources: ACM Transactions on Sensor Networks, 2(4), pp , Sources: Computer Communications, 30(9),
A flexible biometrics remote user authentication scheme Authors: Chu-Hsing Lin and Yi-Yi Lai Sources: Computer Standards & Interfaces, 27(1), pp.19-23,
User authentication schemes with pseudonymity for ubiquitous sensor network in NGN Authors: Binod Vaidya, Joel J. Rodrigues and Jong Hyuk Park Source:
Establishing authenticated channels and secure identifiers in ad-hoc networks Authors: B. Sieka and A. D. Kshemkalyani (University of Illinois at Chicago)
Password-based user authentication and key distribution protocols for client-server applications Authors: Her-Tyan Yeh and Hung-Min Sun Sources: The Journal.
Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction.
RSA-based password authenticated key exchange protocol Presenter: Jung-wen Lo( 駱榮問 )
A Novel Privacy Preserving Authentication and Access Control Scheme for Pervasive Computing Environments Authors: Kui Ren, Wenjing Lou, Kwangjo Kim, and.
SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.
Threshold password authentication against guessing attacks in Ad hoc networks ► Chai, Zhenchuan; Cao, Zhenfu; Lu, Rongxing ► Ad Hoc Networks Volume: 5,
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 : Xiong Li, Yongping.
多媒體網路安全實驗室 An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security Date:2012/02/16.
Threshold password authentication against guessing attacks in Ad hoc networks Authors: Zhenchuan Chai, Zhenfu Cao, Rongxing Lu Sources: Ad Hoc Networks,
A Secure Authentication Scheme with Anonymity for Wireless Communications IEEE COMMUNICATIONS LETTERS, VOL. 12, NO. 10, OCTOBER 2008 Chia-Chun Wu, Wei-Bin.
An Efficient and Practical Authenticated Communication Scheme for Vehicular Ad Hoc Networks Source: IEEE Transactions on Vehicular Technology, Reviewing.
Smart Card Based Authenticated Key Agreement Schemes
Non-PKI Methods for Public Key Distribution
A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications,
A lightweight authentication scheme based on self-updating strategy for space information network Source: International Journal Of Satellite Communications.
網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments
Efficient password authenticated key agreement using smart cards
Security of a Remote Users Authentication Scheme Using Smart Cards
An efficient biometric based remote user authentication scheme for secure internet of things environment Source: Journal of Intelligent & Fuzzy Systems.
Date:2011/09/28 報告人:向峻霈 出處: Ren-Chiun Wang  Wen-Shenq Juang 
Authors: Yuh-Min TSENG, Tsu-Yang WU, Jui-DiWU
II. REVIEW OF THE DAS ET AL. SCHEME
Improvement of Chien et al
Privacy Protection for E-Health Systems by
Presentation transcript:

Efficient remote mutual authentication and key agreement Improvement of Chien et al. ’ s remote user authentication scheme using smart cards An efficient nonce-based authentication scheme with key agreement Efficient nonce-based remote user authentication scheme using smart cards An improvement of Hwang-Lee-Tang ’ s simple remote user authentication scheme Authors: Wen-Gong Shieh and Jian-Min Wang Source: Computers & Security, 25(1), pp , Authors: Sung-Woon Lee, Hyun-Sung Kim and Kee-Young Yoo Source: Computers Standards & Interfaces, 27(1), pp , Authors: Yen-Cheng Chen and Lo-Yao Yeh Source: Applied Mathematics and Computation, 169(1), pp , Authors: Sung-Woon Lee, Hyun-Sung Kim and Kee-Young Yoo Source: Applied Mathematics and Computation, 167(1), pp , Authors: Eun-Jun Yoon, Eun-Kyung Ryu and Kee-Young Yoo Source: Computers & Security, 24(1), pp , Reporter: Chun-Ta Li ( 李俊達 )

2 Outline  Introduction  Chien et al ’ s scheme and Hsu ’ s attack  Juang ’ s scheme and Shieh et al. ’ s attack  Shieh et al. ’ s scheme  Lee et al. ’ s scheme (CSI)  Chen et al. ’ s scheme  Lee et al. ’ s scheme (AMC)  Yoon et al. ’ s scheme  Comments

3 Introduction  Motivation Password-based authentication  Dictionary attack  Solutions: public key encryption Light computational overhead  Hashing function or symmetric encryption used in an authentication protocol Smart card-based authentication scheme  Well-chosen password is stored in a smart card Nonce-based or timestamp-based approaches

4 Introduction (cont.)  History In 1981, Lamport proposed first password-based remote user authentication scheme over an insecure channel (store verification table) In 1993, Chang-Wu introduced remote password authentication scheme with smart cards (can ’ t freely change passwords) In 2000, Hwang-Li proposed a password-based remote user authentication scheme using smart cards (no verification or password table) In 2002, Hwang-Lee-Tang proposed a simple remote authentication scheme (freely change passwords)

5 Introduction (cont.)  Requirements No verification and password table Freely changing password Mutual authentication Low computation Without synchronized clock Key agreement Some security issues

6 Introduction (cont.)  Classification Password-based user authentication Smart cards Without using smart cards timestampnonce mutual authentication without mutual authentication . Yoon 2004 without mutual authentication mutual authentication . Awasthi 2004 . Chen 2005 . Shieh 2006 . Lee 2005 . Chien 2002 . Juang 2004 . Wang 2005 . Lee 2005 . Yoon 2005 . Ku 2004 . Kwon 2005 . Lamport 1981 . Peyravian 2006 Share ID and PW No verification and password table

7 Chien et al ’ s scheme and Hsu ’ s attack  Registration phase  Login/verification phase UserServer 1. ID i, PWi 2. Ri = h(ID i ⊕ x) ⊕ PWi 3. Smart card{Ri, h(.)} UserServer 3. ID i, T, C2 1. C1 = Ri ⊕ PWi 2. C2 = h(C1 ⊕ T) 4. Check ID i and T 5. C1 ’ = h(ID i ⊕ x) 6. Check h(C1 ’ ⊕ T) ?= C2 7. C3 = h(C1 ’ ⊕ T ” ) 8. T ”, C3 9. Check T ” 10. Check h(C1 ⊕ T ” ) ?= C3

8 Chien et al ’ s scheme and Hsu ’ s attack (cont.)  Hsu ’ s parallel session attack (2004) // C2 = h(C1 ⊕ T) // Ri = h(IDi ⊕ x) ⊕ PWi // C1 = Ri ⊕ PWi // C3 = h(C1 ’ ⊕ T ” )

9 Juang ’ s scheme and Shieh et al. ’ s attack  Registration phase  Login/verification phase UserServer 1. ID i, PWi 2. Vi = h(ID i, x) 4. Smart card{Wi, ID i, h(.)} 3. Wi = Vi ⊕ PWi // C i = h(ID i || N 1 ) // V i = Wi ⊕ PWi Decrypt E V i (ru j, C i ) Check Ci ?= h(ID i || N 1 ) // session key K j = h(rs j, rs u, V i )

10 Juang ’ s scheme and Shieh et al. ’ s attack (cont.)  Shieh et al. ’ s off-line plain-text attack (2006) // C i = h(ID i || N 1 ) // V i = Wi ⊕ PWi = h(ID i, x)

11 Shieh et al. ’ s scheme  Registration phase: the same as that of Chien et al. ’ s scheme  Login/key agreement phase UserServer 3. ID i, T u, MAC u 11. T u, T s, MAC s 16. T s, MAC u ” 1. ai = Ri ⊕ PWi = h(ID i ⊕ x) 2. MAC u = h(T u || ai) and store T u temporarily until the end of the session 4. Check T u is fresh or not 5. ai ’ = h(ID i ⊕ x) and 6. MAC u ’ = h(T u || ai ’ ) 7. Check MAC u ’ ?= MAC u 8. Temporarily store (T u, T s ) and ID i 9. MAC s = h(T u || T s || ai ’ ) 10. Session key K s = h((T u || T s ) ⊕ ai ’ ) 12. MAC s ’ = h(T u || T s || ai) 13. Check MAC s ’ ?= MAC s 14. MAC u ” = h(T s || (ai+1)) 15. Session key K s = h((T u || T s ) ⊕ ai) 17. Check T s and MAC u ” 18. If above holds, accept user ’ s login

12 Shieh et al. ’ s scheme (cont.)  Messages transmitted in proposed scheme using synchronized clock // MAC u = h(T u || ai) // ai = Ri ⊕ PWi = h(ID i ⊕ x) // MAC s = h(T u || T s || ai ’ )

13 Shieh et al. ’ s scheme (cont.)  Messages transmitted in parallel session attack

14 Lee et al. ’ s scheme (CSI)  Registration/Login phase: the same as that of Chien et al. ’ s scheme  Verification phase: UserServer 4. Check IDi and T 5. C1 ’ = h(ID i ⊕ x) 6. Check h(C1 ’ ⊕ T) ?= C2 7. C3 = h(h(C1 ’ ⊕ T ” )) 8. T ”, C3 9. Check T ” 10. Check h(h(C1 ⊕ T ” )) ?= C3

15 Chen et al. ’ s scheme  Registration phase: the same as that of Chien et al. ’ s scheme  Login/Authentication phase: UserServer 1. ai = Ri ⊕ PWi = h(ID i ⊕ x) 2. M1= h 2 (ID i ⊕ x) ⊕ N 1 3. ID i, M1 4. Compute h 2 (ID i ⊕ x) and extract N 1 by computing M1 ⊕ h 2 (ID i ⊕ x) 5. M2 = h(h(ID i ⊕ x)||N 1 ) ⊕ N 2 and M3 = h(h(ID i ⊕ x)||N 1 ||N 2 ) 6. M2, M3 7. Compute h(h(ID i ⊕ x)||N 1 ) and extract N 2 by computing M2 ⊕ h(h(ID i ⊕ x)||N 1 ) 8. Verifies M3 ?= h(h(IDi ⊕ x)||N 1 ||N 2 ) 9. M4 = h(h 2 (ID i ⊕ x)||N 1 +1||N 2 +1) 10. M4 11. Verifies M4 ?= h(h 2 (ID i ⊕ x)||N 1 +1||N 2 +1) 12. Session key K s = h(h 3 (ID i ⊕ x)||N 1 +2 || N 2 +2)

16 Lee et al. ’ s scheme (AMC) Parallel session attack

17 Yoon et al. ’ s scheme  Registration phase:  Login/Authentication phase:

18 Comments  Comparison Mutual authentication (steps) Session key agreement Use of timestamp Computation load Shieh et al. Lee et al. (CSI) Chen et al. Lee et al. (AMC)No Yes Yes/NoYes (3) Yes (2) Yes (3) No Yes No Yes 10H + 6 ⊕ 7H + 8 ⊕ 19H + 15 ⊕ 6H + 7 ⊕ Yoon et al. Yes (2)No 6H + 2 ⊕ Yes

19 Comments (cont.)  Forward secrecy When compromise of the secret key x, the agreed session key can be constructed by the attacker Solutions: Diffie-Hellman key exchange algorithm  Let N 1 = g x and N 2 = g y  Session key = g xy

20 Comments (cont.)  Identity problems No verification tables in remote server Impersonation attack  A legitimate user can purposely obtain another valid (ID, PW) by the following tricks: The user declared that he lost his smart card To register a new valid (ID, PW) The original smart card is still legal to use

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.