원문정보
초록
영어
Authentication with key agreement (AKA) protocols are implemented to provide identity authentication and session keys for communication entities. In order to reduce the heavy trust reliance on key generator center (KGC) in identity based AKA protocols, a certificateless based AKA (CLAKA) protocol for client-server environment without the third-party (i.e., KGC) is introduced in this paper. The proposed protocol is constructed based on elliptic curve cryptosystem (ECC) and multi-factor protections (such as password, biometrics, and smart card). Moreover, security proof based on BAN-logic is carried out and shows that our protocol can provide mutual authentication, user anonymity, dynamic identity and perfect forward security, and resist to user impersonation attack, server spoofing attack and privileged insider attack. Meanwhile, security and efficiency analysis shows that our proposed protocol outperforms the previous related ones.
목차
1. Introduction
2. Technical Backgrounds
2.1. ECC
2.2. Fuzzy Extractor
3. Our Protocol
3.1. System Initializing Phase
3.2. Client Registration Phase
3.3. Login and Mutual Authentication with Key Agreement Phase
3.4. Password/Private Key Updating Phase
4. Security proof based on BAN-logic
5. Security Analysis
5.1. Adversary Model
5.2. User Anonymity and Dynamic Identity
5.3. Resistance to the User Impersonation Attack/Server Spoofing Attack
5.4. Mutual Authentication
5.5. Multi-factor Security
5.6. Resistance to the Smart Privileged Insider Attack
5.7. Perfect Forward Security
5.8. Resistance to Replay Attack
5.9. Comparison
6. Efficiency Analysis
7. Conclusion
References