Presentation is loading. Please wait.

Presentation is loading. Please wait.

電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin."— Presentation transcript:

1 電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin 3/27/2004

2 電子商務與數位生活研討會 2 Outline Introduction Review of Ku-Chen scheme The problem of Ku-Chen scheme The proposed scheme Security Analysis Conclusions

3 電子商務與數位生活研討會 3 Introduction In 2000, Sandirigama et al. proposed SAS scheme lowered storage, processing, and transmission overheads. In 2001, Lin, Sun, and Hwang proposed an enhanced password authentication scheme, called the OSPA.

4 電子商務與數位生活研討會 4 Introduction In 2002,OSPA protocol has been shown vulnerable to the stolen-verifier attack and the impersonation attack. In 2003, Ku and Chen proposed a new improved version for the OSPA protocol In this paper, an improved scheme with mutual authentication is proposed.

5 電子商務與數位生活研討會 5 Review of Ku-Chen scheme Notation: h(.) : collision-resistant hash function T : login times k : long-term secret key  : exclusive-or operation

6 電子商務與數位生活研討會 6 Review of Ku-Chen scheme Registration phase Authentication phase

7 電子商務與數位生活研討會 7 ID, h 2 (PW  1) Chooses his identity ID and password PW and computes h 2 (PW  1) Calculates verifier v 1 =h 2 (PW  1)  h(ID  k) Store {ID, v 1,T=1} into the verification table

8 電子商務與數位生活研討會 8 ID, service request T= i c 1 =h(PW  i )  h 2 (PW  i ) c 2 =h 2 (PW  ( i +1))  h(PW  i ) c 3 =h(h 3 (PW  ( i +1))  T) Find i from verification table by the ID

9 電子商務與數位生活研討會 9 Check c 1, c 2 c 1,c 2,c 3 Get h 2 (PW  i ) by v i  h(ID  k) y 1 =c 1  h 2 (PW  i )=h(PW  i ) y 2 =c 2  y 1 =h 2 (PW  ( i +1)) Check if h(y 1 )=h 2 (PW  i ) h(h(y 2 )  T)=c 3 v i+1 =h 2 (PW  ( i +1))  h(ID  k) Store ID,T= i +1, and v i +1

10 電子商務與數位生活研討會 10 The problem of Ku-Chen scheme The user is authenticated by the remote server. But, remote server is not authenticated by the user (Server impersonation attack ).

11 電子商務與數位生活研討會 11 The proposed scheme Registration phase Authentication phase

12 電子商務與數位生活研討會 12 ID, h 2 (PW  1) Chooses his identity ID and password PW and computes h 2 (PW  1) Calculates verifier v 1 =h 2 (PW  1)  h(ID  k) Store {ID, v 1 } into the verification table

13 電子商務與數位生活研討會 13 ID, r  h 2 (PW  i ) h(r)  h 2 (PW  i ) Check r c 1 =h(PW  i )  h 2 (PW  i ) c 2 =h 2 (PW  ( i +1))  h(PW  i ) c 3 =h(h 3 (PW  ( i +1))  T) choose r randomly and compute r  h 2 (PW  i ) Get h 2 (PW  i ) by v i  h(ID  k) r =(r  h 2 (PW  i ))  h 2 (PW  i )

14 電子商務與數位生活研討會 14 Check c 1, c 2 c 1,c 2,c 3 y 1 =c 1  h 2 (PW  i )=h(PW  i ) y 2 =c 2  y 1 =h 2 (PW  ( i +1)) Check if h(y 1 )=h 2 (PW  i ) h(h(y 2 )  T)=c 3 v i+1 =h 2 (PW  ( i +1))  h(ID  k) Store ID and v i +1

15 電子商務與數位生活研討會 15 Security Analysis Password guess attack Impersonation attack Stolen-verifier attack Server impersonation attack

16 電子商務與數位生活研討會 16 Conclusions We point out the possible server impersonation problem in the Ku- Chen scheme and propose an enhanced version. The proposed concept of security enhancement is also suitable for the other SAS-like schemes.

17 電子商務與數位生活研討會 17 THE END

Download ppt "電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin."

Similar presentations

1 東南技術學院九十二學年度第二學期 資工系第一次論文發表會 Analysis of an Improved Version of S/KEY One-Time Password Authentication Scheme Speaker: Maw-Jinn Tsaur 2004.05.12.

1 東南技術學院九十二學年度第二學期 資工系第一次論文發表會 Analysis of an Improved Version of S/KEY One-Time Password Authentication Scheme Speaker: Maw-Jinn Tsaur
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :11.23 1.

A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :
Computer and Information Security 期末報告 學號 92321501 姓名 莊玉麟.

Computer and Information Security 期末報告 學號 姓名 莊玉麟.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.

1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.
A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.

A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.
A Server-aided Signature Scheme Based on Secret Sharing for Mobile Commerce Source: Journal of Computers, Vol.19, No.1, April 2008 Author: Chin-Ling Chen,

A Server-aided Signature Scheme Based on Secret Sharing for Mobile Commerce Source: Journal of Computers, Vol.19, No.1, April 2008 Author: Chin-Ling Chen,
A password authentication scheme with secure password updating SEC 期末報告 學號: 89321037 姓名:翁玉芬.

A password authentication scheme with secure password updating SEC 期末報告 學號: 姓名:翁玉芬.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
1 Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment Authors : Han-Cheng Hsiang and Wei-Kuan Shih.

1 Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment Authors : Han-Cheng Hsiang and Wei-Kuan Shih.
Efficient Multi-server Password Authenticated Key Agreement Using Smart Cards Computer and Information Security 92321509 Ming-Hong Shih.

Efficient Multi-server Password Authenticated Key Agreement Using Smart Cards Computer and Information Security Ming-Hong Shih.
90321011 孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : 2003.11.26 in Computers & Security.

孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : in Computers & Security.
1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科 教授 (Prof. Jinn-Ke Jan) 陳育毅.

1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科 教授 (Prof. Jinn-Ke Jan) 陳育毅.
An Improved Smart Card Based Password Authentication Scheme with Provable Security Source:Computer Standards & Interfaces, Vol. 31, No. 4, pp. 723-728,

An Improved Smart Card Based Password Authentication Scheme with Provable Security Source:Computer Standards & Interfaces, Vol. 31, No. 4, pp ,
A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.
Improvement of Hwang-Lo-Lin scheme based on an ID-based cryptosystem No author given (Korea information security Agency) Presented by J.Liu.

Improvement of Hwang-Lo-Lin scheme based on an ID-based cryptosystem No author given (Korea information security Agency) Presented by J.Liu.
1 Security Weakness in a Three-Party Password-Based Key Exchange Protocol Using Weil Pairing From : ePrint (August 2005) Author : Junghyun Nam, Seungjoo.

1 Security Weakness in a Three-Party Password-Based Key Exchange Protocol Using Weil Pairing From : ePrint (August 2005) Author : Junghyun Nam, Seungjoo.
An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks DAOJING HE, YI GAO, SAMMY CHAN, CHUN CHEN, JIAJUN BU Ad Hoc & Sensor Wireless.

An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks DAOJING HE, YI GAO, SAMMY CHAN, CHUN CHEN, JIAJUN BU Ad Hoc & Sensor Wireless.

Similar presentations

Ads by Google