1,270 research outputs found
On Provable Security of Entity Authentication Schemes
2017 - 2018Entity authentication is the process allowing a user, in a distributed system, to gain confidence in the identity of one (or more) communication user. Such a process may be either unilateral (the users are involved in a conversation in which only one of them, called the verifier, gains confidence that it is the other, called the prover, with whom he is speaking) or mutual (both users gain confidence about the identity of the communication partner). Moreover, the users might share some secret information, or might not.
A one-message unilateral entity authentication scheme allows one party, called the prover, to authenticate himself, i.e. to prove his identity, to another party, called the verifier, by sending a single authentication message. We consider schemes where the prover and the verifier do not share any secret information, such as a password, in advance.
We propose the first theoretical characterization for one-message unilateral entity authentication schemes, by formalizing the security requirements for such schemes with respect to different kinds of passive and active adversaries. More in details, we consider both static and adaptive adversaries for each kind of attack (passive/active). Afterwards, we explore the relationships between the security notions resulting from different adversarial behaviours for one-message unilateral entity authentication scheme.
Finally, we propose three different constructions for one-message unilateral entity authentication schemes and analyse their security with respect to the different security notions previously formalized in the work. [edited by Author]XVII n.s. (XXXI ciclo
Formal Analysis of ISO/IEC 9798-2 Authentication Standard using AVISPA
International audienceUse of formal methods is considered as a useful and efficient technique for the validation of security properties of the protocols. In this paper, we analyze the protocols of ISO/IEC 9798-2 entity authentication standard using a state-of-the-art tool for automated analysis named AVISPA. Our analysis of the standard using AVISPA's OFMC and CL-AtSe back-ends shows that the two party protocols are secure against the specified security properties while the back-ends are able to find attacks against unilateral and mutual authentication protocols involving a trusted third party
On the Use of Key Assignment Schemes in Authentication Protocols
Key Assignment Schemes (KASs) have been extensively studied in the context of
cryptographically-enforced access control, where derived keys are used to
decrypt protected resources. In this paper, we explore the use of KASs in
entity authentication protocols, where we use derived keys to encrypt
challenges. This novel use of KASs permits the efficient authentication of an
entity in accordance with an authentication policy by associating entities with
security labels representing specific services. Cryptographic keys are
associated with each security label and demonstrating knowledge of an
appropriate key is used as the basis for authentication. Thus, by controlling
the distribution of such keys, restrictions may be efficiently placed upon the
circumstances under which an entity may be authenticated and the services to
which they may gain access.
In this work, we explore how both standardized protocols and novel
constructions may be developed to authenticate entities as members of a group
associated to a particular security label, whilst protecting the long-term
secrets in the system. We also see that such constructions may allow for
authentication whilst preserving anonymity, and that by including a trusted
third party we can achieve the authentication of individual identities and
authentication based on timestamps without the need for synchronized clocks
Recommended from our members
Selection of EAP-authentication methods in WLANs
IEEE 802.1X is a key part of IEEE802.11i. By employing Extensible Authentication Protocol (EAP) it supports a variety of upper layer
authentication methods each with different benefits and drawbacks. Any one of these authentication methods can be the ideal choice for a specific networking environment. The fact that IEEE 802.11i leaves the selection of the most suitable authentication method to system implementers makes the authentication framework more flexible, but on the other hand leads to the
question of how to select the authentication method that suits an organisation’s requirements and specific networking environment. This paper gives an overview of EAP authentication methods and provides a table comparing their properties. It then identifies the crucial factors to be considered when employing EAP authentication methods in WLAN environments. The paper presents algorithms that guide the selection of an EAP-authentication method for a WLAN and demonstrates their application through three examples
Efficient and complete remote authentication scheme with smart cards
99學年度洪文斌升等參考著作[[abstract]]A complete remote authentication scheme should provide the following security properties: (1) mutual authentication, (2) session key exchange, (3) protection of user anonymity, (4) support of immediate revocation capability, (5) low communication and computation cost, (6) resistance to various kinds of attacks, (7) freely choosing and securely changing passwords by users, and (8) without storing password or verification tables in servers. However, none of the existing schemes meets all the requirements. In this paper, along the line of cost effective approach using hash functions for authentication, we propose an efficient and practical remote user authentication scheme with smart cards to support the above complete security properties.[[conferencetype]]國際[[conferencedate]]20080617~20080620[[booktype]]紙本[[booktype]]電子版[[conferencelocation]]Taipei, Taiwa
Pairing-based cryptosystems and key agreement protocols.
For a long time, pairings on elliptic curves have been considered to be destructive in elliptic curve cryptography. Only recently after some pioneering works, particularly the well-known Boneh-Franklin identity-based encryption (IBE), pairings have quickly become an important
tool to construct novel cryptographic schemes.
In this thesis, several new cryptographic schemes with pairings are proposed, which are both efficient and secure with respect to a properly defined security model, and some
relevant previous schemes are revisited.
IBE provides a public key encryption mechanism where a public key can be an arbitrary string such as an entity identifier and unwieldy certificates are unnecessary. Based on the Sakai-Kasahara key construction, an IBE scheme which is secure in the Boneh-Franklin IBE model is constructed, and two identity-based key encapsulation mechanisms are proposed. These schemes achieve the best efficiency among the existing schemes to date. Recently Al-Riyami and Paterson introduced the certificateless public key encryption (CL-PKE) paradigm, which eliminates the need of certificates and at the same time retains the desirable properties of IBE without the key escrow problem. The security formulation of CL-PKE is revisited and a strong security model for this type of mechanism is defined.
Following a heuristic approach, three efficient CL-PKE schemes which are secure in the defined strong security model are proposed. Identity-based two-party key agreement protocols from pairings are also investigated.
The Bellare-Rogaway key agreement model is enhanced and within the model several previously unproven protocols in the literature are formally analysed. In considering that the user identity may be sensitive information in many environments, an identity-based key agreement protocol with unilateral identity privacy is proposed
- …