• No results found

ROBUST SECURITY SYSTEM BASED ON DYNAMIC SIGNATURE AUTHENTICATED PEER GROUP KEY EXCHANGE

N/A
N/A
Info
Download
Protected

Academic year: 2020

Share "ROBUST SECURITY SYSTEM BASED ON DYNAMIC SIGNATURE AUTHENTICATED PEER GROUP KEY EXCHANGE"

Copied!
7
0
0

Loading.... (view fulltext now)

Download now ( 7 Page )

Full text

(1)

ROBUST SECURITY SYSTEM BASED

ON DYNAMIC SIGNATURE

AUTHENTICATED PEER GROUP KEY

EXCHANGE

P.SUDHAKAR Research Scholar,

PONNAIYAH RAMAJAYAM INSTITUTE OF SCIENCE & TECHNOLOGY (PRIST) Deemed University, Thanjavur, Tamilnadu India

[email protected]

Dr. R.S.D. WAHIDA BANU, M.E.,Ph.D.

Professor and Head of Department, Government College of engineering, Salem, Tamilnadu [email protected]

Abstract:

To reduce computation overhead, the protocol makes use of a simplified authentication mechanism such that only two neighbors of a participant check if a message is originated from the participant. We propose a dynamic signature authenticated peer group key exchange (D-SAP-GKE) protocol in the ID-based setting. Different from previous ID-based protocols, our protocol does not utilize any paring based key, which makes it more efficient. At last, we analyze the security of the protocol in the robust security system model. In this paper, we show that the dynamic Signature authenticated peer group key exchange protocol has some security breaches caused by the restrictive authentication. We propose an efficient and authenticated key agreement scheme which can apply in the dynamic Signature Authenticated Peer Group Key Exchange. In our scheme, the members in the group are divided into clusters, so that the members whose physical location is nearby can be in a cluster. Members in a cluster arranged in a circle perform the BD protocol to establish the cluster key. In addition, we present a simple method to fix the security system breaches and prove its security under the standard assumptions.

Keywords: Authentication mechanism, dynamic Signature, Authenticated Key Exchange restrictive authentication.

1. Introduction

(2)

The authenticating server has the same time changing numerical sequence as the specific smart-cards assigned to that ID and if the ID, password and card generated number are all correct, authentication is granted. Frequently smart-card is combined with passwords for an account to increase security [5][1]. This is an example of two-factor authentication and is more secure because it requires more items for authentication. In this project we have to include the additional form of authentication involves the concept of biometrics. Biometrics can take the form of several measurements, from fingerprints to retinal scans to pupil images.

The additional features of biometrics are that always available with user without any extra means and effort and unforgotten. Disadvantages are many, including not being able to change them if needed and complexity of solution. Many modern systems have adopted a simple ID/password method of achieving the goals associated with the identification and authentication function, and numerous technical methods exist to achieve this [7] [2]. The wide Varity of implementation schemes are a result of individual design decisions appropriate to specific circumstances at the time to design of a specific system or class of a system. Important research on human cognitive ability has generated a lot of practical knowledge on the issue of what an individual can remember.

The effect of human cognitive ability in the authentication process is a central element, through often overlooked by developers. Remembrance of passwords is one of the cornerstones of the current password based authentication system. From system perspective a password should be easily remembered, yet hard for an intruder to guess [1] [3]. Although other system level solutions exist much of the effort to secure password based system is focus on preventing unauthorized access through better password selection. Many known weaknesses exist in password-based system and various fixes have been applied over time. In the proposed system, neural network is implemented to provide authentication.

2. Related Work

According to the learning ability, artificial neural network has been used in artificial intelligence; neural network can be used to model nonlinear statistical data, which can model complex relationship between inputs and outputs. Sometimes, it can generate chaos phenomenon. According to this property, it has complex dynamic action, which can be used to protect data content. For example, the random sequence produced by neural network can be used to encrypt data, and the neural networks that generate chaos phenomenon can be used in secret communication.

According to complex relation between the nodes of neural network, neural network can produce the sequences with random properties [6] [4]. For the neural network that has chaotic dynamics, its output is often sensitive to the inputs or such control parameter as weight; it is caused by parameter sensitivity of chaos system. In proposed system we have to add the features of neural network for example, although there is a slight difference in the initial value, the output changes greatly.

This property makes the initial value suitable for the key that controls the data encryption or decryption. Application of neural network for intrusion detection has been shown in. Intrusion detection is an important technology in network security, which can detect illegal intruders or illegal intrusions. Using neural network’s supervised learning, the intrusive operation can be distinguished from normal operation.

The one-way property makes neural network a suitable choice for hash function. Hash function is a technique for data integrity authentication [8][9][3]. Till now some hash functions based on neural network have been presented, which were reported to have some advantages compared with existing schemes, such as high time efficiency or flexible extension.

In summary, the security requirements of the group key agreement protocol, in addition to the basic security requirements, are listed as follows:

2.1.Anonymity:

(3)

Unlinkability:

A group member’s activities in two different group key agreement sessions are unlikable to the outside adversary.

Group Forward Secrecy:

A previous group member should have no access to group communication content any more.

Group Backward Secrecy:

A group member should have no access to group communication content that happens before he joins the group.

Perfect Forward Secrecy:

Previous group session keys should be still secured even if the long-term secrets are compromised by the adversary. Note this requirement is essentially different from group forward secrecy.

3. Our proposed Dynamic Signature Authenticated Peer Group Key Exchange

In Proposed System, we present a dynamic signature based authenticated peer group key exchange (D-SAP-GKE) protocol. Our protocol is inspired by dynamic Signature Authenticated Key Exchange, where a scalable peer-based group key exchange is proposed. Let we consider U1. . . Un is a lexicographically ordered group of users who want to establish a session key. These users are initially organized as an ordered binary tree, which has the property that user Ui is at level |log2 (i + 1) O(logN)| encrypted messages.

The key management algorithm we use for the basic structure is the complete key graph algorithm from [3]. In this algorithm, for every nonempty subset of users, the group controller provides a unique shared key which is known only to the users in the subset. The group controller gives these keys to the users at the time of joining the group. Of the keys that a user, say ui, receives: 1) one key is associated with the set {u1; u2 . . . ; uK}, and hence, is known to all the users and 2) one key is associated with the set {ui}. The former key, say kR, is the group key, whereas the latter key is the personal key.

We comply with the rule that the re-organization should maintain the depth of the original tree for a time as long as possible and the set of members who should update the random values as small as possible.

(4)

When comparing join/leave/merge sub protocols, we only consider the cases of single-member joining/leaving and two-subgroup merging for simplicity. It is noticeable that when considering join/merge sub protocols, we assume that an underlying round communication for notifying the joining member of the current group wise topology (e.g. ring structure/ tree structure) or exchanging each other’s current group wise topology has been completed in the preparing step (before launching join/merge sub protocol). The communication overhead is measured by the number of the messages. That is to say the overall communication overhead of the scheme is the summation of messages exchanged in cluster and messages exchanged among clusters.

4. Dynamic Signature Authenticated Peer Group Key Exchange

Discriminate analysis (LDA) and probabilistic neural network (PNN) model protocol is efficient with only constant communication rounds to exchange the information, but it is short for tackling with the dynamic events. When a member joins /leaves the group, in order to guarantee the backward/ forward secrecy of the peer group key, the other members must choose the random value again, in other words, discriminate analysis (LDA) and probabilistic neural network (PNN) model protocol based on the total number of messages, the total message size, computation cost per user. In our proposal the group is split into several clusters, and when new members join in or old members leave, the group events will happen in some clusters instead of entire group. In this way, only these members in the changed cluster change the random values.

The objective of Linear Discriminant Analysis (LDA) also called Fisher Discriminant Analysis is to find an efficient way for maximum discrimination between classes in addition to dimensionality reduction. Session is created when at least two conferees accept a secured key to establish a communication path.

Session can be established among multiple conferees (who can be distributed locations) engaged in communication. Session is a virtual communication path established among one or more conferees with a secured key as an entry point. LDA searches for Fisher discriminant vectors which dynamic peer group signatures of the same user and separates signatures of different users. Signatures are projected from N-dimensional space (N is the number of feature vector) to C-1 N-dimensional space (C corresponds to the number of users).

5. Performance Evaluation

(5)

Dynamic key exchange consists of a key exchange protocol together with two additional algorithms, Insert and Delete. The procedure Insert enables a user to join a group. A user can leave a group by invoking the procedure Delete. In this section, we describe protocols for insertion and deletion for the above static tree-based authenticated protocol. Our protocol design makes an optimal use of the data pre-computed in the procedure Key exchange. When a user joins or leaves a group, the structure of the key tree is disturbed and requires to be updated for any subsequent join or leave operation. Maintaining the tree structure of the key agreement protocol is a crucial part of our scheme. We refer this as the preservation of the structure of the procedure Key exchange.

This section provides a detailed overview of notable features of reliable group communication and dynamic signature based authenticated peer group key exchange (D-SAP-GKE) protocol. This work adopts the following assumptions and notations.

Table-1

G = Peer Group { G1, G2, .. Gi,… Gn}, Gi è ith group where i Î [1,..n] M = Conference members in group,

Mi ( ith member in a group where i Î [1,… n] M* = All group members

K = Group key generated Ki è ith group key where i Î [1,..n ]

Kn = Group key shared among all ‘n’ members

a = exponentiation base; generator in algebraic group G delimited by ‘q’ q = prime number, order of algebraic group.

W = secret exponent of key agreed by Mi and generated by Conference Manager H = sub-set of Wi { W1, … Wn}

S = Conferee Session to hold secret key Si { S1,…Sn}

(6)

Session can be established among multiple conferees (who can be distributed locations) engaged in communication. Session is a virtual communication path established among one or more conferees with a secured key as an entry point.

The peer group communication semantics is defined as follows:

A group Gi is an entity, which depicts various conferees engaged in communication using a single communication session / channel. A peer group may consist of minimum two conferees at least.

6. Dynamic Signature

Any Dynamic peer group may leave the group or join the group or rejoin the group at any time of communication process for a session. Dynamic signature based authenticated peer group key exchange (D-SAP-GKE) protocol – It is defined as a comprehensive group key solution which should handle the adjustments to peer group key secrets. Subsequent to all membership change operations in the underlying peer group communication system, the following conferee memberships are considered

(7)

7. Conclusion

Finally we proposed a dynamic signature based authenticated peer group key exchange (D-SAP-GKE) protocol in the ID-based setting. Different from previous ID-based protocols, our protocol does not utilize any paring based key, which makes it more efficient. At last, we analyze the security of the protocol in the robust security system model. Finally, we show that the dynamic Signature authenticated peer group key exchange protocol has some security breaches caused by the restrictive authentication. In addition, we present a simple method to fix the security system breaches and prove its security under the standard assumptions.

References

[1]

R.

Canetti, O. Goldreich, and S. Halevi, “On the Random-Oracle Methodology as Applied to Length Restricted Signature Schemes,” In Proc. of 1st Theory of Cryptography Conference (TCC), LNCS, vol. 2951, pp. 40-57, 2004.

[2] M. Bellare, A. Boldyreva, and A. Palacio, “An Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption Problem, ” In Proc. of EUROCRYPT ’04, LNCS, vol. 3027, pp. 171-188 2004.

[3] Z. Wan, K. Ren, W. Lou, B. Preneel, Anonymous IDbased Group Key Agreement for Wireless Networks, Wireless Communications and Networking Conference-2008 (WCNC 2008),IEEE , pp.2615-2620, 2008.

[4] G. Yao, H. Wang, Q. Jiang. An Authenticated 3-Round Identity- Based Group Key Agreement Protocol, In proc. of the third International Conference on Availability, Reliability, and Security -ARES’08, pp. 538-543, ACM, 2008.

[5] L. Zhou, W. Susilo, Y. Mu. Efficient ID-based Authenticated Group Key Agreement from Bilinear Pairings, Mobile Ad-hoc and Sensor Networks -MSN 2006, LNCS 4325, pp. 521-532, Springer-Verlag, 2006.

[6] H-R. Chung and W-C. Ku, “Three weaknesses in a simple three-party key exchange protocol,” Information Sciences, vol. 178, no. 1, pp. 220-229, 2008.

[7] Y.Aimir, Y.iKim and C.N Rotariu.On the Performance of Group Key Agreement Protocols.ACM Transactions on Information and System Security, 7(3), 457-488, 2004.

[8] R.Sakai and M.Kasahara.ID based Cryptosystems with Pairing on Elliptic Curve. Cryptology ePrint Archive, Report, PP.054, 2003. [9] A Novel Approach for Online Signature Verification Using Fisher Based Probabilistic Neural Network. 978-1-4244-7755-5/10/$26.00

©2010 IEEE

[10] M. Fundez – Zanuy, “Signature recognition state-of-the-art”, IEEE Aerospace and Electronic Systems Magazine, pp.28-32, July2005. [11] F. Hess. Efficient Identity Based Signature Scheme Based on Pairings. in Selected Areas in Cryptography The 9th Annual Int’l

References

Download now ( PDF - 7 Page - 579.90 KB )

Related documents

Food security in rural areas of Limpopo Province, South Africa

The Rose and Charlton scale is based on the LEA and FP indicators that score energy intake of the household and expenditure on food, respec- tively and is computed using

Quality Assurance Techniques for the Revenue Cycle. Top 5 Things to Know for CE: Disclaimer 3/31/10

  FOR CE: At your last session, total the hours and sign your Statement of Continuing Education Certificate form.. Place the YELLOW and WHITE copies in your

2

Which of the following statements about the Gond Kingdom of Garha Katanga is correct.. (a) It became much stronger against the weaker Bundelas and Marathas. It earned wealth

arxiv: v3 [math.ap] 16 Jun 2017

Tataru, Uniform boundary stabilization of semilinear wave equations with nonlinear boundary damping, Differential Integral Equation 6 (1993), no. Serrin, Global nonexistence

VoIP P2P: breakthrought technology, lot of hype (after Skype) but which business impacts at the end?

Peer Super Node Super Node Super Node Super Node Login Server PSTN GW PSTN/PLMN. Source: ICT

THIRTY SIXTH ANNUAL REPORT

NOTICE IS HEREBY GIVEN THAT THE THIRTY SIXTH ANNUAL GENERAL MEETING OF THE MEMBERS OF HOUSING DEVELOPMENT FINANCE CORPORATION LIMITED WILL BE HELD AT 3.00 P.M.. To

MEHMET R. TANER, Ph.D. Associate Professor Telephone: Department of Industrial Engineering Fax:

• Reviewed manuscripts for IIE Transactions, Journal of the Operational Research Society, European Journal of Operational Research, International Journal of

ABSTRACT Hotel TEACH (Teaching English and Careers in Hospitality)

The American Hotel and Lodging Association (AHLA) Education Institute too has developed a variety of curricula designed to train staff for various positions at all levels of