Presentation is loading. Please wait.

Presentation is loading. Please wait.

多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/12 報告人:向峻霈.

Published byEvan Fowler Modified over 7 years ago

Similar presentations

Presentation on theme: "多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/12 報告人:向峻霈."— Presentation transcript:

1 多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/12 報告人:向峻霈 出處 : Chien-Lung Hsu Yu-Hao Chuang Information Sciences pp. 422-429,2009

2 多媒體網路安全實驗室 Outline Introduction 1 Related work 2 Proposed scheme 33 Functionality comparison 44 Conclusion 35 2

3 多媒體網路安全實驗室 Introduction  The distributed computer networks  allow hosts and user terminals connected into the same network  share information and computing power 3

4 多媒體網路安全實驗室 4 Introduction (2/2)  Security problems in the distributed computer networks  user identification  key distribution  user anonymity

5 多媒體網路安全實驗室 Related work  Review of the Yang et al. and Mangipudi– Katti schemes 5

6 多媒體網路安全實驗室 Key generation phase  SCPC sets up the system parameters  N j =p j *q j  selects two integers e j and d j such that e j d j =1 mod φ(N j )  φ(N j ) = (p j -1)(q j -1)  chooses a generator g in the field Z N j  a hash function H(m) on a message  a symmetric-key cryptosystem such as AES  public parameters=>e j, N j, g j, and ID j  secret =>d j,p j,q j 6

7 多媒體網路安全實驗室 Anonymous user identification and key agreement phase-(Yang et al. scheme) 7 ClientServer Service request Z = g k ‧ S j -1 mod N M2 =(Z) a = Z e ‧ ID j mod N K ij = a t mod N w =g et mod N x = g t ‧ S i H(w,T) y = E k i| (ID i ) M3 = (w,x,y,T) K i| = w k mod N D k ij (y) -> ID i 檢查 ID 表是否存在 w ID i H(w,T) mod N = x e mod N Accepts this login request

8 多媒體網路安全實驗室 Anonymous user identification and key agreement phase-(SIKA) 8 ClientServer Service request S j = ID j d mod N Z = g k ‧ S j -1 mod N u = g j v v = H(Z,T,ID j )d j M2 =(Z,T,u) u = H(Z,T,ID j ) u e j mod N j = g j u mod N j a = Z e ‧ ID j mod N K ij = a t mod N w =g et mod N x = g t ‧ S i H(w,T’) y = E ki| (ID i ) M3 = (x,y,p,T’) K ij = w k mod N D ki| (y) -> ID i 檢查 ID 表是否存在 w ID i H(w,T’) mod N = x e mod N Accepts this login request

9 多媒體網路安全實驗室 Anonymous user identification and key agreement phase 9 ClientServer Service request S j = ID j d mod N Z = g k ‧ S j mod N M2 =(Z) a = Z e ‧ ID -1 j mod N K ij = a t mod N w =g et mod N x = S j h(K ij ||Z||w||T) mod N y = E kij (ID i ) M3 = (w,x,y,T) K ij = w k mod N D kij (y) -> ID i ID i h(K ij ||Z||w||T) mod N = x e mod N D i = h(K ij || T’ || Z || ID i || ID j ) D’ i = h(K ij || T’ || Z || ID i || ID j ) D’ i = D i M4=(D i,T’)

10 多媒體網路安全實驗室 Security analysis  Security of the private keys  Security of the session keys  Security of user identification  Security of user anonymity  Prevention of a DoS attack 10

11 多媒體網路安全實驗室 Anonymous user identification and key agreement phase 11 ClientServer Service request S j = ID j d mod N Z = g k ‧ S j -1 mod N M2 =(Z) a = Z e ‧ ID -1 j mod N K ij = a t mod N w =g et mod N x = S j h(K ij ||Z||w||T) mod N y = E kij (ID i ) M3 = (w,x,y,T) K ij = w k mod N D kij (y) -> ID i ID i h(K ij ||Z||w||T) mod N = x e mod N D i = h(K ij || T’ || Z || ID i || ID j ) D’ i = h(K ij || T’ || Z || ID i || ID j ) D’ i = D i M4=(D i,T’) Security of the private keys

12 多媒體網路安全實驗室 Anonymous user identification and key agreement phase 12 ClientServer Service request S j = ID j d mod N Z = g k ‧ S j -1 mod N M2 =(Z) a = Z e ‧ ID -1 j mod N K ij = a t mod N w =g et mod N x = S j h(K ij ||Z||w||T) mod N y = E kij (ID i ) M3 = (w,x,y,T) K ij = w k mod N D kij (y) -> ID i ID i h(K ij ||Z||w||T) mod N = x e mod N D i = h(K ij || T’ || Z || ID i || ID j ) D’ i = h(K ij || T’ || Z || ID i || ID j ) D’ i = D i M4=(D i,T’) Security of the session keys

13 多媒體網路安全實驗室 Anonymous user identification and key agreement phase 13 ClientServer Service request S j = ID j d mod N Z = g k ‧ S j -1 mod N M2 =(Z) a = Z e ‧ ID -1 j mod N K ij = a t mod N w =g et mod N x = S j h(K ij ||Z||w||T) mod N y = E kij (ID i ) M3 = (w,x,y,T) K ij = w k mod N D kij (y) -> ID i ID i h(K ij ||Z||w||T) mod N = x e mod N D i = h(K ij || T’ || Z || ID i || ID j ) D’ i = h(K ij || T’ || Z || ID i || ID j ) D’ i = D i M4=(D i,T’) Security of user identification

14 多媒體網路安全實驗室 Anonymous user identification and key agreement phase 14 ClientServer Service request S j = ID j d mod N Z = g k ‧ S j -1 mod N M2 =(Z) a = Z e ‧ ID -1 j mod N K ij = a t mod N w =g et mod N x = S j h(K ij ||Z||w||T) mod N y = E kij (ID i ) M3 = (w,x,y,T) K ij = w k mod N D kij (y) -> ID i ID i h(K ij ||Z||w||T) mod N = x e mod N D i = h(K ij || T’ || Z || ID i || ID j ) D’ i = h(K ij || T’ || Z || ID i || ID j ) D’ i = D i M4=(D i,T’) Security of user annymity //the adversary will face the problems of solving the DLP

15 多媒體網路安全實驗室 Anonymous user identification and key agreement phase 15 ClientServer Service request S j = ID j d mod N Z = g k ‧ S j -1 mod N M2 =(Z) a = Z e ‧ ID -1 j mod N K ij = a t mod N w =g et mod N x = S j h(K ij ||Z||w||T) mod N y = E kij (ID i ) M3 = (w,x,y,T) K ij = w k mod N D kij (y) -> ID i ID i h(K ij ||Z||w||T) mod N = x e mod N D i = h(K ij || T’ || Z || ID i || ID j ) D’ i = h(K ij || T’ || Z || ID i || ID j ) D’ i = D i M4=(D i,T’) Prevention of a DoS attack //Z,T,ID j

16 多媒體網路安全實驗室 Functionality comparison  T h : the time for executing a one-way hash function  T inv : the time for executing a modular inverse computation  T mul : the time for executing a modular multiplication computation  T exp : the time for executing a modular exponentiation computation  T enc : the time for executing a symmetric-key encryption  T dec : the time for executing a symmetric-key decryption  |x| : the bit length of x 16

17 多媒體網路安全實驗室 Communi cation costs Computational complexities 年份 UiPj The Lee -Chang4|N| + |T|T h + 5T mul + 5T exp T h + T inv + 2T mul + 4T exp 1999 The Wu–Hsu3|N| + |T|T h + T inv + 3T mul + 4T exp T h + T inv + 2T mul + 4T exp 2004 The Yang et al. 3|N| + |T| + |IDi| T enc + T h + 3T mul + 5T exp T dec + T h + T inv + 2T mul + 4T exp 2004 The Mangipudi– Katti 4|N| + 2|T| + |IDi| T enc + 2T h + 3T mul + 7T exp T dec + 2T h + T inv + 3T mul + 5T exp 2006 The proposed 3|N| + |T| + |IDi| T enc + T h + T inv + 2T mul + 4T exp T dec + T h + T mul + 4T exp 2009 The proposed scheme against a DoS attacka 4|N| + 2|T| + |IDi| T enc + 2T h + T inv + 2T mul + 6T exp T dec + 2T h + 2T mul + 5T exp 2009 17

18 多媒體網路安全實驗室 Functionality comparison  C1 : Prevention of a replay attack.  C2 : Prevention of a compromising attack ?  C3 : Prevention of an identity disclosure attack  C4 : Prevention of an impersonation attack  C5 : Prevention of a compromising attack ?  C6 : Prevention of a DoS attack  C7 : Mutual authentication  C8 : Session key establishment  C9 : Session key confirmation from the user to the service provider  C10 : Session key confirmation from the service provider to the user 18

19 多媒體網路安全實驗室 Functionality comparison The Lee-Chang scheme The Wu–Hsu scheme Yang et al.’s scheme The Mangipudi –Katti scheme The proposed scheme C1OOOOO C2OXOOO C3XXXXO C4XXOOO C5OXOOO C6XXXOO C7XXXOO C8OOOOO C9XXOOO C10XXXXO 19

20 多媒體網路安全實驗室 Conclusion  Yang et al.’s scheme suffers from identity disclosure attack and DoS attack.  The proposed scheme can withstand the possible attacks and achieve mutual authentication. 20

21 多媒體網路安全實驗室

Download ppt "多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/12 報告人:向峻霈."

Similar presentations

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : 2012.10.24 Reporter : Hong Ji Wei Authors.

多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : Reporter : Hong Ji Wei Authors.
多媒體網路安全實驗室 Source:International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH- MSP),2010 Sixth. Authors:Hsiang-Cheh.

多媒體網路安全實驗室 Source:International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH- MSP),2010 Sixth. Authors:Hsiang-Cheh.
多媒體網路安全實驗室 Towards Secure and Effective Utilization over Encrypted Cloud Data 報告人 : 葉瑞群 日期 :2012/05/09 出處 :IEEE Transactions on Knowledge and Data Engineering.

多媒體網路安全實驗室 Towards Secure and Effective Utilization over Encrypted Cloud Data 報告人 : 葉瑞群 日期 :2012/05/09 出處 :IEEE Transactions on Knowledge and Data Engineering.
A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :11.23 1.

A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :
Computer and Information Security 期末報告 學號 92321501 姓名 莊玉麟.

Computer and Information Security 期末報告 學號 姓名 莊玉麟.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.
1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人:陳昱升.

1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人:陳昱升.
Improvement of Hwang-Lo-Lin scheme based on an ID-based cryptosystem No author given (Korea information security Agency) Presented by J.Liu.

Improvement of Hwang-Lo-Lin scheme based on an ID-based cryptosystem No author given (Korea information security Agency) Presented by J.Liu.
多媒體網路安全實驗室 A Strong User Authentication Framework for Cloud Computing Date : 2012.08.10 Reporter : Hong Ji Wei Authors : Amlan Jyoti Choudhury, Mangal.

多媒體網路安全實驗室 A Strong User Authentication Framework for Cloud Computing Date : Reporter : Hong Ji Wei Authors : Amlan Jyoti Choudhury, Mangal.
多媒體網路安全實驗室 A Security Framework of Group Location-Based Mobile Applications in Cloud Computing Date : 2012.07.17 Reporter : Hong Ji Wei Authors : Yu-Jia.

多媒體網路安全實驗室 A Security Framework of Group Location-Based Mobile Applications in Cloud Computing Date : Reporter : Hong Ji Wei Authors : Yu-Jia.
多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人:向峻霈.

多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人:向峻霈.
Cryptanalysis of Two Dynamic ID-based Authentication

Cryptanalysis of Two Dynamic ID-based Authentication
1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.

1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.
多媒體網路安全實驗室 An Efficient RFID Authentication Protocol for Low-cost Tags Date : 2012.08.31 Reporter : Hong Ji Wei Authors : Yanfei Liu From : 2008 IEEE/IFIP.

多媒體網路安全實驗室 An Efficient RFID Authentication Protocol for Low-cost Tags Date : Reporter : Hong Ji Wei Authors : Yanfei Liu From : 2008 IEEE/IFIP.
多媒體網路安全實驗室 A novel user authentication and privacy preserving scheme with smartcards for wireless communications 作者 :Chun-Ta Li,Cgeng-Chi Lee 出處 :Mathematical.

多媒體網路安全實驗室 A novel user authentication and privacy preserving scheme with smartcards for wireless communications 作者 :Chun-Ta Li,Cgeng-Chi Lee 出處 :Mathematical.
Efficient remote mutual authentication and key agreement Improvement of Chien et al. ’ s remote user authentication scheme using smart cards An efficient.

Efficient remote mutual authentication and key agreement Improvement of Chien et al. ’ s remote user authentication scheme using smart cards An efficient.
An ID-Based Mutual Authentication and Key Exchange Protocol for Low- Power Mobile Devices Authors: Tsu-Yang Wu and Yuh-Min Tseng Source: The Computer Journal.

An ID-Based Mutual Authentication and Key Exchange Protocol for Low- Power Mobile Devices Authors: Tsu-Yang Wu and Yuh-Min Tseng Source: The Computer Journal.

Similar presentations

Ads by Google