KR20170073001A - Server, method and system for authentication and key agreement - Google Patents
Server, method and system for authentication and key agreement Download PDFInfo
- Publication number
- KR20170073001A KR20170073001A KR1020150181126A KR20150181126A KR20170073001A KR 20170073001 A KR20170073001 A KR 20170073001A KR 1020150181126 A KR1020150181126 A KR 1020150181126A KR 20150181126 A KR20150181126 A KR 20150181126A KR 20170073001 A KR20170073001 A KR 20170073001A
- Authority
- KR
- South Korea
- Prior art keywords
- authentication
- terminal
- equation
- server
- remind
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
An authentication and key sharing method is disclosed. The authentication and key sharing method is performed in a server and includes receiving a registration request message from a terminal, registering a user of the terminal, receiving an authentication request message from the terminal, authenticating the user, And transmitting a response value to the terminal.
Description
The present invention relates to an authentication and key sharing server, a method and a system, and more particularly to a system and method for registering a user using a randomized ID and a password, And an authentication and key sharing server, method, and system capable of sharing a session key at the same time.
Recently, researches on user authentication and key sharing in various environments such as cloud system, control system, Internet of Things (IoT), and smart card have been actively conducted. However, in most studies, there is a vulnerability in that the user's ID is revealed in the user authentication process, or the user's ID or password can be guessed through the communication value or the value stored in the server. There is also an unsafe protocol considering forward secrecy. The present invention proposes a protocol that is safe for ID guessing, password guessing attack, omnidirectional security, and the user's ID is not revealed in the authentication process.
The background of the present invention is as follows.
Cryptographic hash function
Hash function
Is a function that converts data of an arbitrary length into data of a fixed length. It has the same output value for the same input value, especially for the cryptographic hash function Satisfy the following three properties.① pre-image resistance: given
about, Satisfy .② 2nd preimage resistance: given
about, Satisfy .③ Collision resistance:
Satisfy Wow .
Elliptic curve cryptography
Elliptic curve cryptography is one of the public key cryptosystems based on the elliptic curve theory, which has the advantage of providing similar level of security while using shorter keys than RSA (Rivest Shamir Adleman) or Elgamal. Based on these advantages, it is mainly used in the environment where the transmission amount and the calculation amount are restricted like the wireless environment. In elliptic curve cryptosystems, we mainly design cryptosystems based on the elliptic curve discrete logarithm problem.
Elliptic Curve Discrete Algebra Problems: Minority
about To The term finite field with a number of elements means that the point on the elliptic curve Order (order) The Lt; / RTI > An elliptic curve defined on the elliptic curve, a point defined on the elliptic curve , And an arbitrary point When given, An integer that satisfies Is an elliptic curve discrete algebra problem, which is perceived as a more difficult problem than factorization problem or discrete algebra problem.
Biohash function (Biohash)
Biohash function
Is a function that takes an input of biometric information such as a fingerprint and outputs an arbitrary length, and has safety similar to a cryptographic hash function. Although biometrics is the same person, biometrics values are slightly different for each input, so you can not use ordinary hash functions or cryptographic hash functions that require exact values. The biohash function is a function for solving the similarity (fuzzyness) of biometric information and has the property of outputting the same value with high probability for similar input.
SUMMARY OF THE INVENTION The present invention has been made in view of the above problems, and it is an object of the present invention to provide a method and apparatus for registering a user using a randomized ID and a password, Server, method, and system.
An authentication and key sharing method according to an embodiment of the present invention is performed in a server, and includes receiving a registration request message from a terminal, registering a user of the terminal, receiving an authentication request message from the terminal, Authenticating the user and generating a session key, and transmitting the response value to the terminal.
Also, an authentication and key sharing server according to an embodiment of the present invention includes a registration unit for receiving a registration request message from a terminal and registering a user of the terminal, and a registration unit for receiving an authentication request message from the terminal, And an authentication unit for generating a key and transmitting a response value to the terminal.
Also, an authentication and key sharing system according to an embodiment of the present invention includes the authentication and key sharing server and the terminal.
According to the authentication and key sharing server, method, and system according to the embodiment of the present invention, it is possible to design a multiple authentication and key sharing protocol that is safe for ID and password guessing attack and satisfies all-directional security, The privacy of the user can be protected by preventing the user's ID from being exposed.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS In order to more fully understand the drawings recited in the detailed description of the present invention, a detailed description of each drawing is provided.
1 illustrates an authentication and key sharing system according to an embodiment of the present invention.
2 is a functional block diagram of the terminal shown in FIG.
3 is a functional block diagram of the server shown in FIG.
4 is a flowchart illustrating an authentication and key sharing method performed in the authentication and key sharing system shown in FIG.
It is to be understood that the specific structural or functional description of embodiments of the present invention disclosed herein is for illustrative purposes only and is not intended to limit the scope of the inventive concept But may be embodied in many different forms and is not limited to the embodiments set forth herein.
The embodiments according to the concept of the present invention can make various changes and can take various forms, so that the embodiments are illustrated in the drawings and described in detail herein. It should be understood, however, that it is not intended to limit the embodiments according to the concepts of the present invention to the particular forms disclosed, but includes all modifications, equivalents, or alternatives falling within the spirit and scope of the invention.
The terms first, second, etc. may be used to describe various elements, but the elements should not be limited by the terms. The terms may be named for the purpose of distinguishing one element from another, for example, without departing from the scope of the right according to the concept of the present invention, the first element may be referred to as a second element, The component may also be referred to as a first component.
It is to be understood that when an element is referred to as being "connected" or "connected" to another element, it may be directly connected or connected to the other element, . On the other hand, when an element is referred to as being "directly connected" or "directly connected" to another element, it should be understood that there are no other elements in between. Other expressions that describe the relationship between components, such as "between" and "between" or "neighboring to" and "directly adjacent to" should be interpreted as well.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. The singular expressions include plural expressions unless the context clearly dictates otherwise. In this specification, the terms "comprises" or "having" and the like are used to specify that there are features, numbers, steps, operations, elements, parts or combinations thereof described herein, But do not preclude the presence or addition of one or more other features, integers, steps, operations, components, parts, or combinations thereof.
Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. Terms such as those defined in commonly used dictionaries are to be interpreted as having a meaning consistent with the meaning of the context in the relevant art and, unless explicitly defined herein, are to be interpreted as ideal or overly formal Do not.
Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings attached hereto. First, the present invention assumes two parties including a user and a server. Transmitting a randomized ID and a password to register the user in the server, registering the user and transmitting the registered value, inputting a user ID, password, biometric information, The server authenticates the user and generates the session key, and the user authenticates the server and authenticates the session key. The first two steps are the steps of registering users to the server and assume a communication using a secure channel.
In addition,
Cryptographic hash function, Let's call it a biohash function. here Is the length of the hash function output value, Means the length of a random token used in the biohash function. And Means an exclusive OR (XOR) for each bit. A point on the elliptic curve used in the elliptic curve cryptosystem, The secret value of the server, and Is the public value of the server.
1 illustrates an authentication and key sharing system according to an embodiment of the present invention.
The authentication and
The terminal 100 transmits a registration request message to the
The
The terminal 100 may be a personal computer, a tablet PC, a notebook, a net-book, an e-reader, a personal digital assistant (PDA) , An MP3 player, or an MP4 player, or may be implemented as a handheld device such as a mobile phone, a smart phone, and the like.
The specific configuration and operation of the
2 is a functional block diagram of the terminal shown in FIG. The terminal 100 shown in FIG. 2 includes a plurality of terminals (not shown)
Th user ( ) ≪ / RTI >Referring to FIGS. 1 and 2, the terminal 100 includes a
The
First, the
Thereafter, the
As described above, the ID (
) And password ( ), The risk of personal information leakage that may occur can be eliminated. The selected arbitrary random numbers ( , ) Is a randomized ID ) And randomized password ( May be generated and then deleted in theAlso, the
The registration value received from the
When the
First, the
In addition, the
Further, the
Further, the
Further, the
here,
May be an arbitrary random number selected by theAlso, the
Further, the
here,
May be the current timestamp.The
The
The
3 is a functional block diagram of the server shown in FIG.
1 to 3, a
The
Specifically, the registering
Also, the
The
The
In the above equation
May be any random number selected by the
Each of the configurations of the terminal 100 and the
Also, in this specification, "part" may mean a functional and structural combination of hardware for carrying out the technical idea of the present invention and software for driving the hardware. For example, the module may mean a logical unit of a predetermined code and a hardware resource for executing the predetermined code, and does not necessarily mean a physically connected code or a kind of hardware.
4 is a flowchart illustrating an authentication and key sharing method performed in the authentication and key sharing system shown in FIG. In the description of the authentication and key sharing method, a detailed description of the contents overlapping with the above-described contents will be omitted.
1 to 4, the
I have a signed ID (
) And randomized password ( TheFrom the
When authentication is required for communication with the
The
The
Through the above-described process, the
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is evident that many alternatives, modifications and variations will be apparent to those skilled in the art. Accordingly, the true scope of the present invention should be determined by the technical idea of the appended claims.
10: Authentication and Key Sharing System
100: terminal
110: registration request unit
130:
150:
300: server
310: Register
330:
Claims (8)
Receiving a registration request message from a terminal;
Registering a user of the terminal;
Receiving an authentication request message from the terminal;
Authenticating the user and generating a session key; And
And transmitting a response value to the terminal.
Authentication and key sharing methods.
The registration request message includes a randomized ID ) And randomized password ( ),
Wherein registering the user comprises:
The randomized ID ( ), The randomized password ( ), The secret value of the server ( ) To calculate the registration value ( , ); And
The registration value ( , ) And an open parameter ( , To the terminal,
Authentication and key sharing methods.
The authentication request message includes a query value , , , ),
remind Is defined by Equation (1)
Equation (1) ego,
remind Is an arbitrary random number selected by the terminal,
remind Is defined by equation (2)
Equation (2) ego,
remind Is defined by Equation (3)
Equation (3) ego,
remind Is a time stamp,
Authentication and key sharing methods.
Wherein authenticating the user and generating a session key comprises:
Using Equation 4, ≪ / RTI >
remind And a controller And authenticating the user; And
Using equation (5), the session key ), ≪ / RTI >
Equation (4) ego,
Equation (5) ego,
remind Is defined by Equation (6)
Equation (6) ego,
remind Is an arbitrary random number selected by the server,
remind Is defined by Equation (7)
Equation (7) sign,
Authentication and key sharing methods.
Wherein the step of transmitting a response value to the terminal comprises: , , ), ≪ / RTI >
remind Is defined by < RTI ID = 0.0 > (8)
Equation (8) ego,
remind Is a time stamp,
Authentication and key sharing methods.
remind Is defined by < RTI ID = 0.0 > (9)
Equation (9) ego,
remind Is defined by < RTI ID = 0.0 > (10)
Equation (10) sign,
Authentication and key exchange methods.
And an authentication unit for receiving an authentication request message from the terminal, authenticating the user, generating a session key, and transmitting a response value to the terminal.
Authentication and key sharing servers.
Comprising:
Authentication and key sharing system.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150181126A KR101782792B1 (en) | 2015-12-17 | 2015-12-17 | Server, method and system for authentication and key agreement |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150181126A KR101782792B1 (en) | 2015-12-17 | 2015-12-17 | Server, method and system for authentication and key agreement |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20170073001A true KR20170073001A (en) | 2017-06-28 |
KR101782792B1 KR101782792B1 (en) | 2017-10-24 |
Family
ID=59280489
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150181126A KR101782792B1 (en) | 2015-12-17 | 2015-12-17 | Server, method and system for authentication and key agreement |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101782792B1 (en) |
-
2015
- 2015-12-17 KR KR1020150181126A patent/KR101782792B1/en active IP Right Grant
Also Published As
Publication number | Publication date |
---|---|
KR101782792B1 (en) | 2017-10-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
He et al. | Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol | |
Jiang et al. | A privacy preserving three-factor authentication protocol for e-health clouds | |
KR102549272B1 (en) | Method and Apparatus for Authenticated Key Exchange Using Password and Identity-based Signature | |
Zhao et al. | A secure and effective anonymous authentication scheme for roaming service in global mobility networks | |
Tan | An efficient biometrics-based authentication scheme for telecare medicine information systems | |
Das et al. | A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care | |
CN103124269B (en) | Based on the Bidirectional identity authentication method of dynamic password and biological characteristic under cloud environment | |
Gong et al. | A secure chaotic maps-based key agreement protocol without using smart cards | |
Wu et al. | A secure authentication scheme for telecare medicine information systems | |
Lee et al. | Three‐factor control protocol based on elliptic curve cryptosystem for universal serial bus mass storage devices | |
Mir et al. | A secure user anonymity and authentication scheme using AVISPA for telecare medical information systems | |
Phan et al. | Analyzing the secure simple pairing in Bluetooth v4. 0 | |
CN109309566B (en) | Authentication method, device, system, equipment and storage medium | |
Qi et al. | An efficient two‐party authentication key exchange protocol for mobile environment | |
CN112912878B (en) | Secure crypto processor | |
Shukla et al. | A novel ECC-based provably secure and privacy-preserving multi-factor authentication protocol for cloud computing | |
CN105162585B (en) | A kind of session cipher negotiating method of secret protection | |
Amintoosi et al. | TAMA: three-factor authentication for multi-server architecture | |
Kumar et al. | A conditional privacy-preserving and desynchronization-resistant authentication protocol for vehicular ad hoc network | |
Chatterjee et al. | An improved authentication and key management scheme in context of IoT-based wireless sensor network using ECC | |
WO2016030132A1 (en) | A method for signing data, corresponding first device and system | |
Meshram et al. | An efficient remote user authentication with key agreement procedure based on convolution-Chebyshev chaotic maps using biometric | |
JP2022533979A (en) | User authentication and signature device using user biometrics, and method thereof | |
CN107223322B (en) | Signature verification method, device and system | |
WO2019075447A1 (en) | System and method for detecting the user using a single one-time password |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E90F | Notification of reason for final refusal | ||
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant |