Abstract
Recently, Yang et al. proposed an efficient user identification scheme with key distribution, in which it is possible for the user to anonymously log into a system and establish a secret key shared with the system. Mangipudi and Katti later demonstrated a Deniable-of-Service (DoS) attack on the Yang et al. scheme and then proposed an improvement to withstand such an attack. However, this paper demonstrates an identity disclosure attack to show that neither schemes' claimed user anonymity requirement can be achieved. We further propose a novel user identification scheme with key distribution preserving user anonymity for distributed computer networks. The proposed scheme not only withstands the attacks mentioned above, but also achieves the following: (i) user anonymity, (ii) key distribution, (iii) mutual authentication, and (iv) key confirmation. The performance of our scheme is of greater efficiency than that of previously proposed schemes in terms of communication costs and computational complexities. Crown
| Original language | English |
|---|---|
| Pages (from-to) | 422-429 |
| Number of pages | 8 |
| Journal | Information Sciences |
| Volume | 179 |
| Issue number | 4 |
| DOIs | |
| State | Published - 01 02 2009 |
| Externally published | Yes |
Keywords
- Anonymity
- Identification
- Key confirmation
- Key distribution
- Mutual authentication