scholarly journals Improving an Anonymous and Provably Secure Authentication Protocol for a Mobile User

2017 ◽  
Vol 2017 ◽  
pp. 1-13 ◽  
Author(s):  
Jongho Moon ◽  
Youngsook Lee ◽  
Jiye Kim ◽  
Dongho Won
Keyword(s):  
Chaotic Map ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Random Oracle ◽  
Authentication Protocol ◽  
Mobile User ◽  
Internet Security ◽  
Computationally Efficient ◽  
Fuzzy Extractor ◽  
On Line

Recently many authentication protocols using an extended chaotic map were suggested for a mobile user. Many researchers demonstrated that authentication protocol needs to provide key agreement, mutual authentication, and user anonymity between mobile user and server and resilience to many possible attacks. In this paper, we cautiously analyzed chaotic-map-based authentication scheme and proved that it is still insecure to off-line identity guessing, user and server impersonation, and on-line identity guessing attacks. To address these vulnerabilities, we proposed an improved protocol based on an extended chaotic map and a fuzzy extractor. We proved the security of the proposed protocol using a random oracle and AVISPA (Automated Validation of Internet Security Protocols and Applications) tool. Furthermore, we present an informal security analysis to make sure that the improved protocol is invulnerable to possible attacks. The proposed protocol is also computationally efficient when compared to other previous protocols.

scholarly journals An Efficient Chaotic Map-Based Authentication Scheme with Mutual Anonymity

2016 ◽  
Vol 2016 ◽  
pp. 1-10
Author(s):  
Yousheng Zhou ◽  
Junfeng Zhou ◽  
Feng Wang ◽  
Feng Guo
Keyword(s):  
Key Management ◽  
Chaotic Map ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Authentication Scheme ◽  
Session Key ◽  
The Real ◽  
Shared Key

A chaotic map-based mutual authentication scheme with strong anonymity is proposed in this paper, in which the real identity of the user is encrypted with a shared key between the user and the trusted server. Only the trusted server can determine the real identity of a user during the authentication, and any other entities including other users of the system get nothing about the user’s real identity. In addition, the shared key of encryption can be easily computed by the user and trusted server using the Chebyshev map without additional burdensome key management. Once the partnered two users are authenticated by the trusted server, they can easily proceed with the agreement of the session key. Formal security analysis demonstrates that the proposed scheme is secure under the random oracle model.

scholarly journals A Secure and Efficient Three-Factor Authentication Protocol in Global Mobility Networks

2020 ◽  
Vol 10 (10) ◽  
pp. 3565 ◽  
Author(s):  
SungJin Yu ◽  
JoonYoung Lee ◽  
YoHan Park ◽  
YoungHo Park ◽  
SangWoo Lee ◽  
...  
Keyword(s):  
Mutual Authentication ◽  
Security Analysis ◽  
Authentication Protocol ◽  
Internet Security ◽  
Mobile Technologies ◽  
Security Requirements ◽  
Replay Attacks ◽  
Global Mobility ◽  
Global Mobility Networks ◽  
Three Factor

With the developments in communication and mobile technologies, mobile users can access roaming services by utilizing a mobile device at any time and any place in the global mobility networks. However, these require several security requirements, such as authentication and anonymity, because the information is transmitted over an open channel. Thus, secure and efficient authentication protocols are essential to provide secure roaming services for legitimate users. In 2018, Madhusudhan et al. presented a secure authentication protocol for global mobile networks. However, we demonstrated that their protocol could not prevent potential attacks, including masquerade, session key disclosure, and replay attacks. Thus, we proposed a secure and efficient three-factor authentication protocol to overcome the security weaknesses of Madhusudhan et al.’s scheme. The proposed scheme was demonstrated to prevent various attacks and provided a secure mutual authentication by utilizing biometrics and secret parameters. We evaluated the security of the proposed protocol using informal security analysis and formal security analysis, such as the real-or-random (ROR) model and Burrows–Abadi–Needham (BAN) logic. In addition, we showed that our scheme withstands man-in-the-middle (MITM) and replay attacks utilizing formal security validation automated validation of internet security protocols and applications (AVISPA) simulation. Finally, we compared the performance of our protocol with existing schemes. Consequently, our scheme ensured better security and efficiency features than existing schemes and can be suitable for resource-constrained mobile environments.

scholarly journals Lightweight and Anonymous Mutual Authentication Protocol for IoT Devices With Physical Unclonable Functions

2021 ◽  
Author(s):  
Jin Meng ◽  
Xufeng Zhang ◽  
Tengfei Cao ◽  
Yong Xie
Keyword(s):  
Mutual Authentication ◽  
Security Analysis ◽  
Authentication Protocol ◽  
Communication Overhead ◽  
It Use ◽  
Fuzzy Extractor ◽  
Physical Unclonable Functions ◽  
Production Methods ◽  
Iot Devices ◽  
Mutual Authentication Protocol

Abstract The past few years have seen the topic of Internet of Things (IoT) rush into the forefront of various industries, which is changing people’s conventional production methods and lifestyles. Connected to the Internet, the physical devices could be as fluffy as kids’ teddy bears or as balky as driverless cars. However, the security related to the IoT is faced with some serious challenges simultaneously. Confronted with these issues, we propose a mutual authentication protocol for devices in the IoT system. It is lightweight that just hash functions, XORs as well as PUFs are utilized and there is no need to store plenty of pseudo-identities. Furthermore, not only does it use the reverse fuzzy extractor to acclimatize to the noisy environment, but it also introduces the supplementary sub-protocol to enhance the resistance to the desynchronization attack. Besides, the security analysis based on the improved BAN logic by Mao and Boyd presents the higher security and reliability of the proposed protocol, and the performance analysis shows its more comprehensive functions as well as lower computation and communication overhead.

scholarly journals A Secure and Efficient Lightweight Vehicle Group Authentication Protocol in 5G Networks

2021 ◽  
Vol 2021 ◽  
pp. 1-12
Author(s):  
Junfeng Miao ◽  
Zhaoshun Wang ◽  
Xue Miao ◽  
Longyue Xing
Keyword(s):  
Vehicular Networks ◽  
Chinese Remainder Theorem ◽  
Chaotic Map ◽  
Security Analysis ◽  
High Mobility ◽  
Authentication Protocol ◽  
Security Requirements ◽  
Vehicle Group ◽  
Communication Overhead ◽  
5G Networks

When mobile network enters 5G era, 5G networks have a series of unparalleled advantages. Therefore, the application of 5G network technology in the Internet of Vehicles (IoV) can promote more intelligently vehicular networks and more efficiently vehicular information transmission. However, with the combination of 5G networks and vehicular networks technology, it requires safe and reliable authentication and low computation overhead. Therefore, it is a challenge to achieve such low latency, security, and high mobility. In this paper, we propose a secure and efficient lightweight authentication protocol for vehicle group. The scheme is based on the extended chaotic map to achieve authentication, and the Chinese remainder theorem distributes group keys. Scyther is used to verify the security of the scheme, and the verification results show that the security of the scheme can be guaranteed. In addition, through security analysis, the scheme can not only effectively resist various attacks but also guarantee security requirements such as anonymity and unlinkability. Finally, by performance analysis and comparison, our scheme has less computation and communication overhead.

A Mutual Authentication Protocol with Resynchronisation Capability for Mobile Satellite Communications

2013 ◽  
pp. 35-51
Author(s):  
Ioana Lasc ◽  
Reiner Dojen ◽  
Tom Coffey
Keyword(s):  
Denial Of Service ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Service Condition ◽  
Satellite Communications ◽  
Authentication Protocol ◽  
Security Protocol ◽  
New Type ◽  
Mobile Satellite ◽  
Mutual Authentication Protocol

Many peer-to-peer security protocols proposed for wireless communications use one-time shared secrets for authentication purposes. This paper analyses online update mechanisms for one-time shared secrets. A new type of attack against update mechanisms, called desynchronisation attack, is introduced. This type of attack may lead to a permanent denial of service condition. A case study demonstrates the effectiveness of desynchronisation attacks against a security protocol for mobile satellite communications. A new mutual authentication protocol for satellite communications, incorporating a resynchronisation capability, is proposed to counter the disruptive effects of desynchronisation attacks. The new protocol has an esynchronisation phase that is initiated whenever desynchronisation is suspected. Thus, the possibility of causing permanent denial of service conditions by mounting desynchronisation attacks is eliminated. A security analysis of the proposed protocol establishes its resistance against attacks like replay attacks, dictionary attacks, and desynchronisation attacks.

scholarly journals An Improved Anonymous Authentication Protocol for Wearable Health Monitoring Systems

2020 ◽  
Vol 2020 ◽  
pp. 1-13
Author(s):  
Jiaqing Mo ◽  
Wei Shen ◽  
Weisheng Pan
Keyword(s):  
Health Monitoring ◽  
Denial Of Service ◽  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Authentication Protocol ◽  
Wireless Channel ◽  
Formal Proofs ◽  
Insider Attack ◽  
Quadratic Residues

Wearable health monitoring system (WHMS), which helps medical professionals to collect patients’ healthcare data and provides diagnosis via mobile devices, has become increasingly popular thanks to the significant advances in the wireless sensor network. Because health data are privacy-related, they should be protected from illegal access when transmitted over a public wireless channel. Recently, Jiang et al. presented a two-factor authentication protocol on quadratic residues with fuzzy verifier for WHMS. However, we observe that their scheme is vulnerable to known session special temporary information (KSSTI) attack, privileged insider attack, and denial-of-service (DoS) attack. To defeat these weaknesses, we propose an improved two-factor authentication and key agreement scheme for WHMS. Through rigorous formal proofs under the random oracle model and comprehensive informal security analysis, we demonstrate that the improved scheme overcomes the disadvantages of Jiang et al.’s protocol and withstands possible known attacks. In addition, comparisons with several relevant protocols show that the proposed scheme achieves more security features and has suitable efficiency. Thus, our scheme is a reasonable authentication solution for WHMS.

scholarly journals Computationally efficient mutual authentication protocol for remote infant incubator monitoring system

2019 ◽  
Vol 6 (4) ◽  
pp. 92-97 ◽  
Author(s):  
Subramani Jegadeesan ◽  
Muneeswaran Dhamodaran ◽  
Maria Azees ◽  
Swaminathan Sri Shanmugapriya
Keyword(s):  
Monitoring System ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Computationally Efficient ◽  
Infant Incubator ◽  
Mutual Authentication Protocol

scholarly journals Secure Three-Factor Authentication Protocol for Multi-Gateway IoT Environments

Sensors ◽  
2019 ◽  
Vol 19 (10) ◽  
pp. 2358 ◽  
Author(s):  
JoonYoung Lee ◽  
SungJin Yu ◽  
KiSung Park ◽  
YoHan Park ◽  
YoungHo Park
Keyword(s):  
Open Channel ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Internet Security ◽  
Authentication Protocols ◽  
Session Key ◽  
Security Issues ◽  
Smart Factories ◽  
Mutual Authentication Protocol ◽  
Three Factor

Internet of Things (IoT) environments such as smart homes, smart factories, and smart buildings have become a part of our lives. The services of IoT environments are provided through wireless networks to legal users. However, the wireless network is an open channel, which is insecure to attacks from adversaries such as replay attacks, impersonation attacks, and invasions of privacy. To provide secure IoT services to users, mutual authentication protocols have attracted much attention as consequential security issues, and numerous protocols have been studied. In 2017, Bae et al. presented a smartcard-based two-factor authentication protocol for multi-gateway IoT environments. However, we point out that Bae et al.’s protocol is vulnerable to user impersonation attacks, gateway spoofing attacks, and session key disclosure, and cannot provide a mutual authentication. In addition, we propose a three-factor mutual authentication protocol for multi-gateway IoT environments to resolve these security weaknesses. Then, we use Burrows–Abadi–Needham (BAN) logic to prove that the proposed protocol achieves secure mutual authentication, and we use the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool to analyze a formal security verification. In conclusion, our proposed protocol is secure and applicable in multi-gateway IoT environments.

Sign in / Sign up

Export Citation Format

Share Document