scholarly journals Secure and Efficient Anonymous Authentication Scheme in Global Mobility Networks

2013 ◽  
Vol 2013 ◽  
pp. 1-12 ◽  
Author(s):  
Jun-Sub Kim ◽  
Jin Kwak
Keyword(s):  
Mutual Authentication ◽  
Authentication Scheme ◽  
Session Key ◽  
Replay Attack ◽  
Anonymous Authentication ◽  
Computational Overhead ◽  
Global Mobility ◽  
Global Mobility Network ◽  
Man In The Middle ◽  
Perfect Forward Secrecy

In 2012, Mun et al. pointed out that Wu et al.’s scheme failed to achieve user anonymity and perfect forward secrecy and disclosed the passwords of legitimate users. And they proposed a new enhancement for anonymous authentication scheme. However, their proposed scheme has vulnerabilities that are susceptible to replay attack and man-in-the-middle attack. It also incurs a high overhead in the database. In this paper, we examine the vulnerabilities in the existing schemes and the computational overhead incurred in the database. We then propose a secure and efficient anonymous authentication scheme for roaming service in global mobility network. Our proposed scheme is secure against various attacks, provides mutual authentication and session key establishment, and incurs less computational overhead in the database than Mun et al.'s scheme.

scholarly journals Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services

2014 ◽  
Vol 2014 ◽  
pp. 1-8 ◽  
Author(s):  
Youngsook Lee ◽  
Juryon Paik
Keyword(s):  
Mutual Authentication ◽  
Security Analysis ◽  
Mobile User ◽  
Authentication Scheme ◽  
Third Party ◽  
Dictionary Attack ◽  
Session Key ◽  
Foreign Agent ◽  
Anonymous Authentication ◽  
Man In The Middle

An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.’s scheme can be addressed without degrading the efficiency of the scheme.

scholarly journals An Anonymous Mutual Authentication Scheme for RFID-Based Transportation System

Electronics ◽  
2020 ◽  
Vol 9 (12) ◽  
pp. 2167
Author(s):  
Sai Ji ◽  
Shuai Liu ◽  
Chen Wang ◽  
Rongxin Qi ◽  
Jian Shen
Keyword(s):  
Mutual Authentication ◽  
Personal Data ◽  
Transportation System ◽  
Authentication Scheme ◽  
Transport Cost ◽  
Session Key ◽  
Replay Attack ◽  
Traffic Condition ◽  
Driving Time ◽  
Internet Of Things Technology

In traditional transportation, each driver usually relies on their experience to determine an appropriate route, which may shorten the driving time and transport cost. However, this may also lead to a waste of time in traffic jams or due to other problems. In recent years, by introducing Internet of Things technology into the transportation system, traffic condition data can be collected and analyzed in real-time, which makes it easier for drivers to choose appropriate routes. However, the transmitted data may be intercepted or falsified, especially in untrusted public communication channels. Some schemes have been proposed to protect personal data, while they are vulnerable to some known attacks. Therefore, we propose a mutual authentication scheme for session key agreement and information encryption before transmitting personal data. This scheme can correctly identify vehicles and information. The Burrows–Abadi–Needham logic proof and our security discussion demonstrate that this authentication scheme can resist the various known attacks, including de-synchronization, the replay attack and the reader lost attack, which is solved for the first time in this field. Compared with some typical schemes, the performance analysis shows that this new scheme realizes a balance between security and computing costs.

scholarly journals An Efficient Chaotic Map-Based Authentication Scheme with Mutual Anonymity

2016 ◽  
Vol 2016 ◽  
pp. 1-10
Author(s):  
Yousheng Zhou ◽  
Junfeng Zhou ◽  
Feng Wang ◽  
Feng Guo
Keyword(s):  
Key Management ◽  
Chaotic Map ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Authentication Scheme ◽  
Session Key ◽  
The Real ◽  
Shared Key

A chaotic map-based mutual authentication scheme with strong anonymity is proposed in this paper, in which the real identity of the user is encrypted with a shared key between the user and the trusted server. Only the trusted server can determine the real identity of a user during the authentication, and any other entities including other users of the system get nothing about the user’s real identity. In addition, the shared key of encryption can be easily computed by the user and trusted server using the Chebyshev map without additional burdensome key management. Once the partnered two users are authenticated by the trusted server, they can easily proceed with the agreement of the session key. Formal security analysis demonstrates that the proposed scheme is secure under the random oracle model.

An Enhanced Authentication Scheme for Internet of Things Based E-Healthcare System

2020 ◽  
Vol 17 (1) ◽  
pp. 246-253 ◽  
Author(s):  
Ravi Raushan Kumar Chaudhary ◽  
Ashish Singh ◽  
Kakali Chatterjee
Keyword(s):  
Mutual Authentication ◽  
Security Analysis ◽  
Authentication Scheme ◽  
Key Generation ◽  
Key Exchange Protocol ◽  
Session Key ◽  
Diffie Hellman ◽  
Healthcare Monitoring ◽  
Diffie Hellman Key Exchange ◽  
Mutual Authentication Protocol

Security is a major challenge in modern IoT based healthcare monitoring systems. It provides many benefits such as critical patient monitoring, remote diagnosis at anytime, anywhere. Hence, security of this data is essential when the healthcare professionals access it. Also, while storing the patients record; it must be kept safe from misuse and modification of data as other devices can easily track it. To prevent this type of threats, we have proposed a mutual authentication protocol to enhance health care security and to resist vulnerable attacks. The proposed scheme used Challenge response protocol for the authentication purpose and the Diffie-Hellman key exchange protocol is used for generation of the session key generation. The security analysis of the proposed scheme shows that the scheme is more secure and resist all the major attacks as compared to other schemes. The Formal verification of this schema also ensures that it resists most probable attacks in this system. The result of the proposed authentication scheme shows that it has low computational and communicational load.

scholarly journals Password Based Client-Server-User Authenticated Key Agreement Mechanism for Cloud System

2019 ◽  
Vol 8 (4) ◽  
pp. 12839-12841
Keyword(s):  
Key Agreement ◽  
Identity Management ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Impersonation Attack ◽  
Session Key ◽  
Replay Attack ◽  
Authentication Mechanism ◽  
Diffie Hellman ◽  
Cloud Server

The authentication is an essential concern in the cloud environment to restrict the unauthorized users to retrieve the files from cloud server. Moreover, authentication mechanisms are used to prevent illegal access of resources over insecure channel. Thus proposed work provides the strong and efficient authentication process in cloud computing environment by chebyshev polynomial based chaotic maps Diffie Hellman property. The proposed authentication mechanism does not disclose the identity of the user to CSP. Moreover proposed authentication mechanism enables mutual authentication, Identity management, and session-key agreement. The Proposed mechanism of security analysis includes the enabling mutual authentication and key agreement, restricting the impersonation attack, man in the middle attack and replay attack.

Sign in / Sign up

Export Citation Format

Share Document