下载此文档

电子商务与数位生活研讨会.ppt


文档分类:研究报告 | 页数:约17页 举报非法文档有奖
1/ 17
下载提示
  • 1.该资料是网友上传的,本站提供全文预览,预览什么样,下载就什么样。
  • 2.下载该文档所得收入归上传者、原创者。
  • 3.下载的文档,不会出现我们的网址水印。
1/ 17 下载此文档
文档列表 文档介绍
Further Security Enhancement for Optimal Strong-Password Authentication Protocol
Tzung-Her Chen, Gwoboa Horng,
Wei-Bin Lee ,Kuang-Long Lin

3/27/2004
電子商務與數位生活研討會
1
Outline
Introduction
Review of Ku-Chen scheme
The problem of Ku-Chen scheme
The proposed scheme
Security Analysis
Conclusions
電子商務與數位生活研討會
2
Introduction
In 2000, Sandirigama et al. proposed SAS scheme lowered storage, processing, and transmission overheads.
In 2001, Lin, Sun, and Hwang proposed an enhanced password authentication scheme, called the OSPA.
電子商務與數位生活研討會
3
Introduction
In 2002,OSPA protocol has been shown vulnerable to the stolen-verifier attack and the impersonation attack.
In 2003, Ku and Chen proposed a new improved version for the OSPA protocol
In this paper, an improved scheme with mutual authentication is proposed.
電子商務與數位生活研討會
4
Review of Ku-Chen scheme
Notation:
h(.) : collision-resistant hash function
T : login times
k : long-term secret key
: exclusive-or operation
電子商務與數位生活研討會
5
Review of Ku-Chen scheme
Registration phase

Authentication phase
電子商務與數位生活研討會
6
ID, h2(PW 1)
Chooses his identity ID and password PW putes h2(PW 1)
Calculates verifier v1=h2(PW 1)h(ID k)
Store {ID, v1,T=1} into the verification table
電子商務與數位生活研討會
7
ID, service request
T=i
c1=h(PW i)h2(PW i)
c2=h2(PW (i +1))h(PW i)
c3=h(h3(PW (i +1))T)
Find i from verification table by the ID
電子商務與數位生活研討會
8
Check c1, c2
c1,c2,c3
Get h2(PW i)
by vi h(ID k)
y1=c1h2(PW i)=h(PW i)
y2=c2y1=h2(PW (i +1))
Check if
h(y1)=h2(PW  i)
h(h(y2) T)=c3
vi+1=h2(PW (i +1))h(IDk) Store ID ,T=i+1, and vi+1
電子商務與數位生活研討會
9
The problem of Ku-Chen scheme
The user is authenticated by the remote server.
But, remote server is not authenticated by the user (Server impersonation attack ).
電子商務與數位生活研討會
10

电子商务与数位生活研讨会 来自淘豆网www.taodocs.com转载请标明出处.

非法内容举报中心
文档信息
  • 页数 17
  • 收藏数 0 收藏
  • 顶次数 0
  • 上传人 管理资源吧
  • 文件大小 0 KB
  • 时间2011-07-24
最近更新