多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service...
-
Upload
moses-flowers -
Category
Documents
-
view
217 -
download
0
Transcript of 多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service...
多媒體網路安全實驗室
Improved Secure Anonymous Authentication Scheme for Roaming Service in Global
Mobility Networks
Improved Secure Anonymous Authentication Scheme for Roaming Service in Global
Mobility Networks
Date: 2012.10.24
Reporter : Hong Ji Wei
Authors : Jun-Sub Kim and Jin Kwak
From : International Journal of Security and Its Applications
Vol. 6, No. 3, July, 2012
多媒體網路安全實驗室
OUTLINE
INTRODUCTION1
REVIEW OF MUN’S SCHEME2
WEAKNESS OF MUN’S SCHEME33
IMPROVED SCHEME44
35
2
SECURITY ANALYSIS
CONCLUSION46
多媒體網路安全實驗室
INTRODUCTION
3
Lee, Hwang and Liao pointed out some security weaknes- ses in Zhu-Ma’s scheme and presented an improved scheme in 2006.
Wu, Lee and Tsaur pointed out that Lee et al.'s scheme doesn’t achieve all security properties in 2008.
Mun et al. pointed out some security weaknesses in Wu et al.'s scheme and proposed the new improved scheme in 2012.
Kim et al. pointed out that Mun et al.'s scheme exist security problems of replay attack and man-in-the-middle attack. So they proposed the new improved scheme in 2012.
多媒體網路安全實驗室
Registration
MU HA
Secure Channel
Secure Channel1.
2. ( )
3. ( )
HA
MU MU HA
MU MU MU HA
Generate N
PW h N N
r h PW ID ID
REVIEW OF MUN’S SCHEME
,MU MUN ID
, , , , (.)MU HA HA MUr ID N PW h
多媒體網路安全實驗室
5
Authentication and establishment of session keyMU FA HA
1. , ,HA HA MUID N r
3. , ,FA FA MUID N r
2.
,FA
HA HA MU
Generate N
Store ID N and r
4. ' ( )
( )
( )
MU MU MU MU HA
HA MU FA
HA FA FA MU HA
Compute r with r h PW ID ID
Compute P h PW N
Compute S h ID N r P
5. ,HA HAS P7. , , ( )FA FA HA FA FAS aP P S ID N
9. , MFbP S
.
)
' )
(
'
6 ( FA FA MU HA
HA
FA HA FA
A
H
H
HA
A
Compute h ID N r P
Compare S with
Compute S h S N N and
S
aP
S
8. ( ) ( )
' ( )
, ( ), ( )
'
'
MF
FA FA MU MU FA
FA FA FA H
H
A
MF MF K
A
A
H
F
A
Compute h ID N r h PW N
Compare S with S h N N
Compute bP K
S
h abP S b
S
f N P
10. ( )
' ( )MF
MF
MF MF K FA
Compute K h abP
Compare S with S f N bP
REVIEW OF MUN’S SCHEME
多媒體網路安全實驗室
6
Update session keyMU FA
1. ,ib P
3. ,ii MFa P S
1 1
4. ( )
' ( )i
i MF ii
MF i i
MF K i i i i MF
Compute K h a b P
Compare S f a b P a b P with S
1. i
i
Select b
Compute b P
1 1
2.
, ( )
( )i
i MFi
i
i MF i i
MF K i i i i
Select a
Compute a P K h a b P
Compare S f a b P a b P
REVIEW OF MUN’S SCHEME
多媒體網路安全實驗室
7
Replay attackMU FA HA
1. , ,HA HA MUID N r
3. , ,FA FA MUID N r
2.
,FA
HA HA MU
Generate N
Store ID N and r
4. ' ( )
( )
( )
MU MU MU MU HA
HA MU FA
HA FA FA MU HA
Compute r with r h PW ID ID
Compute P h PW N
Compute S h ID N r P
5. ,HA HAS P7. , , ( )FA FA HA FA FAS aP P S ID N
9. , MFbP S
.
)
' )
(
'
6 ( FA FA MU HA
HA
FA HA FA
A
H
H
HA
A
Compute h ID N r P
Compare S with
Compute S h S N N and
S
aP
S
8. ( ) ( )
' ( )
, ( ), ( )
'
'
MF
FA FA MU MU FA
FA FA FA H
H
A
MF MF K
A
A
H
F
A
Compute h ID N r h PW N
Compare S with S h N N
Compute bP K
S
h abP S b
S
f N P
10. ( )
' ( )MF
MF
MF MF K FA
Compute K h abP
Compare S with S f N bP
WEAKNESS OF MUN’S SCHEME
多媒體網路安全實驗室
88
Man-in-the-middle attackMU FA HA
1. , ,HA HA MUID N r
3. , ,FA FA MUID N r
2.
,FA
HA HA MU
Generate N
Store ID N and r
4. ' ( )
( )
( )
MU MU MU MU HA
HA MU FA
HA FA FA MU HA
Compute r with r h PW ID ID
Compute P h PW N
Compute S h ID N r P
5. ,HA HAS P7. , , ( )FA FA HA FA FAS aP P S ID N
9. , MFbP S
.
)
' )
(
'
6 ( FA FA MU HA
HA
FA HA FA
A
H
H
HA
A
Compute h ID N r P
Compare S with
Compute S h S N N and
S
aP
S
8. ( ) ( )
' ( )
, ( ), ( )
'
'
MF
FA FA MU MU FA
FA FA FA H
H
A
MF MF K
A
A
H
F
A
Compute h ID N r h PW N
Compare S with S h N N
Compute bP K
S
h abP S b
S
f N P
10. ( )
' ( )MF
MF
MF MF K FA
Compute K h abP
Compare S with S f N bP
WEAKNESS OF MUN’S SCHEME
SFA ,a’P ,PFA=(SHA||IDFA||NFA)
SMF’ ,b’P
多媒體網路安全實驗室
9
Registration
MU HA
IMPROVED SCHEME
)||(
)||(
.1
NPhCompute
PIDhCompute
NGenerate
MU
)||(),||(,.2 NPhPIDhID MUMU
))||(||)||((
)||()||(
)()(
)||(),||(
)||( .3
NPhIDxhhVCompute
NPhIDxhKCompute
yhxhBCompute
NPhPIDhStore
PIDhCheck
MU
MU
MU
MU
(.)},,,,,,{.3 hyVKBIDIDcardSmart HAMU
Secure Channel
(.)},,,,,,,{
.4
hyNVKBIDIDcardSmart
cardsmartinNStore
HAMU
多媒體網路安全實驗室
1010
Authentication and establishment of session keyMU FA HA
))||(||)'||((
)'||(
)||(
)||()(
)||()||(
)()(
'
?.1
5
4
3
2
1
NPhNPhhc
NPhKc
VIDxhc
PIDhxhc
IDxhNPhKc
yhBxhCompute
NGenerate
IDIDCheck
MU
MU
MU
MUMU
5,4,3,2,.2 ccccIDHA
5,4,3,2,.4 ccccIDFA
HAIDStore.3
)||(
))||(||)'||(||(
))||(||)'||(||(
?'
))||(||)'||(('
)'||(
)||()||(K
)||(
))||(||)||(('
)||()*,||(
)(2)*||(.5
78
7
6
55
5
4
3
caPEc
NPhNPhIDhc
NPhNPhKhc
aPCompute
aSelect
ccCheck
NPhNPhhc
KcNPh
NPhIDxh
VcIDxh
NPhPIDhhVCompute
NPhPIDhExtract
xhcPIDhCompute
V
FA
MU
MU
MU
MU
MU
aPccIDID FAHA ,8,6,,.6
aPStore
IDIDCheck FAHA
,.7aPccIDID FAHA ,8,6,,.8
)||(
)(
?'
))||(||)'||(||('
))||((
?'
))||(||)'||(||('
.9
MF
MF
77
7
7
66
6
bPIDfS
abPhK
bPCompute
bSelect
ccCheck
NPhNPhIDhc
caPEDCompute
ccCheck
NPhNPhKhcCompute
IDCheck
FAK
FA
VV
HA
MF
MFSbP,.10?'
)||('
)( .11
MFMF
MF
MF
SSCheck
bPIDfS
abPhKCompute
FAKMF
IMPROVED SCHEME
多媒體網路安全實驗室
1111
Update session keyMU FA
1. ,ib P
3. ,ii MFa P S
1 1
4. ( )
' ( )i
i MF ii
MF i i
MF K i i i i MF
Compute K h a b P
Compare S f a b P a b P with S
1. i
i
Select b
Compute b P
1 1
2.
, ( )
( )i
i MFi
i
i MF i i
MF K i i i i
Select a
Compute a P K h a b P
Compare S f a b P a b P
IMPROVED SCHEME
多媒體網路安全實驗室
SECURITY ANALYSIS
Anonymity
1212
MU FA HA
))||(||)'||((
)'||(
)||(
)||()(
)||()||(
)()(
'
?.1
5
4
3
2
1
NPhNPhhc
NPhKc
VIDxhc
PIDhxhc
IDxhNPhKc
yhBxhCompute
NGenerate
IDIDCheck
MU
MU
MU
MUMU
5,4,3,2,.2 ccccIDHA
5,4,3,2,.4 ccccIDFA
HAIDStore.3
)||(
))||(||)'||(||(
))||(||)'||(||(
?'
))||(||)'||(('
)'||(
)||()||(K
)||(
))||(||)||(('
)||()*,||(
)(2)*||(.5
78
7
6
55
5
4
3
caPEc
NPhNPhIDhc
NPhNPhKhc
aPCompute
aSelect
ccCheck
NPhNPhhc
KcNPh
NPhIDxh
VcIDxh
NPhPIDhhVCompute
NPhPIDhExtract
xhcPIDhCompute
V
FA
MU
MU
MU
MU
MU
aPccIDID FAHA ,8,6,,.6
aPStore
IDIDCheck FAHA
,.7aPccIDID FAHA ,8,6,,.8
)||(
)(
?'
))||(||)'||(||('
))||((
?'
))||(||)'||(||('
.9
MF
MF
77
7
7
66
6
bPIDfS
abPhK
bPCompute
bSelect
ccCheck
NPhNPhIDhc
caPEDCompute
ccCheck
NPhNPhKhcCompute
IDCheck
FAK
FA
VV
HA
MF
MFSbP,.10?'
)||('
)( .11
MFMF
MF
MF
SSCheck
bPIDfS
abPhKCompute
FAKMF
多媒體網路安全實驗室
13
Provide perfect forward secrecy
SECURITY ANALYSIS
MU FA1. ib P
3. ,ii MFa P S
1 1
4. ( )
' ( )i
i MF ii
MF i i
MF K i i i i MF
Compute K h a b P
Compare S f a b P a b P with S
1. i
i
Select b
Compute b P
1 1
2.
, ( )
( )i
i MFi
i
i MF i i
MF K i i i i
Select a
Compute a P K h a b P
Compare S f a b P a b P
多媒體網路安全實驗室
Prevent replay attack
14
SECURITY ANALYSIS
MU FA HA
))||(||)'||((
)'||(
)||(
)||()(
)||()||(
)()(
'
?.1
5
4
3
2
1
NPhNPhhc
NPhKc
VIDxhc
PIDhxhc
IDxhNPhKc
yhBxhCompute
NGenerate
IDIDCheck
MU
MU
MU
MUMU
5,4,3,2,.2 ccccIDHA
5,4,3,2,.4 ccccIDFA
HAIDStore.3
)||(
))||(||)'||(||(
))||(||)'||(||(
?'
))||(||)'||(('
)'||(
)||()||(K
)||(
))||(||)||(('
)||()*,||(
)(2)*||(.5
78
7
6
55
5
4
3
caPEc
NPhNPhIDhc
NPhNPhKhc
aPCompute
aSelect
ccCheck
NPhNPhhc
KcNPh
NPhIDxh
VcIDxh
NPhPIDhhVCompute
NPhPIDhExtract
xhcPIDhCompute
V
FA
MU
MU
MU
MU
MU
aPccIDID FAHA ,8,6,,.6
aPStore
IDIDCheck FAHA
,.7aPccIDID FAHA ,8,6,,.8
)||(
)(
?'
))||(||)'||(||('
))||((
?'
))||(||)'||(||('
.9
MF
MF
77
7
7
66
6
bPIDfS
abPhK
bPCompute
bSelect
ccCheck
NPhNPhIDhc
caPEDCompute
ccCheck
NPhNPhKhcCompute
IDCheck
FAK
FA
VV
HA
MF
MFSbP,.10?'
)||('
)( .11
MFMF
MF
MF
SSCheck
bPIDfS
abPhKCompute
FAKMF
多媒體網路安全實驗室
Provide mutual authentication between MU and HA
SECURITY ANALYSIS
15
MU FA HA
))||(||)'||((
)'||(
)||(
)||()(
)||()||(
)()(
'
?.1
5
4
3
2
1
NPhNPhhc
NPhKc
VIDxhc
PIDhxhc
IDxhNPhKc
yhBxhCompute
NGenerate
IDIDCheck
MU
MU
MU
MUMU
5,4,3,2,.2 ccccIDHA
5,4,3,2,.4 ccccIDFA
HAIDStore.3
)||(
))||(||)'||(||(
))||(||)'||(||(
?'
))||(||)'||(('
)'||(
)||()||(K
)||(
))||(||)||(('
)||()*,||(
)(2)*||(.5
78
7
6
55
5
4
3
caPEc
NPhNPhIDhc
NPhNPhKhc
aPCompute
aSelect
ccCheck
NPhNPhhc
KcNPh
NPhIDxh
VcIDxh
NPhPIDhhVCompute
NPhPIDhExtract
xhcPIDhCompute
V
FA
MU
MU
MU
MU
MU
aPccIDID FAHA ,8,6,,.6
aPStore
IDIDCheck FAHA
,.7aPccIDID FAHA ,8,6,,.8
)||(
)(
?'
))||(||)'||(||('
))||((
?'
))||(||)'||(||('
.9
MF
MF
77
7
7
66
6
bPIDfS
abPhK
bPCompute
bSelect
ccCheck
NPhNPhIDhc
caPEDCompute
ccCheck
NPhNPhKhcCompute
IDCheck
FAK
FA
VV
HA
MF
MFSbP,.10?'
)||('
)( .11
MFMF
MF
MF
SSCheck
bPIDfS
abPhKCompute
FAKMF
多媒體網路安全實驗室
Provide mutual authentication between MU and FA
SECURITY ANALYSIS
16
MU FA HA
))||(||)'||((
)'||(
)||(
)||()(
)||()||(
)()(
'
?.1
5
4
3
2
1
NPhNPhhc
NPhKc
VIDxhc
PIDhxhc
IDxhNPhKc
yhBxhCompute
NGenerate
IDIDCheck
MU
MU
MU
MUMU
5,4,3,2,.2 ccccIDHA
5,4,3,2,.4 ccccIDFA
HAIDStore.3
)||(
))||(||)'||(||(
))||(||)'||(||(
?'
))||(||)'||(('
)'||(
)||()||(K
)||(
))||(||)||(('
)||()*,||(
)(2)*||(.5
78
7
6
55
5
4
3
caPEc
NPhNPhIDhc
NPhNPhKhc
aPCompute
aSelect
ccCheck
NPhNPhhc
KcNPh
NPhIDxh
VcIDxh
NPhPIDhhVCompute
NPhPIDhExtract
xhcPIDhCompute
V
FA
MU
MU
MU
MU
MU
aPccIDID FAHA ,8,6,,.6
aPStore
IDIDCheck FAHA
,.7aPccIDID FAHA ,8,6,,.8
)||(
)(
?'
))||(||)'||(||('
))||((
?'
))||(||)'||(||('
.9
MF
MF
77
7
7
66
6
bPIDfS
abPhK
bPCompute
bSelect
ccCheck
NPhNPhIDhc
caPEDCompute
ccCheck
NPhNPhKhcCompute
IDCheck
FAK
FA
VV
HA
MF
MFSbP,.10?'
)||('
)( .11
MFMF
MF
MF
SSCheck
bPIDfS
abPhKCompute
FAKMF
多媒體網路安全實驗室
17
Prevent man-in-the-middle attack
SECURITY ANALYSIS
MU FA HA
))||(||)'||((
)'||(
)||(
)||()(
)||()||(
)()(
'
?.1
5
4
3
2
1
NPhNPhhc
NPhKc
VIDxhc
PIDhxhc
IDxhNPhKc
yhBxhCompute
NGenerate
IDIDCheck
MU
MU
MU
MUMU
5,4,3,2,.2 ccccIDHA
5,4,3,2,.4 ccccIDFA
HAIDStore.3
)||(
))||(||)'||(||(
))||(||)'||(||(
?'
))||(||)'||(('
)'||(
)||()||(K
)||(
))||(||)||(('
)||()*,||(
)(2)*||(.5
78
7
6
55
5
4
3
caPEc
NPhNPhIDhc
NPhNPhKhc
aPCompute
aSelect
ccCheck
NPhNPhhc
KcNPh
NPhIDxh
VcIDxh
NPhPIDhhVCompute
NPhPIDhExtract
xhcPIDhCompute
V
FA
MU
MU
MU
MU
MU
aPccIDID FAHA ,8,6,,.6
aPStore
IDIDCheck FAHA
,.7aPccIDID FAHA ,8,6,,.8
)||(
)(
?'
))||(||)'||(||('
))||((
?'
))||(||)'||(||('
.9
MF
MF
77
7
7
66
6
bPIDfS
abPhK
bPCompute
bSelect
ccCheck
NPhNPhIDhc
caPEDCompute
ccCheck
NPhNPhKhcCompute
IDCheck
FAK
FA
VV
HA
MF
MFSbP,.10?'
)||('
)( .11
MFMF
MF
MF
SSCheck
bPIDfS
abPhKCompute
FAKMF
多媒體網路安全實驗室
CONCLUSION
In this paper, we discussed the security weaknesses in Mun et al.’s scheme, such as a vulnerability to replay attacks and man-in-the-middle attacks.
The scheme achieves many security problems
1.Anonymity
2.Provides perfect forward secrecy
3.Mutual authentication
4.Prevent replay attacks
5.Prevent Man-in-the-middle attacks.19
多媒體網路安全實驗室
21
Registration
MU HA
OUR IMPROVED SCHEME
)||(
)||(
.1
0
0
NPhCompute
PIDhCompute
NGenerate
MU
)||(),||(,.2 0NPhPIDhID MUMU
))||(||)||((
)||()||(
)()(
)||(),||(
)||( .3
0
0
0
NPhIDxhhVCompute
NPhIDxhKCompute
yhxhBCompute
NPhPIDhStore
PIDhCheck
MU
MU
MU
MU
(.)},,,,,,{.3 hyVKBIDIDcardSmart HAMU
(.)},,,,,,,{
.4
hyNVKBIDIDcardSmart
cardsmartinNStore
HAMU
Secure Channel
Secure Channel
多媒體網路安全實驗室
22
Authentication and establishment of session keyMU FA HA
)||()||(
))||(||)||((
)||(
)||(
)||()(
)||()||(
)()(
0 ,
?.1
1
15
14
3
2
01
1
ii
ii
i
MU
MU
MU
i
MUMU
NPhNPhStore
NPhNPhhc
NPhKc
VIDxhc
PIDhxhc
IDxhNPhKc
yhBxhCompute
niforNGenerate
IDIDCheck
、
5,4,3,2,.2 ccccIDHA
5,4,3,2,.4 ccccIDFA
HAIDStore.3
sethe databainNPhStore
caPEc
NPhNPhIDhc
NPhNPhKhc
aPCompute
aSelect
ccCheck
NPhNPhhc
KcNPh
NPhIDxh
VcIDxh
NPhPIDhhVCompute
NPhPIDhExtract
xhcPIDhCompute
i
V
iiFA
ii
ii
i
MU
MU
MU
MU
MU
)||(
)||(
))||(||)||(||(
))||(||)||(||(
?'
))||(||)||(('
)||(
)||()||(K
)||(
))||(||)||(('
)||()*,||(
)(2)*||(.5
1
78
17
16
55
15
41
0
3
0
0
aPccIDID FAHA ,8,6,,.6
aPStore
IDIDCheck FAHA
,.78,6,,.8 ccIDID FAHA
)||(
)(
?'
))||(||)||(|('
))||((
?'
))||(||)||(||('
.9
MF
MF
77
17
7
66
16
bPIDfS
abPhK
bPCompute
bSelect
ccCheck
NPhNPhIDhc
caPEDCompute
ccCheck
NPhNPhKhcCompute
IDCheck
FAK
iiFA
VV
ii
HA
MF
MFSbP,.10?'
)||('
)( .11
MFMF
MF
MF
SSCheck
bPIDfS
abPhKCompute
FAKMF
OUR IMPROVED SCHEME
多媒體網路安全實驗室
23
Update session keyMU FA
OUR IMPROVED SCHEME
P)(b. E2 iK1i-MF
)(
.1
111PbaKCompute
Pb Compute
Select b
iiMF
i
i
i-
)||(
)(,
))((
)( .3
11
11
11
1
PbaPbafSCompute
PbaKPa Compute
Select a
PbE Compute D
PbaK Compute
iiiiKMF
iiMFi
i
iK
iiMF
iMFi
i
i-MFKi-MF
i-
),(.41 ii-MF MFiK SPaE
ii
iMFi
i
ii-MFKi-MF
i-
MFMF
iiiiKMF
iiMF
MFiK
iiMF
SSompare
PbaPbafSCompute
PbaKCompute
SPaE Compute D
PbaKCompute
with ' C
)||('
)(
)),((
)( .5
11
11
11
1