Provably-Secure One-Message Unilateral Entity Authentication Schemes
Pages 1665 - 1679
Abstract
A <italic>one-message unilateral entity authentication scheme</italic> allows one party, called the <italic>prover</italic>, to authenticate himself, i.e., to prove his identity, to another party, called the <italic>verifier</italic>, by sending a single <italic>authentication message</italic>. We consider schemes where the prover and the verifier do not share any secret information, such as a password, in advance. We propose the <italic>first theoretical characterization</italic> for one-message unilateral entity authentication schemes, by formalizing the security requirements for such schemes with respect to different kinds of <italic>passive</italic> and <italic>active</italic> adversarial behaviours. In particular, we consider both <italic>static</italic> and <italic>adaptive</italic> adversaries for each kind of attack (passive/active). Afterwards, we explore the relationships between the security notions resulting from different adversarial behaviours for one-message unilateral entity authentication schemes. Finally, we propose three different constructions for one-message unilateral entity authentication schemes and we analyze their security with respect to the different definitions introduced in this paper.
References
[1]
C.-S. Tsai, C.-C. Lee, and M.-S. Hwang, “Password authentication schemes: Current status and key issues,” Int. J. Netw. Secur., vol. 3, no. 2, pp. 101–115, 2006.
[2]
L. Lamport, “Password authentication with insecure communication,” Commun. ACM, vol. 24, no. 11, pp. 770–772, 1981.
[3]
N. Haller, “The S/KEY one-time password system,” in Proc. Internet Soc. Symp. Netw. Distrib. Syst., 1994, pp. 151–157.
[4]
N. Haller, C. Metz, P. Nesser, and M. Straw, “A one-time password system,” Network Working Group, Tech. Rep. RFC 2289, Feb. 1998. [Online]. Available: http://www.rfc-editor.org/info/rfc2289
[5]
D. L. Mcdonald, R. J. Atkinson, and C. Metz, “One time passwords in everything (OPIE): Experiences with building and using stronger authentication,” in Proc. 5th USENIX Secur. Symp., 1995, pp. 177–86.
[6]
R. Joyce and G. Gupta, “Identity authentication based on keystroke latencies,” Commun. ACM, vol. 33, no. 2, pp. 168–176, 1990.
[7]
H.-J. Kim, “Biometrics, is it a viable proposition for identity authentication and access control?,” Comput. Secur., vol. 14, no. 3, pp. 205–214, 1995.
[8]
J.-K. Jan and Y.-Y. Chen, “Paramita wisdom password authentication scheme without verification tables,” J. Syst. Softw., vol. 42, no. 1, pp. 45–57, 1998.
[9]
M. Sandirigama and A. Shimizu, “Simple and secure password authentication protocol (SAS),” IEICE Trans. Commun., vol. 83, no. 6, pp. 1363–1365, 2000.
[10]
C.-M. Chen and W.-C. Ku, “Stolen-verifier attack on two new strong-password authentication protocols,” IEICE Trans. Commun., vol. 85, no. 11, pp. 2519–2521, 2002.
[11]
Y. Tzu-Chang, S. Hsiao-Yun, and J.-J. Hwang, “A secure one-time password authentication scheme using smart cards,” IEICE Trans. Commun., vol. 85, no. 11, pp. 2515–2518, 2002.
[12]
M.-H. Lin and C.-C. Chang, “A secure one-time password authentication scheme with low-computation for mobile communications,” ACM SIGOPS Operating Syst. Rev., vol. 38, no. 2, pp. 76–84, 2004.
[13]
H.-C. Kim, H.-W. Lee, K.-S. Lee, and M.-S. Jun, “A design of one-time password mechanism using public key infrastructure,” in Proc. 4th Conf. Netw. Comput. Adv. Inf. Manage., 2008, pp. 18–24.
[14]
L. Gong, J. Pan, B. Liu, and S. Zhao, “A novel one-time password mutual authentication scheme on sharing renewed finite random sub-passwords,” J. Comput. Syst. Sci., vol. 79, no. 1, pp. 122–130, 2013.
[15]
D. M’Raihi, S. Machani, M. Pei, and J. Rydell, “TOTP: Time-based one-time password algorithm,” Internet Engineering Task Force, Tech. Rep. RFC 6238, 2011.
[16]
B. Vaidya, J. H. Park, S.-S. Yeo, and J. J. P. C. Rodrigues, “Robust one-time password authentication scheme using smart card for home network environment,” Comput. Commun., vol. 34, no. 3, pp. 326–336, 2011.
[17]
S. Goldwasser and S. Micali, “Probabilistic encryption,” J. Comput. Syst. Sci., vol. 28, no. 2, pp. 270–299, 1984.
[18]
M. Blum and S. Micali, “How to generate cryptographically strong sequences of pseudorandom bits,” SIAM J. Comput., vol. 17, no. 2, pp. 850–864, 1984.
[19]
A. C. Yao, “Theory and applications of trapdoor functions,” in Proc. 23rd IEEE Annu. Symp. Found. Comput. Sci., 1982, pp. 80–91.
[20]
S. Goldwasser, S. Micali, and R. Rivest, “A digital signature scheme secure against adaptive chosen-message attacks,” SIAM J. Comput., vol. 13, no. 4, 1984.
[21]
M. Bellare and P. Rogaway, “Entity authentication and key distribution,” in Proc. Adv. Cryptol., 1993, pp. 232–249.
[22]
R. Bird et al., “Systematic design of two-party authentication protocols,” in Proc. Adv. Cryptol., 1991, pp. 44–61.
[23]
W. Diffie, P. van Oorschot, and M. Wiener, “Authentication and authenticated key exchanges,” Designs, Codes Cryptogr., vol. 2, no. 2, pp. 107–125, 1992.
[24]
N. J. Hopper and M. Blum, “Secure human identification protocols,” in Proc. Advantages Cryptol., 2001, pp. 52–66.
[25]
A. Juels and A. S. Weis, “Authenticationg pervasive devices with human protocols,” in Proc. Advantages Cryptol., 2005, pp. 293–308.
[26]
J. Katz, “Parallel and concurrent security of the HB and HB protocols,” J. Cryptol., vol. 23, no. 3, pp. 402–421, 2010.
[27]
I. Munilla and A. Peinado, “HB-MP: A further step in a HB-family of lightweight authentication protocols,” Comput. Netw., vol. 51, no. 9, pp. 2262–2267, 2007.
[28]
J. Bringer and H. Chabanne, “Trusted-HB: A low-cost version of the HB secure against man-in-the-middle attacks,” IEEE Trans. Inf. Theory, vol. 54, no. 9, pp. 4339–4342, Sep. 2008.
[29]
T. Beth and Y. Desmedt, “Identification tokens: Solving the chess grandmaster problem,” in Proc. Conf. Theory Appl. Cryptogr., Springer, 1990, pp. 169–176.
[30]
J. Reid, J. M. G. Nieto, T. Tang, and B. Senadji, “Detecting relay attacks with timing-based protocols,” in Proc. ACM Symp. Inf., Comput. Commun. Secur., Singapore, 2007, pp. 204–213.
[31]
G. Jakubowska and W. Penczek, “Is your security protocol on time ?,” in Proc. Int. Symp. Fund. Softw. Eng., Springer, 2007, pp. 65–80.
[32]
J. McCune, E. Shi, A. Perrig, and M. Reiter, “Detection of denial-of-message attacks on sensor network broadcasts,” in Proc. IEEE Symp. Secur. Privacy, 2005, pp. 64–78.
[33]
C. Zhang, K. Chen, X. Zeng, and X. Xue, “Misbehavior detection based on support vector machine and dempster-shafer theory of evidence in VANETs,” IEEE Access, vol. 6, pp. 59860–59870, 2018.
[34]
A. De Santis, M. Flores, and B. Masucci, “One-message unilateral entity authentication schemes,” in Proc. 12th ACM Int. Conf. Availability, Rel. Secur., 2017, pp. 1–6.
[35]
S. Goldwasser, S. Micali, and R. Rivest, “A digital signature scheme secure against adaptive chosen-message attacks,” SIAM J. Comput., vol. 17, no. 2, pp. 281–308, 1988.
[36]
W. Diffie and M. Hellman, “New directions in cryptography,” IEEE Trans. Inf. Theory, vol. 22, no. 6, pp. 644–654, Nov. 1976.
[37]
J. Rompel, “One-way functions are necessary and sufficient for secure signatures,” in Proc. 22nd Annu. ACM Symp. Theory Comput., 1990, pp. 387–394.
[38]
J. Hastad, R. Impagliazzo, L. A. Levin, and M. Luby, “A pseudorandom generator from any one-way function,” SIAM J. Comput., vol. 13, pp. 1364–1396, 1999.
[39]
M. Blum and S. Micali, “How to generate cryptographically strong sequences of pseudorandom bits,” SIAM J. Comput., vol. 13, pp. 850–864, 1984.
[40]
M. Naor and M. Yung, “Universal one-way hash functions and their cryptographic applications,” in Proc. 21st Annu. ACM Symp. Theory Comput., 1989, pp. 33–43.
[41]
R. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Commun. ACM, vol. 21, no. 2, pp. 120–126, 1978.
[42]
M. O. Rabin, “Digitalized signatures as intractable as factorization,” MIT Laboratory for Computer Science, Tech. Rep. MIT/LCS/TR-212, 1979.
[43]
N. Bitansky, O. Paneth, and D. Wichs, “Perfect structure on the edge of chaos - trapdoor permutations from indistinguishability obfuscation,” in Proc. Theory Cryptogr., 2016, pp. 474–502.
[44]
B. Barak et al., “On the (Im)possibility of obfuscating programs,” J. ACM, vol. 59, no. 2, pp. 1–48, 2012.
[45]
S. Garg, C. Gentry, S. Halevi, M. Raykova, A. Sahai, and B. Waters, “Candidate indistinguishability obfuscation and functional encryption for all circuits,” in Proc. IEEE 54th Annu. Symp. Found. Comput. Sci., 2013, pp. 40–49.
Recommendations
One-Message Unilateral Entity Authentication Schemes
ARES '17: Proceedings of the 12th International Conference on Availability, Reliability and SecurityA one-message unilateral entity authentication scheme allows one party, called the prover, to authenticate himself, i.e., to prove his identity, to another party, called the verifier, by sending a single authentication message.
In this paper we consider ...
Provably secure delegation-by-certification proxy signature schemes
InfoSecu '04: Proceedings of the 3rd international conference on Information securityIn this paper, we first show that a previous proxy signature scheme by delegation with certificate is not provably secure under adaptive-chosen message attacks and adaptive-chosen warrant attacks. The scheme does not provide the strong undeniability. ...
Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes
CRYPTO '92: Proceedings of the 12th Annual International Cryptology Conference on Advances in CryptologyThis paper presents a three-move interactive identification scheme and proves it to be as secure as the discrete logarithm problem. This provably secure scheme is almost as efficient as the Schnorr identification scheme, while the Schnorr scheme is not ...
Comments
Information & Contributors
Information
Published In
1545-5971 © 2023 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See https://www.ieee.org/publications/rights/index.html for more information.
Publisher
IEEE Computer Society Press
Washington, DC, United States
Publication History
Published: 21 June 2023
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 06 Jan 2025