Skip to main content
Springer Nature Link
Log in

Privacy-Preserving Remote User Authentication with k-Times Untraceability

  • Conference paper
  • First Online:
Information Security and Cryptology (Inscrypt 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11449))

Included in the following conference series:

Abstract

Remote user authentication has found numerous real-world applications, especially in a user-server model. In this work, we introduce the notion of anonymous remote user authentication with k-times untraceability (k-RUA) for a given parameter k, where authorized users authenticate themselves to an authority (typically a server) in an anonymous and k-times untraceable manner. We define the formal security models for a generic k-RUA construction that guarantees user authenticity, anonymity and user privacy. We provide a concrete instantiation of k-RUA having the following properties: (1) a third party cannot impersonate an authorized user by producing valid transcripts for the user while conversing during a session; (2) a third party having access to the communication channel between the user and the authority cannot identify the session participants; (3) the authority can trace the real identities of dishonest users who have authenticated themselves for more than k times; (4) our k-RUA construction avoids using expensive pairing operations—which makes it efficient and suitable for devices having limited amount of computational resources.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    An e-coupon is also sometimes named as a multi-coupon as such a coupon can be redeemed more than once [6].

  2. 2.

    An e-coupon system is usually comprised of issue and redeem protocols [6].

  3. 3.

    The authentication server is assumed to execute the protocol as specified, just try to learn additional information from the transcript during protocol execution.

References

  1. Armknecht, F., Escalante B, A.N., Löhr, H., Manulis, M., Sadeghi, A.-R.: Secure multi-coupons for federated environments: privacy-preserving and customer-friendly. In: Chen, L., Mu, Y., Susilo, W. (eds.) ISPEC 2008. LNCS, vol. 4991, pp. 29–44. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-79104-1_3

    Chapter  Google Scholar 

  2. Ateniese, G., Camenisch, J., Joye, M., Tsudik, G.: A practical and provably secure coalition-resistant group signature scheme. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 255–270. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44598-6_16

    Chapter  Google Scholar 

  3. Au, M.H., Susilo, W., Mu, Y., Chow, S.S.M.: Constant-size dynamic k-times anonymous authentication. IEEE Syst. J. 7(2), 249–261 (2013)

    Article  Google Scholar 

  4. Bellare, M., Namprempre, C., Pointcheval, D., Semanko, M.: The one-more-RSA-inversion problems and the security of Chaum’s blind signature scheme. J. Cryptol. 16(3), 185–215 (2003)

    Article  MathSciNet  Google Scholar 

  5. Canard, S., Gouget, A., Hufschmitt, E.: A handy multi-coupon system. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 66–81. Springer, Heidelberg (2006). https://doi.org/10.1007/11767480_5

    Chapter  Google Scholar 

  6. Chen, L., Enzmann, M., Sadeghi, A.-R., Schneider, M., Steiner, M.: A privacy-protecting coupon system. In: Patrick, A.S., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 93–108. Springer, Heidelberg (2005). https://doi.org/10.1007/11507840_12

    Chapter  Google Scholar 

  7. Chu, C.-K., Tzeng, W.-G.: Efficient k-Out-of-n oblivious transfer schemes with adaptive and non-adaptive queries. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 172–183. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30580-4_12

    Chapter  Google Scholar 

  8. Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0055717

    Chapter  Google Scholar 

  9. Hinarejos, M.F., Isern-Deyà, A.-P., Ferrer-Gomila, J.-L., Huguet-Rotger, L.: Deployment and performance evaluation of mobile multicoupon solutions. Int. J. Inf. Secur. 18, 1–24 (2018)

    Google Scholar 

  10. Liu, W., Mu, Y., Yang, G.: An efficient privacy-preserving e-coupon system. In: Lin, D., Yung, M., Zhou, J. (eds.) Inscrypt 2014. LNCS, vol. 8957, pp. 3–15. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16745-9_1

    Chapter  Google Scholar 

  11. Liu, W., Mu, Y., Yang, G., Yu, Y.: Efficient e-coupon systems with strong user privacy. Telecommun. Syst. 64(4), 695–708 (2017)

    Article  Google Scholar 

  12. Nguyen, L.: Privacy-protecting coupon system revisited. In: Di Crescenzo, G., Rubin, A. (eds.) FC 2006. LNCS, vol. 4107, pp. 266–280. Springer, Heidelberg (2006). https://doi.org/10.1007/11889663_22

    Chapter  Google Scholar 

  13. Nguyen, L., Safavi-Naini, R.: Dynamic k-times anonymous authentication. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 318–333. Springer, Heidelberg (2005). https://doi.org/10.1007/11496137_22

    Chapter  Google Scholar 

  14. Teranishi, I., Furukawa, J., Sako, K.: k-Times anonymous authentication (extended abstract). In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 308–322. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30539-2_22

    Chapter  Google Scholar 

  15. Tian, Y., Zhang, S., Yang, G., Mu, Y., Yu, Y.: Privacy-preserving k-time authenticated secret handshakes. In: Pieprzyk, J., Suriadi, S. (eds.) ACISP 2017. LNCS, vol. 10343, pp. 281–300. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59870-3_16

    Chapter  Google Scholar 

  16. Zhang, F., Kim, K.: ID-based blind signature and ring signature from pairings. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 533–547. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36178-2_33

    Chapter  Google Scholar 

Download references

Acknowledgements

The work is supported by the Singapore National Research Foundation under NCR Award Number NCR2016NCR-NCR002-022. It is also supported by AXA Research Fund.

Author information

Authors and Affiliations

  1. School of Information Systems, Singapore Management University, Singapore, Singapore

    Yangguang Tian, Yingjiu Li, Binanda Sengupta & Robert Huijie Deng

  2. i-Sprint Innovations, Singapore, Singapore

    Albert Ching

  3. School of Mathematics and Statistics, North China University of Water Resources and Electric Power, Zhengzhou, China

    Weiwei Liu

Authors
  1. Yangguang Tian
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yingjiu Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Binanda Sengupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Robert Huijie Deng
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Albert Ching
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Weiwei Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yangguang Tian .

Editor information

Editors and Affiliations

  1. University of Wollongong, Wollongong, NSW, Australia

    Fuchun Guo

  2. Fujian Normal University, Fujian, China

    Xinyi Huang

  3. Columbia University, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Tian, Y., Li, Y., Sengupta, B., Deng, R.H., Ching, A., Liu, W. (2019). Privacy-Preserving Remote User Authentication with k-Times Untraceability. In: Guo, F., Huang, X., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2018. Lecture Notes in Computer Science(), vol 11449. Springer, Cham. https://doi.org/10.1007/978-3-030-14234-6_36

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-14234-6_36

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-14233-9

  • Online ISBN: 978-3-030-14234-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation