الصفحات

Alexandria Engineeing Libraries

بحث هذه المدونة الإلكترونية

شرح طريقة تحميل الامتحانات من المدونة

الثلاثاء، 5 أغسطس 2014

Security of Communication Networks : Dynamic Remote User Authentication with Key Establishment

Author        : Mohamed Hamdy El-Defrawy 
Degree        : Ph.D. Electric Communication
Title: Security of Communication Networks : Dynamic Remote User Authentication with Key Establishment 
Abstract
The need for information security can be traced back thousands of years. As time went on, society became more complex and so did information security. Although the technologies have changed, the underlying reasoning behind security was that people need a secure method of exchanging messages. As recently, the general consensus was that all a user had to do to protect their network was install a firewall in front of their Internet connection and load anti-virus software on their network. Today, things are quite different. Hacking tools can be found on the Internet and used by beginner hackers.Authentication is used by a system to determine whether or not a given user is who they claim to be. Authentication is the cornerstone of information security since a weak authentication mechanism will cause the rest of the security to be fragile. Unless a proper user authentication and key establishment are being achieved, an adversary (i.e. hackers) can impersonate a legal user and get unauthorized access. Cryptographic algorithm for encryption and integrity cannot perform their function unless secure keys have been established and the users know which parties share such keys. It is essential that protocols for providing and key establishment are fit for their purpose.
Simultaneously, remote user authentication has received a considerable interest. Password¬based authentication is considered as one of the simplest and the most appropriate authentication techniques because’ it has the benefits of implementation cost and favorability to users. In 1981, Leslie Lamport presented the first password-based remote authentication scheme to determine an authorized user within an insecure communication environment. However, high hash fixed cost and the requisite for process resetting decrease its appropriateness for its feasible use. Furthermore, it is a ulnerable to some certain kinds of security attacks.
Most of the current remote user authentication schemes necessitate time-stamping with precise time synchronization. Because it would be very valuab to conquer the insufficiencies of the accurate time synchronization need. This thesis preser::s an innovative, strong and efficient authentication scheme based on strong-password approach to grant secure remote user authentication which utilizes a nested hashing chain and ernp loys the discrete logarithm problem in the message exchange. The presented solution is based on strong-password approach hence; it uses hashed one-time password in nested chain of two different hash functions chains to reduce the processing cost. It seeks not only mutual authentication, to circumvent time synchronization and to discard password-verification tables, but also to generate a shared session key between the communication partners. We investigate the existing solutions and consider their flaws and drawbacks.

ليست هناك تعليقات:

إرسال تعليق