Presentation is loading. Please wait.

Presentation is loading. Please wait.

A password authentication scheme with secure password updating SEC 期末報告 學號: 89321037 姓名:翁玉芬.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "A password authentication scheme with secure password updating SEC 期末報告 學號: 89321037 姓名:翁玉芬."— Presentation transcript:

1 A password authentication scheme with secure password updating SEC 期末報告 學號: 89321037 姓名:翁玉芬

2 Source Chun-Li Lin and Tzonelih Hwang, Computers & Security, Vol.22, No.1, pp. 68-72, 2003

3 Outline Introduction Peryravian-Zunic’s Scheme Hwang-Yen’s Scheme Proposed Scheme Conclusions

4 Introduction Password scheme  Password authentication protocol replay attack password search attack stolen-verifier attack  Password change protocol denial of service attack  Key distribution forward secrecy Peyarian -Zunic Hwang -Yen Proposed scheme Password authentication Yes Password change Yes Key distribution Yes

5 Introduction (cont.) Notations  id: user number  pw: password  K s : the server public key  {M}K s : Encryption of M with K s  rc: random number generated by client  rs: random number generated by server  H(.) : one-way hash function

6 Peyarian-Zunic’s Scheme – password transmission ClientServer id, rc rs id, H( H( id, pw), rc, rs) Access granted or denied. stolen-verifier attack

7 Peyarian-Zunic’s Scheme – password change ClientServer id, rc rs Access granted or denied id, H( H( id, pw), rc, rs), denial of service attack

8 Hwang-Yen’s Scheme –password transmission ClientServer id, { rc, pw}K s id, H (rc, rs) Access granted or denied, H ( rs)

9 Hwang-Yen’s Scheme -Key distribution ClientServer id, { rc, pw}K s receive rc generate rc generate rs, H ( rs) receive rs id, H (rc, rs) Access granted or denied Compute H (rc,rs) Compute H (rc,rs) one-time token No forward secrecy

10 Hwang-Yen’s Scheme -password change ClientServer id, { rc, pw}K s Access granted or denied, H( rs) id, H(rc, rs), denial of service attack

11 Proposed Scheme –password change ClientServer id, { rc, pw}K s Access granted or denied, H( rs) id, H(rc, rs), H( H( new_pw), rs)

12 Proposed Scheme –key distribution ClientServer generate x generate y id, Receive receive Access granted or denied id, Compute

13 Conclusions The password change protocol can protest against denial of service attack The key distribution protocol can propose forward secrecy

Download ppt "A password authentication scheme with secure password updating SEC 期末報告 學號: 89321037 姓名:翁玉芬."

Similar presentations

Authentication Applications The Kerberos Protocol Standard

Authentication Applications The Kerberos Protocol Standard
1 東南技術學院九十二學年度第二學期 資工系第一次論文發表會 Analysis of an Improved Version of S/KEY One-Time Password Authentication Scheme Speaker: Maw-Jinn Tsaur 2004.05.12.

1 東南技術學院九十二學年度第二學期 資工系第一次論文發表會 Analysis of an Improved Version of S/KEY One-Time Password Authentication Scheme Speaker: Maw-Jinn Tsaur
A key agreement protocol using mutual Authentication for Ad-Hoc Networks IEEE 2005 Authors : Chichun Lo, Chunchieh Huang, Yongxin Huang Date : 2005_11_29.

A key agreement protocol using mutual Authentication for Ad-Hoc Networks IEEE 2005 Authors : Chichun Lo, Chunchieh Huang, Yongxin Huang Date : 2005_11_29.
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
1 An Ultra-lightweight Authentication Protocol in RFID Speaker: 魏家惠.

1 An Ultra-lightweight Authentication Protocol in RFID Speaker: 魏家惠.
Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.

Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : 2012.10.24 Reporter : Hong Ji Wei Authors.

多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : Reporter : Hong Ji Wei Authors.
An Improvement on Authenticated Key Agreement Scheme Authors: Chin-Chen Chang and Shih-Yi Lin Source: 2007 International Conference on Intelligent Pervasive.

An Improvement on Authenticated Key Agreement Scheme Authors: Chin-Chen Chang and Shih-Yi Lin Source: 2007 International Conference on Intelligent Pervasive.
Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.
A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :11.23 1.

A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :
Computer and Information Security 期末報告 學號 92321501 姓名 莊玉麟.

Computer and Information Security 期末報告 學號 姓名 莊玉麟.
1 Three-Party Encrypted Key Exchange Without Server Public-Keys C. L. Lin, H. M. Sun, M. Steiner, and T. Hwang IEEE COMMUNICATIONS LETTER, VOL. 5, NO.12,

1 Three-Party Encrypted Key Exchange Without Server Public-Keys C. L. Lin, H. M. Sun, M. Steiner, and T. Hwang IEEE COMMUNICATIONS LETTER, VOL. 5, NO.12,
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
CMSC 414 Computer and Network Security Lecture 15 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 15 Jonathan Katz.
1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.

1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.
A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.

A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.
電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.

電子商務與數位生活研討會 1 Further Security Enhancement for Optimal Strong-Password Authentication Protocol Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee,Kuang-Long Lin.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
Analysis of Key Agreement Protocols Brita Vesterås Supervisor: Chik How Tan.

Analysis of Key Agreement Protocols Brita Vesterås Supervisor: Chik How Tan.

Similar presentations

Ads by Google