Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction.

Slides:

Advertisements

Similar presentations

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13

Advertisements

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Cryptography and Network Security Chapter 13 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Chapter 13 – Digital Signatures & Authentication Protocols Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal,

An Improvement on Authenticated Key Agreement Scheme Authors: Chin-Chen Chang and Shih-Yi Lin Source: 2007 International Conference on Intelligent Pervasive.

Mutual Authentication and Key Exchange Protocol (MAKEP) Reporter: Jung-Wen Lo ( 駱榮問 ) Date: 2008/4/18.

A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中日期 :

Computer and Information Security 期末報告學號姓名莊玉麟.

A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.

電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

1 Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment Authors ： Han-Cheng Hsiang and Wei-Kuan Shih.

Efficient Multi-server Password Authenticated Key Agreement Using Smart Cards Computer and Information Security Ming-Hong Shih.

孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : in Computers & Security.

An Improved Smart Card Based Password Authentication Scheme with Provable Security Source:Computer Standards & Interfaces, Vol. 31, No. 4, pp ,

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks DAOJING HE, YI GAO, SAMMY CHAN, CHUN CHEN, JIAJUN BU Ad Hoc & Sensor Wireless.

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人：向峻霈.

Cryptanalysis of Two Dynamic ID-based Authentication

1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September

1 Authentication and Digital Signature Schemes and Their Applications to E-commerce ( 身份認證與數位簽章技術及其在電子商務上的應用 ) Advisor: Chin-Chen Chang 1, 2 Student: Ya-Fen.

Lecture 11: Strong Passwords

An Authenticated Payword Scheme without Public Key Cryptosystems Author: Chia-Chi Wu, Chin-Chen Chang, and Iuon-Chang Lin. Source: International Journal.

多媒體網路安全實驗室 A novel user authentication and privacy preserving scheme with smartcards for wireless communications 作者 :Chun-Ta Li,Cgeng-Chi Lee 出處 :Mathematical.

Efficient remote mutual authentication and key agreement Improvement of Chien et al. ’ s remote user authentication scheme using smart cards An efficient.

Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :

Yu-Li Lin and Chien-Lung Hsu Department of Information Management, Chang-Gung University Information Science(SCI) Reporter: Tzer-Long Chen.

A Secure Identification and Key Agreement Protocol with User Anonymity (SIKA) Authors: Kumar Mangipudi and Rajendra Katti Source: Computers & Security,

1 Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards 使用在 smart cards 的強韌及高效率密碼驗證金鑰協定 IEEE Transactions on Industrial Electronics,

Enhanced secure anonymous authentication scheme for roaming service in global mobility networks Hyeran Mun, Kyusuk Han, Yan Sun Lee, Chan Yeob Yeun, Hyo.

Authentication of Signaling in VoIP Applications Authors: Srinivasan et al. (MIT Campus of Anna University, India) Source: IJNS review paper Reporter:

Department of Computer Engineering, Kyungpook National University Author : Eun-Jun Yoon, Wan-Soo Lee, Kee-Young Yoo Speaker : Wan-Soo Lee

多媒體網路安全實驗室 Robust authentication and key agreement scheme preserving Date:2011/11/05 報告人：向峻霈出處 : Ren-Chiun Wang Wen-Shenq Juang Chin-Laung Lei Computer.

Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.

SPEAKER: HONG-JI WEI DATE: Secure Anonymous Authentication Scheme with Roaming for Mobile Networks.

Wireless Authentication Using Remote Passwords Authors: Andrew Harding, Timothy W. van der Horst, and Kent E. Seamons Source: Proceedings of the first.

Password-only Authenticated Key Agreement Protocols Based on Self-certified Approach Tzong-Chen Wu and Yen-Ching Lin Department of Information Management.

A flexible biometrics remote user authentication scheme Authors: Chu-Hsing Lin and Yi-Yi Lai Sources: Computer Standards & Interfaces, 27(1), pp.19-23,

User authentication schemes with pseudonymity for ubiquitous sensor network in NGN Authors: Binod Vaidya, Joel J. Rodrigues and Jong Hyuk Park Source:

Secure Messenger Protocol using AES (Rijndael) Sang won, Lee

RSA-based password authenticated key exchange protocol Presenter: Jung-wen Lo( 駱榮問 )

Efficient Pairwise Key Establishment Scheme Based on Random Pre-Distribution Keys in Wireless Sensor Networks Source: Lecture Notes in Computer Science,

SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.

Threshold password authentication against guessing attacks in Ad hoc networks ► Chai, Zhenchuan; Cao, Zhenfu; Lu, Rongxing ► Ad Hoc Networks Volume: 5,

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 : Xiong Li, Yongping.

TOMIN: Trustworthy Mobile Cash with Expiration-date Attached Author: Rafael Martínez-Peláez and Francisco Rico-Novella. Source: Journal of Software, 2010,

多媒體網路安全實驗室 An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security Date:2012/02/16.

Threshold password authentication against guessing attacks in Ad hoc networks Authors: Zhenchuan Chai, Zhenfu Cao, Rongxing Lu Sources: Ad Hoc Networks,

1 Example security systems n Kerberos n Secure shell.

Network Security and It’s Issues

A Secure Authentication Scheme with Anonymity for Wireless Communications IEEE COMMUNICATIONS LETTERS, VOL. 12, NO. 10, OCTOBER 2008 Chia-Chun Wu, Wei-Bin.

An Efficient and Practical Authenticated Communication Scheme for Vehicular Ad Hoc Networks Source: IEEE Transactions on Vehicular Technology, Reviewing.

A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications,

網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments

Efficient password authenticated key agreement using smart cards

SAKAWP: Simple Authenticated Key Agreement Protocol Based on Weil Pairing Authors: Eun-Jun Yoon and Kee-Young Yoo Src: International Conference on Convergence.

An efficient biometric based remote user authentication scheme for secure internet of things environment Source: Journal of Intelligent & Fuzzy Systems.

Authors：Debiao He, Sherali Zeadally, Neeraj Kumar and Wei Wu

Date:2011/09/28 報告人：向峻霈出處: Ren-Chiun Wang Wen-Shenq Juang

Privacy Protection for E-Health Systems by

Presentation transcript:

Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction on Industrial Electronics, Vol. 55, No. 6, pp , 2008 Presenter: Jung-wen Lo ( 駱榮問 ) Date: Jul. 30, 2009

2 Outline Chun-I Fan, Yung-Cheng Chan, and Zhi-Kai Zhang, “Robust remote authentication scheme with smart cards,” Computers & Security, vol. 24, no. 8, pp. 619–628, Nov Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw, “Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards,” IEEE Transaction on Industrial Electronics, vol. 55, no. 6, pp Comment

Robust remote authentication scheme with smart cards Authors: Chun-I Fan, Yung-Cheng Chan, and Zhi-Kai Zhang Src: Computers & Security, vol. 24, no. 8, pp. 619–628, Nov. 2005

4 Introduction Criteria for secure remote authentication scheme using smart card 1) Low computation for smart cards 2) No password table 3) Passwords chosen by the users themselves 4) Not requiring clock synchronization and delay-time limitation 5) Withstanding the replay attack 6) Server authentication 7) Withstanding the offline dictionary attack with the smart card 8) Withstanding the offline dictionary attack without the smart card 9) Revoking the lost cards without changing the users’ identities Major contribution Withstand replay attack Preventing the offline dictionary attack Two protocol Registration protocol Login protocol

5 Registration Protocol User System ID i, h(PW i ) Random v i b i = E s (h(PW i )||H(ID i )||CI i ||v i )) ID i CI i …… CI i,ID i, b i,n

6 Login Protocol User Card Reader System PW i L1L1 L 2 ={α,β} Decrypt: L 1  (b i ||h(ID i )||u) b i  h(PW i )||h(ID i )||CI i ||v i ) Verify h(ID i ),{ID i, CI i } Random r α=r  u β=h((r||u) r’=α  u h((r’||u) ?=β L 3 =h(h(PW i )||r) b i,V i,ID i,CI i Random u L i ={ID i,(b i ||h(ID i )||u) 2 mod n} h(h(PW i )||r) ?= L 3 L3L3

7 Performance

8 Conclusion Properties 1) Low computation for smart cards 2) No password table 3) Passwords chosen by the users themselves 4) Not requiring clock synchronization and delay-time limitation 5) Withstanding the replay attack 6) Server authentication 7) Withstanding the offline dictionary attack with the smart card 8) Withstanding the offline dictionary attack w/o the smart card 9) Revoking the lost cards without changing the users’ identities Major contribution  Withstand replay attack  Preventing the offline dictionary attack Major drawbacks  No ability of anonymity for the user  Higher computation and communication cost  No session key agreement  Cannot prevent the insider attack

Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction on Industrial Electronics, vol. 55, no. 6, pp , 2008

10 Introduction Improve Fan-Chan-Zhang’s scheme  Session key agreement  Prevent insider attack Five Phases 1) Parameter generation phase 2) Registration phase 3) Precomputation phase 4) Log-in phase 5) Password-changing phase

11 Notation h(): Public one-way hash function. s: Master secret key of a symmetric cryptosystem, which is kept secret by the server. E s (): Secure symmetric encryption algorithm with the secret key s. D s (): Secure symmetric decryption algorithm with the secret key s. ||: String concatenation operator. P: Large prime. E P : Elliptic curve equation over Z P. x: Server’s private key based on elliptic curve cryptosystems. P S : Server’s public key based on elliptic curve cryptosystems. G: Generator point of a large order. Manuscript

12 Parameter generation phase Server side  Choose a large prime P  Select a,b ∈ Z P ; 4a b 2 (mod P) ≠0  Elliptic curve equation: E P : y 2 = x 3 + ax + b over Z P  Find a generator point G of order n where n × G = O  Select a random number x as its private key and safely keeps it in its secret storage.  Compute the public key P S = (x G)  Publish the parameters (P S, P, E P, G, n)

13 Registration/Precomputation phase User Server ID i, h(Pw i ||b) b i = E s (h(PW i ||b)||ID i ||CI i ||h(ID i ||CI i ||h(PW i ||b))) V i = h(ID i, s, CI i ). Random b ID i CI i …… b i,V i,ID i,CI i Smart Card Registration phase (Only Once) Precomputation phase Random r e=(r G) c=(rP s )=(rxG) Store (c,e) in memory b i,V i,ID i,CI i,b

14 Log-in phase User Card Reader Server PW i b i, E v i (e) u, M s MuMu D s (b i )  ID i,CI i Verify V i =h(ID i,s,CI i ) D v i (E v i (e))  e=(rG) c’=(ex)=(rxG) Random u M s =h(c’||u||V i ) (c,e) h(c||u||V i ) ?= M s M u =h(h(PW i ||b)||V i ||c||u) S k = h(V i,c,u) b i,V i,ID i,CI i,b b i = E s (h(PW i ||b)||ID i ||CI i ||h(ID i ||CI i ||h(PW i ||b))) Smart Card h(h(PW i ||b)||V i ||c||u)?=M u S k = h(V i,c,u)

15 Password-changing phase User Card Reader Server Log-in Phase E S k (ID i, h(PW * i ||b * )) E S k (b * i ) b * i = E s (h(PW * i ||b*)||ID i ||CI i ||h(ID i ||CI i ||h(PW* i ||b*))) Decrypt Store (b * i, b * ) in memory Smart Card SkSk SkSk New PW * i,b * b * i,V i,ID i,CI i,b *

16 Security Analysis Strong Mutual Authentication  Both believe the correction of session key Preventing the Replay Attack  Nonce r & u Preventing the Insider Attack  No password table  Protected with h(PW i ||b) Preventing the Offline Dictionary Attack Without the Smart Card  Cannot obtain PW i from messages Preventing the Offline Dictionary Attack With the Smart Card  No obvious password in card (b i )  Need server’s help to verify password

17 Communication and storage cost

18 Computation Cost

19 Capability Comparisons

20 Conclusion Advantages  Benefits of Fan et al.’s scheme  Identity protection  Session key agreement  Low communication and computation cost by using elliptic curve cryptosystems  Prevent the insider attack

21 Comment Register table attack  DoS attack  Eliminate the table Protect the table  Modify the data of table, eg, CI i Verify before use Performance improvement  3 ways  2 ways

22 Comment: Log-in phase (2 round) User Card Reader Server PW i b i, E v i (e||n) u, M s D s (b i )  ID i,CI i Verify V i =h(ID i,s,CI i ) D v i (E v i (e))  e=(rG) c’=(ex)=(rxG) Random u M s =h(c’||n||u||V i ) S k = h(V i,c,u) (c,e) Random n h(c||n||u||V i ) ?= M s S k = h(V i,c,u) b i,V i,ID i,CI i,b b i = E s (h(PW i ||b)||ID i ||CI i ||h(ID i ||CI i ||h(PW i ||b))) Smart Card