Guilin Wang

Security Analysis of a Single Sign-On Mechanism for Distributed Computer Networks

Single sign-on (SSO) is a new authentication mechanism that enables a legal user with a single credential to be authenticated by multiple service providers in a distributed computer network. Recently, Chang and Lee proposed a new SSO scheme and claimed its security by providing well-organized security arguments. In this paper, however, we demonstrative that their scheme is actually insecure as it fails to meet credential privacy and soundness of authentication. Specifically, we present two impersonation attacks. The first attack allows a malicious service provider, who has successfully communicated with a legal user twice, to recover the users credential and then to impersonate the user to access resources and services offered by other service providers. In another attack, an outsider without any credential may be able to enjoy network services freely by impersonating any legal user or a nonexistent user. We identify the flaws in their security arguments to explain why attacks are possible against their SSO scheme. Our attacks also apply to another SSO scheme proposed by Hsu and Chuang, which inspired the design of the Chang-Lee scheme. Moreover, by employing an efficient verifiable encryption of RSA signatures proposed by Ateniese, we propose an improvement for repairing the Chang-Lee scheme. We promote the formal study of the soundness of authentication as one open problem.

An Efficient Generic Framework for Three-Factor Authentication With Provably Secure Instantiation

Remote authentication has been widely studied and adapted in distributed systems. The security of remote authentication mechanisms mostly relies on one of or the combination of three factors: 1) something users know-password; 2) something users have-smart card; and 3) something users are-biometric characteristics. This paper introduces an efficient generic framework for three-factor authentication. The proposed generic framework enhances the security of existing two-factor authentication schemes by upgrading them to three-factor authentication schemes, without exposing user privacy. In addition, we present a case study by upgrading a secure two-factor authentication scheme to a secure three-factor authentication scheme. Furthermore, implementation analysis, formal proof, and privacy discussion are provided to show that the derived scheme is practical, secure, and privacy preserving.

Improved certificateless signature scheme provably secure in the standard model

Certificateless cryptography shares many features of identity-based cryptography and partially solves the problem of key escrow. Three certificateless signature schemes without random oracles were found in the literature. However, all the schemes suffer from some common drawbacks. First, by obtaining a signature on a message and replacing the public key of a signer, an adversary can forge valid signatures on the same message under the replaced public key. Secondly, all the schemes require a relatively large size of public parameters. The authors propose a new certificateless signature scheme, which exhibits an improvement on the existing schemes. Compared with the previous schemes, the proposed scheme offers stronger security, shorter system parameters and higher computational efficiency.

Provably Secure Dynamic ID-Based Anonymous Two-Factor Authenticated Key Exchange Protocol With Extended Security Model

Authenticated key exchange (AKE) protocol allows a user and a server to authenticate each other and generate a session key for the subsequent communications. With the rapid development of low-power...

Provably Secure Single Sign-on Scheme in Distributed Systems and Networks

Distributed systems and networks have been adopted by telecommunications, remote educations, businesses, armies and governments. A widely applied technique for distributed systems and networks is the single sign-on (SSO) which enables a user to use a unitary secure credential (or token) to access multiple computers and systems where he/she has access permissions. However, most existing SSO schemes have not been formally proved to satisfy credential privacy and soundness of credential based authentication. To overcome this drawback, we formalise the security model of single sign-on scheme with authenticated key exchange. Specially, we point out the difference between soundness and credential privacy, and define them together in one definition. Also, we propose a provably secure single sign-on authentication scheme, which satisfies soundness, preserves credential privacy, meets user anonymity, and supports session key exchange. The proposed scheme is very efficient so that it suits for mobile devices in distributed systems and networks.

Formal definition and construction of nominative signature

Since the introduction of nominative signature in 1996, there are three problems that have still not been solved. First, there is no convincing application proposed; second, there is no formal security model available; and third, there is no proven secure scheme constructed, given that all the previous schemes have already been found flawed. In this paper, we give positive answers to these problems. First, we illustrate that nominative signature is a better tool for building user certification systems which were originally implemented using universal designated-verifier signature. Second, we propose a formal definition and adversarial model for nominative signature. Third, we show that Chaums undeniable signature can be transformed to an efficient nominative signature by simply using a standard signature. The security of our transformation can be proven under the standard number-theoretic assumption.

Optimistic fair exchange of ring signatures

An optimistic fair exchange (OFE) protocol is an effective tool helping two parties exchange their digital items in an equitable way with assistance of a trusted third party, called arbitrator, who is only required if needed. In previous studies, fair exchange is usually carried out between individual parties. When fair exchange is carried out between two members from distinct groups, anonymity of the signer in a group could be necessary for achieving better privacy. In this paper, we consider optimistic fair exchange of ring signatures (OFERS), i.e. two members from two different groups can exchange their ring signatures in a fair way with ambiguous signers. Each user in these groups has its own public-private key pair and is able to sign a message on behalf of its own group anonymously. We first define the security model of OFERS in the multi-user setting under adaptive chosen message, chosen-key and chosen public-key attacks. Then, based on verifiably encrypted ring signatures (VERS) we construct a concrete scheme by combining the technologies of ring signatures, public-key encryption and proof of knowledge. Finally, we show that our OFERS solution is provably secure in our security model, and preserving signer-ambiguity of ring signatures. To the best of our knowledge, this is the first (formal) work on this topic.

Cryptanalysis of an Off-Line Electronic Cash Scheme Based on Proxy Blind Signature

Proxy blind signature is an important cryptographic primitive and plays an essential role in construction of the electronic cash (e-cash). Recently, Tan (2001, An offline electronic cash scheme based on proxy blind signature. Comput. J., 54, 505–512) proposed a new proxy blind signature scheme and applied it to electronic cash. The scheme was claimed as being provably secure under the Discrete Log assumption, DBDH assumption and Chosen–Target CDH assumption in the random oracle model. In this paper, we show that Tans proxy blind signature scheme is insecure by demonstrating several attacks in which a malicious original signer can forge both valid proxy signature keys of arbitrary proxy signers and a proxy blind signature on an arbitrary message with respect to any proxy signer directly. We also discuss some weaknesses in the e-cash scheme proposed by Tan.

Security flaws in several group signatures proposed by popescu

In resent years, Popescu et al. proposed several group signature schemes in [8, 9, 10, 11] that based on the Okamoto-Shiraishi assumption. Their schemes are claimed to be secure. However, we identify several security flaws in their schemes and then show that these schemes are all insecure. By exploiting those flaws, anybody (not necessarily a group member) can forge valid group signatures on arbitrary messages of his/her choice. In other words, these schemes are universally forgeable.

Secure Single Sign-On Schemes Constructed from Nominative Signatures

Single Sign-on (SSO) allows users to only log on once and then access different services via automatic authentication by using the same credential. However, most existing SSO schemes do not satisfy security notions or require a high trust level on a trusted third party (TTP), even though SSO has become popular in new distributed systems and computer networks. Motivated by this fact, we formalise a new security model of single sign-on, which not only satisfies strong security notions but also has a low trust level on TTP. We then propose a generic construction of SSO from nominative signatures, and present concrete initialisation. We also provide formal proofs to show that the proposed SSO scheme is secure according to our new formal model, if the underlying nominative signature is secure. We note that this is the first study that investigates the link between SSO and nominative signatures, which also be of an independent interest.