基于博弈论的身份认证协议的分析——NGUYEN L H方案的改进

doi:10.3969/j.issn.1000-436x.2013.08.003

Abstract

Abstract:

Using the ideas of game theory,NGUYEN L H transformed two families of authentication protocols where the honest party transmitted some useless data with probability α before the normal protocol run,so that even if an attacker attacks a protocol,the attacker’s payoff will still be lower than that when it does not.In such a way,the security of the protocol was guaranteed.However,this scheme suffers from two shortcomings:the considered is too attacker powerful,and only its payoff was considered and the cost of the attacks was ignored; the situation in which the honest node would choose to send useless data was not considered.To improve this scheme,the value of α,with the consideration of the attack cost,of which the value is more general was given.What’s more,the attack probability β was introduced.Based on this,the precondition that the honest node transmits the useless data was presented,as well as the value of α under the different β values.Compared with the original scheme,this results are more generic and comprehensive.Meanwhile,through a case analysis in the P2P network,the correctness of the conclusion is proved.

Key words: identity authentication protocol, game theory, protocol security

Xing-hua LI,Ling-juan DENG,Yuan ZHANG,Jian-feng MA. Rational analysis of authentication protocols based on NGUYEN L H scheme[J]. Journal on Communications, 2013, 34(8): 18-26.

Figures/Tables 9

诚实节点	攻击者
诚实节点	i₁	i₂
a₁	$U_{A} - E_{A} - [ε C_{A}^{+} + (1 - ε) C_{A}^{-}]$	?E _A,
a₁	$ε U_{}^{+} + (1 - ε) U_{}^{-} - (E_{I} + X)$	U
a₂	$- [ε C_{A}^{+} + (1 - ε) C_{A}^{-}], ε U^{+} + (1 - ε) U^{-} - E_{I}$	0,0

攻击次数	结果	概率	收益
1	成功	$ε = ε_{1} = \frac{1}{n}$	$U^{+} - E_{I}$
2	成功	$(1 - ε_{1}) ε_{2} = \frac{1}{n}$	$U^{-} + U^{+} - 2 E_{I}$
3	成功	$(1 - ε_{1}) (1 - ε_{2}) ε_{3} = \frac{1}{n}$	$2 U^{-} + U^{+} - 3 E_{I}$
$⋮$	$⋮$	$⋮$	$⋮$
t	成功	$ε_{t} \prod_{i = 1}^{t - 1} (1 - ε_{i}) = \frac{1}{n}$	$(t - 1) U^{-} + U^{+} - t E_{I}$
$⋮$	$⋮$	$⋮$	$⋮$
k	成功	$ε_{k} \prod_{i = 1}^{k - 1} (1 - ε_{i}) = \frac{1}{n}$	$(k - 1) U^{-} + U^{+} - k E_{I}$
k	失败	$\prod_{i = 1}^{k} (1 - ε_{i}) = \frac{n - k}{n}$	$k U^{-} - k E_{I}$

攻击次数	结果	概率	诚实节点损失
1	成功	$ε = ε_{1} = \frac{1}{n}$	$C_{A}^{+}$
2	成功	$(1 - ε_{1}) ε_{2} = \frac{1}{n}$	$C_{A}^{-} + C_{A}^{+}$
3	成功	$(1 - ε_{1}) (1 - ε_{2}) ε_{3} = \frac{1}{n}$	$2 C_{A}^{-} + C_{A}^{+}$
$⋮$	$⋮$	$⋮$	$⋮$
T	成功	$ε_{t} \prod_{i = 1}^{t - 1} (1 - ε_{i}) = \frac{1}{n}$	$(t - 1) C_{A}^{-} + C_{A}^{+}$
$⋮$	$⋮$	$⋮$	$⋮$
k	成功	$ε_{k} \prod_{i = 1}^{k - 1} (1 - ε_{i}) = \frac{1}{n}$	$(k - 1) C_{A}^{-} + C_{A}^{+}$
k	失败	$\prod_{i = 1}^{k} (1 - ε_{i}) = \frac{n - k}{n}$	$k C_{A}^{-}$

参数	含义
U_A	诚实节点发送无用数据时意识到攻击者存在的收益
E_A	诚实节点发送无用数据时在时间、能量等上的损失
$C_{A}^{+}$	攻击者成功发起一次攻击时诚实节点的损失
$C_{A}^{-}$	攻击者攻击不成功，却仍然成功发起一次拒绝服务攻击，此时诚实节点的损失

参数	值
U_A	30
E_A	10
$C_{A}^{+}$	15
$C_{A}^{-}$	5

References 21

[1]	ALPCAN T , BASAR T . Network Security:A Decision and Game Theoretic Approach[M]. Cambridge: Cambridge University Press, 2011.
[2]	GILLAT K , MONI N . Cryptography and game theory:designing protocols for exchanging information[A]. Proceedings of Theory of Cryptography Conference 2008[C]. New York,USA, 2008. 320-339.
[3]	HALPERN J Y , PASS R . Game theory with costly computation:formulation and application to protocol security[A]. Proceedings of Innovations in Computer Science2010[C]. Beijing,China, 2010. 120-142.
[4]	MANSHAEI M H , ZHU Q , ALPCAN T . Game Theory Meets Network Security and Privacy[R]. EPFL Report, 2010.
[5]	ROY S , ELLIS C , SHIVA S ,et al. A survey of game theory as applied to network security[A]. Proceedings of HICSS[C]. Koloa Kauai,USA, 2010. 1-10.
[6]	SUN W , KONG X , HE D ,et al. Information security problem research based on game theory[A]. Proceedings of ISECS[C]. Guangzhou,China, 2008. 554-557.
[7]	GORDON S D , KATZ J . Rational secret sharing,revisited[A]. Proceedings of Security and Cryptography for Networks Lecture Notes in Computer Science[C]. Maiori,Italy, 2006.4116: 229-241.
[8]	FUCHSBAUER G , KATZ J , NACCACHE D . Effcient rational secret sharing in standard communication networks[A]. Proceedings of TCC 2010[C]. RJ,USA, 2010. 419-436.
[9]	OMRANI A , FALLAH M S . A game-theoretic cooperation stimulus routing protocol in MANETs[J]. IAENG International Journal of Computer Science, 2008,35(1): 174-181.
[10]	PAVLIDOU F N , KOLTSIDAS G . Game theory for routing modeling in communication networks-a survey[J]. Journal of Communications and Networks, 2008,10(3): 268-286.
[11]	EL N , SYRINE K , FOUAD K ,et al. WSEAS:a bidirectional bluetooth authentication scheme based on game-theoretic framework,alfred menezes[J]. WSEAS Transactions on Communications, 2006,15(6): 1219-1227.
[12]	ALMUDENA A , PALOMAR E , RIBAGORDA A ,et al. Formal proof of cooperativeness in a multi-party P2P content authentication protocol[A]. Proceedings of TrustBus 2010[C]. Bilbao,Spain, 2010. 141-152.
[13]	GORDON S D , KATZ J . Rational secret sharing,revisited[A]. Proceedings of Security and Cryptography for Networks Lecture Notes in Computer Science[C]. Maiori,Italy, 2006.4116: 229-241.
[14]	NGUYEN L H . Rational authentication protocols[EB/OL]. , 2011.
[15]	CANETTI R , KRAWCZYK H . Analysis of key-exchange protocols and their use for building secure channels[A]. Proceedings of Eurocrypt 2001,Lecture Notes in Computer Science[C]. Innsbruck,Austria, 2001. 453-474.
[16]	CANETTI R , KRAWCZYK H . Universally composable notions of key exchange and secure channel[A]. Proceedings of Eurocrypt 2002,Lecture Notes in Computer Science[C]. Amsterdam,The Netherlands, 2002. 337-351.
[17]	LAW L , MENEZES A , QU M ,et al. An efficient protocol for authenticated key agreement[J]. Designs,Codes and Cryptography, 2003,28(2): 119-134.
[18]	MENEZES A . Another look at HMQV[J]. Journal of Mathematical Cryptology, 2007,1(1): 47-64.
[19]	KRAWCZYK H . HMQV:a high-performance secure diffie-hellman protocol[J]. Lecture Notes in Computer Science, 2005,3621: 546-566.
[20]	BELLOVIN S M , MERRITT M . Encrypted key exchange:password-based protocols secure against dictionary attacks[A]. Proceedings of the IEEE Symposium on Research in Security and Privacy (Oakland)[C]. Oakland,California,USA, 1992. 72-84.
[21]	BOYKO V , MACKENZIE P , PATEL S . Provably secure password-authenticated key exchange using diffie-hellman[A]. Advances in Cryptology-Eurocrypt 2000,Lecture Notes in Computer Science[C]. Bruges,Belgium, 2000.1807: 156-171.

Metrics

Recommended 0

No Suggested Reading articles found!

参数	含义
E_I	攻击者对正常执行的协议发起一次攻击在时间、能量等上的损失
X	攻击者对诚实节点发送无用数据时进行攻击的损耗值
ε	攻击者攻击成功的概率
U⁺	在概率ε下攻击者攻击成功的收益
U^?	在概率1?ε下攻击者攻击失败，但它仍然成功发起了一次拒绝服务攻击，此时攻击者的收益
U	诚实节点以α的概率传输无用数据，即攻击者干扰协议正常执行的收益

Rational analysis of authentication protocols based on NGUYEN L H scheme

RichHTML

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

Figures/Tables 9

References 21

Related Articles 15

Metrics

Recommended 0

[1]	Zhibin FENG, Yuhua XU, Zhiyong DU, Xin LIU, Wen LI, Hao HAN, Xiaobo ZHANG. Active defense technology against intelligent jammer [J]. Journal on Communications, 2022, 43(10): 42-54.
[2]	Hongbin ZHANG, Yan YIN, Dongmei ZHAO, Bin LIU. Network security situational awareness model based on threat intelligence [J]. Journal on Communications, 2021, 42(6): 182-194.
[3]	Li ZHANG,Tian LIAO,Yejun HE. Dual-target WOA spectrum sharing algorithm based on Stackelberg game [J]. Journal on Communications, 2020, 41(9): 170-178.
[4]	Lindong ZHAO,Wenqin ZHUANG,Jianxin CHEN,Liang ZHOU. Hierarchical task offloading in heterogeneous cellular network:modeling and optimization [J]. Journal on Communications, 2020, 41(4): 34-44.
[5]	Ta LI,Youliang TIAN,Kang XIANG,Hongfeng GAO. Block-based fair payment scheme under delegation computation [J]. Journal on Communications, 2020, 41(3): 80-90.
[6]	. Robust deployment strategy for security data collection agent [J]. Journal on Communications, 2019, 40(6): 51-65.
[7]	Feng ZENG,Runhua WANG,Jia PENG,Zhigang CHEN. Game-theoretical analysis of mobile contributors in mobile crowd sourcing network with word of mouth mode [J]. Journal on Communications, 2019, 40(3): 125-138.
[8]	Fangfang SHAN,Hui LI,Hui ZHU. Game theory based forwarding control method for social network [J]. Journal on Communications, 2018, 39(3): 172-180.
[9]	Bin CAO,Yu-cheng LIANG,Lei LUO,Shu TANG. Distributed game theoretic approach for offloading in ad hoc cloud [J]. Journal on Communications, 2017, 38(11): 24-34.
[10]	Ya-nan JIA,Dian-wu YUE. Energy efficiency-based downlink resource allocation in cognitive small cell networks [J]. Journal on Communications, 2016, 37(4): 116-127.
[11]	Bin CAO,Wen-qiang LANG,Zhuo CHEN,Yun LI. Power allocation in wireless network virtualization based on resource sharing [J]. Journal on Communications, 2016, 37(2): 64-72.
[12]	You-liang TIAN,Xue-mei WANG,Lin-fang LIU. Rational secret sharing scheme based on Markov decision [J]. Journal on Communications, 2015, 36(9): 222-229.
[13]	Song-hua HU,Jian-jun ZHANG,Yang LU,Bin LIU,Jiang-hong HAN. Power control for successive interference cancellation algorithm based on game theory [J]. Journal on Communications, 2015, 36(9): 215-221.
[14]	ANGJie W,AIYong-quan C,IANYou-liang T. Analysis and construction for threshold signature scheme based on game theory [J]. Journal on Communications, 2015, 36(5): 148-155.
[15]	. Game theory based trust management method for mobile ad hoc networks [J]. Journal on Communications, 2014, 35(11): 6-49.