1 / 24

Anonymous and Authenticated Key Exchange for Roaming Networks

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September 2007. Anonymous and Authenticated Key Exchange for Roaming Networks. Agenda. Preliminaries Introduction Security requirements Proposed Scheme : AAKE-R Analysis Conclusion. Eavesdropping. C. A. B.

chelsa
Download Presentation

Anonymous and Authenticated Key Exchange for Roaming Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September 2007 Anonymous and Authenticated Key Exchange for Roaming Networks

  2. Agenda • Preliminaries • Introduction • Security requirements • Proposed Scheme : AAKE-R • Analysis • Conclusion

  3. Eavesdropping C A B Preliminaries(1/9)Basic requirements of network security • Data Confidentiality – keeping information secret from all but who are authorized to it

  4. Impersonation A B C Preliminaries(2/9) Basic requirements of network security • Authentication – corroboration of identity of entity

  5. Preliminaries (3/9) Symmetric key cryptosystem • a.k.aSecret key cryptosystem Symmetric encryption for data confidentiality Message Authentication Code (MAC) for Authentication

  6. Preliminaries (4/9) Asymmetric key cryptosystem • a.k.aPublic key cryptosystem Asymmetric encryption for data confidentiality Digital signature scheme for Authentication

  7. Preliminaries (5/9) Symmetric vs Asymmetric Comparison table

  8. Preliminaries (6/9) Authenticated Key Exchange (AKE) • Key distribution in symmetric setting is a problem • Two different types of key • Long-term key • Set up initial key for each entity • Key Pre-distribution System • Session (short-term) key • After long-term key set up, share secret information among 2 or multi entities • Key Establishment System • Authenticated key exchange is a solution to establish session key

  9. Preliminaries (7/9) Authenticated key exchange (AKE) • In asymmetric setting, two entities authenticate each other and establish session key using digital signature scheme. • Key transport: one party creates and transfers it to the other(s) • Key exchange: a shared secret is derived by two or more parties as a function of information contributed by. No party can determine the resulting value.

  10. Preliminaries (8/9) Diffie-Hellman key exchange To authenticate each other, these values should be signed using digital signature scheme

  11. Preliminaries (9/9) Cryptographic hash function • A cryptographic hash function is a transformation that takes an input and returns a fixed-size string, which is called the hash value • One-wayness – calculating H(x) = y is easy, but given y, to find x is difficult • Collision free – Two different x1, x2 cannot have the same hash value y

  12. Introduction (1/2) Roaming network • A technology lets a user originally subscribed to a network can travel to another network administrated by a different operator and access services provided by this network as a visiting user or a guest • User can enjoy a much broader coverage in terms of services or geographical areas without being limited by that of their own networks

  13. Introduction (2/2) Roaming network Home service area Foreign service area Home server Foreign server Roaming user

  14. Security requirements • Server Authentication – The user is sure about the identity of the foreign server • Subscription validation – The foreign server is sure about the identity of the home server of the user • Key Establishment – The user and the foreign server establish a random session key which is known only to them and is derived from contributions of both of them. In particular, the home server should not obtain the session key • User Anonymity – Besides the user and the home server, no one including the foreign serve can tell the identity of the user • User Untraceability – Besides the user and the home server, no one including the foreign server is able to identify any previous protocol runs which have the same user involved

  15. Proposed AAKE-R(1/5)Notation Notation table

  16. Proposed AAKE-R (2/5) Building blocks • AKE (Authenticated Key Exchange) • AAKE (Anonymous Authenticated Key Exchange) • AKT (Authenticated Key Transport)

  17. Proposed AAKE-R (3/5) Assumption • There is a direct link between roaming user and foreign server and another direct link between home server and foreign server • Roaming user know the public key of foreign server • Each user knows its home server’s public key and each server knows the public keys of all its subscribers • All servers know the public keys of all other servers in roaming network

  18. Proposed AAKE-R (4/5)Proposed scheme

  19. Proposed AAKE-R (5/5) optimized version

  20. Security analysis Key Establishment User Anonymity & User traceability Subscription validation Server Authentication

  21. Comparison with other protocols

  22. Conclusion • A secure and generic AAKE-R construction using AAKE and AKT as building blocks • It satisfies the security requirements of AAKE-R suggested by the authors

  23. Weak points • User privacy violation – The home server can track roaming user • They do not suggest detailed performance evaluation. I think the overhead is big due to several asymmetric computation

  24. Future work • Addressing user tracking problem by home server • Study of additional requirements such as supporting differentiated access • Try to find a way to reduce the number of asymmetric computation modifying AAKE-R or design novel AAKE-R that haslower computation overhead even though it satisfies same requirements

More Related