A Study of Security Analysis to Some Authentication Protocols

• Main Authors: Yuo-Ju Yen, 顏佑如
• Other Authors: Ya-Fen Chang
• Format: Others
• Language: en_US
• Published: 2014
• Online Access: http://ndltd.ncl.edu.tw/handle/hv7vra

碩士 === 國立臺中科技大學 === 資訊工程系碩士班 === 102 === Internet technologies change human life. More and more users tend to share or obtain required resources through the Internet. However, the Internet is an open but insecure communication channel. Therefore, how to authenticate the other communication party becomes an important issue. Public-key cryptography provides a solution to ensure who the communication party is. Conventional public-key cryptosystems need to issue each user a certificate to prove that he/she is indeed the owner of the claimed public key and knows the corresponding private key. However, before a user’s public key is used for encryption or verification, the certificate needs to be verified to prove that the public is valid. This places a heavy burden on users. As a result, identity-based public-key cryptosystems are proposed. In 2012, Xue and Hong proposed an anonymous authentication scheme with key agreement based on chaotic maps. After analyzing Xue and Hong’s scheme thoroughly, we find that their scheme cannot ensure user anonymity as claimed. We will show this found security flaw which Xue and Hong’s scheme from in Chapter 2. Next year, Shim et al. improved two identity-based signature schemes to propose an identity-based broadcast authentication scheme to meet security requirements in wireless sensor networks. However, after analyzing their scheme, it is found that their scheme cannot work at all. Their scheme suffers from one fatal flaw such that no message can be verified successfully to be broadcasted. In this study, the found flaw that Shim et al.’s scheme is also fixed to make sure the modified scheme works well.