基于匿名安全哈希函数的消费类USB大容量存储设备认证方案

Proceedings of the 2015 Third International Conference on Computer, Communication, Control and Information Technology (C3IT) Pub Date : 2015-03-16 DOI:10.1109/C3IT.2015.7060190

Ruhul Amin, G. P. Biswas

{"title":"基于匿名安全哈希函数的消费类USB大容量存储设备认证方案","authors":"Ruhul Amin, G. P. Biswas","doi":"10.1109/C3IT.2015.7060190","DOIUrl":null,"url":null,"abstract":"A USB (Universal Serial Bus) mass storage device, which makes a (USB) device accessible to a host computing device and enables file transfers after completing mutual authentication between the authentication server and the user. It is also very popular device because of it's portability, large storage capacity and high transmission speed. To protect the privacy of a file transferred to a storage device, several security protocols have been proposed but none of them is completely free from security weaknesses. Recently He et al. proposed a multi-factor based security protocol which is efficient but the protocol is not applicable for practical implementation, as they does not provide password change procedure which is an essential phase in any password based user authentication and key agreement protocol. As the computation and implementation of the cryptographic one-way hash function is more trouble-free than other existing cryptographic algorithms, we proposed a light weight and anonymity preserving three factor user authentication and key agreement protocol for consumer mass storage devices and analyzes our proposed protocol using BAN logic. Furthermore, we have presented informal security analysis of the proposed protocol and confirmed that the protocol is completely free from security weaknesses and applicable for practical implementation.","PeriodicalId":402311,"journal":{"name":"Proceedings of the 2015 Third International Conference on Computer, Communication, Control and Information Technology (C3IT)","volume":"49 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":"{\"title\":\"Anonymity preserving secure hash function based authentication scheme for consumer USB mass storage device\",\"authors\":\"Ruhul Amin, G. P. Biswas\",\"doi\":\"10.1109/C3IT.2015.7060190\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A USB (Universal Serial Bus) mass storage device, which makes a (USB) device accessible to a host computing device and enables file transfers after completing mutual authentication between the authentication server and the user. It is also very popular device because of it's portability, large storage capacity and high transmission speed. To protect the privacy of a file transferred to a storage device, several security protocols have been proposed but none of them is completely free from security weaknesses. Recently He et al. proposed a multi-factor based security protocol which is efficient but the protocol is not applicable for practical implementation, as they does not provide password change procedure which is an essential phase in any password based user authentication and key agreement protocol. As the computation and implementation of the cryptographic one-way hash function is more trouble-free than other existing cryptographic algorithms, we proposed a light weight and anonymity preserving three factor user authentication and key agreement protocol for consumer mass storage devices and analyzes our proposed protocol using BAN logic. Furthermore, we have presented informal security analysis of the proposed protocol and confirmed that the protocol is completely free from security weaknesses and applicable for practical implementation.\",\"PeriodicalId\":402311,\"journal\":{\"name\":\"Proceedings of the 2015 Third International Conference on Computer, Communication, Control and Information Technology (C3IT)\",\"volume\":\"49 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-03-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2015 Third International Conference on Computer, Communication, Control and Information Technology (C3IT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/C3IT.2015.7060190\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2015 Third International Conference on Computer, Communication, Control and Information Technology (C3IT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/C3IT.2015.7060190","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 13

摘要

一种USB (Universal Serial Bus)大容量存储设备，使主机计算设备可以访问USB设备，并在认证服务器和用户之间完成相互认证后，进行文件传输。它也是非常受欢迎的设备，因为它的便携性，大存储容量和高传输速度。为了保护传输到存储设备的文件的隐私，已经提出了几种安全协议，但没有一种是完全没有安全弱点的。最近，He等人提出了一种基于多因素的安全协议，该协议效率很高，但由于没有提供任何基于密码的用户认证和密钥协议中必不可少的密码更改过程，因此该协议不适用于实际实现。由于加密单向哈希函数的计算和实现比现有的其他加密算法更加无故障，我们提出了一种轻量级且保持匿名的消费级大容量存储设备三因素用户认证和密钥协议协议，并使用BAN逻辑分析了我们提出的协议。此外，我们对所提出的协议进行了非正式的安全分析，并证实该协议完全没有安全弱点，适用于实际实现。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Anonymity preserving secure hash function based authentication scheme for consumer USB mass storage device

A USB (Universal Serial Bus) mass storage device, which makes a (USB) device accessible to a host computing device and enables file transfers after completing mutual authentication between the authentication server and the user. It is also very popular device because of it's portability, large storage capacity and high transmission speed. To protect the privacy of a file transferred to a storage device, several security protocols have been proposed but none of them is completely free from security weaknesses. Recently He et al. proposed a multi-factor based security protocol which is efficient but the protocol is not applicable for practical implementation, as they does not provide password change procedure which is an essential phase in any password based user authentication and key agreement protocol. As the computation and implementation of the cryptographic one-way hash function is more trouble-free than other existing cryptographic algorithms, we proposed a light weight and anonymity preserving three factor user authentication and key agreement protocol for consumer mass storage devices and analyzes our proposed protocol using BAN logic. Furthermore, we have presented informal security analysis of the proposed protocol and confirmed that the protocol is completely free from security weaknesses and applicable for practical implementation.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 2015 Third International Conference on Computer, Communication, Control and Information Technology (C3IT)

自引率

0.00%

发文量