Seminar Talk 1

Enhanced User Authentication Scheme based
Outline
Introduction
on Bilinear Pairing
Related Work
Motivation
Awasthi’s
Scheme
Security
analysis of
Awasthi’s
scheme
Proposed
eUASBP
Security
Analysis of
eUASBP Presented By Research Supervisor
Results and
Analysis
Sangeetha R. Prof. N. Ramasubramanian
Other
Advantages Department of Computer Science and Engineering
Conclusion National Institute of Technology, Tiruchirappalli
Publications
References
406913002 : Ph.D. Seminar Talk - I First Seminar Talk - Sep. 2019 September 9, 2019 1 / 31
Outline
Outline
1 Introduction
Introduction 2 Related Work
Related Work
Motivation
3 Motivation
Awasthi’s
Scheme
4 Awasthi’s Scheme
Security 5 Security analysis of Awasthi’s scheme
analysis of
Awasthi’s
scheme 6 Proposed eUASBP
Proposed
eUASBP 7 Security Analysis of eUASBP
Security
Analysis of
eUASBP
8 Results and Analysis
Results and
Analysis
9 Other Advantages
Other
Advantages 10 Conclusion
Conclusion
11 Publications
Publications
References
12 References
Introduction
Outline
Introduction
Related Work Cryptography

Motivation
Very essential to protect important data of any kind
Awasthi’s
Scheme
Since online data uses public networks for communication
Security
analysis of
Types of Cryptosystems
Awasthi’s
scheme
Private-Key Cryptography (Symmetric Key Cryptography)
Public-Key Cryptography (Asymmetric key Cryptography)
Proposed
eUASBP Hash based Cryptography (No key)
Security
Analysis of Public-Key Cryptography
eUASBP
Computational cost is high but more secure
Results and
Analysis
Private-Key Cryptography and Hash based Cryptography
Other
Advantages Computational cost is less but less secure
Conclusion
Publications
References
Introduction continued.,
Outline
Introduction
Related Work
Elliptic Curve Cryptography
Motivation provides the same security strength as like RSA but with
Awasthi’s
the minimum key size.
Scheme 1024 bit key of RSA can provide the same security
Security strength like 160 bit key size of ECC.
analysis of
Awasthi’s ECC is highly recommended for embedded and wireless
scheme
devices for its minimal key size and reduced computational
Proposed
eUASBP
cost [1].
Security
ECC is the next generation of public key cryptography, and
Analysis of based on currently understood mathematics
eUASBP
Elliptic Curve equation : y 2 = x3 –ax + b
Results and
Analysis
Trap door Function of ECC
Other Starting from the generator point, finding the new point
Advantages repeatedly till the end point using dot function.
Conclusion Basic operations – point addition and doubling
Publications
References
Outline
Point Addition
Introduction
Related Work
Motivation
Awasthi’s
If 2 points are given (P,Q)
Scheme
Starting at P:
Security
analysis of P dot Q = -R (Draw a line
Awasthi’s
scheme from P to Q and it
Proposed
eUASBP
intersects at -R)
Security Reflect across the X axis
Analysis of
eUASBP from -R to R
Results and
Analysis
Other
Advantages
Public Key: Starting Point , Ending Point
Conclusion
Publications Private Key: Number of hops from Starting point to

References Ending Point
Outline
Introduction
Related Work Doubling

Motivation
Awasthi’s
Scheme
Security
analysis of If only one point is given (P)
Awasthi’s
scheme Starting at P:
Proposed
eUASBP P dot P = -R (Tangent
Security line of P)
Analysis of
eUASBP Reflect across the X axis
Results and
Analysis
from -R to R
Other
Advantages
Conclusion
Publications
References
Outline
Pairing Based Cryptography
Introduction
Related Work eb(P, Q) operator is called as Pairing / Bilinear map

Motivation Bilinear Property:
Awasthi’s eb(P, Q + R) = eb(P, Q) ∗ eb(P, R)
Scheme
eb(P + S, Q) = eb(P, Q) ∗ eb(S, Q)
Security
analysis of Simple Pairing eb(x, y) = 2xy
Awasthi’s
scheme eg., eb(3, 4 + 5) = eb(3, 9) = 2(3∗9) = 227
Proposed
eb(3, 4) ∗ eb(3, 5) = 2(3∗4) ∗ 2(3∗5) = 212 ∗ 215 = 227
eUASBP It’s bilinear
Security
Analysis of
Complex pairings are preferred for strong security.
eUASBP
Something equal to black box.
Results and
Analysis Elliptic curve pairings
Other Is a map G2xG1 → Gt that satisfies bilinear property
Advantages Where G1 is a simple elliptic curve belongs to Fp .
Conclusion G2 is an elliptic curve of form G1 but with supercharged
Publications points belong to Fp12
References Gt is a result of type G2.
Outline
Introduction
Related Work Authentication

Motivation Applications do remote access of the servers.
Awasthi’s To identify the authorized ones and to neglect
Scheme
unauthorized ones.
Security
analysis of Applications use a public computer networks and channels.
Awasthi’s
scheme Smart cards, passwords and biometric measures.
Proposed
Smart card based applications that require password.
eUASBP
Security
Smart Card based applications
Analysis of
eUASBP
identity card of an employee/a student
ATM card for banking
Results and
Analysis citizen card of a nation
Other purchase card of a company
Advantages
wireless sensor network based applications
Conclusion
Publications
References
Related Work
Outline
Introduction Table: Comparison of Computational cost and attacks possibility of

Related Work related schemes
Motivation
Schemes Das et al. Fang et Giri and Awasthi’s Jia et Bayat et
Awasthi’s al.
Scheme [2] al. [3] Srivastava [5] al. [6] [7]
[4]
Security
Login 2Tpm + 1Tpm + 3Tpm + 3Tpm + 4Tpm + 3Th +
analysis of
1Th 1Th + 1TE 1TE 1Th 2Tpm
Awasthi’s Ppub Ppub
1TE
scheme Ppub
Verification 2Tbp + 2Tbp + 2Tbp + 2Tbp + 2Tbp + 5Th +
Proposed 1Tpm 1TEs 1Tpm + 1Tpm + 2Tpm + 2Tbp +
eUASBP 1TEs 1TEs 1Th 4Tpm +
1Tm
Security √
A1 X X X X X
Analysis of √
eUASBP A2 X X X X X
√
A3 X X X X X
Results and √
A4 X X X X X
Analysis √
MA X X X X X
Other SK X X X X X X
√
Advantages EPD X X X X X
Note that, A1: Resist user impersonation attack, A2: Resist off-line password guessing attack, A3: Resist
Conclusion insider attack, A4: Resist smartcard stolen attack, MA: Mutual authentication, SK: Session key agreement,
√
EPD: Early wrong password detection, : Can be mounted or satisfied, X: Cannot be mounted or not
Publications satisfied.
References
Related Work Continued.,
Outline
Introduction
Related Work
Motivation Notations:
Awasthi’s
Scheme Tbp : Bilinear pairing operation
Security
analysis of Te : Exponentiation operation
Awasthi’s
scheme Th : Hash operation
Proposed
eUASBP Tm : Multiplication operation
Security Tpm : Scalar point multiplication operation
Analysis of
eUASBP
TEPpub : Public key encryption operation
Results and
Analysis TEs : Public key decryption operation
Other
Advantages
Conclusion
Publications
References
Motivation and Objectives
Outline
Introduction
Related Work
Motivation
Awasthi’s
Scheme Motivation and Objectives
Security Many authentication schemes for smart card based
analysis of
Awasthi’s authentication have been proposed.
scheme
Password based protection is provided in addition.
Proposed
eUASBP
To identify the pitfalls of Awasthi’s Scheme [5].
Security
To provide better Bilinear pairing based authentication
Analysis of scheme that eliminates all possible attacks.
eUASBP
Results and
Analysis
Other
Advantages
Conclusion
Publications
References
Awasthi’s Scheme
Outline
Introduction
Related Work This scheme is operated in four steps

Motivation
Awasthi’s Initialization: RS selects Gr1 ,Gr2 , sK and calculates Ppub

Scheme
as sK.RP. Even a secure encryption/decryption algorithm
Security
analysis of E(.) based on sK is chosen. RS keeps sK as secret and
Awasthi’s
scheme other parameters as public.
Proposed
eUASBP
User’s Registration: User/Client X submits identity IDx
Security and a chosen password P Wx to the RS through a secure
Analysis of
eUASBP
private channel. RS computes the following,
Results and SPx = P Wx .Ppub , REGIDx = sK.hf1 (IDx ) + SPx and
Analysis
returns the following parameters for the User’s smart card
Other
Advantages to store, < Ppub , REGIDx , IDx , hf1 (.) >.
Conclusion
Publications
References
Awasthi’s Scheme Continued.,
Outline
Introduction User’s Login: Whenever a registered user needs to acquire

Related Work service of the RS, he/she induce the authentication
Motivation process by inserting a smart card into the card reader.
Awasthi’s
Scheme
User/Client X enters the identity IDx and password P Wx .
Security Next, the smart card work outs the following calculations,
analysis of
Awasthi’s Ax = P Wx .Ppub
scheme
Bx = REGIDx − Ax
Proposed
eUASBP
A random cardinal n is chosen and the following are
Security
Analysis of computed,
eUASBP
Cx = EP pub (n)
Results and
Analysis Dx = Tx .Bx + n.Ppub
Other (Tx – Present timestamp of the User / Client X )
Advantages
Conclusion < IDx , Cx , Dx , Tx > are sent to the RS through a

Publications common channel.
References
Awasthi’s Scheme Continued.,
Outline User Verification: On receiving < IDx , Cx , Dx , Tx >, RS
Introduction
computes the following to verify the User/Client X.
Related Work
Format of the IDx is checked, if it is in a valid format
Motivation
then the following are done.
Awasthi’s
Scheme If (Tx∗ − Tx ) ≤ ∆T ,
Security (Tx∗ - Present timestamp of the RS)
analysis of
Awasthi’s (∆T – Allowed transmission delay )
scheme
Then MRS = EsK (Cx )
Proposed
eUASBP NRS = MRS .Ppub are computed.
Security If eb(Dx − NRS , RP ) = eb(hf1 (IDx ), Ppub )T
Analysis of
eUASBP Then the User/Client X is accepted by the RS, else
Results and rejected.
Analysis
Password Change Request: By receiving existing user
Other
Advantages identity, password and a new password, RS ensures the
Conclusion user/client X by using existing identity and password as
Publications mentioned in the steps 3 and 4. And RS makes a new
References
registration by using existing identity and a new password
Security analysis of Awasthi’s scheme
Outline
Introduction
Related Work
Motivation Offline password guessing attack

Awasthi’s
Scheme
Extension of password guessing attack
Security Forgery attack
analysis of Theft attack
Awasthi’s
scheme
Privileged insider attack
Proposed
eUASBP Efficiency Analysis
Security
Analysis of
1 Correct identity and incorrect password
eUASBP 2 Incorrect identity and correct password
Results and 3 Incorrect identity and wrong password
Analysis
4 Another Possibility
Other
Advantages
Conclusion
Publications
References
Proposed eUASBP
Outline
Introduction
Related Work
Motivation
Awasthi’s This scheme is operated in four steps

Scheme
Security
analysis of
Initialization Phase
Awasthi’s
scheme User’s Registration Phase
Proposed
eUASBP
User’s Login Phase
Security User’s Authentication Phase
Analysis of
eUASBP Password Change Phase : Similar to Awasthi’s Scheme
Results and
Analysis
Other
Advantages
Conclusion
Publications
References
Proposed eUASBP Continued.,
Outline
Introduction
Related Work
Motivation
Awasthi’s
Scheme
Security
analysis of
Awasthi’s
scheme
Proposed
eUASBP
Security
Analysis of
eUASBP
Results and
Analysis
Other
Advantages
Conclusion
Publications
References
Outline
Introduction
Related Work
Motivation
Awasthi’s
Scheme
Security
analysis of
Awasthi’s
scheme
Proposed
eUASBP
Security
Analysis of
eUASBP
Results and
Analysis
Other
Advantages
Conclusion
Publications
References
Outline
Introduction
Related Work
Motivation
Awasthi’s
Scheme
Security
analysis of
Awasthi’s
scheme
Proposed
eUASBP
Security
Analysis of
eUASBP
Results and
Analysis
Other
Advantages
Conclusion
Publications
References
Outline
Introduction
Related Work
Motivation
Awasthi’s
Scheme
Security
analysis of
Awasthi’s
scheme
Proposed
eUASBP
Security
Analysis of
eUASBP
Results and
Analysis
Other
Advantages
Conclusion
Publications
References
Security Analysis of eUASBP
Outline
Introduction Formal Security analysis is done through BAN logic. BAN

Related Work logic goals to be satisfied.
sK
Motivation Goal 1: Ux | ≡ Ux ↔ RS
Awasthi’s sK
Scheme Goal 2: Ux | ≡ RS| ≡ Ux ↔ RS
sK
Security
analysis of
Goal 3: RS| ≡ Ux ↔ RS
Awasthi’s sK
scheme Goal 4: RS| ≡ Ux | ≡ Ux ↔ RS
Proposed
eUASBP
Security
Informal Security analysis
Analysis of Off-line Password Guessing Attack
eUASBP
Privileged Insider Attack
Results and
Analysis User Impersonation Attack
Other Theft Attack
Advantages
Server Masquerading Attack
Conclusion Smartcard Stolen Attack
Publications Session key discloser attack
References
Performance comparison of eUASBP with other
Outline
existing Schemes
Introduction
Table: Comparison of Computational cost and attacks possibility of
Related Work
proposed eUASBP with related schemes
Motivation
Awasthi’s
Schemes Das et Fang et Giri and Awasthi’s Jia et Bayat et Proposed
Scheme
al. al.
Security [2] al. [3] Srivastava [5] al. [6] [7] eUASBP
analysis of [4]
Awasthi’s Login 2Tpm + 1Tpm + 3Tpm + 3Tpm + 4Tpm + 3Th + 3Th +
scheme 1Th 1Th + 1TE 1TE 1Th 2Tpm 1Tm +
Ppub Ppub
1TE 2Tpm
Ppub
Proposed
Verification 2Tbp + 2Tbp + 2Tbp + 2Tbp + 2Tbp + 5Th + 7Th +
eUASBP
1Tpm 1TEs 1Tpm + 1Tpm + 2Tpm + 2Tbp + 1Te +
Security 1TEs 1TEs 1Th 4Tpm + 3Tm +
Analysis of 1Tm 1Tbp +
eUASBP 2Tpm
√ √
A1 X X X X X
Results and √ √
A2 X X X X X
Analysis √ √
A3 X X X X X
√ √
A4 X X X X X
Other √ √
Advantages MA X X X X X
√
SK X X X X X X
Conclusion √ √
EPD X X X X X
Note that, A1: Resist user impersonation attack, A2: Resist off-line password guessing attack, A3: Resist
Publications
insider attack, A4: Resist smartcard stolen attack, MA: Mutual authentication, SK: Session key agreement,
√
References EPD: Early wrong password detection, : Can be mounted or satisfied, X: Cannot be mounted or not
satisfied.
Outline
existing Schemes Continued.,
Introduction
Related Work
Motivation
Awasthi’s
Notations:
Scheme
Security Tbp : Bilinear pairing operation

analysis of
Awasthi’s
scheme
Te : Exponentiation operation
Proposed Th : Hash operation
eUASBP
Security
Tm : Multiplication operation
Analysis of
eUASBP Tpm : Scalar point multiplication operation
Results and TEPpub : Public key encryption operation
Analysis
Other TEs : Public key decryption operation

Advantages
Conclusion
Publications
References
Outline
existing Schemes continued.,
Introduction
Related Work
Motivation
Table: Communication and Storage cost of authentication schemes
Awasthi’s
Scheme with eUASBP
Security
analysis of Cost Storage Communication(in bits)
Awasthi’s
scheme Entity (in bits) Smartcard Server
Schemes Login Verification
Proposed
eUASBP
Phase Phase
Das et al. [2] 576 704 -
Security
Analysis of
Fang et al. [3] 832 1344 -
eUASBP Giri and Srivastava [4] 1088 1472 -
Results and
Jia et al. [6] 1088 704 -
Analysis Awasthi [5] 832 1472 -
Bayat et al. [7] 1344 768 1472
Other
Advantages Proposed eUASBP 1152 704 512
Conclusion
Publications
References
Outline
Introduction
Related Work
Motivation
Awasthi’s
Scheme
Security
analysis of
Awasthi’s
scheme
Proposed
eUASBP
Security
Analysis of
eUASBP
Results and
Analysis
Other
Advantages
Conclusion
Publications
References
Outline
Introduction
Related Work
Motivation
Awasthi’s
Scheme
Security
analysis of
Awasthi’s
scheme
Proposed
eUASBP
Security
Analysis of
eUASBP
Results and
Analysis
Other
Advantages
Conclusion
Publications
References
Other advantages of proposed eUASBP
Outline
Introduction
Related Work
Motivation
Awasthi’s
Scheme
Security Mutual Authentication

analysis of
Awasthi’s Efficient password change phase
scheme
Proposed Early wrong password detection

eUASBP
Session key agreement
Security
Analysis of
eUASBP
Results and
Analysis
Other
Advantages
Conclusion
Publications
References
Conclusion
Outline
Introduction
Related Work
Motivation
Awasthi’s
Scheme
Security
analysis of eUASBP performs better than the state of art
Awasthi’s
scheme Has additional benefits
Proposed
eUASBP Future plan is to add biometric based protection
Security
Analysis of
eUASBP
Results and
Analysis
Other
Advantages
Conclusion
Publications
References
Publications
Outline
Introduction
Related Work
Motivation
Awasthi’s
Scheme International Journals
Security Paper titled “eUASBP : enhanced User Authentication Scheme based
analysis of
Awasthi’s
on Bilinear Pairing” in Journal of Ambient Intelligence and Humanized
scheme Computing, Springer. Accepted for Publication.
Paper titled ”ERMAP : ECC based Robust Mutual Authentication Pro-
Proposed
eUASBP tocol for Smart Grid Communication with AVISPA Simulations”, Under
Review in Journal of Ambient Intelligence and Humanized Computing,
Security
Analysis of Springer.
eUASBP
Results and
Analysis
Other
Advantages
Conclusion
Publications
References
References
Outline
Introduction [1] Kerry Maletsky.

Rsa vs ecc comparison for embedded systems.
Related Work White Paper, Atmel, page 5, 2015.
Motivation [2] Manik Lal Das, Ashutosh Saxena, Ved P Gulati, and Deepak B Phatak.
A novel remote user authentication scheme using bilinear pairings.
Awasthi’s Computers & Security, 25(3):184–189, 2006.
Scheme
[3] Guanfei Fang and Genxun huang.
Security Improvement of recently proposed remote user authentication schemes.
analysis of IACR Cryptology ePrint Archive, 2006:200, 2006.
Awasthi’s
scheme [4] Debasis Giri and PD Srivastava.
An improved remote user authentication scheme with smart cards using bilinear pairings.
Proposed IACR Cryptology ePrint Archive, 2006:274, 2006.
eUASBP
[5] Amit K Awasthi.
Security An improved remote user authentication scheme with smart cards using bilinear pairings.
Analysis of International Journal of Applied Mathematics and Computation, 4(4), 2012.
eUASBP
[6] Zhongtian Jia, Yuan Zhang, Hua Shao, Yongzheng Lin, and Jin Wang.
Results and A remote user authentication scheme using bilinear pairings and ecc.
Analysis In Intelligent Systems Design and Applications, 2006. ISDA’06. Sixth International Conference on,
volume 2, pages 1091–1094. IEEE, 2006.
Other
Advantages [7] Majid Bayat, Mohammad Sabzinejad, and Amirvala Movahed.
A novel secure bilinear pairing based remote user authentication scheme with smart card.
Conclusion In Embedded and Ubiquitous Computing (EUC), 2010 IEEE/IFIP 8th International Conference on, pages
578–582. IEEE, 2010.
Publications
References
Outline
Introduction
Related Work
Motivation
Awasthi’s
Scheme
Security
analysis of
Awasthi’s
scheme
Thank You
Proposed
eUASBP
Security
Analysis of
eUASBP
Results and
Analysis
Other
Advantages
Conclusion
Publications
References

Seminar Talk 1

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Seminar Talk 1

Caricato da

Copyright:

Formati disponibili

Enhanced User Authentication Scheme based

Related Work Cryptography

Publications Private Key: Number of hops from Starting point to

Related Work Doubling

Related Work eb(P, Q) operator is called as Pairing / Bilinear map

Related Work Authentication

Introduction Table: Comparison of Computational cost and attacks possibility of

Related Work This scheme is operated in four steps

Awasthi’s Initialization: RS selects Gr1 ,Gr2 , sK and calculates Ppub

Introduction User’s Login: Whenever a registered user needs to acquire

Conclusion < IDx , Cx , Dx , Tx > are sent to the RS through a

Motivation Offline password guessing attack

Awasthi’s This scheme is operated in four steps

Introduction Formal Security analysis is done through BAN logic. BAN

Security Tbp : Bilinear pairing operation

Other TEs : Public key decryption operation

Security Mutual Authentication

Proposed Early wrong password detection

Introduction [1] Kerry Maletsky.

Potrebbero piacerti anche