The KIPS Transactions:PartC (정보처리학회논문지C)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

An Unproved Optimal Strong-Password Authentication (I-OSPA) Protocol Secure Against Stolen-Verifier Attack and Impersonation Attack

Stolen-Verifier 공격과 Impersonation 공격에 안전한 개선된 OSPA 프로토콜

  • 곽진 (성균관대학교 대학원 정보통신공학부) ;
  • 오수현 (호서대학교 컴퓨터공학부) ;
  • 양형규 (강남대학교 컴퓨터미디어공학부) ;
  • 원동호 (성균관대학교 정보통신공학부)
  • Published : 2004.08.01
Download PDF
⟨ Previous Next ⟩

Abstract

In the Internet, user authentication is the most important service in secure communications. Although password-based mechanism is the most widely used method of the user authentication in the network, people are used to choose easy-to-remember passwords, and thus suffers from some Innate weaknesses. Therefore, using a memorable password it vulnerable to the dictionary attacks. The techniques used to prevent dictionary attacks bring about a heavy computational workload. In this paper, we describe a recent solution, the Optimal Strong-Password Authentication (OSPA) protocol, and that it is vulnerable to the stolen-verifier attack and an impersonation attack. Then, we propose an Improved Optimal Strong-Password Authentication (I-OSPA) protocol, which is secure against stolen-verifier attack and impersonation attack. Also, since the cryptographic operations are computed by the processor in the smart card, the proposed I-OSPA needs relatively low computational workload and communicational workload for user.

인터넷에서의 사용자 인증은 안전한 통신을 위해 가장 중요한 서비스 중의 하나이다. 비록 패스워드 기반 메커니즘이 네트워크 상에서의 사용자 인증을 위해 가장 많이 쓰이는 방법이기는 하나, 사용자들이 기억하기 쉬운 패스워드(easy-to-remember)를 사용하므로, 사전공격(dictionary attack)에 취약한 것과 같은 근본적인 문제점들을 가지고 있다. 이러한 사전공격을 방지하기 위만 방법들의 경우에는 높은 계산량을 필요로 한다. 본 논문에서는 이러한 문제를 해결하기 위한 최근에 발표된 OSPA 프로토콜에 대하여 설명하고, OSPA 프로토콜이 stolen-verifier 공격과 impersonation 공격에 취약함을 보인다. 그리고 이러한 공격들에 안전한 개선된 OSPA 프로토콜을 제안한다. 제안하는 프로토콜은 스마트 카드에 탑재된 co-processor를 통해 암호학적 연산이 수행되므로 사용자에게 낮은 계산량을 제공한다.

Keywords

References

  1. T. Arakawa, and T. Kamada, 'The Internet home electronics and the information network revolution,' IEICE Technical report, OFS 96-1, 1996
  2. R. Rivest, 'The MD5 message-digest algorithm,' Internet Request For Comments 1321, April, 2002
  3. National Institute of Standards and Technology(NIST), 'Secure hash standard,' FIPS Publication 180-1, April, 2001
  4. W. Stallings, 'Secure hash algorithm,' In Cryptography and Network Security : Principles and Practice Second Edition, pp.193-197, 1999
  5. S. Bellovin and M. Merritt, 'Encrypted key exchange : Password-based protocols secure against dictionary attacks,' IEEE Symposium on Research in Security and Privacy, pp.72-84, 1992 https://doi.org/10.1109/RISP.1992.213269
  6. S. Bellovin and M. Merritt, 'Augmented encrypted key exchange : A password-based protocol secure against dictionary attacks and password-file compromise,' ACM Conference on Computer and Communications Security, pp.244-250, 1993 https://doi.org/10.1145/168588.168618
  7. D. Jablon, 'Strong password-only authenticated key exchange,' ACM Computer Communication Review, Vol.26, No.5, pp.5-26, 1996 https://doi.org/10.1145/242896.242897
  8. T. Wu, 'The secure remote password protocol,' Internet Society Symposium on Network and Distributed System Security, 1998
  9. T. Kwon, 'Ultimate solution to authentication via memorable password,' A proposal for IEEE P1363a : Password Authentication, May, 2000
  10. V. Boyko, P. MacKenzie, and S. Patel, 'Provably secure password authentication key exchange using Diffie-Hellman,' Eurocrypt 2000, LNCS 1807, May, 2000
  11. M. Sandrigama, A. Shimizu, and M. Noda, 'Simple and secure password authentication protocol(SAS),' IEICE Transactions on Communication, Vol.E83-B, No.6, pp.1363-1365, June, 2000
  12. L. Lamport, 'Password authentication with insecure Communication,' Communication ACM, Vol.24, No.11, pp.770-772, 1981 https://doi.org/10.1145/358790.358797
  13. N. Haller, 'The S/KEY(TM) one-time password system,' Proc. of Internet Society symposium on Network and Distributed System Security, pp.151-158, 1994
  14. A. Shimizu, 'A dynamic password authentication method by one-way function,' IEICE Transactions, Vol.J37-D-1, No.7, pp.630-636, July, 1990
  15. A. Shimizu, T. Horioka, and H. Inagaki, 'A password authentication method for contents communication on the Internet,' IEICE Transactions and Communications, Vol.E81-B, No.8, pp.1666-1763, August, 1998
  16. C. L. Lin, H. M. Sun, and T. Hwang, 'Atacks and solutions on strong-password authentication,' IEICE TRansactions on Communication, Vol.E84-B, No.9, pp.2622-2627, September, 2001
  17. C. M. Chen and W. C. Ku, 'Stolen-verifier attack on two new strong-password authenticaion protocols,' IEICE Transactions on Communication, Vol.E85-B, No.11, November, 2002
  18. T. Tsuji and A. Shimizu, 'An impersonation attack on one-time password authentication protocol OSPA,' IEICE Transactions on Communication, Vol.86-B, No.7, July, 2003