Chou Chen Yang

Cryptanalysis of security enhancement for the timestamp-based password authentication scheme using smart cards

Recently, Yang and Shieh proposed two password authentication schemes. In 2002, Chan and Cheng pointed out that Yang and Shiehs timestamp-based authentication scheme was vulnerable to the forgery attack. In 2003, Sun and Yeh pointed out that Yang and Shiehs scheme was vulnerable to the forgery attack and explained Chan and Chengs attack was unreasonable. Later, Shen et al. modified Yang and Shiehs scheme to resist Chan and Chengs attack. However, in this paper, we shall point out that Shen et al.s improvement is still vulnerable to the forgery attack.

A secure and efficient authentication protocol for anonymous channel in wireless communications

For enhancing the efficiency and the security in anonymous channel of wireless systems, many protocols were proposed. However, most of them employed asymmetric cryptosystems to protect the identity of the mobile user. As we know, the drawbacks of asymmetric cryptosystem are complex and high computation cost. Therefore, if the wireless system is based on asymmetric cryptosystem, that is not convenience for the mobile device and infrastructure. Not only that, an important problem also exists in the previous protocols. That is when the mobile user copies his anonymous ticket and shares it with friends, the visiting network cannot discriminate the copy of the ticket. That seriously effects the right of the visiting network. In this paper, we shall propose a secure and efficient authentication protocol to withstand the above weakness without employing any asymmetric cryptosystems.

Enhanced digital rights management authentication scheme based on smart card

As a result of the explosive growth in development for computer networks and information technologies in recent years, various activities take place on the Internet, such as the multimedia services. Today, the distribution of large scale digital content (such as audio, video and images) has become easier and more efficient than ever before. However, the intellectual property violation of copyright-protected content has emerged as a major concern. Therefore digital contents are generally encrypted to prevent unauthorised access. A technology of digital rights management (DRM) refers to any of several encryption technologies used to protect digital contents against unauthorised copying, and to control the distribution of the content. Recently, Zhang et al. proposed a DRM authentication scheme based on smart card to realise session key exchange and mutual authentication among all the parties in DRM environment. The proposed scheme is efficient at server side and compact in smart card design. However, the authors will show their proposed scheme cannot resist insider attack and stolen smart card attack, then the authors will propose an improved scheme to preclude above weaknesses.

Authorized file-sharing system on P2P networks

Bit-Torrent is a well-known P2P application used to exchange digital content with high scalability. However, many users do not get authorization but transmit files through Bit-Torrent illegally. In this paper, we propose a DRM system that is suitable for the Bit-Torrent environment to protect copyrights, and also improve Chen et al.s scheme in computational efficiency and security aspects.

Identity-Based DRM in Ubiquitous Multimedia System

We will propose a novel identity-based DRM system to protect multimedia content that will be delivered in ubiquitous computing environment. When users take mobile devices and roam to different wireless network domains, our scheme can help the domain manager to establish a reliable environment with the DRM module that installed on users’ mobile device. By using identity-based encryption as DRM system, we simplify the authentication processing and provide more suitable to ubiquitous computing environment.