An enhanced mutual authentication and security protocol for IoT and cloud server

2021 ◽  
pp. 1-13
Author(s):  
Prabhat Kumar Panda ◽  
Sudipta Chattopadhyay
Keyword(s):  
Mutual Authentication ◽  
Security Protocol ◽  
Cloud Server ◽  
Authentication And Security

scholarly journals Drone Secure Communication Protocol for Future Sensitive Applications in Military Zone

Sensors ◽  
2021 ◽  
Vol 21 (6) ◽  
pp. 2057
Author(s):  
Yongho Ko ◽  
Jiyoon Kim ◽  
Daniel Gerbi Duguma ◽  
Philip Virgil Astillo ◽  
Ilsun You ◽  
...  
Keyword(s):  
Performance Evaluation ◽  
Secure Communication ◽  
Communication Protocol ◽  
Denial Of Service ◽  
Mutual Authentication ◽  
Information Leakage ◽  
Security Protocol ◽  
Security Requirements ◽  
Forward Secrecy ◽  
Perfect Forward Secrecy

Unmanned Aerial Vehicle (UAV) plays a paramount role in various fields, such as military, aerospace, reconnaissance, agriculture, and many more. The development and implementation of these devices have become vital in terms of usability and reachability. Unfortunately, as they become widespread and their demand grows, they are becoming more and more vulnerable to several security attacks, including, but not limited to, jamming, information leakage, and spoofing. In order to cope with such attacks and security threats, a proper design of robust security protocols is indispensable. Although several pieces of research have been carried out with this regard, there are still research gaps, particularly concerning UAV-to-UAV secure communication, support for perfect forward secrecy, and provision of non-repudiation. Especially in a military scenario, it is essential to solve these gaps. In this paper, we studied the security prerequisites of the UAV communication protocol, specifically in the military setting. More importantly, a security protocol (with two sub-protocols), that serves in securing the communication between UAVs, and between a UAV and a Ground Control Station, is proposed. This protocol, apart from the common security requirements, achieves perfect forward secrecy and non-repudiation, which are essential to a secure military communication. The proposed protocol is formally and thoroughly verified by using the BAN-logic (Burrow-Abadi-Needham logic) and Scyther tool, followed by performance evaluation and implementation of the protocol on a real UAV. From the security and performance evaluation, it is indicated that the proposed protocol is superior compared to other related protocols while meeting confidentiality, integrity, mutual authentication, non-repudiation, perfect forward secrecy, perfect backward secrecy, response to DoS (Denial of Service) attacks, man-in-the-middle protection, and D2D (Drone-to-Drone) security.

A Mutual Authentication Protocol with Resynchronisation Capability for Mobile Satellite Communications

2013 ◽  
pp. 35-51
Author(s):  
Ioana Lasc ◽  
Reiner Dojen ◽  
Tom Coffey
Keyword(s):  
Denial Of Service ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Service Condition ◽  
Satellite Communications ◽  
Authentication Protocol ◽  
Security Protocol ◽  
New Type ◽  
Mobile Satellite ◽  
Mutual Authentication Protocol

Many peer-to-peer security protocols proposed for wireless communications use one-time shared secrets for authentication purposes. This paper analyses online update mechanisms for one-time shared secrets. A new type of attack against update mechanisms, called desynchronisation attack, is introduced. This type of attack may lead to a permanent denial of service condition. A case study demonstrates the effectiveness of desynchronisation attacks against a security protocol for mobile satellite communications. A new mutual authentication protocol for satellite communications, incorporating a resynchronisation capability, is proposed to counter the disruptive effects of desynchronisation attacks. The new protocol has an esynchronisation phase that is initiated whenever desynchronisation is suspected. Thus, the possibility of causing permanent denial of service conditions by mounting desynchronisation attacks is eliminated. A security analysis of the proposed protocol establishes its resistance against attacks like replay attacks, dictionary attacks, and desynchronisation attacks.

scholarly journals Elliptic Curve Signcryption-Based Mutual Authentication Protocol for Smart Cards

2020 ◽  
Vol 10 (22) ◽  
pp. 8291
Author(s):  
Anuj Kumar Singh ◽  
Arun Solanki ◽  
Anand Nayyar ◽  
Basit Qureshi
Keyword(s):  
Elliptic Curve ◽  
Smart Card ◽  
Mutual Authentication ◽  
Computational Cost ◽  
Authentication Protocol ◽  
Security Protocol ◽  
Smart Cards ◽  
Communication Overhead ◽  
Authentication Mechanism ◽  
Computational Overhead

In the modern computing environment, smart cards are being used extensively, which are intended to authenticate a user with the system or server. Owing to the constrictions of computational resources, smart card-based systems require an effective design and efficient security scheme. In this paper, a smart card authentication protocol based on the concept of elliptic curve signcryption has been proposed and developed, which provides security attributes, including confidentiality of messages, non-repudiation, the integrity of messages, mutual authentication, anonymity, availability, and forward security. Moreover, the analysis of security functionalities shows that the protocol developed and explained in this paper is secure from password guessing attacks, user and server impersonation, replay attacks, de-synchronization attacks, insider attacks, known key attacks, and man-in-the-middle attacks. The results have demonstrated that the proposed smart card security protocol reduces the computational overhead on a smart card by 33.3% and the communication cost of a smart card by 34.5%, in comparison to the existing efficient protocols. It can, thus, be inferred from the results that using elliptic curve signcryption in the authentication mechanism reduces the computational cost and communication overhead by a significant amount.

scholarly journals Password Based Client-Server-User Authenticated Key Agreement Mechanism for Cloud System

2019 ◽  
Vol 8 (4) ◽  
pp. 12839-12841
Keyword(s):  
Key Agreement ◽  
Identity Management ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Impersonation Attack ◽  
Session Key ◽  
Replay Attack ◽  
Authentication Mechanism ◽  
Diffie Hellman ◽  
Cloud Server

The authentication is an essential concern in the cloud environment to restrict the unauthorized users to retrieve the files from cloud server. Moreover, authentication mechanisms are used to prevent illegal access of resources over insecure channel. Thus proposed work provides the strong and efficient authentication process in cloud computing environment by chebyshev polynomial based chaotic maps Diffie Hellman property. The proposed authentication mechanism does not disclose the identity of the user to CSP. Moreover proposed authentication mechanism enables mutual authentication, Identity management, and session-key agreement. The Proposed mechanism of security analysis includes the enabling mutual authentication and key agreement, restricting the impersonation attack, man in the middle attack and replay attack.

scholarly journals Enhanced Mutual Authentication System in Mobile Cloud Environments

2018 ◽  
Vol 7 (3.34) ◽  
pp. 192 ◽  
Author(s):  
S Shanmuga Priya ◽  
Dr A.Valarmathi ◽  
M Rizwana ◽  
Dr L.Mary Gladence
Keyword(s):  
Mutual Authentication ◽  
Validation Framework ◽  
Card Number ◽  
Cloud Server ◽  
Cloud Environments ◽  
Authentication System ◽  
Online Access ◽  
Online Methods ◽  
Verification Strategy ◽  
Minimal Effort

Security is one of the significant worries of all associations which utilizes online methods for interchanges particularly banks. Of this, customer side is most defenseless against hacking, as the framework can't be totally shut when use over web by a typical customer is to be permitted. Most frameworks utilize a static password– based verification strategy which is anything but difficult to hack. There are different other validation strategies existing like cards, biometric recognizable proof, and so on. These strategies give better security, however are not material to online customer correspondence as these techniques require extraordinary gadgets for their usage. One conceivable technique for applying an upgraded factor of verification for online access to the framework is a dynamic secret word. In this venture we can plan the validation framework in light of key age, confirmation age and OTP based framework. The keys are created progressively utilizing Mobile IMEI number and SIM card number. The OTP age utilizes the components that are novel to the client and is introduced on a PDA in Android stage and furthermore cloud server claimed by PHP server. An OTP is legitimate for a minutes time, after which, is pointless. The framework in this way gives better customer level security – a straightforward minimal effort strategy which shields framework from hacking strategies, for example, speculating assault, answer assault, stolen and verifier assault and adjustment assault.  

A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server

2017 ◽  
Vol 63 ◽  
pp. 168-181 ◽  
Author(s):  
Fan Wu ◽  
Xiong Li ◽  
Lili Xu ◽  
Saru Kumari ◽  
Marimuthu Karuppiah ◽  
...  
Keyword(s):  
Mutual Authentication ◽  
Wearable Devices ◽  
Privacy Preserving ◽  
Authentication Scheme ◽  
Cloud Server
Sign in / Sign up

Export Citation Format

Share Document