基于椭圆曲线的隐私增强认证密钥协商协议

认证密钥协商协议能够为不安全网络中的通信双方提供安全的会话密钥,但是,大多数的认证密钥协商协议并没有考虑保护用户隐私.论文关注网络服务中用户的隐私属性,特别是匿名性和可否认性,规范了增强用户隐私的认证密钥协商协议应满足的安全需求,即双向认证、密钥控制、密钥确认、会话密钥保密、已知会话密钥安全、会话密钥前向安全、用户身份匿名、用户身份前向匿名、不可关联和可否认,并基于椭圆曲线密码系统设计了一个满足安全需求的隐私增强认证密钥协商协议.     

异构无线网络可控匿名漫游认证协议

分析传统的匿名漫游认证协议,指出其存在匿名不可控和通信时延较大的不足,针对上述问题,本文提出异构无线网络可控匿名漫游认证协议,远程网络认证服务器基于1轮消息交互即可完成对移动终端的身份合法性验证;并且当移动终端发生恶意操作时,家乡网络认证服务器可协助远程网络认证服务器撤销移动终端的身份匿名性.本文协议在实现匿名认证的同时,有效防止恶意行为的发生,且其通信时延较小.安全性证明表明本文协议在CK安全模型中是可证安全的.     

可搜索语音加密机制访问控制的匿名交互算法

针对云环境下可搜索语音加密机制中的一对多和多用户单服务器模型,文中提出了一种访问控制的公钥匿名交互算法.基于离散对数问题的难解性,该算法利用二进制随机序列构建新多项式生成用户私钥信息,通过用户与云服务器之间的交互计算实现用户的匿名身份验证和对称密钥传递.算法分析表明,该方法不仅能安全有效地实现用户的匿名身份验证、对称密...     

cdma2000 1x的无线接入安全

cdma2000lx无线接入安全基于对称密钥技术，为用户提供匿名服务、基于质询/应答的认证服务、语音保密、控制信令加密和用户数据加密，采用CAVE、专用长码掩码、ORYX和E-CMEA四种安全算法。安全协议依赖于主密钥(A-Key)和移动台的电子序列号(ESN)，A-Key仅对移动台和归属位置寄存器，认证中心是可知的。不直接参与认证和保密，而是用于产生共享秘密数据(SSD)，再由SSD生成子密钥用于语音、信令和用户数据的保密。本研究上述安全机制，分析其安全漏洞。     

可信的匿名无线认证协议

提出一种可信的匿名无线认证协议,对移动用户身份进行认证的同时验证用户终端平台可信性,认证过程的每阶段使用不同的临时身份和一次性密钥,保持用户身份和平台信息的匿名性,分析表明协议安全可靠,具有域分离特性和密钥协商公正性,计算代价和消息交互轮数满足无线移动网络环境需求.     

直接匿名的无线网络可信接入认证方案

基于直接匿名证明思想,提出一种无线移动网络中移动用户可信接入认证方案,认证移动用户身份的同时利用直接匿名证明方法验证平台身份的合法性和可信性.方案中,外地网络代理服务器直接验证移动用户平台可信性,并与本地网络代理服务器一同验证移动用户身份,采用临时身份和一次性密钥,保持用户身份匿名性.分析表明,方案具有域分离特性和密钥协商公正性,性能满足无线移动网络环境安全需求.     

基于量子不经意密钥传输的量子匿名认证密钥交换协议

鉴于量子密码在密钥分配方面取得的巨大成功,人们也在尝试利用量子性质来设计其他各类密码协议。匿名认证密钥交换就是一类尚缺乏实用化量子实现途径的密码任务。为此,该文提出一个基于量子不经意密钥传输的量子匿名认证密钥交换协议。它在满足用户匿名性和实现用户与服务器双向认证的前提下,为双方建立了一个安全的会话密钥。该协议的安全性基于量子力学原理,可以对抗量子计算的攻击。此外,该协议中服务器的攻击行为要么无法奏效,要么能够与外部窃听区分开(从而被认定为欺骗),因此服务器通常不敢冒着名誉受损的风险来实施欺骗。     

基于代理签名的移动通信网络匿名漫游认证协议

随着无线移动终端的广泛应用,漫游认证、身份保密等问题显得日益突出。该文分析了现有的各种漫游认证协议在匿名性及安全性上存在的问题,指出现有协议都无法同时满足移动终端的完全匿名与访问网络对非法认证请求的过滤,进而针对性地提出了一种新的匿名认证协议。该协议基于椭圆曲线加密和代理签名机制,通过让部分移动终端随机共享代理签名密钥对的方式,实现了完全匿名和非法认证请求过滤。此外,协议运用反向密钥链实现了快速重认证。通过分析比较以及形式化验证工具AVISPA验证表明,新协议实现了完全匿名,对非法认证请求的过滤,双向认证和会话密钥的安全分发,提高了安全性,降低了计算负载,适用于能源受限的移动终端。     

一种有效的WLAN可信匿名认证协议

选取扩展认证-安全传输层(EAP-TLS,Extensible Authentication Protocol-transport Layer Security)协议与直接匿名认证(DAA,Direct Anonymous Attestation)结合,简化了EAP-TLS中用户与服务器间相互证书的交换和认证,去掉冗余步骤,合并EAP-TLS中握手过程和DAA中匿名认证过程。将可信平台模块(TPM,Trusted Platform Module)引入无线局域网(WLAN,Wireless Local Area Networks),实现用户身份的匿名认证,减轻了EAP-TLS协议证书管理压力,不存在效率瓶颈,安全程度比EAP-TLS有所提高,能有效抵抗重放攻击、中间人攻击、拒绝服务(DoS,Denial of Services)攻击等安全威胁。     

一种具有阅读器匿名功能的射频识别认证协议

在射频识别(RFID)的应用中,安全问题特别是用户隐私问题正日益凸显。因此,(用户)标签信息的隐私保护的需求越来越迫切。在RFID系统中,标签的隐私保护不仅是对外部攻击者,也应该包括阅读器。而现有许多文献提出的认证协议的安全仅针对外部攻击者,甚至在外部攻击者的不同攻击方法下也并不能完全保证安全。该文提出两个标签对阅读器匿名的认证协议:列表式RFID认证协议和密钥更新式RFID认证协议。这两个协议保证了阅读器对标签认证时,标签的信息不仅对外部攻击者是安全的而且对阅读器也保持匿名和不可追踪。相较于Armknecht等人提出的对阅读器匿名和不可追踪的认证协议,该文所提的协议不再需要增加第三方帮助来完成认证。并且密钥更新式RFID匿名认证协议还保证了撤销后的标签对阅读器也是匿名性和不可追踪的。     

Purpose-restricted Anonymous Mobile Communications Using Anonymous Signatures in Online Credential Systems

To avoid the risk of long-term storage of secrets on a portable device, an online credential system supports the roaming user in retrieving securely at various locations his private key and other material to generate anonymous signatures. The protocol proposed here allows a roaming mobile user to access anonymously services such as whistle blowing and net-counselling. Our approach: (1) allows a mobile user, remembering a short password, to anonymously and securely retrieve the credentials necessary for his anonymous communication without assuming a pre-established anonymous channel to the credential server or establishing an anonymous channel using the time-consuming existing rerouting techniques; (2) provides authenticated anonymous access to privacy-related services without rerouting the packets; (3) helps combatting the abuse of anonymity for performing illegal activities (e.g. redistribution of copy-righted contents, illegal drug trading and so on).     

A Secure and Effective Anonymous User Authentication Scheme for Roaming Service in Global Mobility Networks

In global mobility networks, anonymous user authentication is an essential task for enabling roaming service. In a recent paper, Jiang et al. proposed a smart card based anonymous user authentication scheme for roaming service in global mobility networks. This scheme can protect user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Jiang et al.’s scheme, and show that the scheme is in fact insecure against the stolen-verifier attack and replay attack. Then, we also propose a new smart card based anonymous user authentication scheme for roaming service. Compared with the existing schemes, our protocol uses a different user authentication mechanism, which does not require the home agent to share a static secret key with the foreign agent, and hence, it is more practical and realistic. We show that our proposed scheme can provide stronger security than previous protocols.     

A pairing‐free identity‐based handover AKE protocol with anonymity in the heterogeneous wireless networks

Nowadays, seamless roaming service in heterogeneous wireless networks attracts more and more attention. When a mobile user roams into a foreign domain, the process of secure handover authentication and key exchange (AKE) plays an important role to verify the authenticity and establish a secure communication between the user and the access point. Meanwhile, to prevent the user's current location and moving history information from being tracked, privacy preservation should be also considered. However, existing handover AKE schemes have more or less defects in security aspects or efficiency. In this paper, a secure pairing‐free identity‐based handover AKE protocol with privacy preservation is proposed. In our scheme, users' temporary identities will be used to conceal their real identities during the handover process, and the foreign server can verify the legitimacy of the user with the home server's assistance. Besides, to resist ephemeral private key leakage attack, the session key is generated from the static private keys and the ephemeral private keys together. Security analysis shows that our protocol is provably secure in extended Canetti‐Krawczyk (eCK) model under the computational Diffie‐Hellman (CDH) assumption and can capture desirable security properties including key‐compromise impersonation resistance, ephemeral secrets reveal resistance, strong anonymity, etc. Furthermore, the efficiency of our identity‐based protocol is improved by removing pairings, which not only simplifies the complex management of public key infrastructure (PKI) but also reduces the computation overhead of ID‐based cryptosystem with pairings. It is shown that our proposed handover AKE protocol provides better security assurance and higher computational efficiency for roaming authentication in heterogeneous wireless networks.     

Lightweight and provably secure user authentication with anonymity for the global mobility network

Seamless roaming in the global mobility network (GLOMONET) is highly desirable for mobile users, although their proper authentication is challenging. This is because not only are wireless networks susceptible to attacks, but also mobile terminals have limited computational power. Recently, some authentication schemes with anonymity for the GLOMONET have been proposed. This paper shows some security weaknesses in those schemes. Furthermore, a lightweight and provably secure user authentication scheme with anonymity for the GLOMONET is proposed. It uses only symmetric cryptographic and hash operation primitives for secure authentication. Besides, it takes only four message exchanges among the user, foreign agent and home agent. We also demonstrate that this protocol enjoys important security attributes including prevention of various attacks, single registration, user anonymity, user friendly, no password/verifier table, and use of one‐time session key between mobile user and foreign agent. The security properties of the proposed protocol are formally validated by a model checking tool called AVISPA. Furthermore, as one of the new features in our protocol, it can defend smart card security breaches. Copyright © 2010 John Wiley & Sons, Ltd.     

A self-encryption mechanism for authentication of roaming and teleconference services

A simple authentication technique for use in the global mobility network (GLOMONET) is proposed. This technique is based on the concept of distributed security management, i.e., the original security manager administrates the original authentication key (long-term secret key) acquired when a user makes a contract with his home network, while a temporary security manager is generated for a roaming user in the visited network that provides roaming services. The temporary security manager will take the place of the original security manager when the roaming user stays in the service area of the visited network. In the proposed authentication protocol for the regular communication phase, the procedures of the original security manager and the temporary security manager are the same except for introducing different parameters. Furthermore, the proposed technique not only reduces the number of transmissions during the authentication phase, but it also can decrease the complexity of mobile equipment. The idea behind the proposed technique is to introduce a simple mechanism which is called "self-encryption". We also suggest that this mechanism can be easily adopted as the authentication function for the secure teleconference service.     

Centralized Group Key Establishment Protocol without a Mutually Trusted Third Party

The type of centralized group key establishment protocols is the most commonly used one due to its efficiency in computation and communication. A key generation center (KGC) in this type of protocols acts as a server to register users initially. Since the KGC selects a group key for group communication, all users must trust the KGC. Needing a mutually trusted KGC can cause problem in some applications. For example, users in a social network cannot trust the network server to select a group key for a secure group communication. In this paper, we remove the need of a mutually trusted KGC by assuming that each user only trusts himself. During registration, each user acts as a KGC to register other users and issue sub-shares to other users. From the secret sharing homomorphism, all sub-shares of each user can be combined into a master share. The master share enables a pairwise shared key between any pair of users. A verification of master shares enables all users to verify their master shares are generated consistently without revealing the master shares. In a group communication, the initiator can become the server to select a group key and distribute it to each other user over a pairwise shared channel. Our design is unique since the storage of each user is minimal, the verification of master shares is efficient and the group key distribution is centralized. There are public-key based group key establishment protocols without a trusted third party. However, these protocols can only establish a single group key. Our protocol is a non-public-key solution and can establish multiple group keys which is computationally efficient.     

Provable analysis and improvement of smart card–based anonymous authentication protocols

Nowadays, authentication protocols are essential for secure communications specially for roaming networks, distributed computer networks, and remote wireless communication. The numerous users in these networks rise vulnerabilities. Thus, privacy‐preserving methods have to be run to provide more reliable services and sustain privacy. Anonymous authentication is a method to remotely authenticate users with no revelation about their identity. In this paper, we analyze 2 smart card–based protocols that the user's identity is anonymous. However, we represent that they are vulnerable to privileged insider attack. It means that the servers can compromise the users' identity for breaking their privacy. Also, we highlight that the Wen et al protocol has flaws in both stolen smart card and stolen server attacks and the Odelu et al protocol is traceable. Then, we propose 2 modified anonymous authentication protocols. Finally, we analyze our improved protocols with both heuristic and formal methods.     

Privacy-preserving authenticated key agreement scheme based on biometrics for session initiation protocol

A secure key agreement scheme plays a major role in protecting communications between the users using voice over internet protocol over a public network like the internet. In this paper we present a strong security authenticated key agreement scheme for session initiation protocol (SIP) by using biometrics, passwords and smart cards. The proposed scheme realizes biometric data protection through key agreement process meanwhile achieving the verification of the biometric value on the SIP server side which is very important in designing a practical authenticated key agreement for SIP. The main merits of our proposed scheme are: (1) the SIP server does not need to maintain any password or verification table; (2) the scheme can provide user identity protection—the user’s real identity is protected by a secure symmetric encryption algorithm and the elliptic curve discrete logarithm problem, and it is transmitted in code; (3) the scheme can preserve the privacy of the user’s biometric data while the biometric matching algorithm is performed at the SIP server side, even if the server does not know the biometric data in the authentication process. Performance and security analysis shows that our proposed scheme increases efficiency significantly in comparison with other related schemes.     

Anonymous authentication protocol for multi-services in wireless environments

To provide mutual authentication among users, wireless networks, and service providers in roaming wireless environments, this article presents an anonymous authentication and access control protocol. Bases on this protocol, entities of different trusted domains can mutually authenticate each other and preserve the anonymity of users. Hybrid cryptosystem, secret splitting, and hash chains are used in the protocol, which decrease computational loads and establish trusted relations for both entities. The proposed protocol has the least computation complexity compared with other protocols, whereas, the security has been significantly improved.