TY - GEN
T1 - An identity authentication protocol in online social networks
AU - Li, Lingjun
AU - Zhao, Xinxin
AU - Xue, Guoliang
PY - 2012
Y1 - 2012
N2 - Recent success of online social networks (OSNs) motivates the study of security issues in OSNs. A fundamental but challenging security issue in OSNs is to authenticate a friend's real identity. A solution to this issue will benefit a number of OSN security protocols. Existing solutions require users securely obtain some secret information from their friends before authentication takes place, which is not always possible in OSNs. In this paper, we propose a new authenticated key exchange protocol based on the exclusive secrets shared between friends. It provides identity authentication and key exchange in a plain setting, i.e., users do not need to securely exchange or distribute any information beforehand. The protocol is designed to work with low-entropy input information, because human beings are not good at dealing with a large amount of information. Another advantage of our protocol is its tolerance of input errors considering human error is always a possibility. We prove the security of the protocol in the universal composability (UC) framework and demonstrate its efficiency.
AB - Recent success of online social networks (OSNs) motivates the study of security issues in OSNs. A fundamental but challenging security issue in OSNs is to authenticate a friend's real identity. A solution to this issue will benefit a number of OSN security protocols. Existing solutions require users securely obtain some secret information from their friends before authentication takes place, which is not always possible in OSNs. In this paper, we propose a new authenticated key exchange protocol based on the exclusive secrets shared between friends. It provides identity authentication and key exchange in a plain setting, i.e., users do not need to securely exchange or distribute any information beforehand. The protocol is designed to work with low-entropy input information, because human beings are not good at dealing with a large amount of information. Another advantage of our protocol is its tolerance of input errors considering human error is always a possibility. We prove the security of the protocol in the universal composability (UC) framework and demonstrate its efficiency.
UR - http://www.scopus.com/inward/record.url?scp=84871993456&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84871993456&partnerID=8YFLogxK
U2 - 10.1145/2414456.2414471
DO - 10.1145/2414456.2414471
M3 - Conference contribution
AN - SCOPUS:84871993456
SN - 9781450313032
T3 - ASIACCS 2012 - 7th ACM Symposium on Information, Computer and Communications Security
SP - 28
EP - 29
BT - ASIACCS 2012 - 7th ACM Symposium on Information, Computer and Communications Security
T2 - 7th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2012
Y2 - 2 May 2012 through 4 May 2012
ER -