基于属性的互认证方案,密钥有时间限制

Han-Yu Lin, Pei-yih Ting, Hong-Ru Wu
{"title":"基于属性的互认证方案,密钥有时间限制","authors":"Han-Yu Lin, Pei-yih Ting, Hong-Ru Wu","doi":"10.1145/3369555.3369568","DOIUrl":null,"url":null,"abstract":"Remote user authentication scheme is an important technique for securely accessing the resources of servers. Traditionally, password-based authentication schemes are commonly adopted mechanisms, i.e., a user first chooses a password and then registers to the server for becoming a legitimate member. Nevertheless, such schemes are vulnerable to password guessing attacks and a remote server might have to maintain a password table for verifying users. In recent years, attribute-based cryptosystems have been received much attention. An attribute-based authentication scheme allows a remote system to verify a user's membership according to his/her owned attribute sets without using passwords. In 2015, Yun et al. proposed an improved attribute-based authentication protocol by utilizing Shamir's secret sharing technique. Their protocol is secure against man-in-the-middle, replay and collusion attacks. However, we find out that their scheme only achieves one-way authentication rather than mutual authentication. In this paper, we extend their work to further fulfill the crucial property of mutual authentication. Moreover, we incorporate the concept of time-bounded keys into the extended variant for providing more flexible applications in the real world.","PeriodicalId":377760,"journal":{"name":"Proceedings of the 3rd International Conference on Telecommunications and Communication Engineering","volume":"82 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"An attribute-based mutual authentication scheme with time-bounded keys\",\"authors\":\"Han-Yu Lin, Pei-yih Ting, Hong-Ru Wu\",\"doi\":\"10.1145/3369555.3369568\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Remote user authentication scheme is an important technique for securely accessing the resources of servers. Traditionally, password-based authentication schemes are commonly adopted mechanisms, i.e., a user first chooses a password and then registers to the server for becoming a legitimate member. Nevertheless, such schemes are vulnerable to password guessing attacks and a remote server might have to maintain a password table for verifying users. In recent years, attribute-based cryptosystems have been received much attention. An attribute-based authentication scheme allows a remote system to verify a user's membership according to his/her owned attribute sets without using passwords. In 2015, Yun et al. proposed an improved attribute-based authentication protocol by utilizing Shamir's secret sharing technique. Their protocol is secure against man-in-the-middle, replay and collusion attacks. However, we find out that their scheme only achieves one-way authentication rather than mutual authentication. In this paper, we extend their work to further fulfill the crucial property of mutual authentication. Moreover, we incorporate the concept of time-bounded keys into the extended variant for providing more flexible applications in the real world.\",\"PeriodicalId\":377760,\"journal\":{\"name\":\"Proceedings of the 3rd International Conference on Telecommunications and Communication Engineering\",\"volume\":\"82 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-11-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 3rd International Conference on Telecommunications and Communication Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3369555.3369568\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 3rd International Conference on Telecommunications and Communication Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3369555.3369568","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2

摘要

远程用户认证方案是安全访问服务器资源的一项重要技术。传统上,基于密码的身份验证方案是常用的机制,即用户首先选择密码,然后向服务器注册成为合法成员。然而,这种方案容易受到密码猜测攻击,并且远程服务器可能必须维护密码表以验证用户。近年来,基于属性的密码系统受到了广泛的关注。基于属性的身份验证方案允许远程系统根据用户拥有的属性集验证用户的成员资格,而无需使用密码。2015年,Yun等人利用Shamir的秘密共享技术,提出了一种改进的基于属性的认证协议。他们的协议对中间人攻击、重放攻击和共谋攻击是安全的。然而,我们发现他们的方案只能实现单向认证,而不能实现双向认证。在本文中,我们扩展了他们的工作,进一步实现了相互认证的关键特性。此外,为了在现实世界中提供更灵活的应用程序,我们将有时限键的概念合并到扩展变体中。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
An attribute-based mutual authentication scheme with time-bounded keys
Remote user authentication scheme is an important technique for securely accessing the resources of servers. Traditionally, password-based authentication schemes are commonly adopted mechanisms, i.e., a user first chooses a password and then registers to the server for becoming a legitimate member. Nevertheless, such schemes are vulnerable to password guessing attacks and a remote server might have to maintain a password table for verifying users. In recent years, attribute-based cryptosystems have been received much attention. An attribute-based authentication scheme allows a remote system to verify a user's membership according to his/her owned attribute sets without using passwords. In 2015, Yun et al. proposed an improved attribute-based authentication protocol by utilizing Shamir's secret sharing technique. Their protocol is secure against man-in-the-middle, replay and collusion attacks. However, we find out that their scheme only achieves one-way authentication rather than mutual authentication. In this paper, we extend their work to further fulfill the crucial property of mutual authentication. Moreover, we incorporate the concept of time-bounded keys into the extended variant for providing more flexible applications in the real world.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信