Tianjie Cao,Xianping Mao

DOI: https://doi.org/10.1109/icct.2006.341971

2006-01-01

Abstract:To generate the RSA keys efficiently on a low-power handheld device, Modadugu et al. proposed two RSA key generationprotocols. These protocols work with the help of the untrusted servers. Recently, Chen et al. proposed two improved protocols and claimed that their protocols are secure against the collusion attack. The one is a standard RSA key generation protocol and the other is an unbalanced version. This letter point out a weakness in Chen et al.'s unbalanced RSA key generation protocol. If the servers collude with each other they can derive the user's secret prime with high probability that enable the decryption of any ciphertext.

Tianjie Cao,Xianping Mao,Qihan Luo,Zhipeng Niu

DOI: https://doi.org/10.1109/CCCM.2008.341

2008-01-01

Abstract:In ITST2006, Chen et al. presented two server-aided public key generation protocols for low-power devices and claimed that their protocols secure against collusion attack. In this paper, we point that if the servers collude with each other, those servers could obtain low-power devices' secret information, and they can get the plaintext from any ciphertext. We also present an improved server-aided standard RSA key generation protocol against the collusion attack.

WANG Ding,WANG Ping,LEI Ming

DOI: https://doi.org/10.3969/j.issn.0372-2112.2015.01.028

2015-01-01

Abstract:It remains an open problem to design a secure and efficient RSA-based password-authenticated key exchange (PAKE )protocol in the areas of cryptography .In 2011 ,Wei proposed the first provably secure gateway-oriented PAKE protocol us-ing RSA ,and claimed that the protocol is provably secure in the random oracle model based on the intractability of the integer fac-torization problem .However ,in this short paper ,we point out that an adversary can launch the separation attack on their protocol by exploiting the oracle service unwittingly provided by the server ,and a user’s password can thus be guessed just after tens of mali-cious sessions .Our cryptanalysis result invalidates Wei’s claim that their protocol can achieve the security goal of password protec-tion ,and highlights the damaging threat that separation attack poses to RSA-based PAKE protocols .Furthermore ,we uncover the flaws in their formal security proof and put forward an enhancement to overcome the identified defect .The analysis results show that the improved protocol eliminates the vulnerability of Wei’s protocol while keeping the merit of high performance ,suitable for mo-bile application scenarios .

SH Wang,F Bao,J Wang

DOI: https://doi.org/10.1093/ietcom/e88-b.4.1641

2005-01-01

IEICE Transactions on Communications

Abstract:In 2002, Zhu et al. proposed a password authenticated key exchange protocol based on RSA such that it is efficient enough to be implemented on most of the target low-power devices such as smart cards and low-power Personal Digital Assistants in imbalanced wireless networks. Recently, YEH et al. claimed that Zhu et al.'s protocol not only is insecure against undetectable on-line password guessing attack but also does not achieve explicit key authentication. Thus they presented an improved version. Unfortunately, we find that YEH et al.'s password guessing attack does not come into existence, and that their improved protocol is vulnerable to off-line dictionary attacks. In this paper we describe our observation in details, and also comment for the original protocol on how to achieve explicit key authentication as well as resist against other existent attacks.

Ding WANG,Ping WANG,Zeng-peng LI,Chun-guang MA

2015-01-01

Systems Engineering - Theory & Practice

Abstract:With identity authentication becoming an essential mechanism to ensure robust system security in information systems,RSA-based authentication protocols have been studied intensively for their great practicality.This paper points out that a recent RSA-based remote user two-factor authentication protocol proposed by Xie et al.cannot achieve the claimed security and reports its following flaws:(1) It is vulnerable to replay attack and key compromise impersonation attack;(2) It suffers from the problem of user privacy violation and poor repairability.As our main contribution,an improved scheme is put forward and formally proved secure under the RSA assumption in the random oracle model.As compared with other related schemes,our scheme is the first one that can achieve provable security while keeping the merit of high performance.Consequently,our scheme is more well-suited for mobile application scenarios where resource is severely constrained and security is particularly concerned.

LUO Qi-han,CAO Tian-jie,HE Tao

DOI: https://doi.org/10.3969/j.issn.1001-3695.2009.05.093

2009-01-01

Abstract:Based on Cao et al.'s improved server-aided standard RSA key generation protocol,implemented it based on Windows Mobile Smartphone which was in the.NET Compact Framework.This paper specified the scheme of implementation,data transporting of communications and selecting and optimization of key algorithms.Many factors were also considered intensively,such as the reusage,maintainability,execution efficiency and the reliability of protocol running.In addition,also adopted the multithreading coping mechanism to assist several clients computing.

Hung-Min Sun,Mu-En Wu,Wei-Chi Ting,M. Jason Hinek

DOI: https://doi.org/10.1109/tit.2007.901248

IF: 2.5

2007-01-01

IEEE Transactions on Information Theory

Abstract:We present new variants of an RSA whose key generation algorithms output two distinct RSA key pairs having the same public and private exponents. This family of variants, called dual RSA, can be used in scenarios that require two instances of RSA with the advantage of reducing the storage requirements for the keys. Two applications for dual RSA, blind signatures and authentication/secrecy, are proposed. In addition, we also provide the security analysis of dual RSA. Compared to normal RSA, the security boundary should be raised when applying dual RSA to the types of small-d, small-e, and rebalanced-RSA.

Xiong Li,Jianwei Niu,Saru Kumari,SK Hafizul Islam,Fan Wu,Muhammad Khurram Khan,Ashok Kumar Das

DOI: https://doi.org/10.1007/s11042-017-4390-x

IF: 2.017

2014-01-01

Wireless Personal Communications

Abstract:The widespread popularity of the computer networks has triggered concerns about information security. Password-based user authentication with key agreement protocols have drawn attentions since it provides proper authentication of a user before granting access right to services, and then ensure secure communication over insecure channels. Recently, Lee et al. pointed out different security flaws on Tsaur et al.'s multi-server user authentication protocol, and they further proposed an extended chaotic maps-based user authentication with key agreement protocol for multi-server environments. However, we observed that Lee et al.'s protocol has some functionality and security flaws, i.e., it is inefficient in detection of unauthorized login and it does not support password change mechanism. Besides, their protocol is vulnerable to registration center spoofing attack and server spoofing attack. In order to remedy the aforementioned flaws, we proposed a novel chaotic maps-based user authentication with key agreement protocol for multi-server environments. The proposed protocol is provably secure in the random oracle model under the chaotic-maps based computational Diffie-Hellman assumption. In addition, we analyzed our protocol using BAN logic model. We also compared our protocol with Lee et al.'s protocol in aspects of computation cost, functionalities and securities.

Aniruddha Bhattacharjya,Xiaofeng Zhong,Jing Wang

DOI: https://doi.org/10.1145/2896387.2896431

2016-01-01

Abstract:Rivest- Shamir-Adleman (RSA) algorithm is the widespread encryption scheme that promises confidentiality and authenticity over an insecure communication channel. The RSA has drawbacks of various attacks like Brute force key search, Mathematical attacks, Timing attacks and Chosen Ciphertext attacks etc. So here a Strong, efficient and reliable personal messaging peer to peer architecture based on Hybrid RSA for an active networked environment is proposed. The main peer to peer personal messaging architecture will be strong, efficient and reliable, and communication protocol will allow only one authenticated person to converse with the person who is in the server end, multiple chat clients can be connected to the server but has to wait for authenticated connection with secure server one by one. Also multiple servers with multiple clients can run for distributed strong, efficient and reliable messaging. As at the key exchange level, the Miller-Rabin test is done with pseudo random numbers generated and changing the keys synchronously with predefined time frames, these mechanisms make the keys absolutely strong and main RSA integration with shared RSA gives more statistical complexity here. In the decryption process, The Chinese Remainder Theorem (CRT) is used with shadows along with the strong prime of RSA criterion extended into domain of Gaussian Integer for very high efficiency. The Shared RSA adds more complexity in decryption. Public Key Cryptography Standards (PKCS) version 5 is used to tackle the Chosen cipher text attack when messaging is going on. The Efficient RSA with Rabin-Miller strong Primality test integration and pohligHellmanEncipher with salt and padding integration makes it strong and reliable.

Chunguang Ma,Ding Wang,Sendong Zhao

DOI: https://doi.org/10.1002/dac.2468

2014-01-01

International Journal of Communication Systems

Abstract:Understanding security failures of cryptographic protocols is the key to both patching existing protocols and designing future schemes. In this paper, we analyze two recent proposals in the area of password-based remote user authentication using smart cards. First, we point out that the scheme of Chen et al. cannot achieve all the claimed security goals and report its following flaws: (i) it is vulnerable to offline password guessing attack under their nontamper resistance assumption of the smart cards; and (ii) it fails to provide forward secrecy. Then, we analyze an efficient dynamic ID-based scheme without public-key operations introduced byWen and Li in 2012. This proposal attempts to overcome many of the well-known security and efficiency shortcomings of previous schemes and supports more functionalities than its counterparts. Nevertheless, Wen-Li's protocol is vulnerable to offline password guessing attack and denial of service attack, and fails to provide forward secrecy and to preserve user anonymity. Furthermore, with the security analysis of these two schemes and our previous protocol design experience, we put forward three general principles that are vital for designing secure smart-card-based password authentication schemes: (i) public-key techniques are indispensable to resist against offline password guessing attack and to preserve user anonymity under the nontamper resistance assumption of the smart card; (ii) there is an unavoidable trade-off when fulfilling the goals of local password update and resistance to smart card loss attack; and (iii) at least two exponentiation (respectively elliptic curve point multiplication) operations conducted on the server side are necessary for achieving forward secrecy. The cryptanalysis results discourage any practical use of the two investigated schemes and are important for security engineers to make their choices correctly, whereas the proposed three principles are valuable to protocol designers for advancing more robust schemes. Copyright (C) 2012 John Wiley & Sons, Ltd.

Bo LIU,Yu-Yang ZHOU,Fei HU,Fa-Gen LI

DOI: https://doi.org/10.13868/j.cnki.jcr.000224

2018-01-01

Abstract:With the rapid development of E-commerce, network service providers usually provide users with a wide range of services running on different servers. Thus, multi-server model has been widely used. Meanwhile, more and more people access network services more quickly through the mobile phones or other mobile devices, this is the current mobile client-multi-server model which has been very popular. On one hand, mobile devices bring convenience to our lives. On the other hand, the openness of mobile Internet makes its security issues more serious. It is necessary to design a user authentication and key agreement protocol for the mobile client-multi-server model. However, compared with personal computers, mobile devices have resource-constrained features. So how to design a protocol that combines security and efficiency is not an easy task. In order to solve this problem, this study proposes a user authentication and key agreement protocol under the mobile client-multi-server model. Certificateless public key cryptography can solve the problem of certificate management in traditional public key systems and the inherent key escrow problem in identity-based public key cryptography, it has the advantages of both high efficiency and security. In addition, the mobile devices have the characteristics of resource constraints, so the certificateless public key cryptography is very suitable for designing a security protocol for mobile devices which have limited resources. In this paper, it is proved that the proposed protocol can provide mutual authentication and secure key agreement services in the random oracle model. Compared with other protocols of the same type,the proposed protocol in this paper has a better computational efficiency.

Tianjie Cao,Dongdai Lim

DOI: https://doi.org/10.1109/lcomm.2006.1665131

IF: 3.5529

2006-01-01

IEEE Communications Letters

Abstract:In 2002, Zhu et al. proposed a password-based authenticated key exchange protocol based on RSA. Many researchers pointed out that Zhu et al.'s protocol is vulnerable to off-line dictionary attack. In 2003, Yeh et al. proposed an improved protocol. Recently, Lo and Yang-Wang pointed out that Yeh et al.'s improved protocol is also vulnerable to offline dictionary attack. To avoid this weakness existed in Yeh et al.'s protocol, Lo and Yang-Wang proposed two improved protocols. However, in this letter, we show that the Lo protocol is vulnerable to an active off-line dictionary attack and the Yang-Wang protocol is vulnerable to a passive off-line dictionary attack

Marimuthu Karuppiah,Ashok Kumar Das,Xiong Li,Saru Kumari,Fan Wu,Shehzad Ashraf Chaudhry,R. Niranchana

DOI: https://doi.org/10.1007/s11036-018-1061-8

2018-01-01

Abstract:Authentication schemes are widely used mechanisms to thwart unauthorized access of resources over insecure networks. Several smart card based password authentication schemes have been proposed in the literature. In this paper, we demonstrate the security limitations of a recently proposed password based authentication scheme, and show that their scheme is still vulnerable to forgery and offline password guessing attacks and it is also unable to provide user anonymity, forward secrecy and mutual authentication. With the intention of fixing the weaknesses of that scheme, we present a secure authentication scheme. We show that the proposed scheme is invulnerable to various attacks together with attacks observed in the analyzed scheme through both rigorous formal and informal security analysis. Furthermore, the security analysis using the widely-accepted Real-Or-Random (ROR) model ensures that the proposed scheme provides the session key (SK) security. Finally, we carry out the performance evaluation of the proposed scheme and other related schemes, and the result favors that the proposed scheme provides better trade-off among security and performance as compared to other existing related schemes.

Huai Wu,Chunxiang Xu,Jiang Deng,Jianbing Ni

2013-01-01

Journal of Computational Information Systems

Abstract:The technique of server-aided verification helps to speed up the verification of a digital signature. This is highly desirable for many low computation applications such as RFID, wireless network. Recently, Wu et al. proposed two server-aided verification signature schemes based on Waters signature. Unfortunately, we demonstrate that the two schemes are vulnerable to collusion attacks by giving concrete security analysis. Copyright © 2013 Binary Information Press.

Ding Wang,Chun-guang Ma,De-li Gu,Zhen-shan Cui

DOI: https://doi.org/10.1007/978-3-642-34601-9_35

2012-01-01

Abstract:In NSS'10, Shao and Chin pointed out that Hsiang and Shih's dynamic ID-based remote user authentication scheme for multi-server environment has several security flaws and further proposed an improved version which is claimed to be efficient and secure. In this study, however, we will demonstrate that Shao-Chin's scheme still cannot achieve the claimed security goals, and we report its following flaws: (1) It cannot withstand offline password guessing attack under their non-tamper resistance assumption of the smart card; (2) It fails to provide user anonymity; (3) It is prone to user impersonation attack. More recently, Li et al. found that Sood et al.'s dynamic ID-based authentication protocol for multi-server architecture is still vulnerable to several kinds of attacks and presented a new scheme that attempts to overcome the identified weaknesses. Notwithstanding their ambitions, Li et al.'s scheme is still found vulnerable to various known attacks by researchers. In this study, we perform a further cryptanalysis and uncover its two other vulnerabilities: (1) It cannot achieve user anonymity, which is the essential goal of a dynamic ID-based scheme; (2) It is susceptible to offline password guessing attack. The proposed cryptanalysis discourages any use of the two schemes under investigation in practice and reveals some subtleties and challenges in designing this type of schemes.

Ting-Yu Lin,Hung-Min Sun,Mu-En Wu

2006-01-01

Abstract:Young and Yung devised various backdoors for RSA key generation. However, due to their backdoor constructing method, the two MSBs of the modulus n generated by their systems have di¤erent distribution than that generated by the normal RSA. Thus, someone may observe the abnormal distribution of n to detect the existence of backdoors. Recently, Crepéau and Slakmon further suggested four simple ways to construct RSA backdoor mechanisms. Although their schemes have roughly the same running time as the normal RSA, they are still not StrongSETUPs. Hence, in this paper, we propose three RSA backdoor cryptosystems. The …rst two, RSA-SBLT and RSA-SBES, have the same advantages as Crépeau and Slakmon’s RSA-HP but provide new ways to construct the backdoors. As for our third backdoor cryptosystem, RSA-BDH, we exploit the relationship between p and q to devise a backdoor which can solve the problem occurring in Young and Yong’s methods successfully. Moreover, we prove that RSA-BDH is a real Strong-SETUP based on DH assumption.

Fuyou Miao,Shoubao Yang,Yan Xiong,Bei Hua,Xingfu Wang

IF: 1.019

2005-01-01

Chinese Journal of Electronics

Abstract:In mobile code environment, signing private keys are liable to be exposed; visited hosts are susceptible to be attacked by all kinds of vicious mobile codes, therefore a signer often sends remote nodes mobile codes containing an encrypted signature function to complete a signature. The paper first presents a unidirectional split-key scheme for private key protection based on RSA, which is more simple and secure than secret sharing; and then proposes a split-key based signature protocol with encrypted function, which is traceable, undeniable and malignance resistant. Security analysis shows that the protocol can effectively protect the signing private key and complete secure signatures in mobile code environment.

Li Yang,Zhiming Zheng

DOI: https://doi.org/10.1371/journal.pone.0194093

IF: 3.7

2018-01-01

PLoS ONE

Abstract:According to advancements in the wireless technologies, study of biometrics-based multi-server authenticated key agreement schemes has acquired a lot of momentum. Recently, Wang et al. presented a three-factor authentication protocol with key agreement and claimed that their scheme was resistant to several prominent attacks. Unfortunately, this paper indicates that their protocol is still vulnerable to the user impersonation attack, privileged insider attack and server spoofing attack. Furthermore, their protocol cannot provide the perfect forward secrecy. As a remedy of these aforementioned problems, we propose a biometrics-based authentication and key agreement scheme for multi-server environments. Compared with various related schemes, our protocol achieves the stronger security and provides more functionality properties. Besides, the proposed protocol shows the satisfactory performances in respect of storage requirement, communication overhead and computational cost. Thus, our protocol is suitable for expert systems and other multi-server architectures. Consequently, the proposed protocol is more appropriate in the distributed networks.

Hong-bin Tang,Xin-song Liu,Jian-ying Chen

DOI: https://doi.org/10.1002/dac.2534

2013-01-01

International Journal of Communication Systems

Abstract:SUMMARYThe extensive application of mobile commerce has led researchers to design more secure protocols for mobile devices during the recent years. In 2011, Chen et al. proposed a three‐factor mobile device‐based remote authentication scheme, which tackled the security risk imposed by the loss of both password and mobile device. Scheme of Chen et al., however, is still vulnerable to the privileged insider attack, the replay attack, the impersonation attack, and the denial of service attack. It is not feasible for real‐life implementation. Copyright © 2013 John Wiley & Sons, Ltd.

Jiaqing Mo,Hang Chen,Wei Shen

DOI: https://doi.org/10.1007/978-3-030-16946-6_36

2020-01-01

Abstract:Cryptanalyzing the security weaknesses of authentication protocols is extremely important to propose countermeasures and develop a truly secure protocol. Over last few years, many three factor-based authentication schemes with key agreement have been proposed for multi-server environment. In 2017, Ali and Pal developed a three-factor authentication scheme in multi-server environment using elliptic curve cryptography (ECC) to remedy the security flaws in Li et al.'s scheme and claimed their improved version can withstand the passive and active attacks. In this paper, we prove that Ali-Pal's scheme is subject to offline password guessing attack, replay attack, and known session-specific temporary information (KSSTI) attack. In the same year, Feng et al. examined Kumari et al.'s biometrics-based authentication scheme for multi-server environment and found that their scheme was vulnerable to several attacks. To fix these weaknesses, Feng et al. proposed an enhanced three-factor authentication scheme with key distribution for mobile multi-server environment and claimed that their scheme can satisfy the security and functional requirements. However, we show that Feng et al.'s scheme fails to resist offline password guessing attack, and suffers from replay attack. In addition to point out the security defects, we put forward countermeasures to eliminate the security risks and secure the three factor-based authentication schemes for multi-server environment.