Title: Cryptanalysis of the End-to-End Security Protocol for Mobile Communications with End-User Identification/Authentication
1Cryptanalysis of the End-to-End Security
Protocolfor Mobile Communications with
End-UserIdentification/Authentication
- AuthorYongBin Zhou, ZhenFeng Zhang, and DengGuo
Feng - Presenter???
2Outline
- INTRODUCTION
- REVIEW OF CHANG et al.S PROTOCOL
- CRYPTANALYSIS OF CHANG et al.S PROTOCOL
- MODIFYING THE BP PROTOCOL
- CONCLUSION
3INTRODUCTION
- MUTUALLY authenticated key agreement protocol
- Chang et al. proposed an end-to-end security
protocol for mobile communications with end-user
authentication.
4REVIEW OF CHANG et al.S PROTOCOL
5REVIEW OF CHANG et al.S PROTOCOL
- Subscriber Identity Module (SIM) card
- The subscriber account information and the
personal certificate of the mobile user are
stored in the SIM - The SIM card is stolen, the conspirator may
impersonate the register to communicate with
anyone. - Password is involved to construct the end-to-end
security authentication protocol
6REVIEW OF CHANG et al.S PROTOCOL
- Previous study
- Messages between the MS and the BS are in
encrypted form - Messages between the two BSs are usually in clear
form. - Security breach
- Messages should be encrypted by a secret session
key known only by the two MSs.
7REVIEW OF CHANG et al.S PROTOCOL
8REVIEW OF CHANG et al.S PROTOCOL
- Parks protocol
- g be a generator of the multiplicative group
, where p is a prime - Private key of MS is ? ,andthe
public key is mod p - the private and public keys of BS are ?
and mod p -
9REVIEW OF CHANG et al.S PROTOCOL
- Impersonation attack against Parks Protocol.
10REVIEW OF CHANG et al.S PROTOCOL
- Impersonation attack against Parks Protocol
- R ( )-( ) ( -
) - E can easily recover the current session key by
computing
11REVIEW OF CHANG et al.S PROTOCOL
- CHANG et al.S PROTOCOL
- certificate-based authentication and session key
agreement protocol - session agreement protocol is based on the
Diffie-Hellman key exchange protocol
12REVIEW OF CHANG et al.S PROTOCOL
- The basic authentication protocol
13REVIEW OF CHANG et al.S PROTOCOL
14REVIEW OF CHANG et al.S PROTOCOL
- The end-to-end security protocol.
15REVIEW OF CHANG et al.S PROTOCOL
- EBP to support end-user authentication.
16CRYPTANALYSIS OF CHANG et al.S PROTOCOL
- Impersonation attack against BP Protocol.
17MODIFYING THE BP PROTOCOL
- MODIFYING THE BP PROTOCOL
18Conclusion
- In this letter shown that the end-to-end security
protocol for mobile communications with end-user
authentication due to Chang et al. is insecure
against impersonation attack. - Proposing a modified protocol can preserves the
claimed security.