孫臏考 - cos.url.t · 《戰國策》與《孫臏兵法》等書中關於孫臏事蹟之記載加以重點整理並條列陳述 後,配合相關歷史記載釐清齊國在威王、宣王、湣王三王時期之主要戰役背景與
90321011 孫國偉
-
Upload
valentine-raymond -
Category
Documents
-
view
27 -
download
4
description
Transcript of 90321011 孫國偉
90321011 孫國偉
Efficient Password authenticatedkey agreement using smart cards
Author : Wen-Shenq Juang*
Date : 2003.11.26 in Computers & Security
Introduction:
What is the smart cardWhat does it must to have meritsReview Chien et al.s(2002)Our protocol Security analysis
What is smart card
Main merits:
No verification table:
User Server
ID1 PW1ID2 PW2ID3 PW3
.
.
.
Main merits:
Freely chosen password:
Users can feely choose Their own passwords
Main merits:
Lower communication and computation cost:
They may not provide a powerful computation capability and high bandwidth
Main merits:
Mutual authentication:
Users and servers can authenticate each other
Review Chien et al.s(2002)
The registration phase
The login phase
The verification phase
The registration phase
Server UserSmartCard
R V PW
ID = identityPW= passwordx = server’s secret key
ID
( )V h ID x
The login phase
SmartCard
CardReader
Server1 ( )C h C T
'&ID T
T = current timestamp'C R PW
( )iR h ID x PW 'PW user input
'ID user input
The verification phase
Server User
Reject
MaxTT MaxTT
2 ( )C h C T 1 ( )C h V T
2 ( )C h V T
( ' )V h ID x
'C R PW
1 ( )C h C T
'PW user input
T
The drawbacks
Time-synchronization problem
user’s time and server’s time must differ only in small
rangeNo provide key agreement
Our protocol
Registration phase
Login and session key agreement
phase
The registration phase
Server UserSmartCard
w v PW
ID = identityPW= password
ID
)( ,v h ID xx = server’s secret key
Login and session key agreement phase
User Server
11 ', (' , )), ( 'v rN u h ID NEID ' 'v w PW ( )v h ID x
1 21( , , )vE r N Ns 11' ( )( ) ?'hh IDI ND N
11 ?1 1NN ( , , )k h ru rs v
2( )1kE N 22 ?1 1NN
Security analysis
1.w v PW
)2. ( ,v h ID x
1 2
2
3. : ( , 1, )
: ( 1)
v
k
S U E rs N N
U S E N
4. ( , , )k h ru rs v mod mod
( , ) ( , )
x y
y x
rs g q ru g q
k h rs v h ru v
Mutual
authentication