Multi-Domain Authentication Protocol Based on Dual-Signature

Today most multi-domain networks authentication systems provide data security and mutual authentication with asymmetric and traditional public key cryptography. There exist some problems, such as the overhead of passing certificates, the more complexity of management certificates and network bottlenecks and so on. These schemes can’t protect the safety of multi-domain interoperability in distributed network effectively. Aiming at these problems, the paper proposes an identity-based multi-domain authentication protocol among domains in large-scale distributed collaborative computing network. It adopts bilinear mapping and short signature technology to achieve mutual authentication between entities in different domains, which overcome the complexity of certificate transmission and bottlenecks in the scheme of PKI-based. Analyzed shows that this scheme has anonymity, security and supporting mutual anonymous authentication and it is suitable to use in security alliance authentication mechanism in large distributed network.


Introduction
Along with the rapid development of network application in all kinds of fields, network applications are more and more extensive. All sorts of businesses or activities, such as networkbased searching, remote collaborative designs, remote medical treatments, resource sharing, remote control and intelligent houses, may have requirements of cross-domain authentication. There also have the problems of cross-domain work in new network application forms such as grid computing, cloud computing, Internet of things etc. The study of cross-domain authentication theory and technology has becoming an urgent problem.
Although some authentication services, such as Kerberos [1], can provide multi-domain authentication, the scheme is related with the complexity of symmetric key management and key consultations. If there are N Kerberos domains and each of them want to trust each other, the number of key exchanges is N(N-1)/2, and it cannot deal with the anonymous problem effectively. Reference [2]- [4] introduced the use of lattice theory in cross-domain authentication, each of them used lattice to the construction of the network structure. They provided a better solution to the potential safety problems caused by the authentication from an independent privileged body. And they also solved the problems of network bottlenecks and single point crash in PKI authentication framework.
Reference [5] summarized the existing technologies of certification in grid environment, such as PKI in grid authentication infrastructure, the model of user privacy protection and rolebased private authentication protocol. Each of them was just for one problem in multi-domain authentication; they only solved the privacy of user's identity or the authentication mechanism, without considering all the factors as a whole. However, there are also problems of the difficulties in PKI certificate management and maintenance, the complexity of authentication path finding and the low utilization of network resources.
The other is authentication framework based on traditional PKI [6], [7]. The procedures of credentials under public key cryptography are heavy burdens. Specifically, the consumptions is caused by the construction of credential paths, the query of the status of credentials and transfer of credentials. It can also cause the network bottleneck of authentication center when under frequent cross-domain accesses. Reference [8] has purposed an identity-based multidomain authentication model, which the premise is that all the authorities must be mutual trust.

TELKOMNIKA
ISSN: 1693-6930  Also, the scheme requires the key parameters of all domains to be same. .It could not avoid the authority faking the members to cross-domain access resources. Reference [9], [10] adopt signcryption method to implement mutual authentication between entities, but it is only suitable for a single domain. Reference [11] extends the method. It enable the mutual authenticate of entities in multi domains, but the precondition of this scheme assumes that Private Key Generator (PKG) of each domain is honest. Because the PKG has the private keys of all the members within its domain, if PKG is malicious, the security of the users' private keys could not be guaranteed. At present, in the mutual authentication protocol, SSL/TLS authentication protocol (SAP) is the most popular protocol and has become standard protocol to ensure Web security. Reference [12] propose two authentication schemes that support keyboard as well as graphical mouse-based input that map password characters to other regions of the password space. This shields the user's password from being known to the adversary thus deflecting shoulder-surfing and spyware attacks. Reference [13] presents a multi layer perception neural network-based method for network traffic identification. Reference [14] assumes that all the entities in the network trust an authority agency, and this is not real, for in this condition the problems of bottleneck and the one point failure are too also heavy. Reference [15] presents a way to find the target trust center through a trust link. If the trust link is too long, the affection of cross-domain authentication will be too low. The issues with cross-domain authentication have been discussed in many papers. For example, both direct cross-domain authentication and transitive cross-domain authentication are supported in Kerberos [16], [17]. By using transitive cross-domain authentication, a principal can access the resources in a remote domain by traversing multiple intermediate domains if there is no cross-domain key shared with the remote domain.
In this paper, we analyzed the advantages and disadvantages of traditional multidomain authentication schemes. We propose a multi-domain authentication protocol based on dual-signature, which mainly solves the problem of the network bottleneck and key escrow in traditional PKI authentication protocols. The protocol also achieves the anonymity of the twoway entity authentication.

Preliminaries 2.1. Bilinear Group
Firstly, we give the definition of bilinear map, assuming that G 1 is additive group, G T is multiplicative group with same prime order p, is the security parameter, let G 1 =<g 1 > be generated by and the solution of discrete logarithm over the G 1 and G T is hard.
And is a computable mapping, and has the following properties:

Definition 3 Decisional Diffie-Hellman Problem (DDH): Suppose a quad
, for all , decides that is there . :

Definition 4 Gap Diffie-Hellman (GDH) group:
The problem of CDH is difficult to solute but the DDHP is easy. With this feature group called for the GDH group.

Definition 5 ( , )
t   CDH assumption: The CDH assumption holds in group if no time adversary has advantage at least in solving CDH in .

Multi-linear Mapping
Multi-linear Diffie-hellman hypothesis: Firstly given the definition of multi-linear mapping. Suppose that the discrete logarithm problem of and is hard.  2) Non-degeneracy: If is a generator of , then 1 ( , ,..., ) e g g g is also a generator of .

3) Computability:
For all , there exits a efficient way to calculate .

Definition 7 Hypothesis of DMDH:
Hypothesis of DMDH is that solving decisional multi-linear Diffie-Hellman problem is difficult. That is to say that there cannot be a probability polynomial time algorithm which can solve Diffie-Hellman problem.

Multi-Domain Authentication Based on Dual-Signature
In this section, a new multi-domain authentication protocol is designed. There are several steps will be described. (2) Alliance-domain system keys agreement: All the can negotiate an alliance public/private key pair by multi-linear mapping, the process are as follows: sk pk a a

Dual-Signature Authentication
To ensure the security, members from different domains need to be mutual authenticated when they access resources each other. To speed up the resource access and avoid the bottleneck problem during the authentication, this paper purposed a multi-domain alliance authentication protocol based on dual-signature, which enables any two members to direct authentication and does not need to transfer the ticket by the third party (the authentication center).  (1) in domain calculates and ,then sends the public information to verify ,where is a dual-signature that in 3.1 (6).
(2) After receiving the messages , with its private key to calculates ,and verifies whether is satisfaction.
( Because two-way can mutual verity by the dual-signature of their KMC and themselves, and signature message is the identity of their KMC, which can be sure everyone belongs to which domains, the cross-domain authentication in the multi-domain system is successful.

Performance Analysis 4.1. Correctness Analysis.
Multi-domain authentication protocol of this paper is established based on dualsignature. In order to ensure the safe authentication when the domains access resources each other, the correctness of the dual-signature must be ensured for first time.

Security Analysis
The security of multi-domain anonymity authentication protocol is based on the security of the dual-signature. The security of the signature method proposed in this article relies on the BCDHP. Theory 2: Under the above assumption BCDHP, the proposed multi-domain anonymity authentication protocol is secure. Any attacker cannot forge dual-signature by eavesdropping on messages transmitted over the public channel. Proof: According to the contradiction proof principle, assume that an attacker can use an efficient probabilistic polynomial algorithm A to forge dual-signature of the proposed protocol.
We use the contradiction proof technique to prove that the proposed protocol is secure under the assumption BCDHP. We can use the algorithm A to construct another efficient algorithm ' A to distinguish  from 1 abg based on BCDHP. (1) An adversary P tries to learn the signature by eavesdropping on messages transmitted over the public channel. The adversary can obtain the messages ( , ) ag abg  ,which is a contradiction for the BCDHP. Thus, that our proposed protocol is secure under the assumption BCDHP. Compared with the existing cross-domain authentication, our advantages are as follows: (1) Authentication protocol in communication and computation is smaller than SAP scheme, and the efficiency of the certification is higher than SAP scheme.
(2) Our scheme greatly simplifies the system architecture compare with the traditional PKI-based authentication framework, and saves system cost.
(3) Compare with the literature [18] in the certification framework, this paper proposed protocol can provide mutual authentication in different trust domains, and the application is broader, more in line with the actual needs of a distributed network environment.
(4) This paper proposed authentication protocol has forward security, and in the Reference [16] the non-interactive authentication session key is static, if an attacker controls a user's private key, he can calculate the session key that between this user and any entity, it does not have forward security.

Computation and communication consumption Analysis
In this section, we compare our basic scheme with the prior schemes in the light of key size, communication overhead, processing complexity and their security. The consumption of computing and communication mainly reflect in modular exponentiation E , bilinear operation pr , multiplication over group pm . In the protocols, any node calculates the path key of all its ancestors and other correlative computing, which can be pre-computed. So the consumption of computing about the signature certification would be negligible [19]. We compare our protocols with other corresponding authentication protocols in communication cost in Table 1. We use notations as follows:  As so in Table 1, our protocol is more efficient than Reference [20]'s protocol with respect to both computing and communication. The computing is similar to Reference [21]'s and the communication is larger than Reference [21]'s. However, our protocol is the more  [21]'s, and our scheme can achieve to two-way authentication, so both sides are unforgeable when their communicating.

Conclusion
Multi-domain alliance-authentication is required for security in multi-domain network environment. The scheme of anonymity authentication protocol purposed in this article can ensure the security while share the resource among multiple domains. The anonymity can protect the privacy of each entity, and each entity can access cross-domain resources needless the intervention of the key management center, which provide good flexibility. It can avoid the bottleneck problem and the complexity of the transfer tickets of the traditional pattern based on PKI. It is safe and practical.