skip to main content
10.1145/2414456.2414471acmconferencesArticle/Chapter ViewAbstractPublication Pagesasia-ccsConference Proceedingsconference-collections
research-article

An identity authentication protocol in online social networks

Published: 02 May 2012 Publication History

Abstract

Recent success of online social networks (OSNs) motivates the study of security issues in OSNs. A fundamental but challenging security issue in OSNs is to authenticate a friend's real identity. A solution to this issue will benefit a number of OSN security protocols. Existing solutions require users securely obtain some secret information from their friends before authentication takes place, which is not always possible in OSNs. In this paper, we propose a new authenticated key exchange protocol based on the exclusive secrets shared between friends. It provides identity authentication and key exchange in a plain setting, i.e., users do not need to securely exchange or distribute any information beforehand. The protocol is designed to work with low-entropy input information, because human beings are not good at dealing with a large amount of information. Another advantage of our protocol is its tolerance of input errors considering human error is always a possibility. We prove the security of the protocol in the universal composability (UC) framework and demonstrate its efficiency.

References

[1]
M. Bellare, R. Canetti, and H. Krawczyk. A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract). In Proceedings of the thirtieth annual ACM symposium on Theory of computing, pages 419--428. ACM, 1998.
[2]
S. M. Bellovin and M. Merritt. Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise. In CCS '93: Proceedings of the 1st ACM conference on Computer and communications security, pages 244--250, New York, NY, USA, 1993. ACM.
[3]
J. Sun, X. Zhu, and Y. Fang. A privacy-preserving scheme for online social networks with efficient revocation. In INFOCOM, 2010 Proceedings IEEE, pages 1--9. IEEE, 2010.
[4]
H. Yu, P. Gibbons, M. Kaminsky, and F. Xiao. Sybillimit: A near-optimal social network defense against sybil attacks. In Security and Privacy, 2008. SP 2008. IEEE Symposium on, pages 3--17. IEEE, 2008.
[5]
H. Yu, M. Kaminsky, P. Gibbons, and A. Flaxman. Sybilguard: defending against sybil attacks via social networks. In Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications, pages 267--278. ACM, 2006.

Cited By

View all
  • (2018)A Provably-Secure Cross-Domain Handshake Scheme with Symptoms-Matching for Mobile Healthcare Social NetworkIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2016.259628615:4(633-645)Online publication date: 1-Jul-2018
  • (2013)Digital Identity based VoIP Authentication MechanismProceedings of International Conference on Advances in Mobile Computing & Multimedia10.1145/2536853.2536928(239-243)Online publication date: 2-Dec-2013

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ASIACCS '12: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
May 2012
119 pages
ISBN:9781450316484
DOI:10.1145/2414456
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 May 2012

Permissions

Request permissions for this article.

Check for updates

Qualifiers

  • Research-article

Conference

ASIA CCS '12
Sponsor:

Acceptance Rates

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)4
  • Downloads (Last 6 weeks)0
Reflects downloads up to 20 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2018)A Provably-Secure Cross-Domain Handshake Scheme with Symptoms-Matching for Mobile Healthcare Social NetworkIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2016.259628615:4(633-645)Online publication date: 1-Jul-2018
  • (2013)Digital Identity based VoIP Authentication MechanismProceedings of International Conference on Advances in Mobile Computing & Multimedia10.1145/2536853.2536928(239-243)Online publication date: 2-Dec-2013

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media