Abstract
Recently, Hsu and Chuang proposed a novel user identification scheme with key distribution for distributed computer networks. The Hsu-Chuang scheme permits a user to anonymously log into a system and establish a secret key shared with the system. In this paper, we show that the Hsu-Chuang scheme is not secure against known session key attacks. To show the insecurity, we describe an adversary who can recover the private key of a user by performing know session key attacks. We also provide a countermeasure which can be used for enhancing the security the Hsu-Chuang scheme.
This work was supported by the Basic Science Research Program through the National Research Foundation of Korea funded by the Ministry of Education, Science and Technology (No. 2011-0014876).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Guillou LC, Quisquater J-J (1988) A paradoxical indentity-based signature scheme resulting from zero-knowledge. In: Proceedings of Crypto’88, LNCS 403. Springer, Berlin, pp 216–231
Hsu C-L, Chuang Y-H (2009) A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks. Inf Sci 179:422–429
Lee WB, Chang CC (1999) User identification and key distribution maintaining anonymity for distributed computer network. Comput Syst Sci Eng 15(4):113–116
Mangipudi K, Katti R (2006) A secure identification and key agreement protocol with user anonymity (SIKA). Comput Secur 25(6):420–425
Nymann JE (1972) On the probability that positive integers are relatively prime. J Number Theory 4:469–473
Wu TS, Hsu CL (2004) Efficient user identification scheme with key distribution preserving anonymity for distributed computer networks. Comput Secur 23(2):120–125
Yang Y, Wang S, Bao F, Wang J, Deng RH (2004) New efficient user identification and key distribution scheme providing enhanced security. Comput Secur 23(8):697–704
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media B.V.
About this paper
Cite this paper
Youn, TY., Kim, J. (2011). Weakness in a User Identification Scheme with Key Distribution Preserving User Anonymity. In: Park, J., Arabnia, H., Chang, HB., Shon, T. (eds) IT Convergence and Services. Lecture Notes in Electrical Engineering, vol 107. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-2598-0_68
Download citation
DOI: https://doi.org/10.1007/978-94-007-2598-0_68
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-2597-3
Online ISBN: 978-94-007-2598-0
eBook Packages: EngineeringEngineering (R0)