当前位置: X-MOL 学术IEEE Trans. Inform. Forensics Secur. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Comments on __evocable and Scalable Certificateless Remote Authentication Protocol With Anonymity for Wireless Body Area Networks_
IEEE Transactions on Information Forensics and Security ( IF 6.3 ) Pub Date : 9-24-2018 , DOI: 10.1109/tifs.2018.2871761
Kyung-Ah Shim

To solve security and privacy issues in wireless body area networks, several types of digital signature schemes have been adapted to a number of authentication protocols. Recently in IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY (TIFS) (DOI: 10.1109/TIFS.2015.2414399), Xiong and Qin proposed a revocable certificateless encryption (R-CLE) scheme against decryption key exposure, and a revocable certificateless signature (R-CLS) scheme against signing key exposure. Then they proposed a revocable and scalable certificateless remote authentication protocol with anonymity for wireless body area networks based on the combination of R-CLE scheme and R-CLS scheme. However, we show that their RCLS scheme is insecure against type I adversaries: a type I adversary who knows only a user's secret value can forge signatures on any messages in the same time period. Hence, their authentication protocol fails to meet the claimed security requirements.

中文翻译:


对__可撤销且可扩展的无线体域网匿名无证书远程身份验证协议_的评论



为了解决无线体域网中的安全和隐私问题,多种类型的数字签名方案已适应多种认证协议。最近,在IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY (TIFS) (DOI: 10.1109/TIFS.2015.2414399)中,Xiong和Qin提出了一种防止解密密钥暴露的可撤销无证书加密(R-CLE)方案,以及可撤销无证书签名(R-CLS) )针对签名密钥暴露的方案。然后,他们基于R-CLE方案和R-CLS方案的结合,提出了一种可撤销、可扩展、可匿名的无线体域网无证书远程认证协议。然而,我们表明他们的 RCLS 方案对于 I 类对手来说是不安全的:只知道用户秘密值的 I 类对手可以在同一时间段内伪造任何消息的签名。因此,他们的身份验证协议无法满足声称的安全要求。
更新日期:2024-08-22
down
wechat
bug