Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Science CSC 774Dr. Peng Ning CSC 774 Advanced Network Security Topic 2.5 Secret Handshake Slides by Tong Zhou.

Published byDelphia Walters Modified over 8 years ago

Similar presentations

Presentation on theme: "Computer Science CSC 774Dr. Peng Ning CSC 774 Advanced Network Security Topic 2.5 Secret Handshake Slides by Tong Zhou."— Presentation transcript:

1 Computer Science CSC 774Dr. Peng Ning CSC 774 Advanced Network Security Topic 2.5 Secret Handshake Slides by Tong Zhou

2 Computer Science CSC 774Dr. Peng Ning Goals Authenticate without revealing credentials –Consider two groups G 1 and G 2, two parties A  G 1 and B  G 2. A and B wants to authenticate each other. –If G 1 ≠ G 2 : A and B only know they are not in the same group. –If G 1 = G 2 : A and B can authenticate to each other. –A third party learns nothing by observing conversations between A and B.

3 Computer Science CSC 774Dr. Peng Ning Preliminaries: Pairing-based Cryptography Bilinear Maps: –Two cyclic groups of large prime order q: G 1 and G 2 – is a bilinear map if ê should be computable, non-degenerate and satisfies Bilinear Diffie-Hellman assumption, i.e., given P, aP, bP, cP, it is hard to compute

4 Computer Science CSC 774Dr. Peng Ning Protocol Sketch Equipped with bilinear map ê and one-way hash function H 1 CA has a master key t. Assume a drivers and cops scenario.

5 Computer Science CSC 774Dr. Peng Ning Protocol Sketch Driver’s Licence: “p65748392a”,T A T A = tH 1 (“p65748392a-driver”) Traffic cop credential: “xy6542678d”,T B T B = tH 1 (“xy6542678d-cop”) Driver’s licence, please. Please show me your pseudonym. xy6542678d p65748392a

6 Computer Science CSC 774Dr. Peng Ning Protocol Sketch – Attacker Igor Driver’s Licence: “p65748392a”,T A T A = tH 1 (“p65748392a-driver”) Obtains Bob’s pseudonym “xy6542678d” I am a cop. Driver’s licence, please. Please show me your pseudonym. xy6542678d p65748392a ??? This guy is not a cop.

7 Computer Science CSC 774Dr. Peng Ning Secret-Handshake Scheme (SHS) SHS.CreateGroup(G): executed by an administrator, generates the group secret GroupSecret G for G. SHS.AddUser(U,G,GroupSecret G ): creates user secret UserSecret U,G for new user U. SHS.HandShake(A,B): Users A and B authenticates each other. B discovers A  G if and only if A  discovers B  G. SHS.TraceUser: Administrator tells the user from a transcript T generated during conversation between A and B. SHS.RemoveUser: Administrator revokes user U

8 Computer Science CSC 774Dr. Peng Ning Pairing-Based Handshake (PBH) PBH.CreateGroup: Administrator sets GroupSecret G as a random number PBH.AddUser: Administrator generates pseudonyms for users: and then generates the corresponding secret points: where H 1 is a one-way hash function.

9 Computer Science CSC 774Dr. Peng Ning Pairing-Based Handshake (PBH) PBH.Handshake: AB AB AB

10 Computer Science CSC 774Dr. Peng Ning Pairing-Based Handshake (PBH) PBH.TraceUser: Since the conversations of handshaking include the pseudonyms, administrator can easily figure out the users. PBH.RemoveUser: Administrator removes user U by broadcasting its pseudonyms to all the other users, so that other users won’t accept pseudonyms of U.

11 Computer Science CSC 774Dr. Peng Ning Computational Diffie-Hellman Instead of Bilinear Diffie-Hellman CreateGroup: Administrator picks (p,q,g). p and q are primes, g is a generator of a subgroup in of order q. Also, picks up a private key x, and computes the public key y=g x mod p AddUser: For user U, administrator generates id U, then generates a pair so that id U, w, t will be given to the user.

12 Computer Science CSC 774Dr. Peng Ning Computational Diffie-Hellman Instead of Bilinear Diffie-Hellman AddUser: For user U, administrator generates id U, then generates a pair so that id U, w, t will be given to the user. –How to generate the pair (w,t)? Randomly pick r, compute

13 Computer Science CSC 774Dr. Peng Ning Computational Diffie-Hellman Instead of Bilinear Diffie-Hellman Handshake: Assume user A has (id A, w A, t A ) and user B has (id B, w B, t B ). Define several marks (ElGamal Encryption): –

14 Computer Science CSC 774Dr. Peng Ning Computational Diffie-Hellman Instead of Bilinear Diffie-Hellman AB Handshake: AB randomly picks computes AB randomly picks computes verifies resp b AB verifies resp a

Download ppt "Computer Science CSC 774Dr. Peng Ning CSC 774 Advanced Network Security Topic 2.5 Secret Handshake Slides by Tong Zhou."

Similar presentations

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Data Security 1 El_Gamal Cryptography. Data Security2 Introduction El_Gamal is a public-key cryptosystem technique El_Gamal is a public-key cryptosystem.

Data Security 1 El_Gamal Cryptography. Data Security2 Introduction El_Gamal is a public-key cryptosystem technique El_Gamal is a public-key cryptosystem.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
BY JYH-HAW YEH COMPUTER SCIENCE DEPT. BOISE STATE UNIVERSITY Proxy Credential Forgery Attack to Two Proxy Signcryption Schemes.

BY JYH-HAW YEH COMPUTER SCIENCE DEPT. BOISE STATE UNIVERSITY Proxy Credential Forgery Attack to Two Proxy Signcryption Schemes.
CSC 774 Advanced Network Security

CSC 774 Advanced Network Security
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.
IAW 2006 Cascaded Authorization with Anonymous- Signer Aggregate Signatures Danfeng Yao Department of Computer Science Brown University Joint work with.

IAW 2006 Cascaded Authorization with Anonymous- Signer Aggregate Signatures Danfeng Yao Department of Computer Science Brown University Joint work with.
7. Asymmetric encryption-

7. Asymmetric encryption-
Secret Handshakes from CA-Oblivious Encryption Asiacrypt 2004, Jeju-do, Korea Claude Castelluccia, Stanisław Jarecki, Gene Tsudik UC Irvine.

Secret Handshakes from CA-Oblivious Encryption Asiacrypt 2004, Jeju-do, Korea Claude Castelluccia, Stanisław Jarecki, Gene Tsudik UC Irvine.
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.

Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
A novel and efficient unlinkable secret handshakes scheme Author: Hai Huang and Zhenfu Cao (PR China) Source: IEEE Comm. Letters 13 (5) (2009) Presenter:

A novel and efficient unlinkable secret handshakes scheme Author: Hai Huang and Zhenfu Cao (PR China) Source: IEEE Comm. Letters 13 (5) (2009) Presenter:
YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.

YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
Efficient deniable authentication protocol based on generalized ElGamal signature scheme From ELSEVIER Computer Standards & Interface Author: Zuhua Shao.

Efficient deniable authentication protocol based on generalized ElGamal signature scheme From ELSEVIER Computer Standards & Interface Author: Zuhua Shao.
CNS2010handout 10 :: digital signatures1 computer and network security matt barrie.

CNS2010handout 10 :: digital signatures1 computer and network security matt barrie.
Identity Based Encryption

Identity Based Encryption
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date : 2008-06-03.

1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date :

Similar presentations

Ads by Google