Anonymous IEEE802.1X Authentication System Using Group Signatures

Recently, ubiquitous Internet-access services have been provided by Internet service providers (ISPs) by deploying wireless local area networks (LANs) in public spaces including stations, hotels, and coffee shops. The IEEE802.1X protocol is usually used for user authentications to allow only authorized users to access services. Then, although user personal information of access locations, services, and operations can be easily collected by ISPs and thus, their strict management has been demanded, it becomes very difficult when multiple ISPs provide roaming services by their corporations. In this paper, we present an anonymous IEEE802.1X authentication system using a group signature scheme to allow user authentication without revealing their identities. Without user identities, ISPs cannot collect personal information. As an efficient revocable group signature scheme, we adopt the verifier-local revocation (VLR) type with some modifications for use of the fast pairing computation. We show the implementation of our proposal and evaluation results where the practicality of our system is confirmed for up to 1, 000 revoked users.

[1]  Larry J. Blunk,et al.  PPP Extensible Authentication Protocol (EAP) , 1998, RFC.

[2]  Hideki Imai,et al.  An Efficient Group Signature Scheme from Bilinear Maps , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[3]  Yasuyuki Nogami,et al.  A Multiplication Algorithm in Fpm Such That p>m with a Special Class of Gauss Period Normal Bases , 2009, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[4]  Allan C. Rubens,et al.  Remote Authentication Dial In User Service (RADIUS) , 1997, RFC.

[5]  Paulo S. L. M. Barreto,et al.  Pairing-Friendly Elliptic Curves of Prime Order , 2005, Selected Areas in Cryptography.

[6]  Jan Camenisch,et al.  Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials , 2002, CRYPTO.

[7]  Glen Zorn,et al.  IEEE 802.1X Remote Authentication Dial In User Service (RADIUS) Usage Guidelines , 2003, RFC.

[8]  J. Camenisch,et al.  A Group Signature Scheme Based on an RSA-Variant , 1998 .

[9]  Kenneth G. Paterson,et al.  Pairings for Cryptographers , 2008, IACR Cryptol. ePrint Arch..

[10]  Hovav Shacham,et al.  Group signatures with verifier-local revocation , 2004, CCS '04.

[11]  Allan C. Rubens,et al.  Remote Authentication Dial In User Service (RADIUS) , 2000, RFC.

[12]  Shouhuai Xu,et al.  Accumulating Composites and Improved Group Signing , 2003, ASIACRYPT.

[13]  Yasuyuki Nogami,et al.  Integer Variable chi-Based Ate Pairing , 2008, Pairing.

[14]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[15]  Yasuyuki Nogami,et al.  Fast Ate Pairing Computation of Embedding Degree 12 Using Subfield-Twisted Elliptic Curve , 2009, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[16]  Frank Stajano,et al.  Evaluation Framework of Location Privacy of Wireless Mobile Systems with Arbitrary Beam Pattern , 2007, Fifth Annual Conference on Communication Networks and Services Research (CNSR '07).

[17]  Simon Blake-Wilson,et al.  Funk Request for Comments : 5281 Unaffiliated Category : Informational , 2008 .

[18]  Dan Simon,et al.  PPP EAP TLS Authentication Protocol , 1999, RFC.

[19]  Nobuo Funabiki,et al.  Verifier-Local Revocation Group Signature Schemes with Backward Unlinkability from Bilinear Maps , 2005, ASIACRYPT.

[20]  Tanja Lange,et al.  Handbook of Elliptic and Hyperelliptic Curve Cryptography , 2005 .

[21]  Jan Camenisch,et al.  Group Signatures: Better Efficiency and New Theoretical Aspects , 2004, SCN.

[22]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[23]  Nobuo Funabiki,et al.  A Short Verifier-Local Revocation Group Signature Scheme with Backward Unlinkability , 2007, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[24]  Sanjit Chatterjee,et al.  Comparing two pairing-based aggregate signature schemes , 2010, Des. Codes Cryptogr..

[25]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[26]  Kazue Sako,et al.  Using group signatures for identity management and its implementation , 2006, DIM '06.

[27]  Yasuyuki Nogami,et al.  Skew Frobenius Map and Efficient Scalar Multiplication for Pairing-Based Cryptography , 2008, CANS.

[28]  Yasuyuki Nogami,et al.  Scalar Multiplication Using Frobenius Expansion over Twisted Elliptic Curve for Ate Pairing Based Cryptography , 2009, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[29]  Bernard Aboba,et al.  Extensible Authentication Protocol (EAP) , 2004, RFC.