90321011 孫國偉

Efficient Password authenticatedkey agreement using smart cards

Author : Wen-Shenq Juang*

Date : 2003.11.26 in Computers & Security

Introduction:

What is the smart cardWhat does it must to have meritsReview Chien et al.s(2002)Our protocol Security analysis

What is smart card

Main merits:

No verification table:

User Server

ID1 PW1ID2 PW2ID3 PW3

.

.

.

Main merits:

Freely chosen password:

Users can feely choose Their own passwords

Main merits:

Lower communication and computation cost:

They may not provide a powerful computation capability and high bandwidth

Main merits:

Mutual authentication:

Users and servers can authenticate each other

Review Chien et al.s(2002)

The registration phase

The login phase

The verification phase

The registration phase

Server UserSmartCard

R V PW

ID = identityPW= passwordx = server’s secret key

ID

( )V h ID x

The login phase

SmartCard

CardReader

Server1 ( )C h C T

'&ID T

T = current timestamp'C R PW

( )iR h ID x PW 'PW user input

'ID user input

The verification phase

Server User

Reject

MaxTT MaxTT

2 ( )C h C T 1 ( )C h V T

2 ( )C h V T

( ' )V h ID x

'C R PW

1 ( )C h C T

'PW user input

T

The drawbacks

Time-synchronization problem

user’s time and server’s time must differ only in small

rangeNo provide key agreement

Our protocol

Registration phase

Login and session key agreement

phase

The registration phase

Server UserSmartCard

w v PW

ID = identityPW= password

ID

)( ,v h ID xx = server’s secret key

Login and session key agreement phase

User Server

11 ', (' , )), ( 'v rN u h ID NEID ' 'v w PW ( )v h ID x

1 21( , , )vE r N Ns 11' ( )( ) ?'hh IDI ND N

11 ?1 1NN ( , , )k h ru rs v

2( )1kE N 22 ?1 1NN

Security analysis

1.w v PW

)2. ( ,v h ID x

1 2

2

3. : ( , 1, )

: ( 1)

v

k

S U E rs N N

U S E N

4. ( , , )k h ru rs v mod mod

( , ) ( , )

x y

y x

rs g q ru g q

k h rs v h ru v

Mutual

authentication