Security analysis of a NTRU-based mutual authentication scheme | NCCU Academic Hub

學術產出-Proceedings

Article View/Open

html(567)

Publication Export

Google Scholar^TM

政大圖書館

學術資源探索系統

Citation Infomation

Simple Record
Full Record

題名	Security analysis of a NTRU-based mutual authentication scheme
作者	左瑞麟 Tso, Ray-Lin Jheng, Yi Shio
貢獻者	資科系
關鍵詞	Authentication; Global system for mobile communications; Near field communication; Security systems; Anonymous authentication; Eavesdropping attacks; Mobile payment; Mobile payment system; Mutual authentication; NTRU; security; Sensitive informations; Electronic money
日期	2016-10
上傳時間	31-Aug-2017 14:49:54 (UTC+8)
摘要	NFC-based mobile transaction has come into limelight in recent years thanks to the rapid development of NFC and mobile technologies. In these applications, the NFC-chip is in the card emulation mode to simulate a credit card. Because many sensitive information is exchanged during the communication of the mobile transaction, mutual authentication is required in order to verify the legality of each communicating party. Recently, Part and Lee introduced an anonymous authentication scheme based on NTRU. It is aimed to protect user information in NFC mobile payment systems without directly using private financial information of users. However, we found a security flaw in their new scheme. In this paper, we show that their scheme is insecure against an eavesdropping attack. An attacker, without any secret information, can impersonate the user against a service provider and pass the authentication procedure. This may result in a serious problem in which an attacker can enjoy a service such as an on-line shopping on behalf of the real user without the permission of the real user. An improved scheme will be left as our future work.
關聯	18th Asia-Pacific Network Operations and Management Symposium, APNOMS 2016: Management of Softwarized Infrastructure - Proceedings
資料類型	conference
DOI	http://dx.doi.org/10.1109/APNOMS.2016.7737253

dc.contributor	資科系
dc.creator (作者)	左瑞麟	zh_TW
dc.creator (作者)	Tso, Ray-Lin	en_US
dc.creator (作者)	Jheng, Yi Shio	en_US
dc.date (日期)	2016-10
dc.date.accessioned	31-Aug-2017 14:49:54 (UTC+8)	-
dc.date.available	31-Aug-2017 14:49:54 (UTC+8)	-
dc.date.issued (上傳時間)	31-Aug-2017 14:49:54 (UTC+8)	-
dc.identifier.uri (URI)	http://nccur.lib.nccu.edu.tw/handle/140.119/112462	-
dc.description.abstract (摘要)	NFC-based mobile transaction has come into limelight in recent years thanks to the rapid development of NFC and mobile technologies. In these applications, the NFC-chip is in the card emulation mode to simulate a credit card. Because many sensitive information is exchanged during the communication of the mobile transaction, mutual authentication is required in order to verify the legality of each communicating party. Recently, Part and Lee introduced an anonymous authentication scheme based on NTRU. It is aimed to protect user information in NFC mobile payment systems without directly using private financial information of users. However, we found a security flaw in their new scheme. In this paper, we show that their scheme is insecure against an eavesdropping attack. An attacker, without any secret information, can impersonate the user against a service provider and pass the authentication procedure. This may result in a serious problem in which an attacker can enjoy a service such as an on-line shopping on behalf of the real user without the permission of the real user. An improved scheme will be left as our future work.
dc.format.extent	211 bytes	-
dc.format.mimetype	text/html	-
dc.relation (關聯)	18th Asia-Pacific Network Operations and Management Symposium, APNOMS 2016: Management of Softwarized Infrastructure - Proceedings	en_US
dc.subject (關鍵詞)	Authentication; Global system for mobile communications; Near field communication; Security systems; Anonymous authentication; Eavesdropping attacks; Mobile payment; Mobile payment system; Mutual authentication; NTRU; security; Sensitive informations; Electronic money
dc.title (題名)	Security analysis of a NTRU-based mutual authentication scheme	en_US
dc.type (資料類型)	conference
dc.identifier.doi (DOI)	10.1109/APNOMS.2016.7737253
dc.doi.uri (DOI)	http://dx.doi.org/10.1109/APNOMS.2016.7737253