《[精选]电子商务与数位生活研讨会-★【汉魅】》由会员分享,可在线阅读,更多相关《[精选]电子商务与数位生活研讨会-★【汉魅】(18页珍藏版)》请在金锄头文库上搜索。
1、Further Security Enhancement for Optimal Strong-Password Authentication Protocol,Tzung-Her Chen, Gwoboa Horng, Wei-Bin Lee ,Kuang-Long Lin 3/27/2004,電子商務與數位生活研討會,1,Outline,Introduction Review of Ku-Chen scheme The problem of Ku-Chen scheme The proposed scheme Security Analysis Conclusions,電子商務與數位生活研
2、討會,2,Introduction,In 2000, Sandirigama et al. proposed SAS scheme lowered storage, processing, and transmission overheads. In 2001, Lin, Sun, and Hwang proposed an enhanced password authentication scheme, called the OSPA.,電子商務與數位生活研討會,3,Introduction,In 2002,OSPA protocol has been shown vulnerable to
3、 the stolen-verifier attack and the impersonation attack. In 2003, Ku and Chen proposed a new improved version for the OSPA protocol In this paper, an improved scheme with mutual authentication is proposed.,電子商務與數位生活研討會,4,Review of Ku-Chen scheme,Notation: h(.) : collision-resistant hash function T
4、: login times k : long-term secret key : exclusive-or operation,電子商務與數位生活研討會,5,Review of Ku-Chen scheme,Registration phase Authentication phase,電子商務與數位生活研討會,6,ID, h2(PW 1),Chooses his identity ID and password PW and computes h2(PW 1),Calculates verifier v1=h2(PW 1)h(ID k),Store ID, v1,T=1 into the v
5、erification table,電子商務與數位生活研討會,7,ID, service request,T=i,c1=h(PW i)h2(PW i) c2=h2(PW (i +1)h(PW i) c3=h(h3(PW (i +1)T),Find i from verification table by the ID,電子商務與數位生活研討會,8,Check c1, c2,c1,c2,c3,Get h2(PW i) by vi h(ID k),y1=c1h2(PW i)=h(PW i) y2=c2y1=h2(PW (i +1),Check if h(y1)=h2(PW i) h(h(y2) T
6、)=c3,vi+1=h2(PW (i +1)h(IDk) Store ID ,T=i+1, and vi+1,電子商務與數位生活研討會,9,The problem of Ku-Chen scheme,The user is authenticated by the remote server. But, remote server is not authenticated by the user (Server impersonation attack ).,電子商務與數位生活研討會,10,The proposed scheme,Registration phase Authenticatio
7、n phase,電子商務與數位生活研討會,11,ID, h2(PW 1),Chooses his identity ID and password PW and computes h2(PW 1),Calculates verifier v1=h2(PW 1) h(ID k),Store ID, v1 into the verification table,電子商務與數位生活研討會,12,ID, r h2(PW i),h(r)h2(PW i),Check r c1=h(PW i)h2(PW i) c2=h2(PW (i +1) h(PW i) c3=h(h3(PW (i +1)T),choos
8、e r randomly and compute r h2(PW i),Get h2(PW i) by vi h(ID k),r =(r h2(PW i) h2(PW i),電子商務與數位生活研討會,13,Check c1, c2,c1,c2,c3,y1=c1h2(PW i)=h(PW i) y2=c2y1=h2(PW (i +1),Check if h(y1)=h2(PW i) h(h(y2)T)=c3,vi+1=h2(PW (i +1)h(IDk) Store ID and vi+1,電子商務與數位生活研討會,14,Security Analysis,Password guess atta
9、ck Impersonation attack Stolen-verifier attack Server impersonation attack,電子商務與數位生活研討會,15,Conclusions,We point out the possible server impersonation problem in the Ku-Chen scheme and propose an enhanced version. The proposed concept of security enhancement is also suitable for the other SAS-like schemes.,電子商務與數位生活研討會,16,THE END,電子商務與數位生活研討會,17,演讲完毕,谢谢观看!,