anonymous roaming authentication protocol with id based signatures
Download
Skip this Video
Download Presentation
Anonymous Roaming Authentication Protocol with ID-based Signatures

Loading in 2 Seconds...

play fullscreen
1 / 27

Anonymous Roaming Authentication Protocol with ID-based Signatures - PowerPoint PPT Presentation


  • 93 Views
  • Uploaded on

Anonymous Roaming Authentication Protocol with ID-based Signatures. Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin University of Science & Technology, Taiwan E-mail: [email protected] Outline. Introduction Roaming Authentication Protocol

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Anonymous Roaming Authentication Protocol with ID-based Signatures' - whitney-golden


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
anonymous roaming authentication protocol with id based signatures

Anonymous Roaming Authentication Protocol with ID-based Signatures

Lih-Chyau Wuu

Chi-Hsiang Hung

Department of Electronic Engineering

National Yunlin University of Science & Technology, Taiwan

E-mail: [email protected]

outline
Outline
  • Introduction
  • Roaming Authentication Protocol
  • Security Analysis
  • Performance Analysis
  • Conclusion
introduction
Introduction
  • The mobile communication environment
    • Access data at any place and at any time
    • Security issues
      • Data privacy
      • Data integrity
      • Mutual authentication
      • Anonymity
      • Non-repudiation
introduction1

MS

MS

Introduction
  • An authentication server exists in each network
  • Authenticate roaming users before providing any service

Foreign Network

Home Network

ASFN

AS: Authentication Server

ASHN

Roaming Service

Request

Accept/Reject

Roaming

MS: Mobile Station

introduction2
Introduction
  • Roaming Authentication Methods:
    • On-Line Authentication
    • Off-Line Authentication
    • The mixture of On-Line and Off-Line Authentication
on line authentication
On-Line Authentication
  • Authenticate the roaming user each time

Foreign Network

Home Network

ASFN

ASHN

Yes or No

Is the MS valid?

Accept/Reject

Roaming Service

Request

Roaming

MS

MS

off line authentication

MS

Off-Line Authentication
  • Authenticate the roaming user locally

Home Network

Foreign Network

ASFN

ASHN

pre-shared information

Roaming Service

Request

Accept/Reject

Roaming

MS

the mixture of on line and off line authentication

MS

The mixture of On-Line and Off-Line Authentication

On-line authentication when the roaming user requests service for the first time.

Off-line authentication for subsequent service requests

Home Network

Foreign Network

ASFN

ASHN

shared information

shared information

Yes or No

Is the MS valid?

Roaming Service

Request

Accept/Reject

Roaming

MS

the roaming authentication protocol
The roaming authentication protocol
  • Off-line roaming authentication
  • Security properties
    • Anonymity of MS
    • Mutual Authentication between MS and Foreign Network
    • Nonrepudiation of MS
  • Minimizing the number of exchanged messages
  • Minimizing the computation load at MS
  • Simple Key Management
the roaming authentication protocol1
The roaming authentication protocol
  • ID-based signature technique from Weil-pairing
    • No certificate is needed
    • Verify the signature by public information of the signer

(email address, identity, …)

  • Secret sharing technique from Lagrange Interpolating polynomial
lagrange interpolating polynomial secret sharing
Lagrange interpolating polynomial - secret sharing

ID1

x1=ID1 and y1= f (ID1)

y1= f (ID1)

y2= f (ID2)

ID2

x2=ID2 and y2= f (ID2)

yn= f (IDn)

IDn

xn=IDn and yn= f (IDn)

lagrange interpolating polynomial secret sharing1
Lagrange interpolating polynomial - secret sharing

x1=ID1 and y1= f (ID1)

ID1

ID2

secret

x2=ID2 and y2= f (ID2)

xt=IDt and yt= f (IDt)

IDt

the roaming authentication protocol2

ASFN

ASHN

Sigcharge2

RSFN

Accept/Reject

RSMSn

RSMS2

RSMS1

MSn

MS 1

MS 2

K

K

The Roaming Authentication Protocol

Foreign Network

Home Network

+

Roaming Information

system initialization as hn
System Initialization-ASHN
  • System Initialization
    • ASHN generates
      • System public parameters {e, G1, G2, P, H1, H2, H3}
      • System private key s
      • System public keyPpub = sP
    • ASHN selects a RSFN RZq, and sends the RSFN to ASFN by secure channel.
system initialization as hn1

PKMS =H1(TID MS|| IDHN || DateMS), SKMS= s PKMS

DateMS : the expiration date of the public/secret key pair

System Initialization-ASHN
  • When MS registers at ASHN, the MS will get {IDMS, TIDMS, SKMS, RSMS, Kcomm}

Where

mutual authentication

ASFN

MS

{TIDMS, IDHN, DateMS, PKMS, request, T, RSMS, CMS, Sigcharge}

{EK[ServiceData, T]} or reject

Mutual Authentication
  • MS roams to the Foreign Network (ASFN):

Foreign Network

Compute the Sigcharge

Verify the Sigcharge

Compute the session keyK

Compute the

session key K

mutual authentication ms
Mutual Authentication-MS
  • MS executes the following steps:

Step A1: MS computes the Sigcharge ={Rcharge, Scharge}

Step A2: MS sends the authentication request to ASFN

mutual authentication as fn
Mutual Authentication-ASFN
  • When ASFN receives the request from MS, ASFN will execute the following steps:

Step B1: verify the public key PKMS

Step B2: check the DateMS

thencheck

mutual authentication as fn1
Mutual Authentication-ASFN

Step B3: verify the correctness of Sigcharge

Step B4: compute the rMS and the session key K

Step B5: send to MS

mutual authentication ms1
Mutual Authentication-MS
  • When MS receives the message from ASFN,
    • MS computes the session key K’

K’ = Kcomm⊕ CMS

    • MS decrypts the by using K’

 MS gets the ServiceData and T’

    • MS checks T’ = T

?

security analysis
Security Analysis
  • Anonymity of Roaming User

 TIDMS

  • Mutual Authentication between MS and ASFN

ASFNMS: Sigcharge

MSASFN: Session key K

  • Nonrepudiation of Roaming User

 Sigcharge

security analysis1
Security Analysis
  • Prevention of Attacks
    • Replay Attack

 timestamp: T

    • Impersonating Attack

MS  Attacker cannot get the SKMS  cannot compute the Sigcharge

ASFN  Attacker cannot get the RSFN  cannot compute the K

    • Dishonest ASFN

 The ASFN cannot compute the Sigcharge

    • Disclosure of session key

Attacker cannot get the Roaming Share RSFN of ASFN

 cannot compute the K

performance analysis
Performance analysis

[ 7] M. Rahnema, “Overview of the GSM system and protocol architecture,” IEEE

Commun. Mag., pp. 92–100, Apr. 1993.

[12] J. Zhu, J. Ma, “A new authentication scheme with anonymity for wireless

environments,” IEEE Trans. Consumer Electronics, Vol.50, No. 1, pp. 231 – 235,

Feb 2004.

[ 6] M. Long, C.-H. Wu, J.D. Irwin, “Localized authentication for inter-network

roaming across wireless LANs,” IEE Proc. Communications, Vol.151, No5, Oct.

2004.

[ 5] W.-B. Lee, C.-K. Yeh, “A New Delegation-Based Authentication Protocol for

Use in Portable Communication System”, IEEE Trans. Wireless Communication,

Vol.4, No.1, pp. 57-64, Jan. 2005.

performance analysis1
Performance Analysis
  • The Number of Exchanged Messages
performance analysis2
Performance Analysis
  • Comparison of Computation Load at MS
performance analysis3
Performance Analysis
  • Storage Overhead
    • Each MS: {IDMS, TIDMS, SKMS, RSMS, Kcomm}
    • ASFN : RSFN
conclusion
Conclusion
  • The proposed off-line anonymous roaming authentication
    • Number of exchanged messages: 2
    • Security Issues

Anonymity, Mutual authentication, Non-repudiation, data privacy and data integrity

    • Low computation load at MS
    • Simple key management
ad