Mutual Authentication and Distributed Key Management with Permissioned Blockchain in MEC-Enabled Vehicular Networks

Emerging as the effective strategy of intelligent transportation system (ITS), vehicular ad hoc networks (VANETs) have the capacity of drastically improving the driving experience and road safety. In typical VANET scenarios, high mobility and volatility of vehicles result in dynamic topology of vehicular networks. That is, individual vehicle may pass through the effective domain of multiple neighboring road-side-units (RSUs) during a comparatively short time interval. Hence, efficient and low-latency cross-domain verification with all the successive RSUs is of significance. Recently, a lot of research on VANET authentication and key distribution was presented, while the critical cross-domain authentication (CDA) issue has not been properly addressed. Particularly, the existing CDA solutions mainly reply on the acquired confidential keying information from the neighboring entities (RSUs and vehicles), while too much trustworthiness is granted to the involved RSUs. Please note that the RSUs are distributively located and may be compromised or disabled by adversary, thus vital vehicle information may be revealed. Furthermore, frequent data interactions between RSUs and cloud server are always the major requisite so as to achieve mutual authentication with cross-domain vehicles, which leads to heavy bandwidth consumption and high latency. In this paper, we address the above VANET cross-domain authentication issue under the novel RSU edge networks assumption. Please note that RSUs are assumed to be semi-trustworthy entity in our design, where critical vehicular keying messages remain secrecy. Homomorphic encryption design is applied for all involved RSUs and vehicles. In this way, successive RSUs could efficiently verify the cross-domain vehicle with the transited certificate from the neighbor RSUs and vehicle itself, while the identity and secrets of each vehicle is hidden all the time. Afterwards, dynamic updating towards the anonymous vehicle identity is conducted upon validation, where conditional privacy preserving is available. Moreover, pairing-free mutual authentication method is used for efficiency consideration. Formal security analysis is given, proving that the HCDA mechanism yields desirable security properties on VANET cross domain authentication issue. Performance discussions demonstrate efficiency of the proposed HCDA scheme compared with the state-of-the-art.

Download Full-text

Secure Key Management and Mutual Authentication Protocol for Wireless Sensor Network using Hybrid Approach

10.21203/rs.3.rs-328155/v1 ◽

2021 ◽

Author(s):

Sharmila ◽

Pramod Kumar ◽

Shashi Bhushan ◽

Manoj Kumar ◽

Mamoun Alazab

Keyword(s):

Key Management ◽

Mutual Authentication ◽

Hybrid Approach ◽

Limited Resource ◽

Sensor Nodes ◽

Wireless Sensor ◽

Distribution Method ◽

Key Establishment ◽

Management Scheme ◽

Hostile Environments

Abstract Wireless Sensor Networks (WSNs) play a crucial role in developing the Internet of Things (IoT) by collecting data from hostile environments like military and civil domains with limited resources. The above applications are prone to eavesdropper due to cryptographic algorithms' weaknesses for providing security in WSNs. The security protocols for WSNs are different from the traditional networks because of the limited resource of sensor nodes. Existing key management schemes require large key sizes to provide high-security levels, increasing the computational and communication cost for key establishment. This paper proposes a Hybrid Key Management Scheme for WSNs based on Elliptic Curve Cryptography (ECC) and a hash function to generate key pre-distribution keys. The Key establishment is carried out by merely broadcasting the node identity. The main reason for incorporating a hybrid approach in the key pre-distribution method is to achieve mutual authentication between the sensor nodes during the establishment phase. The proposed method reduces computational complexity with greater security and the proposed scheme can be competently applied into resource constraint sensor nodes

Download Full-text

Achieving Better Privacy for the 3GPP AKA Protocol

Proceedings on Privacy Enhancing Technologies ◽

10.1515/popets-2016-0039 ◽

2016 ◽

Vol 2016 (4) ◽

pp. 255-275 ◽

Cited By ~ 10

Author(s):

Pierre-Alain Fouque ◽

Cristina Onete ◽

Benjamin Richard

Keyword(s):

Key Management ◽

Provable Security ◽

Mutual Authentication ◽

Mobile Network ◽

Authenticated Key Exchange ◽

Network Servers ◽

New Variant ◽

Man In The Middle ◽

Network Communications ◽

3Rd Generation Partnership Project

Abstract Proposed by the 3rd Generation Partnership Project (3GPP) as a standard for 3G and 4G mobile-network communications, the AKA protocol is meant to provide a mutually-authenticated key-exchange between clients and associated network servers. As a result AKA must guarantee the indistinguishability from random of the session keys (key-indistinguishability), as well as client- and server-impersonation resistance. A paramount requirement is also that of client privacy, which 3GPP defines in terms of: user identity confidentiality, service untraceability, and location untraceability. Moreover, since servers are sometimes untrusted (in the case of roaming), the AKA protocol must also protect clients with respect to these third parties. Following the description of client-tracking attacks e.g. by using error messages or IMSI catchers, van den Broek et al. and respectively Arapinis et al. each proposed a new variant of AKA, addressing such problems. In this paper we use the approach of provable security to show that these variants still fail to guarantee the privacy of mobile clients. We propose an improvement of AKA, which retains most of its structure and respects practical necessities such as key-management, but which provably attains security with respect to servers and Man-in-the- Middle (MiM) adversaries. Moreover, it is impossible to link client sessions in the absence of client-corruptions. Finally, we prove that any variant of AKA retaining its mutual authentication specificities cannot achieve client-unlinkability in the presence of corruptions. In this sense, our proposed variant is optimal.

Download Full-text

An Efficient Chaotic Map-Based Authentication Scheme with Mutual Anonymity

Applied Computational Intelligence and Soft Computing ◽

10.1155/2016/3916942 ◽

2016 ◽

Vol 2016 ◽

pp. 1-10

Author(s):

Yousheng Zhou ◽

Junfeng Zhou ◽

Feng Wang ◽

Feng Guo

Keyword(s):

Key Management ◽

Chaotic Map ◽

Mutual Authentication ◽

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Authentication Scheme ◽

Session Key ◽

The Real ◽

Shared Key

A chaotic map-based mutual authentication scheme with strong anonymity is proposed in this paper, in which the real identity of the user is encrypted with a shared key between the user and the trusted server. Only the trusted server can determine the real identity of a user during the authentication, and any other entities including other users of the system get nothing about the user’s real identity. In addition, the shared key of encryption can be easily computed by the user and trusted server using the Chebyshev map without additional burdensome key management. Once the partnered two users are authenticated by the trusted server, they can easily proceed with the agreement of the session key. Formal security analysis demonstrates that the proposed scheme is secure under the random oracle model.

Download Full-text

Secure Authentication and Key Management Protocols for Mobile Multihop WiMAX Networks

Jurnal Teknologi ◽

10.11113/jt.v73.3258 ◽

2015 ◽

Vol 73 (1) ◽

Author(s):

Adnan Shahid Khan ◽

Halikul Lenando ◽

Johari Abdullah ◽

Norsheila Fisal

Keyword(s):

Key Management ◽

Denial Of Service ◽

Mutual Authentication ◽

Security Measures ◽

Medium Access ◽

Wimax Networks ◽

Smart Grid Communications ◽

Management Scheme ◽

Management Schemes ◽

Secure Authentication

Mobile Multihop Relay (MMR) network is one of the emerging technologies, especially LTE-Advanced, WiMAX and the Smart grid communications. Ensuring security is one of the most imperative and challenging issues in MMR networks. Privacy Key Management (PKM) protocol is proposed to ensure the security measures in MMR networks. However, the protocol still faces several security threats, specifically Denial of Service (DoS), replay attacks, Man in the Middle (MitM) attacks and the interleaving attacks, which is termed as Medium Access Control (MAC) layer attacks. This paper proposed a modified version PKM protocol for both unilateral and mutual authentication, which is termed as Self-organized Efficient Authentication and Key Management Scheme (SEAKS) authentication protocol. This protocol ensures secure end-to-end data transmission using distributed hop-by-hop authentication and localized key management schemes with a very simple and efficient way.

Download Full-text

Key Management and Mutual Authentication for Multiple Field Records Smart Cards

Third International Conference on Information Technology: New Generations (ITNG'06) ◽

10.1109/itng.2006.84 ◽

2006 ◽

Cited By ~ 2

Author(s):

K. Narimani ◽

G.B. Agnew

Keyword(s):

Key Management ◽

Mutual Authentication ◽

Smart Cards ◽

Multiple Field

Download Full-text

Password authentication scheme based on smart card and QR code

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v23.i1.pp140-149 ◽

2021 ◽

Vol 23 (1) ◽

pp. 140

Author(s):

Mushtaq Hasson ◽

Ali A. Yassin ◽

Abdulla J. Yassin ◽

Abdullah Mohammed Rashid ◽

Aqeel A. Yaseen ◽

...

Keyword(s):

Smart Card ◽

Key Management ◽

Service Providers ◽

Mutual Authentication ◽

Security Analysis ◽

Cloud Service ◽

Cloud Services ◽

Authentication Scheme ◽

Qr Code ◽

Practical Applications

As a hopeful computing paradigm, cloud services are obtainable to end users based on pay-as-you-go service. Security is represented one of the vital issues for the extended adoption of cloud computing, with the object of accessing several cloud service providers, applications, and services by using anonymity features to authenticate the user. We present a good authentication scheme based on quick response (QR) code and smart card. Furthermore, our proposed scheme has several crucial merits such as key management, mutual authentication, one-time password, user anonymity, freely chosen password, secure password changes, and revocation by using QR code. The security of proposed scheme depends on crypto-hash function, QR-code validation, and smart card. Moreover, we view that our proposed scheme can resist numerous malicious attacks and are more appropriate for practical applications than other previous works. The proposed scheme has proved as a strong mutual authentication based on burrows-abadi-needham (BAN) logic and security analysis. Furthermore, our proposed scheme has good results compared with related work.

Download Full-text

A Secure and Authenticated Key Management Protocol (SA-KMP) for Vehicular Networks

IEEE Transactions on Vehicular Technology ◽

10.1109/tvt.2016.2621354 ◽

2016 ◽

Vol 65 (12) ◽

pp. 9570-9584 ◽

Cited By ~ 20

Author(s):

Hengchuan Tan ◽

Maode Ma ◽

Houda Labiod ◽

Aymen Boudguiga ◽

Jun Zhang ◽

...

Keyword(s):

Key Management ◽

Vehicular Networks ◽

Management Protocol ◽

Key Management Protocol

Download Full-text

Towards design strong emergency and COVID-19 authentication scheme in VANET

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v21.i3.pp1808-1819 ◽

2021 ◽

Vol 21 (3) ◽

pp. 1808

Author(s):

Akeel Kassim Leaby ◽

A. Yassin ◽

Mushtaq Hasson ◽

Abdullah Rashid

Keyword(s):

Key Management ◽

Traffic Management ◽

Data Privacy ◽

Vehicular Ad Hoc Networks ◽

Ad Hoc ◽

Mutual Authentication ◽

Data Integrity ◽

Authentication Scheme ◽

Security Issues ◽

Hoc Networks

The wide use of vehicular ad hoc networks (VANETs) in the last decade hasled many researchers to find efficient and reliable methods to obtain the desired benefits and offer services, such as healthcare and traffic management. However, VANETs suffer from security issues represented by authentication and data integrity. In thispaper, we propose a robust mutual authentication scheme based on elliptic curve cryptography (ECC), cryptography hash function, and a pseudonym. The proposed work was twofold in focus: first, on healthcare in emergency cars which use VANETs, and second, on overcoming security issues, such as resisting familiar attacks (e.g. insider attacks and reply attacks). Because of the serious situation generated by the worldwide outbreak of the Covid-19 epidemic, we also found this research valuable in supporting global efforts to combat the rapid spread of this virus, by finding the safest and fastest routes to epidemic treatment centres for medical staff, assistance teams in medical operations, fumigation control, and all work teams associated with disease control. This research attempts to contribute by proposing a special signal used to define epidemic teams. The best route, fast route can be chosen by using VANETs infrastructure. This scheme also deals with metric security features, such as key management, data integrity, and data privacy. In the communication and computation cost, we noticed that our proposed scheme achieved good results compared with the related works.

Download Full-text

A lightweight approach towards mutual authentication in a smart grid environment

10.32920/ryerson.14657520.v1 ◽

2021 ◽

Author(s):

Debsmita Ghosh

Keyword(s):

Smart Grid ◽

Key Management ◽

Smart Grids ◽

Mutual Authentication ◽

Authentication Protocol ◽

Cyber Attacks ◽

Grid Security ◽

Smart Meters ◽

Average Delay ◽

Smart Grid Security

Smart grids allow automated meter readings and facilitate two-way communications between the smart meters and utility control centers. As the smart grid becomes more intelligent, it becomes increasingly vulnerable to cyber-attacks. Smart grid security mainly focuses on mutual authentication and key management techniques. An impeding factor in grid security is the memory and processing constraints of the smart meters. The aim of this thesis is to propose a lightweight mutual authentication protocol with an effective key renewal mechanism between a residential smart meter and a gateway. The authentication protocol proposed in the thesis, guarantees source authentication, data integrity, message confidentiality, as well as non-repudiation. The security analysis renders this protocol robust against several attacks. Furthermore, its performance analysis provides meticulous results as to how the proposed protocol is efficient in terms of computation overhead, average delay and buffer occupancy at the gateway.

Download Full-text