Académique Documents
Professionnel Documents
Culture Documents
Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 3, Issue 1, January February 2014 ISSN 2278-6856
2. RELATED WORKS
In 1981, the password authentication system across insecure channel was introduced by Lamport [2]. Since then, many systems have been introduced to report the problem and to achieve more roles and reach high efficiency, for example to remedy a high hash operating cost and password rearranging problems in 1990, Yamaguchi et al. [3] introduced as they claimed the simple and efficient authentication scheme. But, Later, Hwang et al. indicated that the scheme is weak to a guessing attack [4]. In 1991, Chang and Wu [5] introduced the remote password authentication protocol with the smart card relied on the Chinese Remainder Theorem. The system is not want to keep in verification table and is insecure against attacks of replaying before intercepted needs. But, a user password of this system cannot be selected and altered easily by a holder. In 1995, Wu [6] presented an efficient system relied on a geometric Euclidean smooth. The properties of this system are its ease of geometry and a characteristic that user can easily select its own passwords. But, a scheme is insecure as shown in [7]. In 1999, Yang and Shieh [8] presented an approach to avoid replay attack. The system do not save passwords in a server, and allow user easily to alter its password. But Tzung et al. [9] indicated that Yang and Shieh approach has certain weakness is that a hacker is able to impersonate the authorized user by create the authentic login request from the intercepted login. In 2002, Sandirigama et al. suggested another scheme [10], which was intended to be better compared with Lamport scheme, but this scheme in terms of computing time and communication overhead are high. Also, in 2002, Chien et al. [11] introduced a smart-cardtyped system relied on one-way hash function. In this system, authors claimed that their system has the characteristics of verification table is not needed in a server, a communication and computing cost is very low, a replay attack problem is entirely solved and user can easily select its password. But, Altinkemer and Wang [12] indicate that the system is not allowed user to alter its password easily. In 2005, Choo and McCullagh introduced the password authentication system using smart cards [13]. In their system, a smart-card-oriented remote login authentication scheme is employed to validate authorized user. A smart card holds the microprocessor that can achieve arithmetic processes rapidly, by which messages are kept. So, there is no need to keep a verification table in a server. In 2010, Li, et al., Page 75
1. INTRODUCTION
The interconnection by network has been increasing in a recent past; therefore, a need for authentication under remote system has become very vital. This is based-on the knowledge of information and resources of network-typed attacks. Therefore, cryptosystem and network security have been developed increasingly. This directing to authentication systems relied on passwords have been introduced. The authentication is a security tool for remote login system. With many authentication techniques, a password system is the best suitable and broadly accepted. In the password system, the password table has some risks when altered since the passwords are kept in the remote sever. However, Kim in 1995 [1] indicated that there are three forms of identity techniques which are as follows. Something knows such as password, something has such as smart card and some personal properties such as fingerprint. Combine these techniques can improve security level of a scheme. A majority of the schemes use the first two techniques to recognize a user. In this paper, we introduce the practical characteristics that should include in any proposed password system. These characteristics are as follows. 1. The system can be used in multi-server settings 2. The system is not require to keep password table 3. The user who registered in many servers is not want to recall several login passwords to everyone. 4. The system can also resist modification and replay attacks. 5. The scheme lets user to select the password easily and modernize it offline. 6. The computing cost of a hash function is less compare with the formerly presented systems. Volume 3, Issue 1 January February 2014
3. NOTATIONS USED
The notations used in this paper are as follows: U : The user R : The registration center S : The server Id U : The public user identity Id S : The public server identity w : The secret password of user U e1 : The master private key kept by C e 2 : The private key known to C k : The session key share by the three participants n1 : The integer generated by the user U smart card
n2 : The integer generated by the server S : The exclusive OR operation h : The secure one-way hash function || : The concatenation
4.3 The Authentication Protocol In this protocol the server S authenticates a user U . The steps of this protocol are as follows: Step 1: The server S 1. Obtain a login request information (i, z , u , n1 ) 2. Generate an arbitrary integer n 2 3. Finds r h( Id S || e 2 ) n2 4. Finds f h (h(e1 e 2 ) || n 2 ) 5. Sends (i, z , u , n1 , Id S , r , f ) to a registration center Step 2: The registration center R 1. Obtain a login request value (i, z , u , n1 , Id S , r , f ) 2. Finds n 2 r h( Id S || e 2 ) 3. Finds x h(h(e1 e 2 ) || n 2
Page 76
5 . SECURITY ANALYSIS
Now, we will study the security and efficiency of the proposed system 5.1 Stolen Attack When a user U smart card is stolen and a hacker got a card then can obtain the message ( z, g , c, h(.)) kept in a smart card. With this information, it is hard for hacker to find information like b, Id U , w to forge the valid login request. Although the formerly valid login request message (i, z , u, n1 ) was intercepted by the hacker cannot start replay attack because b cannot be calculated from ( z, g , c, h(.)) , and (i, z,u, n1) . Thus, the proposed system is protected anti-stolen attack. 5.2 Offline Dictionary Attack The hacker can enroll information and tries to deduce identity IdU or password w from recorded information. We suppose that a hacker is able to guess Id U or w . But, as indicated by Sood et al., [19], it is impossible to deduce two keys in polynomial time. In the proposed system, a hacker may get g h ( IdU || w), c b h ( w Id U ), z h ( h ( Id U || d ) || e1 ), i h (b || n1 ) ( Id U || b ) and u h(idU || b || n1 || Id S ) by stealing a smart card, or eavesdropped valid login request information. Hacker cannot deduce Id U or w from g since is unable to deduce two keys at once. Also, a hacker cannot deduce Id U or w from ( z, c, i) or u without keys (e1 , d ) . Thus, a proposed system is protected anti-offline dictionary attack. 5.3 User Attack The user U with information Id U and w can obtain data ( z, g , c, h(.)) kept in a smart card. In a proposed system, a user cannot obtain information with e1 , e2 , h(e1 || e2 ), h( Id S || e 2 ) or h (e1 e 2 ) to masquerade other user to login a system or impersonate as a server to trick users. Thus, the proposed system can withstand a user attack. 5.4 Server Attack Since each server has a private key h( Id S || e 2 ) and no way to calculate other private key h( Id k || e 2 ) without a value e 2 , the server S cannot impersonate as other server S k to cheat users. Also, even if the previously valid login request (i, z , u , n1 ) is intercepted, a server cannot forge valid login information (i ' , z ' , u ' , n1 ) to login other server S k masquerading U since he cannot find secret b . So, the proposed system is protected anti-server attack.
Page 77
Id U to login request information. A verification and session key agreement of a proposed system is relied on calculation of a private key d , not on an actual identity Id U . According to that we can state that the proposed protocol can provide user anonymity. Actually user anonymity is categorized to transmission anonymity and login anonymity. The major dissimilarity between these two cases is that the first has a characteristic that can be traced to avoid interrupted by register center R , the second has no such property. Most of systems presented are of login anonymity. The proposed system is of transmission anonymity because actual identify Id U can be simply retrieved by register center R from b calculated in a verification process. With some alteration the proposed system can be modified to login anonymity. In ' login protocol, user creates another integer n1 and finds
' i h (b || n1 ) n1' , u h(b || n1 || Id S || n1 ) rather than i h(b || n1 ) ( Id U || b), u h(IdU || b || n1 || Id S ) .Register ' ' center R finds n1 i h(b || n1), u ' h (b || n1 || Id S || n1 ) rather than ( Id U || b ) i h (b || n1 ),
17Th 11Th
24Th 18Th
The systems listed in Table 1 share a common characteristic that is the register center R which plays a role in verification process. The involvement in authentication of R avoids servers to impersonate as other servers to fool authorized users. In contrast, the last two systems cannot withstand the server attack without this mechanism, while these two systems save timing cost of hash operations. From Table 1, it is clear that the proposed system is more efficient among the other systems with the technique stated above.
6 . CONCLUSIONS
In this paper, we present the enhanced system to resolve the vulnerabilities without reduce the security characteristics. To prevent stolen attack, a security of the proposed system is relied on secure keys hold by server, user and registration center and one-way hash function. Thus, there is no useful values can be calculated from values kept in smart card. To prevent server attack, we shift a user authentication operation from server to a registration center to ensure every server has different private key h( Id S || e 2 ) . By comparing with some systems proposed, we showed the proposed system is efficient and more secure.
u h ( IdU || b || n1 || Id S ) in an authentication protocol. It is not hard to see a tailored system is login anonymous. Thus, the proposed system is more flexible for uses.
5.6 Efficiency in Password Change Protocol In the proposed system, if user desires to change the password, a user can terminate it without an assist of registration center. Obviously, there is no want to exchange any private messages between registration center and users. Thus, efficiency in password change protocol of the proposed system is enhanced. Also, as no private messages is exchanged, a user is more suitable and secure to change the password offline, rather than creation secure channel between a registration center and user as described in Lee et al., system. 5.7 Cost Analysis We calculate the timing cost and performance of the proposed system by comparing it with some recently proposed systems. To compute a time complexity, we use the notation Th as the time complexity for hash functions. Because exclusion-OR and concatenation processes need few computation, we are ignored their timing cost. In Table 1, we compare the execution of the proposed system with others related systems. Because login and verification protocols are the principle parts of Volume 3, Issue 1 January February 2014
'
Acknowledgements
The author wishes to extend his thanks to the University of Bedfordshire, computer science Department for their helpful suggestions and supports.
References
[1] Kim H., Biometrics, Is It a Viable Proposition for Identity Authentication and Access Control, Computer Security, 14, pp. 205214, 1995. [2] Lamport L., Password Authentication with Insecure Communication, Communications of the ACM, 24, pp. 770-772, 1981. [3] Yamaguchi S., Okayama K.., Miyahara H., Design and Implementation of an Authentication System in Page 78
AUTHOR
Sattar J Aboud is a Visiting Professor on Computer Science Department at University of Bedfordshire in UK.. He received his education from United Kingdom. Dr. Aboud has served his profession in many universities and he awarded the Quality Assurance Certificate of Philadelphia University, Faculty of Information Technology. His research interests include the areas of both symmetric and asymmetric cryptography, area of verification and validation, and performance evaluation.
Page 79