An Efficient Chaotic Map-Based Authentication Scheme with Mutual Anonymity

A chaotic map-based mutual authentication scheme with strong anonymity is proposed in this paper, in which the real identity of the user is encrypted with a shared key between the user and the trusted server. Only the trusted server can determine the real identity of a user during the authentication, and any other entities including other users of the system get nothing about the user’s real identity. In addition, the shared key of encryption can be easily computed by the user and trusted server using the Chebyshev map without additional burdensome key management. Once the partnered two users are authenticated by the trusted server, they can easily proceed with the agreement of the session key. Formal security analysis demonstrates that the proposed scheme is secure under the random oracle model.

Download Full-text

A Secure and Robust Three-Factor Based Authentication Scheme Using RSA Cryptosystem

International Journal of Business Data Communications and Networking ◽

10.4018/ijbdcn.2017010107 ◽

2017 ◽

Vol 13 (1) ◽

pp. 74-84 ◽

Cited By ~ 12

Author(s):

Rifaqat Ali ◽

Arup Kumar Pal

Keyword(s):

User Authentication ◽

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Performance Comparison ◽

Authentication Scheme ◽

Authentication Protocols ◽

Session Key ◽

Rsa Cryptosystem ◽

Three Factor

In remote user authentication, a server confirms the authenticity of a user via unreliable channel. Several authentication protocols are devised in the literature relied on the identity, password and biometric of a user. But, most of the authentication protocols are either computationally expensive or not-secure from several kinds of malicious threats. In this document, the authors have suggested a secure and robust three-factor (such as password, smartcard and biometric) based authentication scheme by using RSA cryptosystem. The proposed protocol is validated through BAN logic. Then, formal security analysis using random oracle model shows that the identity, password, biometric and session key are highly secure from an adversary. Besides, the informal security analysis of our protocol proves that it withstands to several kinds of malicious attacks. In addition, performance comparison of presented scheme with respect to other schemes is comparatively suitable in the context of communication and computation costs.

Download Full-text

An Enhanced Authentication Scheme for Internet of Things Based E-Healthcare System

Journal of Computational and Theoretical Nanoscience ◽

10.1166/jctn.2020.8658 ◽

2020 ◽

Vol 17 (1) ◽

pp. 246-253 ◽

Cited By ~ 1

Author(s):

Ravi Raushan Kumar Chaudhary ◽

Ashish Singh ◽

Kakali Chatterjee

Keyword(s):

Mutual Authentication ◽

Security Analysis ◽

Authentication Scheme ◽

Key Generation ◽

Key Exchange Protocol ◽

Session Key ◽

Diffie Hellman ◽

Healthcare Monitoring ◽

Diffie Hellman Key Exchange ◽

Mutual Authentication Protocol

Security is a major challenge in modern IoT based healthcare monitoring systems. It provides many benefits such as critical patient monitoring, remote diagnosis at anytime, anywhere. Hence, security of this data is essential when the healthcare professionals access it. Also, while storing the patients record; it must be kept safe from misuse and modification of data as other devices can easily track it. To prevent this type of threats, we have proposed a mutual authentication protocol to enhance health care security and to resist vulnerable attacks. The proposed scheme used Challenge response protocol for the authentication purpose and the Diffie-Hellman key exchange protocol is used for generation of the session key generation. The security analysis of the proposed scheme shows that the scheme is more secure and resist all the major attacks as compared to other schemes. The Formal verification of this schema also ensures that it resists most probable attacks in this system. The result of the proposed authentication scheme shows that it has low computational and communicational load.

Download Full-text

Improving an Anonymous and Provably Secure Authentication Protocol for a Mobile User

Security and Communication Networks ◽

10.1155/2017/1378128 ◽

2017 ◽

Vol 2017 ◽

pp. 1-13 ◽

Cited By ~ 8

Author(s):

Jongho Moon ◽

Youngsook Lee ◽

Jiye Kim ◽

Dongho Won

Keyword(s):

Chaotic Map ◽

Mutual Authentication ◽

Security Analysis ◽

Random Oracle ◽

Authentication Protocol ◽

Mobile User ◽

Internet Security ◽

Computationally Efficient ◽

Fuzzy Extractor ◽

On Line

Recently many authentication protocols using an extended chaotic map were suggested for a mobile user. Many researchers demonstrated that authentication protocol needs to provide key agreement, mutual authentication, and user anonymity between mobile user and server and resilience to many possible attacks. In this paper, we cautiously analyzed chaotic-map-based authentication scheme and proved that it is still insecure to off-line identity guessing, user and server impersonation, and on-line identity guessing attacks. To address these vulnerabilities, we proposed an improved protocol based on an extended chaotic map and a fuzzy extractor. We proved the security of the proposed protocol using a random oracle and AVISPA (Automated Validation of Internet Security Protocols and Applications) tool. Furthermore, we present an informal security analysis to make sure that the improved protocol is invulnerable to possible attacks. The proposed protocol is also computationally efficient when compared to other previous protocols.

Download Full-text

Password authentication scheme based on smart card and QR code

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v23.i1.pp140-149 ◽

2021 ◽

Vol 23 (1) ◽

pp. 140

Author(s):

Mushtaq Hasson ◽

Ali A. Yassin ◽

Abdulla J. Yassin ◽

Abdullah Mohammed Rashid ◽

Aqeel A. Yaseen ◽

...

Keyword(s):

Smart Card ◽

Key Management ◽

Service Providers ◽

Mutual Authentication ◽

Security Analysis ◽

Cloud Service ◽

Cloud Services ◽

Authentication Scheme ◽

Qr Code ◽

Practical Applications

As a hopeful computing paradigm, cloud services are obtainable to end users based on pay-as-you-go service. Security is represented one of the vital issues for the extended adoption of cloud computing, with the object of accessing several cloud service providers, applications, and services by using anonymity features to authenticate the user. We present a good authentication scheme based on quick response (QR) code and smart card. Furthermore, our proposed scheme has several crucial merits such as key management, mutual authentication, one-time password, user anonymity, freely chosen password, secure password changes, and revocation by using QR code. The security of proposed scheme depends on crypto-hash function, QR-code validation, and smart card. Moreover, we view that our proposed scheme can resist numerous malicious attacks and are more appropriate for practical applications than other previous works. The proposed scheme has proved as a strong mutual authentication based on burrows-abadi-needham (BAN) logic and security analysis. Furthermore, our proposed scheme has good results compared with related work.

Download Full-text

A Novel Authentication Scheme for Multi-Server Environment of Industrial Internet

CONVERTER ◽

10.17762/converter.105 ◽

2021 ◽

pp. 718-729

Author(s):

Yu Zhang, Guangmin Sun

Keyword(s):

Mutual Authentication ◽

Security Analysis ◽

Performance Comparison ◽

Authentication Scheme ◽

Session Key ◽

Industrial Internet ◽

The Face ◽

And Performance ◽

Value Decomposition ◽

Multi Server

Aiming at the security problems of authentication in multi-server environments, a novel three-factor authentication scheme for multi-server environments of industrial Internet is proposed. After verifying password and face, a temporary session key is established for the user and server. Then the user obtains the permission of application services and accessing resources. In process of verifying password, hash function is used to hide password. The method of verifying face is the face recognition based on singular value decomposition. During the key agreement phase, only four dot multiplication operations based on elliptic curve cryptography is used to realize one-time key for cryptograph transmission and mutual authentication. Through security analysis and performance comparison, the proposed scheme has stronger robustness, higher security, better convenience and less computation cost than other similar schemes, and has high application value for multi-server environments of industrial Internet.

Download Full-text

Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services

The Scientific World JOURNAL ◽

10.1155/2014/687879 ◽

2014 ◽

Vol 2014 ◽

pp. 1-8 ◽

Cited By ~ 1

Author(s):

Youngsook Lee ◽

Juryon Paik

Keyword(s):

Mutual Authentication ◽

Security Analysis ◽

Mobile User ◽

Authentication Scheme ◽

Third Party ◽

Dictionary Attack ◽

Session Key ◽

Foreign Agent ◽

Anonymous Authentication ◽

Man In The Middle

An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.’s scheme can be addressed without degrading the efficiency of the scheme.

Download Full-text

A Secure IoT-Based Mutual Authentication for Healthcare Applications in Wireless Sensor Networks Using ECC

International Journal of Healthcare Information Systems and Informatics ◽

10.4018/ijhisi.20210401.oa2 ◽

2021 ◽

Vol 16 (2) ◽

pp. 21-48

Author(s):

Deepti Singh ◽

Bijendra Kumar ◽

Samayveer Singh ◽

Satish Chand

Keyword(s):

Sensor Networks ◽

Mutual Authentication ◽

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Performance Comparison ◽

Sensor Nodes ◽

Healthcare Applications ◽

Report Generation ◽

Active Attacks

The role of wireless medical sensor networks (WMSNs) is very significant in healthcare applications of IoT. Online report generation and sharing the reports reduce the time and make the treatment of patients very fast. Here, the safety of patient data plays a crucial role. As there is a restriction of resources in sensor nodes, the design of authentication scheme for WMSNs is not an easy task in healthcare applications. Healthcare professionals are using their mobile to collect data from patients' bodies. To use WMSNs in healthcare applications, cryptanalysis of Li et al. is done and found that it suffers from various attacks. Hence, a new efficient privacy-preserving user authenticated scheme using elliptic curve cryptography (ECC) is proposed. The security analysis of scheme is performed using random oracle model, in addition to BAN logic. AVISPA is used for simulation to prove that the proposed scheme can resist passive and active attacks. Finally, the performance comparison of schemes shows that the proposed scheme performs better.

Download Full-text

A Robust Authentication Scheme for Client-Server Architecture With Provable Security Analysis

Network and Communication Technologies ◽

10.5539/nct.v3n1p6 ◽

2018 ◽

Vol 3 (1) ◽

pp. 6

Author(s):

Saeed Ullah Jan ◽

Fawad Qayum

Keyword(s):

User Authentication ◽

Mutual Authentication ◽

Security Analysis ◽

Authentication Scheme ◽

Session Key ◽

Memory Space ◽

Client Server ◽

Remote Server ◽

Server Architecture ◽

Client Server Architecture

Client-server computing is the analytical development of compatible programming with significant supposition and the detachment of a massive program into its fundamental parts ("modules"), which can create the chance for extra enhancement, inconsiderable improvement, and prominent maintainability. In client-server computing, total extensive modules don't need to be accomplished within the similar memory space totally but can execute independently on a suitable hardware and software platform according to their behavior. The user authentication is the dominant constraint for client-server computing that limits the illegitimate right of entry into the main workstation. This research is mainly focused on the design of a robust authentication scheme for client-server architecture computing. It carries some additional features like security, virtualization, user's programs security, individuality supervision, integrity, control access to server and authentication. The proposed background also delivers the characteristic supervision, mutual authentication, and establishment of secure session key among users and the remote server.

Download Full-text

A Batch Authentication Design to Protect Conditional Privacy in Internet of Vehicles

Security and Communication Networks ◽

10.1155/2021/5049766 ◽

2021 ◽

Vol 2021 ◽

pp. 1-17

Author(s):

Yuhao Yang ◽

Xiujie Huang ◽

Jinyu Hu

Keyword(s):

Safety Information ◽

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Bilinear Pairing ◽

Management Problem ◽

Internet Of Vehicles ◽

The Real ◽

Automated Simulation ◽

Batch Authentication

Internet of vehicles (IoV), a novel technology, holds paramount importance within the transportation domain due to its ability to increase traffic efficiency and safety. Information privacy is of vital importance in IoV when sharing information among vehicles. However, due to the openness of the communication network, information sharing is vulnerable to potential attacks, such as impersonation, modification, side-channel and replay attacks, and so on. In order to resolve the aforementioned problem, we present a conditional privacy-preserving batch authentication (CPPBA) scheme based on elliptic curve cryptography (ECC). The proposed scheme avoids the certificate management problem, conducing to efficiency improvement. When a message is transmitted by a vehicle, its pseudo identity rather than the real identity is also broadcasted along with the shared message, which protects the privacy of the vehicle’s identity. But this privacy is conditional because TA and only the TA can reveal the real identity of the vehicle by tracing. The proposed scheme is batch verifiable, which reduces the computation costs. In addition, our scheme does not involve bilinear pairing operations and does not use the map-to-point hash function, thus making the verification process more effective. An exhaustive efficiency comparison has been carried to show that the proposed CPPBA scheme has lower computation, communication, and storage overheads than the state-of-the-art ones. A relatively comprehensive security analysis has also been carried, which not only shows that the signature design in the CPPBA scheme is unforgeable under the random oracle model but also illustrates that the CPPBA scheme is resistant to various potential attacks. The security is also verified by a popular automated simulation tool, that is, AVISPA.

Download Full-text

An Authentication and Secure Communication Scheme for In-Vehicle Networks Based on SOME/IP

Sensors ◽

10.3390/s22020647 ◽

2022 ◽

Vol 22 (2) ◽

pp. 647

Author(s):

Bin Ma ◽

Shichun Yang ◽

Zheng Zuo ◽

Bosong Zou ◽

Yaoguang Cao ◽

...

Keyword(s):

Secure Communication ◽

Rapid Development ◽

Security Analysis ◽

Research Area ◽

Authentication Scheme ◽

Session Key ◽

Positive Effects ◽

Important Approach ◽

Communication Scheme ◽

Vehicle Networks

The rapid development of intelligent networked vehicles (ICVs) has brought many positive effects. Unfortunately, connecting to the outside exposes ICVs to security threats. Using secure protocols is an important approach to protect ICVs from hacker attacks and has become a hot research area for vehicle security. However, most of the previous studies were carried out on V2X networks, while those on in-vehicle networks (IVNs) did not involve Ethernet. To this end, oriented to the new IVNs based on Ethernet, we designed an efficient secure scheme, including an authentication scheme using the Scalable Service-Oriented Middleware over IP (SOME/IP) protocol and a secure communication scheme modifying the payload field of the original SOME/IP data frame. The security analysis shows that the designed authentication scheme can provide mutual identity authentication for communicating parties and ensure the confidentiality of the issued temporary session key; the designed authentication and secure communication scheme can resist the common malicious attacks conjointly. The performance experiments based on embedded devices show that the additional overhead introduced by the secure scheme is very limited. The secure scheme proposed in this article can promote the popularization of the SOME/IP protocol in IVNs and contribute to the secure communication of IVNs.

Download Full-text