Password-based user Password-based user authentication and key authentication and key distribution protocols distribution protocols for client-server for client-server applications applications Authors: Authors: Her-Tyan Yeh and Hung-Min Her-Tyan Yeh and Hung-Min Sun Sun Sources: Sources: The Journal of Systems an The Journal of Systems an d Software, Vol.72, pp.97-103, 200 d Software, Vol.72, pp.97-103, 200 4. 4. Adviser: Adviser: Min-Shiang Hwang Min-Shiang Hwang Speaker: Speaker: Chun-Ta Li Chun-Ta Li Date: Date: 2004/11/04 2004/11/04
14
Embed
Password-based user authentication and key distribution protocols for client-server applications
Password-based user authentication and key distribution protocols for client-server applications. Authors: Her-Tyan Yeh and Hung-Min Sun Sources: The Journal of Systems and Software, Vol.72, pp.97-103, 2004. Adviser: Min-Shiang Hwang Speaker: Chun-Ta Li Date: 2004/11/04. Outline. - PowerPoint PPT Presentation
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Password-based user authentication Password-based user authentication and key distribution protocols for and key distribution protocols for
Authors:Authors: Her-Tyan Yeh and Hung-Min SunHer-Tyan Yeh and Hung-Min SunSources:Sources: The Journal of Systems and Software, Vol.The Journal of Systems and Software, Vol.72, pp.97-103, 2004.72, pp.97-103, 2004.Adviser:Adviser: Min-Shiang HwangMin-Shiang HwangSpeaker:Speaker: Chun-Ta LiChun-Ta LiDate:Date: 2004/11/042004/11/04
2
OutlineOutline
• IntroductionIntroduction
• Description of notations and security requirementsDescription of notations and security requirements
• Key transfer authentication protocol (KTAP)Key transfer authentication protocol (KTAP)
• Password-based mechanismPassword-based mechanism– User authenticationUser authentication– Password guessing attacksPassword guessing attacks– Server can use strong cryptographic secretServer can use strong cryptographic secret
• PPA A in Message 1 is used only to authenticate A’s statusin Message 1 is used only to authenticate A’s status• The attacker must also guess the value of The attacker must also guess the value of rara
– Replay attacks (forge Replay attacks (forge K`K`))• Attacker can get is {{A, B, PAttacker can get is {{A, B, PAA, , rara, g, gxx}, [A, g}, [A, gxx]]SSBB, [B, , [B, rbrb]]KK}}
• Comparison with the related worksComparison with the related works
13
ConclusionsConclusions
• Authors introduced key distribution protocols: Authors introduced key distribution protocols: KTAPKTAP and and KAAPKAAP
• These two protocols can be applied to various These two protocols can be applied to various communication systems in distributed computing communication systems in distributed computing environmentsenvironments
Thanks for your attentionThanks for your attention