{"title":"An identity authentication protocol in online social networks","authors":"Lingjun Li, Xinxin Zhao, G. Xue","doi":"10.1145/2414456.2414471","DOIUrl":null,"url":null,"abstract":"Recent success of online social networks (OSNs) motivates the study of security issues in OSNs. A fundamental but challenging security issue in OSNs is to authenticate a friend's real identity. A solution to this issue will benefit a number of OSN security protocols. Existing solutions require users securely obtain some secret information from their friends before authentication takes place, which is not always possible in OSNs. In this paper, we propose a new authenticated key exchange protocol based on the exclusive secrets shared between friends. It provides identity authentication and key exchange in a plain setting, i.e., users do not need to securely exchange or distribute any information beforehand. The protocol is designed to work with low-entropy input information, because human beings are not good at dealing with a large amount of information. Another advantage of our protocol is its tolerance of input errors considering human error is always a possibility. We prove the security of the protocol in the universal composability (UC) framework and demonstrate its efficiency.","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2012-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2414456.2414471","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
Recent success of online social networks (OSNs) motivates the study of security issues in OSNs. A fundamental but challenging security issue in OSNs is to authenticate a friend's real identity. A solution to this issue will benefit a number of OSN security protocols. Existing solutions require users securely obtain some secret information from their friends before authentication takes place, which is not always possible in OSNs. In this paper, we propose a new authenticated key exchange protocol based on the exclusive secrets shared between friends. It provides identity authentication and key exchange in a plain setting, i.e., users do not need to securely exchange or distribute any information beforehand. The protocol is designed to work with low-entropy input information, because human beings are not good at dealing with a large amount of information. Another advantage of our protocol is its tolerance of input errors considering human error is always a possibility. We prove the security of the protocol in the universal composability (UC) framework and demonstrate its efficiency.
近年来,在线社交网络(online social network, osn)的成功激发了对网络安全问题的研究。在osn系统中,一个最基本但也最具挑战性的安全问题是验证朋友的真实身份。解决此问题将受益于多个OSN的安全协议。现有的解决方案要求用户在身份验证之前安全地从他们的朋友那里获得一些秘密信息,这在osn中并不总是可行的。在本文中,我们提出了一种新的基于朋友之间共享的独家秘密的认证密钥交换协议。它以普通的方式提供身份验证和密钥交换,也就是说,用户不需要事先安全地交换或分发任何信息。该协议设计用于低熵输入信息,因为人类不擅长处理大量信息。我们协议的另一个优点是它对输入错误的容忍度考虑到人为错误总是存在的可能性。在通用可组合性(UC)框架下证明了该协议的安全性和有效性。
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
