Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Anonymous Limited-Use-Proof Entity Authentication Protocol

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Currently, challenger have differentiable materials to verify identity including certificates, proofs and lifetime and so on in an entity authentication protocol, which could prone to pry into proprietary information or distinguish different legitimate challengers for a semi-honest verifier. However these attempts of existed anonymous entity authentication protocols fail to enforce anonymity for entity authentication if the verifier is semi-honest. To deal with the question, The paper proposes an anonymous limited-use-proof entity authentication protocol, in which only a shared certificate is corresponding to all legitimate members’ identities, the restriction of using proof of identity is embedded in the shared certificate in secret and the number of using proof of identity is counted by method of updating certificate, consequently a legitimate member’s identity would become illegitimate if the number of using its proof is more than the authorized amount. Finally, the security of our proposed protocol is proved theoretically based on discrete logarithm hard problem in four aspects of correctness, confidentiality, anonymous and finiteness. Therefore, in our proposed protocol, a semi-honest verifier can only judge whether or not a challenger is legitimate, but get nothing on the proprietary information of the identities from the poof of challengers.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Bellare, M., & Rogaway, P. (1994). Entity authentication and key distribution. Lecture Notes in Computer Science, 773, 232–249.

    Article  MathSciNet  MATH  Google Scholar 

  2. Gollmann, D. (1996). What do we mean by entity authentication? In 1996 IEEE symposium on security and privacy, pp. 46–54.

  3. Basu, A., & Muylle, S. (2003). Authentication in e-commerce. Communications of the ACM, 46(12), 159–166.

    Article  Google Scholar 

  4. Atzoria, L., Ierab, A., & Morabito, G. (2010). The Internet of Things: A survey. Computer Networks, 54(15), 2787–2805.

    Article  Google Scholar 

  5. Armbrust, M., Fox, A., & Griffith, R. (2010). A view of cloud computing. Communications of the ACM, 53(4), 50–58.

    Article  Google Scholar 

  6. Alcaide, A., Palomar, E., Castillo, J. M., & Ribagorda, A. (2013). Anonymous authentication for privacy-preserving IoT target-driven applications. Computers & Security, 37(9), 111–123.

    Article  Google Scholar 

  7. Fritsch, L., Groven, A. K., & Schulz, T. (2012). On the Internet of Things, trust is relative. Communications in Computer and Information Science, 277, 267–273.

    Article  Google Scholar 

  8. Henrik, J., Morchon, Z. O., & Wehrle, K. (2013). Privacy in the Internet of Things: threats and challenges. Security and Communication Networks. doi:10.1002/sec.795,6.

    Google Scholar 

  9. Asokan, N. (1994). Anonymity in a mobile computing environment. In 1994 Proceedings on mobile computing systems and applications, Vol. 12, pp. 200–204.

  10. Mary, R. T., Abdelilah, E., & Srilekha, M. (2003). Certificate-based authorization policy in a PKI environment. ACM Transactions on Information and System Security, 6(4), 566–588.

    Article  Google Scholar 

  11. Neuman, C., & Kerberos, T. T. (1994). Kerberos: An authentication service for computer networks. IEEE Communication Magazine, 32(9), 33–38.

    Article  Google Scholar 

  12. Jain, A. K., Hong, L., & Bolle, R. (1997). An identity-authentication system using fingerprints. Proceedings of the IEEE, 85(9), 1365–1388.

    Article  Google Scholar 

  13. Lamport, L. (1981). Password authentication with insecure communication. Communications of the ACM, 24(11), 770–772.

    Article  MathSciNet  Google Scholar 

  14. Liao, I. E., Leea, C. C., & Hwang, M.-S. (2006). A password authentication scheme over insecure networks. Journal of Computer and System Sciences, 72(4), 727–740.

    Article  MathSciNet  MATH  Google Scholar 

  15. Feng, B., Robert, H. D., & Zhu, H. F. (2003). Variations of Diffie-Hellman problem. Lecture Notes in Computer Science, 1836, 301–312.

    Google Scholar 

  16. Cheon, J. H. (2006). Security analysis of the strong Diffie-Hellman problem. Lecture Notes in Computer Science, 4004, 1–11.

    Article  MathSciNet  MATH  Google Scholar 

  17. Rivest, R. L., & Jr, B. K. (2011). RSA problem. In Encyclopedia of cryptography and security, pp. 1065–1069.

  18. Libert, B., & Quisquater, J. J. (2003). A new identity based sign cryption scheme from pairings. In Information theory workshop. 2003. Proceedings, pp. 155–158.

  19. Du, W. & Atallah, M. J. (2001). Privacy-preserving cooperative statistical analysis. In ACSAC 2001 Proceedings 17th annual computer security applications conference, pp. 102–110.

  20. Brickell, J., & Shmatikov, V. (2005). Privacy-preserving graph algorithms in the semi-honest model. Lecture Notes in Computer Science, 3788, 236–252.

    Article  MathSciNet  MATH  Google Scholar 

  21. Melchor, C. A., Cayrel, P., Gaborit, P., & Laguillaumie, F. (2011). A new efficient threshold ring signature scheme based on coding theory. IEEE Transactions on Information Theory, 57(7), 4833–4842.

    Article  MathSciNet  MATH  Google Scholar 

  22. Teranishi, I., Furukawa, J., & Sako, K. (2004). K-times anonymous authentication. Lecture Notes in Computer Science, 3329, 308–322.

    Article  MathSciNet  MATH  Google Scholar 

  23. Nguyen, L., & Naini, R. S. (2005). Dynamic k-times anonymous authentication. Lecture Notes in Computer Science, 3531, 318–333.

    Article  MATH  Google Scholar 

  24. Feige, U., Fiat, A., & Shamir, A. (1988). Zero-knowledge proofs of identity. Journal of Cryptology, 1(2), 77–94.

    Article  MathSciNet  MATH  Google Scholar 

  25. Groth, J., Ostrovsky, R., & Sahai, A. (2012). New techniques for noninteractive zero-knowledge. Journal of the ACM, 59(3), 1–32.

    Article  MathSciNet  MATH  Google Scholar 

  26. Zhou, J., & Zhou, X. (2013). Anonymous shared certificate entity authentication protocol. Wireless Personal Communications, 72(4), 2761–2772.

    Article  MathSciNet  Google Scholar 

  27. Changa, S., Duncan, S. W., Mub, Y., & Zhangc, Z. (2009). Certificateless threshold ring signature. Information Sciences, 179(20), 3685–3696.

    Article  MathSciNet  Google Scholar 

  28. Jonathan, K., & Yehuda, L. (2007). Introduction to modern cryptography. Chapman&Hall/CRC Press.

  29. Boneh, D. (1998). The decision Diffie-Hellman problem. Lecture Notes in Computer Science, 1423, 48–63.

    Article  MathSciNet  MATH  Google Scholar 

  30. Joux, A., & Nguyen, K. (2003). Separating decision Diffie-Hellman from computational Diffie-Hellman in cryptographic groups. Journal of Cryptology, 16(4), 239–247.

    Article  MathSciNet  MATH  Google Scholar 

Download references

Acknowledgements

This work is supported by the National Key project of Scientific and Technical Supporting Programs of China (Grant Nos. 2014BAH26F02, 2013BAH10F01, 2013BAH07F02); the Research Fund for the Doctoral Program of Higher Education (Grant No. 20110005120007); the Beijing Higher Education Young Elite Teacher Project; Engineering Research Center of Information Networks, Ministry of Education; the Anhui Academic Science Foundation (Grant No. KJ2013B001). This work is also supported by the National Science Foundation Project of P.R. China (No. 61402001). Jian Zhou et al. are very grateful to the National Science Foundation of China (NSFC) for the support.

Author information

Authors and Affiliations

  1. School of Management Science and Engineer, Anhui University of Finance and Economics, Anhui, 233041, China

    Jian Zhou & Liyan Sun

  2. School of Computer, Beijing University of Posts and Telecommunications, Beijing, 100083, China

    Jian Zhou, Meina Song & Junde Song

Authors
  1. Jian Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Liyan Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Meina Song
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Junde Song
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jian Zhou.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhou, J., Sun, L., Song, M. et al. Anonymous Limited-Use-Proof Entity Authentication Protocol. Wireless Pers Commun 96, 1065–1082 (2017). https://doi.org/10.1007/s11277-017-4221-4

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-017-4221-4

Keywords

Search

Navigation