Efficient Symmetric-key Private Authentication

《Efficient Symmetric-key Private Authentication》由会员上传分享，免费在线阅读，更多相关内容在教育资源-天天文库。

1、EfficientSymmetric-keyPrivateAuthenticationPrivateauthentication–theproblemauthenticationprotocolsoftenrevealtheidentityoftheauthenticatingparty(prover)toaneavesdropperwhendevicesmovearoundandauthenticatethemselvesfrequently,thelocationofthemcanbetrackedtypicalexamp

2、lesareRFIDtagsandcontactlesssmartcardbasedsystemsEfficientsymmetric-keyprivateauthentication2Anexample–ISO9798-2theprotocol:(1)BA:rB(2)AB:E(K,rB

3、B*)whereKisasharedkeybetweenAandB,andE(.)denotesencryption“itisassumedthatthepartiesareawareoftheclaimedidentityoftheot

4、hereitherbycontextorbyadditionalcleartextdatafields”(0)AB:AEfficientsymmetric-keyprivateauthentication3AuthenticationinAFCsystemsoff-lineterminalsshouldbeabletoauthenticateanytransportcardkeydiversificationisusedeachcardhasitsownkeycardkeyisgeneratedfromthecardIDan

5、damasterkeyusingaone-wayfunctionterminalsstoreonlyafewmasterkeys,andcomputecardkeyson-the-flywhentheyareneededthisrequirestransmittingtheIDofthecardatthebeginningofthetransactionfmasterkeycardkeycardIDpre-loadedcardkeychallenge-responseauth.(e.g.,ISO9798-2)andencryp

6、tedtransactioncardterminalEfficientsymmetric-keyprivateauthentication4Privateauthentication–theproblem(cont’d)ID1234567@7:32ID1234567@7:45ID1234567@8:03ID1234567@8:21Efficientsymmetric-keyprivateauthentication5Solutionsbasedonpublic-keycryptographyencryptidentityinf

7、ormationoftheauthenticatingpartywiththepublickeyoftheverifiersetupaconfidentialchannelbetweenthepartiesusingthebasicDiffie-HellmanprotocolandsendidentityinformationthroughthatchannelIKEinmainmodeworksinthiswaycommondisadvantage:publickeyoperationsmaynotbeaffordablei

8、ndeviceswithlimitedresources(e.g.,publictransportcards,RFIDtags)Efficientsymmetric-keyprivateauthentication6transactionprotectedbytagkey…One-timeidentifiers–asolutionforhigh-endtagsOTIiIDtagkeytransactionprotectedbytagkey…OTIi+1OTIi+1IDtagkeyOTIi+2tagreaderOTIiO

9、TIi+1[Buttyanetal.,2006]Efficientsymmetric-keyprivateauthentication7AssumptionsandrequirementsforOTIstagsmusthavesomewritablememoryOTIssho