Open Access Journal

ISSN : 2394-2320 (Online)

International Journal of Engineering Research in Computer Science and Engineering (IJERCSE)

Monthly Journal for Computer Science and Engineering

Open Access Journal

International Journal of Engineering Research in Computer Science and Engineering (IJERCSE)

Monthly Journal for Computer Science and Engineering

ISSN : 2394-2320 (Online)

Single Sign-On Mechanism Using RSA-VES

Author : Reeba Alexander 1 R.Medona Selin 2

Date of Publication :7th April 2015

Abstract: Single Sign-On (SSO) mechanism is one of the latest authentication mechanisms in distributed computer network. This mechanism enables a valid user with single token to access services of multiple service providers in a network. Previously many SSO schemes are implemented. This paper proves that previous schemes are insecure as it fails to meet token privacy and soundness of authentication.Basically; here two impersonation attacks are present. The first attack allows the dishonest service provider who had communicated with valid user twice can easily recover user’s token and impersonate user to access services of other service providers. In second attack, an external without any token can be able to enjoy the services freely by acting as valid user or nonexistent user. This paper proposes verifiable encryption of RSA signatures to overcome the flaws of previous SSO scheme.

Reference :

    1. A. C. Weaver and M. W. Condtry, “Distributing internet services to the network‟s edge,” IEEE Trans. Ind. Electron., vol. 50, no. 3, pp. 404–411, Jun. 2003.
    2. L. Barolli and F. Xhafa, “JXTA-OVERLAY: A P2P platform for distributed, collaborative and ubiquitous computing,” IEEE Trans. Ind.Electron., vol. 58, no. 6, pp. 2163–2172, Oct. 2010
    3. W. B. Lee and C. C. Chang, “User identification and key distribution maintaining anonymity for distributed computer networks,” Comput.Syst. Sci. Eng., vol. 15, no. 4, pp. 113–116, 2000
    4. X. Li,W. Qiu, D. Zheng, K. Chen, and J. Li, “Anonymity enhancement on robust and efficient password-authenticated key agreement using smart cards,” IEEE Trans. Ind. Electron., vol. 57, no. 2, pp. 793–800, Feb. 2010.
    5. A. Valenzano, L. Durante, and M. Cheminod, “Review of security issues in industrial networks,” IEEE Trans. Ind. Inf., vol. PP, no. 99, 2012, DOI 10.1109/TII/2012.2198666.
    6. T.-S.Wu and C.-L. Hsu, “Efficient user identification scheme with key distribution preserving anonymity for distributed computer networks,”Comput. Security, vol. 23, no. 2, pp. 120–125, 2004.
    7. Y. Yang, S. Wang, F. Bao, J. Wang, and R. H. Deng, “New efficient user identification and key distribution scheme providing enhanced security,”Comput. Security, vol. 23, no. 8, pp. 697–704, 2004
    8. K. V. Mangipudi and R. S. Katti, “A secure identification and key agreement protocol with user anonymity (SIKA),” Comput. Security,vol. 25, no. 6, pp. 420–425, 2006.
    9. C.-L. Hsu and Y.-H. Chuang, “A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks,” Inf. Sci., vol. 179, no. 4, pp. 422–429, 2009
    10. B.Wang and Ms. Ma, “A server independent authentication scheme for RFID systems,” IEEE Trans. Ind. Inf., vol. 8, no. 3, pp. 689–696, Aug. 2012.
    11. B. Fabian, T. Esrmakova, and C. Muller, “SHARDIS: A privacy-enhanced discovery service for RFID-based product information,” IEEE Trans. Ind. Inf., vol. 8, no. 3, pp. 707–718, Aug. 2012.
    12. H.-M. Sun, Y.-H. Chen, and Y.-H. Lin, “oPass: A user authentication protocol resistant to password stealing and password reuse attacks,”IEEE Trans. Inf. Forensics Security, vol. 7, no. 2, pp. 651–663, Apr.2012.
    13. “Security Forumon Single Sign-On,” TheOpenGroup [Online].Available:http://www.opengroup.org/security/l2- sso.htm
    14. J. Han, Y. Mu, W. Susilo, and J. Yan, “A generic construction of dynamic single sign-on with strong security,” in Proc. SecureComm’, 2010, pp. 181–198, Springer
    15. L. Harn and J. Ren, “Generalized digital certificate for user authentication and key establishment for secure communications,” IEEE Trans.Wireless Commun., vol. 10, no. 7, pp. 2372–2379, Jul. 2011.
    16. C.-C. Chang and C.-Y. Lee, “A secure single signon mechanism for distributed computer networks,” IEEE Trans. Ind. Electron., vol. 59,no. 1, pp. 629–637, Jan. 2012
    17. U. Feige, A. Fiat, and A. Shamir, “Zeroknowledge proofs of identity,”J. Crytography, vol. 1, no. 2, pp. 77– 94, 1988.
    18. G. Ateniese, “Verifiable encryption of digital signatures and applications,”ACM Trans. Inf. Syst. Secur., vol. 7, no. 1, pp. 1–20, 2004.[19] H. Delfs and H. Knebl, Introduction to Cryptography: Principles and Applications, 2nd ed. Berlin, Germany: Springer, 2006
    19. G. Wang, J. Yu, and Q. Xie, Security analysis of a singlesign-on mechanism for distributed computer networks Cryptology ePrint Archive, Rep. 102, Feb. 2012 [Online]. Available:http://eprint.iacr.org/2012/107

Recent Article