Design and Analysis of Quantum Password Authentication Protocol

Zhuang, Er-Shuo

27 August 2007

In recent years, scientists have some inspiring breakthroughes in quantum algorithm. In 1994, Peter Shor published the Shor's Algorithm. He used the parallel property of quantum computing to do the quantum Fourier transform. In this way, quantum computer can both factor large integers and solve discrete logarithm problems in polynomial time. Shor's Algorithm proved that most of current used public key systems such as RSA and ElGamal will be solved with quantum computers in polynomial time. Therefore, scientists began to research on cryptography which is based on quantum physical qualities. In this paper, we designed two password authentication protocols. The security of the protocols is not based on classical computational complexity but on the principle of quantum mechanics. The first protocol uses additional quantum bits to prevent attackers. In this protocol, the transmitted bits are less than directly using BB84 protocol to generate a key and encode the password. The second protocol uses the property of quantum transmission. We used hash functions to increase the relationship between quantum bits, so the attackers can not get direct information from eavesdropped quantum bits. Our objective is to show that the security of the protocols is not based on the irreversibility of functions, but on the properties of quantum mechanics.

Quantum Password Protocol

Weak and strong authentication in computer networks

Choi, Taehwan

22 February 2013

In this dissertation, we design and analyze five authentication protocols that answer to the a firmative the following fi ve questions associated with the authentication functions in computer networks. 1. The transport protocol HTTP is intended to be lightweight. In particular, the execution of applications on top of HTTP is intended to be relatively inexpensive and to take full advantage of the middle boxes in the Internet. To achieve this goal, HTTP does not provide any security guarantees, including any authentication of a server by its clients. This situation raises the following question. Is it possible to design a version of HTTP that is still lightweight and yet provides some security guarantees including the authentication of servers by their clients? 2. The authentication protocol in HTTPS, called TLS, allows a client to authenti- cate the server with which it is communicating. Unfortunately, this protocol is known to be vulnerable to human mistakes and Phishing attacks and Pharm- ing attacks. Is it possible to design a version of TLS that can successfully defend against human mistakes and Phishing attacks and Pharming attacks? 3. In both HTTP and HTTPS, a server can authenticate a client, with which it is communicating, using a standard password protocol. However, standard password protocols are vulnerable to the mistake of a client that uses the same password with multiple servers and to Phishing and Pharming attacks. Is it possible to design a password protocol that is resilient to client mistakes (of using the same password with multiple servers) and to Phishing and Pharming attacks? 4. Each sensor in a sensor network needs to store n - 1 symmetric keys for secure communication if the sensor network has n sensor nodes. The storage is constrained in the sensor network and the earlier approaches succeeded to reduce the number of keys, but failed to achieve secure communications in the face of eavesdropping, impersonation, and collusion. Is it possible to design a secure keying protocol for sensor networks, which is e fficient in terms of computation and storage? 5. Most authentication protocols, where one user authenticates a second user, are based on the assumption that the second user has an "identity", i.e. has a name that is (1) fi xed for a relatively long time, (2) unique, and (3) ap- proved by a central authority. Unfortunately, the adoption of user identities in a network does create some security holes in that network, most notably anonymity loss, identity theft, and misplaced trust. This situation raises the following question. Is it possible to design an authentication protocol where the protocol users have no identities? / text

Authentication

Authentication protocols

Server authentication

Client authentication

Integrity

HTTP

HTTPS

Password protocol

TLS

Anonymous authentication

Sensor networks

Keying protocol