My Account | Careers | Downloads | Blog

PROJECT TITLE :

Security Analysis of a Single Sign-On Mechanism for Distributed Computer Networks - 2013

ABSTRACT:

Single sign-on (SSO) is a new authentication mechanism that enables a legal user with a single credential to be authenticated by multiple service providers in a distributed computer network. Recently, Chang and Lee proposed a new SSO scheme and claimed its security by providing well-organized security arguments. In this paper, however, we demonstrative that their scheme is actually insecure as it fails to meet credential privacy and soundness of authentication. Specifically, we present two impersonation attacks. The first attack allows a malicious service provider, who has successfully communicated with a legal user twice, to recover the user's credential and then to impersonate the user to access resources and services offered by other service providers. In another attack, an outsider without any credential may be able to enjoy network services freely by impersonating any legal user or a nonexistent user. We identify the flaws in their security arguments to explain why attacks are possible against their SSO scheme. Our attacks also apply to another SSO scheme proposed by Hsu and Chuang, which inspired the design of the Chang-Lee scheme. Moreover, by employing an efficient verifiable encryption of RSA signatures proposed by Ateniese, we propose an improvement for repairing the Chang-Lee scheme. We promote the formal study of the soundness of authentication as one open problem.


Did you like this research project?

To get this research project Guidelines, Training and Code... Click Here

PROJECT TITLE : A Novel Architectural Framework on IoT Ecosystem, Security Aspects and Mechanisms: A Comprehensive Survey ABSTRACT: Over the course of the last few years, the Internet of Things (IoT) technology has not only
PROJECT TITLE : Attention in Reasoning Dataset, Analysis, and Modeling ABSTRACT: Although attention has become an increasingly popular component in deep neural networks for the purpose of both interpreting data and improving
PROJECT TITLE : New Blockchain Based Special Keys Security Model with Path Compression Algorithm for Big Data ABSTRACT: In recent years, following the introduction of the IoT (Internet of Things) into our lives and thanks to
PROJECT TITLE : Blockchain-Enabled Social Security Services Using Smart Contracts ABSTRACT: The current social security system is unable to meet the needs of people in terms of providing transparent, distributed sharing, tamper-proof,
PROJECT TITLE : Predicting Detection Performance on Security X-Ray Images as a Function of Image Quality ABSTRACT: Research into how image quality impacts work performance is a hot topic in many industries. The security X-ray

Ready to Complete Your Academic MTech Project Work In Affordable Price ?

Project Enquiry