Yalin Chen

A novel mutual authentication scheme based on quadratic residues for RFID systems

Recently, Chen et al. proposed a novel and efficient mutual authentication scheme based on quadratic residues for RFID systems. The scheme is efficient in that it uses direct indexing to search the back-end database, instead of brute-force search in most existing schemes. In addition, the scheme satisfies all the security requirements needed in an RFID system; i.e., (1) tag ID (TID) anonymity, (2) individual location privacy, (3) forward secrecy, (4) resistance to replay attack, and (5) resistance to denial-of-service (DOS) attack. In this paper, however, we will show that their scheme is vulnerable to tag tracking attacks and reader/server spoofing attacks. We, then, present an improvement to overcome these drawbacks, while preserving all their merits.

A novel electronic cash system with trustee-based anonymity revocation from pairing

Untraceable electronic cash is an attractive payment tool for electronic-commerce because its anonymity property can ensure the privacy of payers. However, this anonymity property is easily abused by criminals. In this paper, several recent untraceable e-cash systems are examined. Most of these provide identity revealing only when the e-cash is double spent. Only two of these systems can disclose the identity whenever there is a need, and only these two systems can prevent crime. We propose a novel e-cash system based on identity-based bilinear pairing to create an anonymity revocation function. We construct an identity-based blind signature scheme, in which a bank can blindly sign on a message containing a trustee-approved token that includes the users identity. On demand, the trustee can disclose the identity for e-cash using only one symmetric operation. Our scheme is the first attempt to incorporate mutual authentication and key agreement into e-cash protocols. This allows the proposed system to attain improvement in communication efficiency when compared to previous works.

ECC-based untraceable authentication for large-scale active-tag RFID systems

Radio frequency identification tag authentication protocols are generally classified as non-full-fledged and full-fledged, according to the resource usage of the tags. The non-full-fledged protocols typically suffer de-synchronization, impersonation and tracking attacks, and usually lack scalability. The full-fledged protocols, supporting cryptographic functions, are designed to overcome these weaknesses. This paper examines several elliptic-curve-cryptography (ECC)-based full-fledged protocols. We found that some still have security and privacy issues, and others generate excessive communication costs between the tag and the back-end server. Motivated by these observations, we construct two novel protocols, PI and PII. PI is designed for secure environments and is suitable for applications, including E-Passport and toll payment in vehicular ad-hoc networks. PII is for hostile environments and can be applied in pseudonymous payment and anti-counterfeiting services. After analysis, we conclude that PII can resist many attacks, outperform previous ECC-based proposals in communication efficiency, and provide mutual authentication function and scalability.

Improved multi-server authentication protocol

In a multi-server environment, a user only needs to register at the registration center once instead of repeatedly registering in each server. After registration, the user can access the resources of any of the servers in the system. Many protocols have been proposed for the same. Recently, Geng–Zhang, Zhu et al., and Yoon–Yoo each proposed a multi-server authentication scheme. They claimed that their schemes are secure and can withstand various attacks. However, after analyses, we found that their schemes are deficient. In this paper, we first demonstrate the deficiencies of these three protocols in turn and then show our improvement on Geng–Zhangs protocol. Our improvement makes use of both the users and the servers secrecy to achieve mutual authentication. This results in a two-pass multi-server authentication scheme. We have analyzed its security with respect to several factors such as mutual authentication, perfect forward and backward secrecy, and prevention of smart-card-lost attack. Moreover, almost all of the parameters required for a user to log on to a server can be pre-computed. This is very important for a low-energy mobile computing device. That is, our improvement is not only one of the most efficient and secure schemes in this area but also suitable for mobile device. Copyright

An efficient session key generation for NTDR networks based on bilinear paring

Near-term digital radio (NTDR) network is a kind of MANET in which mobile nodes are assigned into different clusters. Therefore, it can let the nodes to communicate with each other efficiently in a large area. Despite several NTDR protocols have been proposed, there still lacks an efficient secure one. Accordingly, in this paper, we propose a new method based on ID-based bilinear pairings to overcome the unsolved security problems nowadays. After our analysis, we conclude that our scheme is the first protocol for NTDR network that is not only secure but also very efficient.

A response to a critique of A novel electronic cash system with trustee-based anonymity revocation from pairing, by Chen, Chou, Sun and Cho (2011)

We provide a brief rebuttal of Chang (2012), who suggested that there were flaws in our article, Chen et al. (2011), that deserved further investigation and comment. We believe that these criticisms are unfounded, and offer some additional details related to the intractable discrete elliptic curve discrete logarithm problem to further support the case we wish to make.

An improvement of an efficient user identification scheme based on ID-based cryptosystem

In this paper an efficient user identification scheme based on ID-based cryptosystem is discussed. In this paper, it is indicated that Hwang et al., scheme is vulnerable to the forgery attack. And also improved scheme is quite similar to Hwang et als scheme; the modified scheme is secure against the attack. The time complexity of computing the parameter a requires just one more modular multiplication operation. Thus, the scheme is not only far more secure but also efficient than Hwang et als.