Analyzing Security and Privacy in Design and Implementation of Web Authentication Protocols

2018 ◽  
pp. 441-445 ◽  
Author(s):  
Kailong Wang
Keyword(s):  
Security And Privacy ◽  
Authentication Protocols ◽  
Design And Implementation

Design and Implementation of a Zero-Knowledge Authentication Framework for Java Card

2013 ◽  
pp. 131-148
Author(s):  
Ahmed Patel ◽  
Kenan Kalajdzic ◽  
Laleh Golafshan ◽  
Mona Taghavi
Keyword(s):  
Smart Card ◽  
Public Key Cryptography ◽  
Performance Criteria ◽  
Authentication Protocols ◽  
Zero Knowledge ◽  
Memory Space ◽  
Design And Implementation ◽  
Java Card ◽  
Authentication Mechanism ◽  
Processing Power

Zero-knowledge authentication protocols are an alternative to authentication protocols based on public key cryptography. Low processing and memory consumption make them especially suitable for implementation in smart card microprocessors, which are severely limited in processing power and memory space. This paper describes a design and implementation of a software library providing smart card application developers with a reliable authentication mechanism based on well-known zero-knowledge authentication schemes. Java Card is used as the target smart card platform implementation based on the evaluation of the Fiat-Shamir (F-S) and Guillou-Quisquater (G-Q) protocols under various performance criteria are presented to show the effectiveness of the implementation and that G-Q is a more efficient protocol.

scholarly journals Lightweight ECC based RFID Authentication Protocol

2020 ◽  
Vol 9 (7) ◽  
pp. 347-351
Keyword(s):  
Radio Frequency ◽  
Radio Frequency Identification ◽  
Elliptic Curve Cryptography ◽  
Authentication Protocol ◽  
Security And Privacy ◽  
Patient Records ◽  
Authentication Protocols ◽  
Management Domain ◽  
Frequency Identification ◽  
Security Concern

The RFID (radio frequency identification) technology is being extensively accepted and used as a governing recognizing technology in medical management domain like information corroboration, patient records, blood transmission, etc. With more rigid security concern to RFID based authentication protocols, ECC (elliptic curve cryptography) established Radio Frequency Identification verification protocols is being expected to fit the prerequisite of security and privacy. However, abounding new published ECC based RFID protocols have severe security vulnerability. In the following paper, we have reviewed few RFID verification and authentication protocols and has compared its strengths, fragility and proposed less complex and more efficient authentication protocol.

scholarly journals Security and collision in RFID systems

2021 ◽  
Author(s):  
Mohammed Jameel Hakeem
Keyword(s):  
Radio Frequency Identification ◽  
Time Slot ◽  
Mutual Authentication ◽  
Wireless Channel ◽  
Security And Privacy ◽  
Linear Feedback ◽  
Authentication Protocols ◽  
Frame Size ◽  
Identification Process ◽  
Rfid Authentication Protocols

Abstract Radio Frequency Identification (RFID) is a promising technology to provide automated contactless identification of objects, people and animals. The identification process is performed as the reader receives simultaneous responses from various tags over a shared wireless channel and without no requirement of line-of-sight in the interrogation zone. The communication between the reader and tags is separated into two processes: identification and acknowledgment processes. Both processes suffer from serious drawbacks that limit the proliferation of RFID. Such drawbacks are security and privacy and collision problems. This thesis has two main parts. The first part examines the security and privacy of the existing RFID authentication protocols. We introduced a novel cryptographic scheme, Hacker Proof Authentication Protocol (HPAP) that allows mutual authentication and achieves full security by deploying tag static identifier, updated timestamp, a one-way hash function and encryption keys with randomized update using Linear Feedback Shift Register (LFSR). Cryptanalysis and simulation show that the protocol is secure against various attacks. In comparison with the various existing RFID authentication protocols, our protocol has less computation load, requires less storage, and costs less. The second part focuses on solving RFID collision arbitration imposed by the shared wireless link between a reader and the many tags distributed in the interrogation zone. In most proposed anticollision algorithms, tags reply randomly to the time slots chosen by the reader. Since more than two tags may choose the same time slot in a frame, this Random Access (RA) causes garbled data at the reader side resulting the identification process fails. Towards this challenge, two ALOHA based anti-collision algorithms that adopt a new way for tags to choose their replied time slots to enhance system efficiency are presented. In MBA and LTMBA, tags use modulo function to choose their owned time slot. The difference between the two algorithms relies on the method by which the reader estimates the next frame size. The performance evaluation of the two algorithms shows better performance than previously proposed algorithms in terms of fewer communication rounds and fewer collided/empty slots considering the limitation of the EPCglobal Class-1 Gen-2 standard.

scholarly journals Implementation of Security and Privacy Aspects in a Healthcare Social Network

10.29007/d1s9 ◽  
2019 ◽  
Author(s):  
Kasi Periyasamy ◽  
Saleh Alsyefi
Keyword(s):  
Kidney Diseases ◽  
Healthcare Providers ◽  
Health Problems ◽  
Security And Privacy ◽  
Health Issues ◽  
Design And Implementation ◽  
Healthcare Network ◽  
Related Information ◽  
Health Domains ◽  
Health Related

A recent medical survey indicates that healthcare social networks are very helpful in promoting awareness of health issues, discussing related health problems with other patients and healthcare providers, and finding quick solutions for some of the health problems[12]. Social media and advances in mobile technology make healthcare information accessible to many patients. Healthcare providers are also able to gain more benefits from healthcare networks by exchanging information with other providers and disseminating valuable health related information. The two major problems in using healthcare networks as re- ported in the literature are security of information stored and passed through the network, and privacy of patients’ health information. This paper describes the design and implementation of a healthcare network focusing on the two aspects - security and privacy. The authors chose Nephrology, the study of kidney diseases, for illustration. However, the de- sign and implementation of the network has been made sufficiently generic so that it can be used for other health domains such as gynecology and psychiatry.

scholarly journals Ultra-lightweight Authentication

2021 ◽  
pp. 99-112
Author(s):  
Xavier Carpent ◽  
Paolo D’Arco ◽  
Roberto De Prisco
Keyword(s):  
Security And Privacy ◽  
Design Strategies ◽  
Computing Environment ◽  
Authentication Protocols ◽  
Research Directions ◽  
Logical Operations ◽  
The Common ◽  
Ubiquitous And Pervasive Computing ◽  
Lightweight Authentication ◽  
Abstract Framework

AbstractIn this chapter we provide a critical look at the state of the art in ultra-lightweight authentication protocols. We start by outlining the features of the current ubiquitous and pervasive computing environment that have motivated the development of the ultra-lightweight paradigm which uses only basic arithmetic and logical operations. We emphasize its goals and its main challenges. Then, we focus our attention on the authentication problem. We use an abstract framework for modeling the protocols proposed over the years, in order to discuss their design strategies and the security and privacy properties they aim to achieve. After that, we survey the weaknesses and the common pitfalls in both the design and the analysis of ultra-lightweight authentication protocols. Finally, we conclude the chapter by discussing some fundamental ideas and research directions.

scholarly journals Security and collision in RFID systems

2021 ◽  
Author(s):  
Mohammed Jameel Hakeem
Keyword(s):  
Radio Frequency Identification ◽  
Time Slot ◽  
Mutual Authentication ◽  
Wireless Channel ◽  
Security And Privacy ◽  
Linear Feedback ◽  
Authentication Protocols ◽  
Frame Size ◽  
Identification Process ◽  
Rfid Authentication Protocols

Abstract Radio Frequency Identification (RFID) is a promising technology to provide automated contactless identification of objects, people and animals. The identification process is performed as the reader receives simultaneous responses from various tags over a shared wireless channel and without no requirement of line-of-sight in the interrogation zone. The communication between the reader and tags is separated into two processes: identification and acknowledgment processes. Both processes suffer from serious drawbacks that limit the proliferation of RFID. Such drawbacks are security and privacy and collision problems. This thesis has two main parts. The first part examines the security and privacy of the existing RFID authentication protocols. We introduced a novel cryptographic scheme, Hacker Proof Authentication Protocol (HPAP) that allows mutual authentication and achieves full security by deploying tag static identifier, updated timestamp, a one-way hash function and encryption keys with randomized update using Linear Feedback Shift Register (LFSR). Cryptanalysis and simulation show that the protocol is secure against various attacks. In comparison with the various existing RFID authentication protocols, our protocol has less computation load, requires less storage, and costs less. The second part focuses on solving RFID collision arbitration imposed by the shared wireless link between a reader and the many tags distributed in the interrogation zone. In most proposed anticollision algorithms, tags reply randomly to the time slots chosen by the reader. Since more than two tags may choose the same time slot in a frame, this Random Access (RA) causes garbled data at the reader side resulting the identification process fails. Towards this challenge, two ALOHA based anti-collision algorithms that adopt a new way for tags to choose their replied time slots to enhance system efficiency are presented. In MBA and LTMBA, tags use modulo function to choose their owned time slot. The difference between the two algorithms relies on the method by which the reader estimates the next frame size. The performance evaluation of the two algorithms shows better performance than previously proposed algorithms in terms of fewer communication rounds and fewer collided/empty slots considering the limitation of the EPCglobal Class-1 Gen-2 standard.

scholarly journals Security of Broadcast Authentication for Cloud-Enabled Wireless Medical Sensor Devices in 5G Networks

2020 ◽  
Vol 13 (2) ◽  
pp. 13
Author(s):  
Abdullah Al Hayajneh ◽  
Md Zakirul Alam Bhuiyan ◽  
Ian McAndrew
Keyword(s):  
Cloud Computing ◽  
Mobile Networks ◽  
Wireless Body Area Network ◽  
Security And Privacy ◽  
Body Area Network ◽  
Area Network ◽  
Authentication Protocols ◽  
Body Area ◽  
Healthcare Applications ◽  
5G Mobile Networks

Wireless Body Area Network (WBAN) has become one of the fastest growing technologies nowadays. There are some characteristic limitations in WBAN, especially when it comes to health-related applications that are used to monitor human bodies. To overcome and mitigate theses limitations in WBAN, cloud computing technology can be combined with the WBAN as a solution. We can classify the WBAN sensors in the cloud-based WBAN into i) nodes that monitor the human body and ii) WBAN actuators that take action upon the order commands from the medical staff. The biggest concern is the security of the medical commands to the WBAN actuators because if they are altered or tampered with, there can be serious consequences. Therefore, authentication plays an important role in securing cloud-based WBANs. In this article, we explore the security and privacy issues of Wireless Body Area Network combined with Mobile Cloud Computing (wMCC) with 5G mobile networks and investigate public-key based security solutions. At first, the paper presents a detailed description of wMCC architecture, discussing its main advantages and limitations. The main features of 5G mobile network are then presented, focusing on the advancement it may provide if integrated with wMCC systems. We further investigate the security issues of wMCC with 5G mobile networks while emphasizing the challenges that face this system in healthcare applications. The authentication techniques in wMCC are then classified and discussed with the feasibility of deploying practical solutions. Finally, we outline the main challenges and metrics of an ideal authentication protocols to be used in wMCC with 5G. The metrics are helpful for researchers in this field to evaluate, analyze, and compare the authentication protocols to decide the suitable application for each protocol.

Sign in / Sign up

Export Citation Format

Share Document