Anonymous roaming authentication protocol with id based signatures
This presentation is the property of its rightful owner.
Sponsored Links
1 / 27

Anonymous Roaming Authentication Protocol with ID-based Signatures PowerPoint PPT Presentation


  • 62 Views
  • Uploaded on
  • Presentation posted in: General

Anonymous Roaming Authentication Protocol with ID-based Signatures. Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin University of Science & Technology, Taiwan E-mail: [email protected] Outline. Introduction Roaming Authentication Protocol

Download Presentation

Anonymous Roaming Authentication Protocol with ID-based Signatures

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Anonymous roaming authentication protocol with id based signatures

Anonymous Roaming Authentication Protocol with ID-based Signatures

Lih-Chyau Wuu

Chi-Hsiang Hung

Department of Electronic Engineering

National Yunlin University of Science & Technology, Taiwan

E-mail: [email protected]


Outline

Outline

  • Introduction

  • Roaming Authentication Protocol

  • Security Analysis

  • Performance Analysis

  • Conclusion


Introduction

Introduction

  • The mobile communication environment

    • Access data at any place and at any time

    • Security issues

      • Data privacy

      • Data integrity

      • Mutual authentication

      • Anonymity

      • Non-repudiation


Introduction1

MS

MS

Introduction

  • An authentication server exists in each network

  • Authenticate roaming users before providing any service

Foreign Network

Home Network

ASFN

AS: Authentication Server

ASHN

Roaming Service

Request

Accept/Reject

Roaming

MS: Mobile Station


Introduction2

Introduction

  • Roaming Authentication Methods:

    • On-Line Authentication

    • Off-Line Authentication

    • The mixture of On-Line and Off-Line Authentication


On line authentication

On-Line Authentication

  • Authenticate the roaming user each time

Foreign Network

Home Network

ASFN

ASHN

Yes or No

Is the MS valid?

Accept/Reject

Roaming Service

Request

Roaming

MS

MS


Off line authentication

MS

Off-Line Authentication

  • Authenticate the roaming user locally

Home Network

Foreign Network

ASFN

ASHN

pre-shared information

Roaming Service

Request

Accept/Reject

Roaming

MS


The mixture of on line and off line authentication

MS

The mixture of On-Line and Off-Line Authentication

On-line authentication when the roaming user requests service for the first time.

Off-line authentication for subsequent service requests

Home Network

Foreign Network

ASFN

ASHN

shared information

shared information

Yes or No

Is the MS valid?

Roaming Service

Request

Accept/Reject

Roaming

MS


The roaming authentication protocol

The roaming authentication protocol

  • Off-line roaming authentication

  • Security properties

    • Anonymity of MS

    • Mutual Authentication between MS and Foreign Network

    • Nonrepudiation of MS

  • Minimizing the number of exchanged messages

  • Minimizing the computation load at MS

  • Simple Key Management


The roaming authentication protocol1

The roaming authentication protocol

  • ID-based signature technique from Weil-pairing

    • No certificate is needed

    • Verify the signature by public information of the signer

      (email address, identity, …)

  • Secret sharing technique from Lagrange Interpolating polynomial


Lagrange interpolating polynomial secret sharing

Lagrange interpolating polynomial - secret sharing

ID1

x1=ID1 and y1= f (ID1)

y1= f (ID1)

y2= f (ID2)

ID2

x2=ID2 and y2= f (ID2)

yn= f (IDn)

IDn

xn=IDn and yn= f (IDn)


Lagrange interpolating polynomial secret sharing1

Lagrange interpolating polynomial - secret sharing

x1=ID1 and y1= f (ID1)

ID1

ID2

secret

x2=ID2 and y2= f (ID2)

xt=IDt and yt= f (IDt)

IDt


The roaming authentication protocol2

ASFN

ASHN

Sigcharge2

RSFN

Accept/Reject

RSMSn

RSMS2

RSMS1

MSn

MS 1

MS 2

K

K

The Roaming Authentication Protocol

Foreign Network

Home Network

+

Roaming Information


System initialization as hn

System Initialization-ASHN

  • System Initialization

    • ASHN generates

      • System public parameters {e, G1, G2, P, H1, H2, H3}

      • System private key s

      • System public keyPpub = sP

    • ASHN selects a RSFN RZq, and sends the RSFN to ASFN by secure channel.


System initialization as hn1

PKMS =H1(TID MS|| IDHN || DateMS), SKMS= s PKMS

DateMS : the expiration date of the public/secret key pair

System Initialization-ASHN

  • When MS registers at ASHN, the MS will get {IDMS, TIDMS, SKMS, RSMS, Kcomm}

    Where


Mutual authentication

ASFN

MS

{TIDMS, IDHN, DateMS, PKMS, request, T, RSMS, CMS, Sigcharge}

{EK[ServiceData, T]} or reject

Mutual Authentication

  • MS roams to the Foreign Network (ASFN):

Foreign Network

Compute the Sigcharge

Verify the Sigcharge

Compute the session keyK

Compute the

session key K


Mutual authentication ms

Mutual Authentication-MS

  • MS executes the following steps:

    Step A1: MS computes the Sigcharge ={Rcharge, Scharge}

    Step A2: MS sends the authentication request to ASFN


Mutual authentication as fn

Mutual Authentication-ASFN

  • When ASFN receives the request from MS, ASFN will execute the following steps:

    Step B1: verify the public key PKMS

    Step B2: check the DateMS

    thencheck


Mutual authentication as fn1

Mutual Authentication-ASFN

Step B3: verify the correctness of Sigcharge

Step B4: compute the rMS and the session key K

Step B5: send to MS


Mutual authentication ms1

Mutual Authentication-MS

  • When MS receives the message from ASFN,

    • MS computes the session key K’

      K’ = Kcomm⊕ CMS

    • MS decrypts the by using K’

       MS gets the ServiceData and T’

    • MS checks T’ = T

?


Security analysis

Security Analysis

  • Anonymity of Roaming User

     TIDMS

  • Mutual Authentication between MS and ASFN

    ASFNMS: Sigcharge

    MSASFN: Session key K

  • Nonrepudiation of Roaming User

     Sigcharge


Security analysis1

Security Analysis

  • Prevention of Attacks

    • Replay Attack

       timestamp: T

    • Impersonating Attack

      MS  Attacker cannot get the SKMS  cannot compute the Sigcharge

      ASFN  Attacker cannot get the RSFN  cannot compute the K

    • Dishonest ASFN

       The ASFN cannot compute the Sigcharge

    • Disclosure of session key

      Attacker cannot get the Roaming Share RSFN of ASFN

       cannot compute the K


Performance analysis

Performance analysis

[ 7] M. Rahnema, “Overview of the GSM system and protocol architecture,” IEEE

Commun. Mag., pp. 92–100, Apr. 1993.

[12] J. Zhu, J. Ma, “A new authentication scheme with anonymity for wireless

environments,” IEEE Trans. Consumer Electronics, Vol.50, No. 1, pp. 231 – 235,

Feb 2004.

[ 6] M. Long, C.-H. Wu, J.D. Irwin, “Localized authentication for inter-network

roaming across wireless LANs,” IEE Proc. Communications, Vol.151, No5, Oct.

2004.

[ 5] W.-B. Lee, C.-K. Yeh, “A New Delegation-Based Authentication Protocol for

Use in Portable Communication System”, IEEE Trans. Wireless Communication,

Vol.4, No.1, pp. 57-64, Jan. 2005.


Performance analysis1

Performance Analysis

  • The Number of Exchanged Messages


Performance analysis2

Performance Analysis

  • Comparison of Computation Load at MS


Performance analysis3

Performance Analysis

  • Storage Overhead

    • Each MS: {IDMS, TIDMS, SKMS, RSMS, Kcomm}

    • ASFN : RSFN


Conclusion

Conclusion

  • The proposed off-line anonymous roaming authentication

    • Number of exchanged messages: 2

    • Security Issues

      Anonymity, Mutual authentication, Non-repudiation, data privacy and data integrity

    • Low computation load at MS

    • Simple key management


  • Login