Authentication and Key Agreement in Various Communication Environments for User Privacy Protection
Date Issued
2010
Date
2010
Author(s)
Wang, Ren-Chiun
Abstract
Due to the rapid growth of numerous security accidents, people become more aware about various network security threats. Many solutions for these network security threats were proposed in which authentication is the first and essential step to identify whether a remote user is authorized or not. After identity authentication, a user can be held accountable and the system can decide to grant her/him a specific access privilege. Moreover, the system can generate a session key to protect future communications. In addition to security, nowadays people pay more attention to their privacy protection when they rely on the Internet to access resources and perform electronic transactions. Users are concerned that their sensitive information might be collected by outsiders and be exposed over the Internet. Unfortunately, most of the existing security solutions did not take this issue into consideration.
Today, people can access network resources ubiquitously through wired networks, wireless networks, mobile networks, and vehicle networks etc. From the network architecture point of view, the architectures can be classified into the following types: (1) client/server architecture; (2) multi-server architecture; (3) mobile networks; (4) adhoc networks; and (5) peer-to-peer networks.
In this dissertation, our major contributions are that:
(1) In client/server architecture, we show the weaknesses of the previous password and smart card-based authentication and key agreement schemes, where the weaknesses are the known-key attack, the smart card loss problem, the exposure of user''s identity, the denial of service attack and the dissatisfaction of the perfect forward secrecy. We then propose our novel schemes to overcome the above weaknesses, to satisfy more merits and to enhance the efficiency.
(2) In multi-server architecture, we show the weaknesses of the previous password and smart card-based authentication and key agreement schemes, where the weaknesses are the server spoofing and the impersonation attacks. We then propose our novel scheme to overcome the above weaknesses, to satisfy more merits and to enhance the efficiency.
(3) In mobile networks, we show the weaknesses of the previous password and smart card-based and proxy signature-based authentication and key agreement schemes, where the weaknesses are the exposure of mobile user''s identity, the smart card loss problem and the overcharge problem. We then propose our novel schemes to overcome the above weaknesses, to satisfy more merits and to enhance the efficiency.
(4) In adhoc networks, we show the weaknesses of the previous smart card-based authentication and key agreement scheme, where the weakness is the impersonation attack. We then propose our novel scheme to overcome the above weakness, to satisfy more merits and to enhance the efficiency.
(5) In P2P networks, we propose two novel authentication and key agreement schemes. Comparing with the previous schemes, our schemes can provide more merits and the efficiency with user privacy.
Finally, we use the random oracle model to enhance the reliability and precision of security analysis. By the proof of the model and the BAN logic analysis, the claimed security requirements in the proposed schemes are satisfied actually.
Subjects
Authentication
key agreement
privacy
elliptic curve cryptography
smart card
one-way hash function
password
random oracle model
belief logic.
Type
thesis
File(s)![Thumbnail Image]()
Loading...
Name
ntu-99-D95921018-1.pdf
Size
23.32 KB
Format
Adobe PDF
Checksum
(MD5):635580d769ee949dc469f5238f71af53