Skip to main content
SpringerLink
Log in

Study on two privacy-oriented protocols for information communication systems

  • Published:
Journal of Intelligent Manufacturing Aims and scope Submit manuscript

Abstract

In these days, the privacy of a user in information communication system is more important than ever before. Especially, the property is important for mobile communication systems due to the mobility of underlying mobile devices. Until now, many cryptographic tools have been proposed for achieving users’ privacy. In this paper, we review two privacy-oriented cryptographic protocols, and show their security holes. We also provide some countermeasure to fix the weaknesses. First, we discuss the security of the user identification scheme proposed by Hsu and Chuang which permits a user to anonymously log into a system and establish a secret key shared with the system. We show that the Hsu-Chuang scheme is not secure against known session key attacks, and then we provide a countermeasure which can be used for enhancing the security the Hsu-Chuang scheme. Secondly, we review a deniable authentication proposed by Harn and Ren which protects the privacy of a message sender. Then we show that the protocol has a potential incompleteness and two weaknesses.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  • Ateniese, G., & Nita-Rotaru, C. (2002). Stateless-recipient certified e-mail system based on verifiable encryption. In Proceedings of CT-RSA’02, LNCS 2271 (pp 182–199). Berlin: Springer.

  • Bao, F., Deng, R. H., & Mao, W. (1998). Efficient and practical fair exchange protocols with off-line TTP. In Proceedings of the 1998 IEEE symposium on security and privacy (pp. 77–85).

  • Dent A. W. (2005) Flaws in an e-mail protocol of Sun, Hsieh, and Hwang. IEEE Communications Letters 9(8): 718–719

    Article  Google Scholar 

  • Ezhilchelvan P. D., Shrivastava S. K. (2005) A family of trusted third party based fair-exchange protocols. EEE Transactions on Dependable and Secure Computing 2(4): 273–286

    Article  Google Scholar 

  • Guillou, L. C., & Quisquater, J.-J. (1988). A paradoxical indentity-based signature scheme resulting from zero-knowledge. In Proceedings of Crypto’88, LNCS 403 (pp. 216–231). Berlin: Springer.

  • Harn, L., Ren, J. (2008). Design of fully deniable authentication service for e-mail applications. IEEE Communications Letters, 12(3), 219–221.

    Article  Google Scholar 

  • Hsu C.-L., Chuang Y.-H. (2009) A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks. Information Sciences 179: 422–429

    Article  Google Scholar 

  • Kim, B. H., Koo, J. H., Lee, D. H. (2006). Robust e-mail protocols with perfect forward secrecy. IEEE Communication Letters, 10(6), 510–512.

    Article  Google Scholar 

  • Lee W. B., Chang C. C. (1999) User identification and key distribution maintaining anonymity for distributed computer network. Computer Systems Science and Engineering 15(4): 113–116

    Google Scholar 

  • Mangipudi K., Katti R. (2006) A secure identification and key agreement protocol with user anonymity (SIKA). Computers and Security 25(6): 420–425

    Article  Google Scholar 

  • Nymann J. E. (1972) On the probability that positive integers are relatively prime. Journal of Number Theory 4: 469–473

    Article  Google Scholar 

  • OpenPGP. (2007). An open specification for pretty good privacy. Available at http://www.ietf.org/html.charters/openpgp-charter.html.

  • PKCS #1 V2.1. (2003). RSA cryptography standard. Available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf.

  • S/MIME. (2004). Secure multipuepose internet mail extensions. Available at http://www.rsasecurity.com/standards/smime/.

  • Sun H., Hsieh B., Hwang H. (2005) Secure e-mail protocols providing perfect forward secrecy. IEEE Communication Letters 9(1): 58–60

    Google Scholar 

  • Wu T. S., Hsu C. L. (2004) Efficient user identification scheme with key distribution preserving anonymity for distributed computer networks. Computers and Security 23(2): 120–125

    Article  Google Scholar 

  • Yang Y., Wang S., Bao F., Wang J., Deng R. H. (2004) New efficient user identification and key distribution scheme providing enhanced security. Computers and Security 23(8): 697–704

    Article  Google Scholar 

  • Yoon E. J., Yoo K. Y. (2007) Cryptanalysis of robust e-mail protocols with perfect forward secrecy. IEEE Communication Letters 11(5): 372–374

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Electronics and Telecommunications Research Institute (ETRI), Daejeon, Korea

    Taek-Young Youn

  2. Division of e-Business, Kyungnam University, Masan, Changwon, Gyeongnam, Korea

    Jongsung Kim

  3. Eulji University, 212 Yangji, Sujeong-gu, SeongNam-si, Kyonggi-do, Korea

    Myung-Jae Lim

Authors
  1. Taek-Young Youn
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jongsung Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Myung-Jae Lim
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Myung-Jae Lim.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Youn, TY., Kim, J. & Lim, MJ. Study on two privacy-oriented protocols for information communication systems. J Intell Manuf 25, 339–345 (2014). https://doi.org/10.1007/s10845-012-0654-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10845-012-0654-5

Keywords

Search

Navigation