DocumentCode
1947575
Title
On the security of an identity-based single-sign-on scheme
Author
Zhang, Jianhong ; Liu, Xue
Author_Institution
Coll. of Sci., North China Univ. of Technol., Beijing, China
Volume
3
fYear
2010
fDate
9-11 July 2010
Firstpage
117
Lastpage
120
Abstract
At present, to access to email account or bank account, a network user has to remember the registered account number of the user and the corresponding password for every service with which they are registered. However, when multiple systems are involved, the user is then required to authenticate to each system individually and repeatedly. It results in inconvenience to each authentication. Recently, to overcome the problem, an identity-based single-sign-on scheme was proposed to achieve user identification and authentication to multiple security-protected systems simultaneously through a single operation. The security of the scheme is claimed to be related to the well-Known RSA cryptosystem and the discrete logarithm problem. Unfortunately, in this work we show that Ren´s scheme is suffering an unforgeable attack, namely, any one can pass verification in name of any user´s identity. Finally, an improved version is proposed.
Keywords
message authentication; public key cryptography; RSA cryptosystem; Ren scheme; discrete logarithm problem; identity authentication; identity-based single-sign-on scheme; multiple security-protected systems; Authentication; Cryptography; Law; forgeable attack; identity authentication; identity-based cryptography; single-sign-on;
fLanguage
English
Publisher
ieee
Conference_Titel
Computer Science and Information Technology (ICCSIT), 2010 3rd IEEE International Conference on
Conference_Location
Chengdu
Print_ISBN
978-1-4244-5537-9
Type
conf
DOI
10.1109/ICCSIT.2010.5564492
Filename
5564492
Link To Document