On Unlinkability of Password-Based Anonymous Authentication

被引:1
|
作者
Shin, SeongHan [1 ]
Kobara, Kazukuni [1 ]
机构
[1] Natl Inst Adv Ind Sci & Technol, ITRI, Tokyo 1350064, Japan
来源
IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES | 2015年 / E98A卷 / 06期
关键词
password; authentication; anonymity; ISO/IEC20009-4; unlinkability; KEY EXCHANGE; SECURE;
D O I
10.1587/transfun.E98.A.1320
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Password-based anonymous authentication schemes provide not only password-based authentication but also user anonymity. In [15], Yang et al., proposed a password-based anonymous authentication scheme (we call it YZWB10 scheme) using the password-protected credentials. This scheme has being standardized in ISO/IEC20009-4 that was approved to proceed to the CD stage in the 49th ISO/IECJTC1/SC27 Mexico meeting. In this paper, we analyze unlinkability of the YZWB10 scheme [15]. In particular, we show that a (malicious) server in the YZWB10 scheme can specify which user actually sent the login request to the server. Unlike Yang et al.,'s claim, the YZWB10 scheme [15] does not provide unlinkability against server.
引用
收藏
页码:1320 / 1324
页数:5
相关论文
共 50 条
  • [31] Practical Anonymous Password Authentication and TLS with Anonymous Client Authentication
    Zhang, Zhenfeng
    Yang, Kang
    Hu, Xuexian
    Wang, Yuchen
    [J]. CCS'16: PROCEEDINGS OF THE 2016 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2016, : 1179 - 1191
  • [32] Security analysis and improvement of the efficient password-based authentication protocol
    Kwon, T
    Park, YH
    Lee, HJ
    [J]. IEEE COMMUNICATIONS LETTERS, 2005, 9 (01) : 93 - 95
  • [33] POSTER: A Password-based Authentication by Splitting Roles of User Interface
    Lee, JungSeung
    Park, Han
    Bang, GyeongYong
    Song, JooSeok
    [J]. CCS'15: PROCEEDINGS OF THE 22ND ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2015, : 1641 - 1643
  • [34] AN ENHANCED PASSWORD-BASED USER AUTHENTICATION SCHEME FOR GRID COMPUTING
    Wu, Zhen-Yu
    Chung, Yufang
    Lai, Feipei
    Chen, Tzer-Shyong
    Lee, Hung-Chang
    [J]. INTERNATIONAL JOURNAL OF INNOVATIVE COMPUTING INFORMATION AND CONTROL, 2011, 7 (7A): : 3751 - 3760
  • [35] A password-based authentication and key establishment scheme for mobile environment
    Liu, Jun
    Liao, Jianxin
    Zhu, Xiaomin
    [J]. 21ST INTERNATIONAL CONFERENCE ON ADVANCED NETWORKING AND APPLICATIONS WORKSHOPS/SYMPOSIA, VOL 2, PROCEEDINGS, 2007, : 99 - +
  • [36] A lightweight password-based authentication protocol using smart card
    Wang, Chenyu
    Wang, Ding
    Xu, Guoai
    Guo, Yanhui
    [J]. INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS, 2017, 30 (16)
  • [37] SSO password-based multi-server authentication protocol
    Sood, Sandeep K.
    Sarje, Anil K.
    Singh, Kuldip
    [J]. INTERNATIONAL JOURNAL OF COMMUNICATION NETWORKS AND DISTRIBUTED SYSTEMS, 2012, 9 (1-2) : 161 - 180
  • [38] Simple Anonymous Password-Based Authenticated Key Exchange (SAPAKE), Reconsidered
    Shin, SeongHan
    Kobara, Kazukuni
    [J]. IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, 2017, E100A (02) : 639 - 652
  • [39] A Threshold Multi-Server Protocol for Password-Based Authentication
    Guan, Mengxiang
    Song, Jiaxing
    Liu, Weidong
    [J]. 2016 IEEE 3RD INTERNATIONAL CONFERENCE ON CYBER SECURITY AND CLOUD COMPUTING (CSCLOUD), 2016, : 108 - 118
  • [40] Efficient Password-based Two Factors Authentication in Cloud Computing
    Yassin, Ali A.
    Jin, Hai
    Ibrahim, Ayad
    Qiang, Weizhong
    Zou, Deqing
    [J]. INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2012, 6 (02): : 143 - 148
12345