Presentation is loading. Please wait.

Presentation is loading. Please wait.

網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments

Published byPeregrine Floyd Modified over 6 years ago

Similar presentations

Presentation on theme: "網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments"— Presentation transcript:

1 網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments
博士論文 指導教授:張真誠 博士 (Dr. Chin-Chen Chang) 研究生:李佳穎 (Chia-Yin Lee) Department of Computer Science and Information Engineering National Chung Cheng University, Chia-Yi, Taiwan

2 Outline Introduction A Mutual Authenticated Key Agreement Scheme
A Dynamic ID-based User Authentication Scheme Using Smart Cards A Secure Single Sign-on Mechanism for Distributed Computer Networks An Enhanced Authentication Scheme with Anonymity for Roaming Service in GLOMONET A Secure Protocol for Mobile Devices Conclusions and Future Works

3 Introduction (1/2) Property of network environments convenient
efficient cannot communicate face to face insecure Secure communications user authentication data confidentiality

4 Introduction (2/2) Authentication user authentication protocols
mutual authentication protocols Confidentiality encryption session key establishment protocols

5 Mutual Authenticated Key Agreement (1/6)
Login into the server over insecure networks:

6 Mutual Authenticated Key Agreement (2/6)
Drawbacks of conventional user authentication schemes suffer from possible attacks, (e.g., forgery attacks) require high computational costs to provide high security (e.g., modular exponentiation) extra time-synchronized mechanisms are needed (using timestamp) do not establish a one-time session key

7 Mutual Authenticated Key Agreement (3/6)
A secure authenticated key agreement protocol: direct authentication no timestamps perfect forward secrecy

8 Mutual Authenticated Key Agreement (4/6)
Initialization phase: (Secure Channel) Ui Server

9 Mutual Authenticated Key Agreement (5/6)
Authentication phase:

10 Mutual Authenticated Key Agreement (6/6)
Comparison: Security properties Ours Lee et al.’s 2005 [62] Chien et al.’s 2004 [24] Sun’s 2000 [87] Lamport’s 1981 [55] No password table Yes No Withstanding the replay attack Withstanding the parallel session attack Mutual authentication Passwords chosen by the users freely Not requiring time synchronization One-time session key establishment

11 A Dynamic ID-based User Authentication Scheme Using Smart Cards (1/5)
Conventional authentication schemes the log-in identity (ID) is never change the adversary can trace the source of the sender Existing dynamic ID-based user authentication schemes suffer from possible attacks must maintain a registration table

12 A Dynamic ID-based User Authentication Scheme Using Smart Cards (2/5)
The characteristic of our method no registration table without using timestamps ensure the privacy of the users achieve perfect forward secrecy

13 A Dynamic ID-based User Authentication Scheme Using Smart Cards (3/5)
Registration phase:

14 Authentication phase:

15 A Dynamic ID-based User Authentication Scheme Using Smart Cards (5/5)
Comparison of security properties: Items Das et al.’s 2004 [26] Wang et al.’s 2009 [97] Khan et al.’s 2010 [44] Ours Mutual authentication No Yes Password chosen by users User anonymity Without registration table Withstand impersonation attacks Without time-synchronized mechanisms Session key establishment Perfect forward secrecy No* * Since Das et al.’s and Wang et al.’s schemes do not provide session key establishment, these two schemes do not provide the property of perfect forward secrecy for transmitted messages.

16 A Secure Single Sign-on Mechanism for Distributed Computer Networks (1/6)
Conventional authentication schemes register with each service provider keep different identity/password pairs Existing user identification schemes for distributed networks suffer from possible attacks require time-synchronized mechanisms

17 A Secure Single Sign-on Mechanism for Distributed Computer Networks (2/6)
The characteristic of our method withstand possible attacks (e.g., impersonation attacks) without time-synchronized mechanisms more efficient

18 A Secure Single Sign-on Mechanism for Distributed Computer Networks (3/6)
Registration phase:

19 User identification phase:

20 A Secure Single Sign-on Mechanism for Distributed Computer Networks (5/6)
Computation cost comparison:

21 A Secure Single Sign-on Mechanism for Distributed Computer Networks (6/6)
Communication cost comparison:

22 Enhanced Authentication Scheme with Anonymity for Roaming Service in GLOMONET (1/6)
Existing schemes adopt asymmetric and symmetric cryptosystems use timestamps suffer from possible attacks do not provide the property of anonymity

23 Enhanced Authentication Scheme with Anonymity for Roaming Service in GLOMONET (2/6)
The characteristic of proposed scheme use low cost functions without time-synchronized mechanisms provide anonymity for mobile users the session key selected by the mobile user

24 Enhanced Authentication Scheme with Anonymity for Roaming Service in GLOMONET (3/6)
Registration phase:

25 Authentication and key establishment phases:

26 Enhanced Authentication Scheme with Anonymity for Roaming Service in GLOMONET(5/6)
Performance comparisons:

27 Enhanced Authentication Scheme with Anonymity for Roaming Service in GLOMONET (6/6)
Functionality comparisons:

28 A Secure E-mail Protocol for Mobile Devices (1/8)
systems a popular medium for data transmission transmit pure text and multimedia Internet is public and insecure data might be eavesdropped If long-term secret key is compromised all previous mails might be exposed

29 A Secure E-mail Protocol for Mobile Devices (2/8)
Objectives of our research reduce the computation cost achieve Perfect Forward Secrecy (PFS) work in the inter-domain

30 A Secure E-mail Protocol for Mobile Devices (3/8)
Registration phase:

31 A Secure E-mail Protocol for Mobile Devices (4/8)
Login phase:

32 A Secure E-mail Protocol for Mobile Devices (5/8)
The first sub-phase of the sending phase:

33 The second sub-phase of the sending phase:

34 A Secure E-mail Protocol for Mobile Devices (7/8)
The receiving phase:

35 A Secure E-mail Protocol for Mobile Devices (8/8)

36 Conclusions and Future Works (1/2)
We have proposed solutions as follows mutual authenticated key agreement protocol dynamic ID-based user authentication scheme secure single sign-on mechanism for distributed computer networks authentication scheme with anonymity for roaming service secure protocol for mobile devices

37 Conclusions and Future Works (2/2)
In the future, we will extend the result of this study decrease the overhead of message transmission design authentication schemes that can provide 1-out-of-∞ deniability design secure authentication protocols in the RFID systems

Download ppt "網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments"

Similar presentations

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : 2012.10.24 Reporter : Hong Ji Wei Authors.

多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : Reporter : Hong Ji Wei Authors.
A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :11.23 1.

A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.

A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
90321011 孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : 2003.11.26 in Computers & Security.

孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : in Computers & Security.
A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.
多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人:向峻霈.

多媒體網路安全實驗室 A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks Date:2011/10/05 報告人:向峻霈.
Cryptanalysis of Two Dynamic ID-based Authentication

Cryptanalysis of Two Dynamic ID-based Authentication
1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.

1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.
Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September 2007 1.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September
1 Authentication and Digital Signature Schemes and Their Applications to E-commerce ( 身份認證與數位簽章技術及其在電子商務上的應用 ) Advisor: Chin-Chen Chang 1, 2 Student: Ya-Fen.

1 Authentication and Digital Signature Schemes and Their Applications to E-commerce ( 身份認證與數位簽章技術及其在電子商務上的應用 ) Advisor: Chin-Chen Chang 1, 2 Student: Ya-Fen.
多媒體網路安全實驗室 A novel user authentication and privacy preserving scheme with smartcards for wireless communications 作者 :Chun-Ta Li,Cgeng-Chi Lee 出處 :Mathematical.

多媒體網路安全實驗室 A novel user authentication and privacy preserving scheme with smartcards for wireless communications 作者 :Chun-Ta Li,Cgeng-Chi Lee 出處 :Mathematical.
Efficient remote mutual authentication and key agreement Improvement of Chien et al. ’ s remote user authentication scheme using smart cards An efficient.

Efficient remote mutual authentication and key agreement Improvement of Chien et al. ’ s remote user authentication scheme using smart cards An efficient.
Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date : 2012-12-08.

Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :
A Secure Identification and Key Agreement Protocol with User Anonymity (SIKA) Authors: Kumar Mangipudi and Rajendra Katti Source: Computers & Security,

A Secure Identification and Key Agreement Protocol with User Anonymity (SIKA) Authors: Kumar Mangipudi and Rajendra Katti Source: Computers & Security,

Similar presentations

Ads by Google