Attribute based User Authentication for Contents Distribution Environments

  • Yoo, Hye-Joung (Department of Information Security Sejong Cyber University)
  • Received : 2012.05.29
  • Accepted : 2012.07.10
  • Published : 2012.09.28


In digital contents distribution environments, a user authentication is an important security primitive to allow only authenticated user to use right services by checking the validity of membership. For example, in Internet Protocol Television (IPTV) environments, it is required to provide an access control according to the policy of content provider. Remote user authentication and key agreement scheme is used to validate the contents accessibility of a user. We propose a novel user authentication scheme using smart cards providing a secure access to multimedia contents service. Each user is authenticated using a subset of attributes which are issued in the registration phase without revealing individual's identity. Our scheme provides the anonymous authentication and the various permissions according to the combination of attributes which are assigned to each user. In spite of more functionality, the result of performance analysis shows that the computation and communication cost is very low. Using this scheme, the security of contents distribution environments in the client-server model can be significantly improved.


  1. W. Diffie and M.E. Hellman, "New Directions in Cryptography," IEEE Transaction on Information Theory, vol.6(11), 1976, pp. 644-654.
  2. M.S. Hwang and L.H. Li, "A new remote user authentication scheme using smart cards," IEEE Transaction on Consumer Electronics, vol.46(1), 2000, pp. 28-30.
  3. M.L. Das, A. Saxena, and V.P. Gulate, "A dynamic ID-based remote user authentication scheme," IEEE Transaction on Information Theory, vol.6(11), 2004, pp. 629-631.
  4. H.Y. Chien and C.H. Chen, "A Remote Authentication Scheme Preserving User Anonymity," Proceeding of 19th International Conference on Advanced Information Networking and Applications, 2005.
  5. A. Sahai and B. Waters, "Fuzzy identity based encryption," Proceeding of Eurocrypt'05, 2005.
  6. E.J. Yoon and Y. Yoo, "Improving the Dynamic IDBased Remote Mutual Authentication Scheme," Proceeding of OTM Workshop 2006, LNCS 4277, 2006, pp. 499-507.
  7. K. Frikken, M. Atallah, and J. Li, "Attribute-Based Access Control with Hidden Policies and Hidden Credentials," IEEE Transaction on Computers, vol.55(10),2006, pp. 1259-1270.
  8. M. Pirretti, P. Traynor, and B. Waters, "Attribute-Based Systems," Proceeding of CCS 2006, 2006.
  9. T. Jiang, Y. Hou, and S. Zheng, "Secure Communication between set-top-box and smart card in DTV broadcasting," IEEE Transactions on Consumer Electronics, vol.50(3), 2004, pp. 882-886.
  11. R.S. Pippal, S. Tapaswi, and L. Li, "Secure Key Exchange Scheme for IPTV Broadcasting," Informatica, vol.36(1), 2012, pp. 47-52.