Basic Search / Detailed Display

Author: 蔡佳倫
Jia-Lun Tsai
Thesis Title: 基於智慧卡之匿名式身分鑑別機制
Smart Card-based Anonymous Authentication Mechanisms
Advisor: 吳宗成
Tzong-Chen Wu
羅乃維
Nai-Wei Lo
Committee: 雷欽隆
Chin-Laung Lei
楊傳凱
Chuan-Kai Yang
何煒華
Wei-Hua He
Degree: 博士
Doctor
Department: 管理學院 - 資訊管理系
Department of Information Management
Thesis Publication Year: 2013
Graduation Academic Year: 101
Language: 英文
Pages: 97
Keywords (in Chinese): 智慧卡身分鑑別機制分散式伺服器環境匿名性
Keywords (in other languages): Smart card, Authentication mechanism, Distributed server environment, Anonymity
Reference times: Clicks: 456Downloads: 12
Share:
School Collection Retrieve National Library Collection Retrieve Error Report

隨著網際網路的快速發展,人們可以很方便的透過網路互相分享資訊,也因為這樣,有越來越多的公司及政府機關在網際網路上建立線上系統給使用者提供服務,尤其是無線網路與行動設備的出現,讓使用者可以隨意的使用網路,大大提升使用者使用網路的便利性,然而,也因為這樣,許許多多不同的網路攻擊也伴隨著產生,如何能有效地抵抗網路攻擊變成是一個十分重要的研究議題。身分鑑別機制對網路上的系統來說,是一個基本而且重要的安全機制,透過這些身分鑑別機制,網路上的系統可以避免攻擊者的違法存取,因此,對系統而言,如何設計安全且有效率的身分鑑別機制是十分關鍵且重要的。
單一伺服器身分鑑別機制是最常於網際網路上使用的使用者身分確認方法,然而,隨著各種網路環境的不同、無線網路的大量部署與以及行動設備的普及,使用者存取網路資源的方式已經越來越多樣化,僅利用電腦來存取單一伺服器的方式已經不能滿足人們對網路的使用行為與多樣需求,因此,如何提供使用者透過網路存取多台伺服器變得十分重要。
然而,設計身分鑑別機制以符合單伺服器或多伺服器環境,是有其困難度的,尤其是對低運算能量的行動設備而言;因此,一個良好設計的身分鑑別機制在使用者端的運算量不可以太高,此外,匿名也是一個很重要的資安研究議題,尤其是在無線網路的環境中,行動計算使用者可能會被攻擊者所追蹤,因為傳送的訊息是通過電波傳送,因此,在朝向多網合一趨勢的網路環境下,身分鑑別機制都必須要能提供不可追蹤性,以符合安全需求。
在這本博士論文中,我們在第三章先提出了一個單伺服器身分鑑別機制,這個身分鑑別機制的安全性是基於橢圓離散對數問題,與其他的已經發表的機制比較,可以發現本研究所提出的身分鑑別機制不但可以達到不可追蹤性,在使用者端的運算成本也很低,非常適合用於低運算能力的行動裝置,接著,我們在第四章提出了適用於分散式多伺服器系統環境的匿名式身分鑑別機制,這個匿名式身分鑑別機制的優點是使用者在驗證的過程中不需要智慧卡發卡中心的幫忙,便可以存取多台服務提供者的伺服器之資源,利用以身分為基底的批次簽章,本機制可以讓服務提供者的伺服器可以一次驗證多個使用者,並且支持不可追蹤性,與其他身分鑑別機制比較起來,本研究所提出的身分鑑別機制在使用者端及伺服器端的運算成本都相對低廉許多;在本機制中我們也提出批次身分鑑別機制,讓伺服器可以同時鑑別多個使用者登入要求,以降低伺服器的身分鑑別計算量。最後,我們在第五章總結本研究的貢獻並討論未來可能進一步研究的方向。


With the rapid development of Internet, people can easily share information with each other through the network. In consequence, more and more companies and government agencies provide on-line network services to their customers and citizens. It has become more convenient and efficient for users to access Internet due to wide deployment of wireless networks and popularity of handheld mobile devices. However, massive amount of system attacks have come along with Internet and network usage. How to defend against malicious attacks on system environments has become a critical and important research topic. Authentication mechanism is one of the basic and essential defense mechanisms to secure systems in a network or Internet, which may identify service-requesting users and avoid illegal system access from attackers through properly designed authentication schemes. Therefore, how to design sound, secure and efficient authentication mechanisms is a very critical and essential matter for system security.
Single-server authentication mechanism is commonly used by systems deployed on Internet environment or local area network. Along with the variety of network environments, deployment of wireless networks and introduction of mobile devices, usage pattern of users to network resources has become increasingly diverse. It’s obvious that single-server access pattern has not been able to meet the business needs and usage behaviors for people in modern societies. As a result, to provide multi-server authentication schemes for network users has become necessary and crucial.
There exists difficulty to design proper authentication mechanisms for mobile handheld devices with limited computing resources to meet he requirements of security and efficiency under single-server or multi-server environments. A well-designed authentication mechanism should only require minimal computing operations at user side. In addition, user anonymity is also an important security factor to be considered for authentication mechanism. In wireless network environment, communicating messages which transmitted through electromagnetic waves may be eavesdropped and tracked by malicious attackers. Therefore, under integrated heterogeneous network environments a well-designed authentication mechanism should provide initiator anonymity and user untraceability to achieve more robust security requirements.
In this dissertation, we propose a single-server authentication scheme based on elliptic curve cryptosystem (ECC) in Chapter 3. Compared with other existing authentication schemes, the proposed scheme not only achieves initiator anonymity and initiator untraceability but also requires less computing cost for the mobile device at the user side, which is very suitable for users with limited computing-resource mobile devices. In Chapter 4, we propose an anonymous authentication scheme for mobile device users under distributed system environment. Security strength of this proposed scheme is based on elliptic curve cryptosystem (ECC) and bilinear pairings. The advantage of this scheme is that a user can access system server without the help of the smart card producing generator (SCPC) during user authentication process. Compared with other related works, our scheme requires less computation cost at both client and server sides. Batch verification on the server side is also invented and added in our scheme, which allows the server simultaneously verifies a group of user login requests to further reduce the computation cost on the server side. Finally, we conclude our academic contributions and provide some possible directions for future research on authentication mechanisms in Chapter 5.

中文摘要 I ABSTRACT III 誌謝 VI TABLE OF CONTENTS VII LIST OF FIGURES VIII LIST OF TABLES IX Chapter 1 Introduction 1 1.1 Background 1 1.2 Motivation and Objectives 8 1.3 Related Work 8 1.4 Dissertation Organization 12 Chapter 2 Preliminaries 15 2.1 Elliptic Curve Cryptosystem 15 2.2 Bilinear Pairings 17 2.3 Mathematical Assumptions 20 2.4 ECC-based ElGamal Cryptosystem 20 2.5 Identity-based Cryptosystem 21 2.5.1 Identity-based Encryption Scheme of Sakai and Kasahara 22 2.5.2 Identity-based Signature Scheme of Galindo and Garcia 24 Chapter 3 Anonymous Authentication Scheme for Single Server Environment 26 3.1 Proposed Scheme for Single Server Environment 26 3.2 Security Analysis 34 3.3 Comparison on Performance and Security Feature 42 Chapter 4 Anonymous Authentication Scheme for Distributed Server Environment 47 4.1 Proposed Scheme for Distributed Server Environment 47 4.2 Security Analysis 59 4.3 Comparison on Performance and Security Feature 75 Chapter 5 Conclusions and Future Work 79 Bibliogrphy 81 Publications 92

[1] Yang, C. C., Wang, R. C., and Liu, W. T., “Secure authentication scheme for session initiation protocol,” Computers and Security, Vol. 24, No. 5, pp. 381-386 (2005).
[2] Lee, J. S., Chang, Y. F., and Chang, C. C., “A novel authentication protocol for multi-server architecture without smart cards,” International Journal of Innovative Computing, Information and Control, Vol. 4, No. 6, pp. 1357–1364 (2008).
[3] Yeh, K. H., and Lo, N. W., “A novel remote user authentication scheme for multi-server environment without using smart cards,” International Journal of Innovative Computing Information and Control, Vol. 6, No. 8, pp. 3467–3478 (2010).
[4] Tsai, J. L., Lo, N. W., and Wu, T. C., “A New Password-Based Multi-server Authentication Scheme Robust to Password Guessing Attacks,” Wireless Personal Communications, Early Access Articles. DOI: 10.1007/s11277-012- 0918-6
[5] Awasthi, A. K., and Lal, S., “A remote user authentication scheme using smart cards with forward secrecy,” IEEE Transactions on Consumer Electronics, Vol. 49, No. 4, pp. 1246–1248 (2003).
[6] Fan, C. I., Chan, Y. C., and Zhang, Z. K., “Robust remote authentication scheme with smart cards,” Computers and Security, Vol. 24, No. 8, pp. 619-628 (2005).
[7] Juang, W. S., and Nien, W. K., “Efficient password authenticated key agreement using bilinear pairings,” Mathematical and Computer Modeling, Vol. 47, No. 11–12, pp. 1238–1245 (2008).
[8] Chen, T. H., Hsiang, H. C., and Shih, W. K., “Security enhancement on an improvement on two remote user authentication schemes using smart cards,” Future Generation Computer Systems, Vol. 27, No. 4, pp. 377–380 (2011).
[9] Ding, Y., and Horster, P., “Undetectable on-line password guessing attacks,” ACM Operating Systems Review, Vol. 29, No. 4, pp. 77–86 (1995).
[10] Gehringer, E. F., “Choosing passwords: Security and human factors,” IEEE International Symposium on Technology and Society, pp. 369–373 (2002).
[11] Gong, L., Lomas, M. A., Needham, R. M., and Saltzer, J. H., “Protecting poorly chosen secrets from guessing attacks,” IEEE Journal on Selected Areas in Communications, Vol. 11, pp. 648–656 (1993).
[12] Hughes, D., and Shmatikov, V., “Information hiding, anonymity and privacy a modular approach,” J. Comput. Sec., Vol. 12, No. 1, pp. 3–36 (2004).
[13] Chang, C. C., Le, H. D., and Chang, C. H., “Novel Untraceable Authenticated Key Agreement Protocol Suitable for Mobile Communication,” Wireless Personal Communications, Early Access Articles. DOI: 10.1007/s11277-012-0822-0
[14] Lee, W. B., and Chang, C. C., “User identification and key distribution maintaining anonymity for distributed computer network,” Computer Systems Science and Engineering, Vol. 15, No. 4, pp. 113–116 (2000).
[15] Raya, M., and Hubaux, J. P., “Securing vehicular ad hoc networks,” J. Comput. Security—Special Issue Security Ad Hoc Sensor Netw., Vol. 15, No. 1, pp. 39–68 (2007).
[16] Lu, R., Lin, X., Zhu, H., Ho, P. H., and Shen, X., “ECPP: Efficient conditional privacy-preservation protocol for secure vehicular communications,” IEEE Conf. Comput. Commun., pp. 1229–1237 (2008).
[17] Zhang, C., Lu, R., Lin, X., Ho, P. H., and Shen, X., “An efficient identity-based batch verification scheme for vehicular sensor networks,” IEEE INFOCOM 2008, pp. 246–250 (2008).
[18] Tsai, J. L., Wu, T. C., and Tsai, K. Y., “New dynamic ID authentication scheme using smart cards,” International Journal of Communication Systems, Vol. 23, No. 12, pp. 1449-1462 (2010).
[19] Chen, T. H., Chen, Y. C., Shih, W. K., and Wei, H. W., “An efficient anonymous authentication protocol for mobile pay-TV,” Journal of Network and Computer Applications, Vol. 34, No. 4, pp. 1131–1137 (2011).
[20] Li, K., Xiu, A., He, F., and Lee, D. H., “Anonymous authentication with unlinkability for wireless environments,” IEICE Elecron. Express, Vol. 8, No. 8, pp. 536-541 (2011).
[21] Khan, M. K., Kim, S. K., and Alghathbar, K., “Cryptanalysis and security enhancement of a 'more efficient & secure dynamic ID-based remote user authentication scheme',” Computer Communications, Vol. 34, No. 3, pp. 305–309 (2011).
[22] Wang, C. H., and Lin, C. Y., “An efficient delegation-based roaming payment, protocol against denial of service attacks,” 2011 International Conference on Electronics, Communications and Control, pp. 4136–4140 (2011).
[23] Chen, H. M., Lo, J. W., and Yeh, C. K., “An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems,” Journal of Medical Systems, Vol. 36, No. 6, pp. 3907–3915 (2012).
[24] Li, C. T., and Lee, C. C., “A novel user authentication and privacy preserving scheme with smart cards for wireless communications,” Mathematical and Computer Modeling, Vol. 55, No. 1–2, pp. 35-44 (2012).
[25] Lu, J. Z., and Zhou, J., “Preventing delegation-based mobile authentications from man-in-the-middle attacks,” Computer Standards and Interfaces, Vol. 34, No. 3, pp. 314–326 (2012).
[26] Tsai, J. L., Lo, N. W., and Wu, T. C., “Secure Delegation-Based Authentication Protocol for Wireless Roaming Service,” IEEE Communications Letters, Vol. 16, No. 7, pp. 1100-1102 (2012).
[27] Tsai, J. L., Lo, N. W., and Wu, T. C., “Secure Anonymous Authentication Protocol with Unlinkability for Mobile Wireless Environment,” 2012 International Conference on Anti-Counterfeiting, Security and Identification (ASID), pp. 1-5 (2012).
[28] Wu, S., Zhu, Y., and Pu, Q., “Robust smart-cards-based user authentication scheme with user anonymity,” Security and Communication Networks, Vol. 5, No. 2, pp. 236–248 (2012).
[29] Wang, D., Ma, C. G., Zhang, Q. M., and Zhao, S., “Secure Password-based Remote User Authentication Scheme against Smart Card Security Breach,” Journal of Networks, Vol. 8, No. 1, pp. 148-155 (2013).
[30] Gamage, C., Gras, B., Crispo, B., and Tanenbaum, A. S., “An identity-based ring signature scheme with enhanced privacy,” Secure Comm, pp. 1–5 (2006).
[31] Sampigethaya, K., Huang, L., Li, M., Poovendran, R., Matsuura, K., and Sezaki, K., “Caravan: Providing location privacy for vanet,” ESCAR, pp. 1–15 (2005).
[32] Lin, X., Sun, X., Ho, P. H., and Shen, X., “GSIS: A secure and privacy-preserving protocol for vehicular communications,” IEEE Transactions on Vehicular Technology, Vol. 56, No. 6, pp. 3442–3456 (2007).
[33] Lin, X., Lu, R., Zhang, C., Zhu, H., Ho, P. H. and Shen, X., “Security in vehicular ad hoc networks,” IEEE Commun. Mag., Vol. 46, No. 4, pp. 88–95 (2008).
[34] Studer, A., Shi, E., Bai, F., and Perrig, A., “TACKing together efficient authentication, revocation, and privacy in VANETs,” IEEE SECON 2009, pp. 1–9 (2009).
[35] Sun, J., Zhang, C., Zhang, Y., and Fang, Y., “An identity-based security system for user privacy in vehicular ad hoc networks,” IEEE Transactions on Parallel Distribution System, Vol. 21, No. 9, pp. 1227–1239 (2010).
[36] Lamport, L., “Password authentication with insecure communication,” ACM Commun., Vol. 24, No. 11, pp. 770–772 (1981).
[37] Yang, W., and Shieh, S., “Password authentication schemes with smart cards,” Comput. Sec., Vol. 18, No. 8, pp. 727–733 (1999).
[38] Hwang, M. S., and Li, L. H., “A new remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 46, No. 1, pp. 28–30 (2000).
[39] Sun, H. M., “An efficient remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 46, No. 4, pp. 958–961 (2000).
[40] Lee, C. C., Hwang, M. S., and Liao, I. E., “Security enhancement on a new authentication scheme with anonymity for wireless environments,” IEEE Transactions on Industrial Electronics, Vol. 53, No. 5, pp. 1683–1687 (2006).
[41] Wu, C. C., Lee, W. B., and Tsaur, W. J., “A secure authentication scheme with anonymity for wireless communications,” IEEE Commun. Lett., Vol. 12, No. 10, pp. 722–723 (2008).
[42] Yang, J. H., and Chang, C. C., “An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem,” Computer and Security, Vol. 28, No. 3–4, pp. 138–143 (2009).
[43] Tsai, J. L., “Weaknesses and improvement of Hsu-Chuang’s user identification scheme,” Information Technology and Control, Vol. 39, No. 1, pp. 48–50 (2010).
[44] Chang, C. C., and Lee, C. Y., “A secure single sign-on mechanism for distributed computer networks,” IEEE Transactions on Industrial Electronics, Vol. 59, No. 1, pp. 629–637 (2012).
[45] Wang, B., and Ma, M., “A server independent authentication scheme for RFID systems,” IEEE Transaction on Industrial Informatics, Vol. 8, No. 3, pp. 689–696 (2012).
[46] Wang, G., Yu, J., and Xie, Q., “Security analysis of a single sign-on mechanism for distributed computer networks,” IEEE Transaction on Industrial Informatics, Vol. 9, No. 1, pp. 294–302 (2013).
[47] Juang, W. S., Chen, S. T., and Liaw, H. T., “Robust and efficient password- authenticated key agreement using smart cards,” IEEE Transactions on Industrial Electronics, Vol. 5, No. 6, pp. 2551–2556 (2008).
[48] Sun, D. Z., Huai, J. P., Sun, J. Z., Zhang, J. W., and Feng, Z. Y., “Improvements of Juang et al.’s password-authenticated key agreement scheme using smart cards,” IEEE Transactions on Industrial Electronics, Vol. 56, No. 6, pp. 2284–2291 (2009).
[49] Li, X., Qiu, W., Zheng, D., Chen, K., and Li, J., “Anonymity enhancement on robust and efficient password-authenticated key agreement using smart cards,” IEEE Transactions on Industrial Electronics, Vol. 57, No. 2, pp. 793–800 (2010).
[50] Wu, T. S., and Hsu, C. L., “Efficient user identification scheme with key distribution preserving anonymity for distributed computer networks,” Computers and Security, Vol. 23, No. 2, pp. 120–125 (2004).
[51] Yang, Y., Wang, S., Bao, F., Wang, J., and Deng, R. H., “New efficient user identification and key distribution scheme providing enhanced security,” Computers and Security, Vol. 23, No. 8, pp. 697–704 (2004).
[52] Mangipudi, K., and Katti, R., “A secure identification and key agreement protocol with user anonymity (SIKA),” Computers and Security, Vol. 25, No. 6, pp. 420–425 (2006).
[53] Hsu, C. L., and Chuang, Y. H., “A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks,” Information Sciences, Vol. 179, No. 4, pp. 422-429 (2009).
[54] Wang, G., Yu, J., and Xie, Q., “Security Analysis of a Single Sign-On Mechanism for Distributed Computer Networks,” Cryptography ePrint Archive, Report 2012/107. http://eprint.iacr.org/2012/107.pdf
[55] Wang, G., Yu, J., and Xie, Q., “Security Analysis of a Single Sign-On Mechanism for Distributed Computer Networks,” IEEE Transactions on Industrial Informatics, Vol. 9, No. 1, pp. 294-302 (2013).
[56] Yu, J., Wang, G., and Mu, Y., “Provably Secure Single Sign-on Scheme in Distributed Systems and Networks,” 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 271-278 (2012).
[57] Koblitz, N., “Elliptic curve cryptosystems,” Mathematics of Computation, Vol. 48, No. 177, pp. 203–209 (1987).
[58] Miller, V., “Use of elliptic curves in cryptography,” CRYPTO 85, pp. 417–426, 1985.
[59] Vanstone, S., “Responses to NIST’s Proposal,” Communications of the ACM, Vol. 35, pp. 50-52 (1992).
[60] ANSI X9.62 and FIPS 186-2. Elliptic Curve Digital Signature Algorithm (ECDSA), 1998.
[61] Hohenberger, S., “Advances in Signatures, Encryption, and E-Cash from Bilinear Groups,” Ph.D dissertation, Massachusetts Institute of Technology (2006).
[62] NIST, “Recommendation for Key Management - Part 1: General (Revised), Special Publication 800-57,” Technical Report, NIST, USA. (2007). http://csrc.nist.gov/groups/ST/ toolkit/documents/SP800-57Part1_3-8-07.pdf
[63] NIST, “Recommendation for Key Management - Part 1: General (Revised 3), Special Publication 800-57,” Technical Report, NIST, USA. (2012). https://www.salientsecurity.com/ resources/ files/NIST_SP_800-57-Part_1.pdf.
[64] Menezes, A., Okamoto, T., and Vanstone, S., “Reducing Elliptic Curve Logarithms to Logarithms in a finite field,” IEEE Transaction of Information Theory, Vol. 39, pp. 1639-1646 (1993).
[65] Dutta, R., Barua, R., and Sarkar, P., “Pairing-based cryptography: A survey,” Cryptology ePrint Archive, Report 2004/064 (2004). http://eprint.iacr.org/2004/064.
[66] Joux, A., “A one round protocol for tripartite Diffie-Hellman,” Proceedings of Algorithmic Number Theory Symposium, pp. 385–394 (2000).
[67] Boneh, D., and Franklin, M., “Identity-based encryption from the weil pairing,” In Advances in Cryptology – Crypto’2001, pp. 213–229 (2001).
[68] Galbraith, S., Paterson, K., and Smart, N., “Pairings for cryptographers,” Discrete Applied Mathematics, Vol. 156, No. 16, pp. 3113–3121 (2008).
[69] Wu, T. Y., “The Research of ID-based Key Agreement Protocols from Bilinear Pairings,” Ph.D dissertation, National Changhua University of Education, Changhua, Taiwan (2010).
[70] Chen, L., Cheng, Z., and Smart, N. P., “Identity-based key agreement protocols from pairings,” International Journal of Information Security, Vol. 6, No. 4, pp. 213-241 (2007).
[71] Diffie, W., and Hellman, M., “New directions in cryptography,” IEEE Transactions on Information Theory, Vol. 22, No. 6, pp. 644–654 (1976).
[72] ElGamal, T., “A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms,” IEEE Transactions on Information Theory, Vol. 31, No. 4, pp. 469–472 (1985).
[73] Shamir, A., “Identity-based cryptosystems and signature schemes,” Crypto '84, pp. 47-53 (1984).
[74] Cocks, C., “An identity based encryption scheme based on quadratic residues,” In Eighth IMA International Conference on Cryptography and Coding, pp. 360-363 (2001).
[75] Sakai, R., and Kasahara, M., “ID based cryptosystems with pairing on elliptic curve,” IACR Cryptology ePrint Archive, Report 2003/054 (2003). http:// eprint.iacr.org/2003/054.pdf.
[76] Chen, L., and Cheng, Z., “Security Proof of Sakai-Kasahara's Identity-Based Encryption Scheme,” 10th international conference on Cryptography and Coding- IMA'05, pp. 442-459 (2005).
[77] Paterson, K. G., “ID-based signatures from pairings on elliptic curves,” Electronics Letters, Vol. 38, No. 18, pp. 1025–1026 (2002).
[78] Cha, J. C., and Cheon, J. H., “An identity-based signature from gap Diffie-Hellman groups,” PKC’03, pp. 18–30 (2003).
[79] Hess, F., “Efficient identity based signature schemes based on pairings,” SAC’02, pp. 310–324 (2003).
[80] Yi, X., “An identity-based signature scheme from the weil pairing,” IEEE Communications Letters, Vol. 7, No. 2, pp. 76–78 (2003).
[81] Barreto, P. S. L. M., Kim, H. Y., Lynn, B., and Scott, M., “Efficient algorithms for pairing-based cryptosystems,” Crypto 2002, pp. 354–68 (2002).
[82] Shao, J., Cao, Z., and Wang, L., “Efficient ID-based Threshold Signature Schemes without Pairings”, IACR Cryptology ePrint Archive, Report 2006/308 (2006). http://eprint.iacr.org/2006/308.pdf.
[83] Schnorr, C. P., “Efficient signature generation by smart cards,” Journal of Cryptology, Vol. 4, No. 3, pp. 161–174 (1991).
[84] Galindo, D., and Garcia, F. D., “A Schnorr-like lightweight identity-based signature scheme,” 2nd African International Conference on Cryptology–AfricaCrypt 2009, pp. 135–148 (2009).
[85] Bellare, M., Pointcheval, D., and Rogaway, P., “Authenticated key exchange secure against dictionary attacks,” EUROCRYPT 2000, pp. 139–155 (2000).
[86] Abdalla, M., and Pointcheval, D., “Simple password-based encrypted key exchange protocols,” CT-RSA 2005, pp. 191–208 (2005).
[87] Xu, J., Zhu, W. T., and Feng, D. G., “An improved smart card based password authentication scheme with provable security,” Comput. Standards Interfaces, Vol. 31, No. 4, pp. 723–728 (2009).
[88] Tsai, J. L., Lo, N. W., and Wu, T. C., “Novel Anonymous Authentication Scheme Using Smart Cards,” IEEE Transaction on Industrial Informatics, Early Access Articles. DOI: 10.1109/TII.2012.2230639
[89] Huang, J. L., Yeh, L. Y., and Chien, H. Y., “ABAKA: An Anonymous Batch Authenticated and Key Agreement Scheme for Value-added Services in Vehicular Ad Hoc Networks,” IEEE Transactions on Vehicular Technology, Vol. 60, No. 1, pp. 248-262 (2011).
[90] Lin, X., Sun, X., Wang, X., Zhang, C., Ho, P. H., and Shen, X., “TSVC: Timed efficient and secure vehicular communications with privacy preserving,” IEEE Transactions on Wireless Communications, Vol. 7, No. 12, pp. 4987–4998 (2008).
[91] Cormen, T. H., Leiserson, C. E., Rivest, R. L., and Stein, C., Introduction to Algorithms, MIT Press , Cambridge, U.K. (2001).
[92] Jakpbsson, M., and Pointcheval, D., “Mutual Authentication for Low-Power Mobile Devices,” Financial Cryptography – FC’01, pp. 178-195 (2002).
[93] Bresson, E., Chevassut, O., and Pointcheval, D., “Security Proofs for an Efficient Password-Based Key Exchange,” 10th ACM conference on Computer and communications security, pp. 241-250 (2003).
[94] Pointcheval, D., and Stern, J., “Security Arguments for Digital Signatures and Blind Signatures,” Journal of Cryptology, Vol. 13, pp. 361-396 (2000).
[95] Yoon, H. J., Cheon, J. H., and Kim, Y. D., “Batch verifications with ID-based signatures,” Information Security and Cryptology – ICISC 2004, pp. 233–248 (2005).
[96] Shim, K. A., “An id-based aggregate signature scheme with constant pairing computations,” Journal of Systems and Software, Vol. 83, No. 10, pp. 1873–1880 (2010).
[97] Schnorr, C. P., “Efficient identification and signatures for smart cards,” Crypto ’89, pp. 239-252 (1990).

QR CODE