On the energy and computational cost of message authentication schemes for GNSS

Vehicular ad hoc networks have emerged as a promising approach to increasing road safety and efficiency. Vehicles periodically broadcast traffic-related status messages. Message authentication is a common way for ensuring information reliability, but it is an unaffordable computational cost for single vehicle. In this article, we propose an efficient cooperative message authentication based on reputation mechanism. In the proposed scheme, reputation model is used to assess authentication efforts of vehicles, which enhances initiative for cooperative message authentication and inhabits selfish behavior; sequence optimization algorithm solves messages overflowing on condition limited computation of onboard unit and improves the speed of message authentication at the premise of ensuring the reliability of message authentication. Simulation results show that our scheme presents a nice performance of authentication efficiency, packet loss ratio, and missing detection ratio.

Download Full-text

Efficient Side-Channel Secure Message Authentication with Better Bounds

IACR Transactions on Symmetric Cryptology ◽

10.46586/tosc.v2019.i4.23-53 ◽

2020 ◽

pp. 23-53

Author(s):

Chun Guo ◽

François-Xavier Standaert ◽

Weijia Wang ◽

Yu Yu

Keyword(s):

Time Complexity ◽

Side Channel ◽

Message Authentication ◽

Security Threat ◽

Cryptographic Primitives ◽

Key Recovery ◽

Leakage Resilience ◽

Authentication Schemes ◽

Key Recovery Attacks ◽

Provably Secure

We investigate constructing message authentication schemes from symmetric cryptographic primitives, with the goal of achieving security when most intermediate values during tag computation and verification are leaked (i.e., mode-level leakage-resilience). Existing efficient proposals typically follow the plain Hash-then-MAC paradigm T = TGenK(H(M)). When the domain of the MAC function TGenK is {0, 1}128, e.g., when instantiated with the AES, forgery is possible within time 264 and data complexity 1. To dismiss such cheap attacks, we propose two modes: LRW1-based Hash-then-MAC (LRWHM) that is built upon the LRW1 tweakable blockcipher of Liskov, Rivest, and Wagner, and Rekeying Hash-then-MAC (RHM) that employs internal rekeying. Built upon secure AES implementations, LRWHM is provably secure up to (beyond-birthday) 278.3 time complexity, while RHM is provably secure up to 2121 time. Thus in practice, their main security threat is expected to be side-channel key recovery attacks against the AES implementations. Finally, we benchmark the performance of instances of our modes based on the AES and SHA3 and confirm their efficiency.

Download Full-text

Lightweight, ECC based RFID Authentication Scheme for WLAN

International Journal of Business Data Communications and Networking ◽

10.4018/ijbdcn.2016070106 ◽

2016 ◽

Vol 12 (2) ◽

pp. 89-103 ◽

Cited By ~ 1

Author(s):

Amit Kumar ◽

Hari Om

Keyword(s):

Ad Hoc ◽

Computational Cost ◽

Access Point ◽

Local Area ◽

Authentication Scheme ◽

Indoor Environments ◽

Wireless Internet ◽

Authentication Schemes ◽

Secure Channels ◽

In Virtue Of

Wireless local area networks (WLANs), like IEEE 802.11, are right now very common in numerous outdoor or indoor environments for providing wireless communication among WiFi-enabled devices by accessing an Access Point (infrastructure mode) or through peer to peer connections (ad hoc mode). Authentication is one among the most primary research challenges for the realization of the envisioned mobile and wireless Internet. This is mainly due to the latency delay introduced during the authentication process, which are of major concern for real-time applications and media streaming application. In the same way, it is also crucial for WLANs to authenticate clients and build secure channels with them. In the historical researches, the traditional authentication mechanisms frequently adopted the names and passwords of clients as login authentication. However, these Single Factor Authentication mechanisms are proved to be defective. In virtue of enhancing security, recent researches on authentication are built on Two-Factor authentication schemes. In this paper, the authors proposed a two factor, lightweight RFID authentication scheme based on elliptic curve cryptography (ECC) for WLAN. The analytic comparison demonstrates the research not just reduces the expense of proposed authentication schemes, yet gives security similarly as smart card technology. In addition, the performance of the proposed authentication scheme will analyze in terms of computational cost, communications cost, and storage cost.

Download Full-text

Information-Theoretically Secure Data Origin Authentication with Quantum and Classical Resources

Cryptography ◽

10.3390/cryptography4040031 ◽

2020 ◽

Vol 4 (4) ◽

pp. 31

Author(s):

Georgios M. Nikolopoulos ◽

Marc Fischlin

Keyword(s):

Broad Class ◽

Hash Functions ◽

Message Authentication ◽

Secret Key ◽

Authentication Codes ◽

Message Authentication Codes ◽

Secure Data ◽

Authentication Schemes ◽

Better Than

In conventional cryptography, information-theoretically secure message authentication can be achieved by means of universal hash functions, and requires that the two legitimate users share a random secret key, which is at least twice as long as the tag. We address the question of whether quantum resources can offer any advantage over classical unconditionally secure message authentication codes. It is shown that a broad class of symmetric prepare-and-measure quantum message-authentication schemes cannot do better than their classical counterparts.

Download Full-text

ROBUST MESSAGE AUTHENTICATION OVER A COLLECTIVE-NOISE CHANNEL

International Journal of Quantum Information ◽

10.1142/s0219749912500645 ◽

2012 ◽

Vol 10 (06) ◽

pp. 1250064 ◽

Cited By ~ 2

Author(s):

XIAO-QIU CAI ◽

QING-QING LIU

Keyword(s):

Message Authentication ◽

Collective Noise ◽

Authentication Codes ◽

Message Authentication Codes ◽

Authentication Schemes ◽

Computational Resources ◽

Logical Qubit

We give two robust message authentication schemes over a collective-noise channel. Each logical qubit is made up of two physical qubits and it is invariant over a collective-noise channel. We also analyze the security and show that it is not possible to forge valid message authentication codes for an adversary even if he/she has unlimited computational resources in the two schemes.

Download Full-text

V-LDAA: A New Lattice-Based Direct Anonymous Attestation Scheme for VANETs System

Security and Communication Networks ◽

10.1155/2021/4660875 ◽

2021 ◽

Vol 2021 ◽

pp. 1-13

Author(s):

Liquan Chen ◽

Tianyang Tu ◽

Kunliang Yu ◽

Mengnan Zhao ◽

Yingchao Wang

Keyword(s):

Elliptic Curve ◽

Privacy Protection ◽

Large Scale ◽

Quantum Computer ◽

Security Analysis ◽

Experimental Results ◽

Message Authentication ◽

Signature Scheme ◽

Direct Anonymous Attestation ◽

Authentication Schemes

Privacy protection and message authentication issues in VANETs have received great attention in academia. Many authentication schemes in VANETs have been proposed, but most of them are based on classical difficult problems such as factorization in RSA setting or Elliptic Curve setting and are therefore not quantum resistant. If a quantum computer becomes available in the next few decades, the security of these schemes will be at stake. This paper presents a vehicular lattice-based direct anonymous attestation (V-LDAA) scheme adopting an optimized signature scheme based on automorphism stability which achieves postquantum security. A distributed pseudonym update and vehicle revocation mechanism based on the lattice is introduced in this paper, which means vehicles can update their pseudonyms and revoke the identity certificate by themselves without the need for pseudonym resolutions or CRLs checking. Compared with the existing lattice-based attestation schemes in VANETs, computation costs during signing and verification operations in V-LDAA are no longer related to the number of users, which makes it suitable for large-scale VANETs. Security analysis shows that V-LDAA resists TPM theft attacks and provides users with user-controlled anonymity, user-controlled unlinkability, and unforgeability against quantum adversaries. Experimental results show that V-LDAA reduces the blind signature size by 18%. The speed of blind signing is increased by 30%, and blind verification operation is accelerated 3 times compared with the existing lattice-based direct anonymous attestation (LDAA) scheme.

Download Full-text

Substitution Attacks against Message Authentication

IACR Transactions on Symmetric Cryptology ◽

10.46586/tosc.v2019.i3.152-168 ◽

2019 ◽

pp. 152-168 ◽

Cited By ~ 1

Author(s):

Marcel Armour ◽

Bertram Poettering

Keyword(s):

Message Authentication ◽

Prior Work ◽

Authentication Protocols ◽

New Class ◽

Encryption Schemes ◽

Software Updates ◽

Authentication Schemes ◽

Generic Attacks ◽

Regular Scheme ◽

Mass Surveillance

This work introduces Algorithm Substitution Attacks (ASAs) on message authentication schemes. In light of revelations concerning mass surveillance, ASAs were initially introduced by Bellare, Paterson and Rogaway as a novel attack class against the confidentiality of encryption schemes. Such an attack replaces one or more of the regular scheme algorithms with a subverted version that aims to reveal information to an adversary (engaged in mass surveillance), while remaining undetected by users. While most prior work focused on subverting encryption systems, we study options to subvert symmetric message authentication protocols. In particular we provide powerful generic attacks that apply e.g. to HMAC or Carter–Wegman based schemes, inducing only a negligible implementation overhead. As subverted authentication can act as an enabler for subverted encryption (software updates can be manipulated to include replacements of encryption routines), we consider attacks of the new class highly impactful and dangerous.

Download Full-text

BBAAS: Blockchain-Based Anonymous Authentication Scheme for Providing Secure Communication in VANETs

Security and Communication Networks ◽

10.1155/2021/6679882 ◽

2021 ◽

Vol 2021 ◽

pp. 1-11

Author(s):

Azees Maria ◽

Vijayakumar Pandi ◽

Jeatha Deborah Lazarus ◽

Marimuthu Karuppiah ◽

Mary Subaja Christo

Keyword(s):

Secure Communication ◽

Vehicular Ad Hoc Networks ◽

Computational Cost ◽

Authentication Scheme ◽

Security Attacks ◽

Authentication Code ◽

Coverage Area ◽

Anonymous Authentication ◽

Blockchain Technology ◽

Authentication Schemes

Smart driving has become conceivable due to the rapid growth of vehicular ad hoc networks. VANETs are considered as the main platform for providing safety road information and instant vehicle communication. Nevertheless, due to the open wireless nature of communication channels, VANET is susceptible to security attacks by malicious users. For this reason, secure anonymous authentication schemes are essential in VANETs. However, when vehicles reach a new roadside unit (RSU) coverage area, the vehicles need to perform reauthentication with the current RSU, which significantly diminishes the efficiency of the entire VANET. Therefore, the introduction of blockchain technology has created opportunities for VANETs to resolve the aforementioned challenges. Due to the decentralized nature of blockchain technology, rapid reauthentication of vehicles is achieved in this paper through secure authentication code transfer between the consecutive RSUs. The security strength of the proposed blockchain-based anonymous authentication scheme against various harmful security attacks is proven in the security analysis section to ensure that it provides better security. In addition, blockchain, as presented in the performance analysis section, is used to substantially diminish the computational cost compared to conventional authentication schemes.

Download Full-text

A New Remote Fuzzy User Password Authentication Scheme Using Sub-tree for Cloud Computing

International Journal of Circuits, Systems and Signal Processing ◽

10.46300/9106.2021.15.11 ◽

2021 ◽

Vol 15 ◽

pp. 92-105

Author(s):

Chandrashekhar Meshram ◽

Cheng-Chi Lee ◽

Muhammad Khurram Khan ◽

Kailash Kalare ◽

Sarita Gajbhiye Meshram

Keyword(s):

Cloud Computing ◽

Discrete Logarithm ◽

Computational Cost ◽

Authentication Scheme ◽

Internet Technology ◽

Computing Environment ◽

Password Authentication ◽

Cloud Computing Environment ◽

Internet Technologies ◽

Authentication Schemes

Recent advancements in internet technology and the infrastructure have attracted more people and organizations to do everything online. Internet technologies have provided amazing and smooth ease for electronic sales and purchases. However, many people have refused to use these internet technologies in electronic purchases because of unstable and insecure forms. New hacking techniques and new types of attacks have been tackled to make these internet technologies better and safer. Smartcard-based password authentication schemes have been the mainstream in recent years, featuring their highly lightweight, easy-to-use equipment and lowcost apps. Various secure and faster authentication schemes have been proposed in the literature. However, most of the existing authentication schemes have found vulnerable to recent attacks and have security flaws. This paper provides and efficient way for authentication using the partial discrete logarithm and sub-tree structure. The proposed scheme has seen effective and more useful in cloud computing environment. The analysis based on the security and the computational cost shows that the proposed authentication scheme proves to be more secure and efficient compared to other protocols that serve the same purposes.

Download Full-text