scholarly journals Hybrid Secure Authentication and Key Exchange Scheme for M2M Home Networks

2018 ◽  
Vol 2018 ◽  
pp. 1-25 ◽  
Author(s):  
Uğur Coruh ◽  
Oğuz Bayat
Keyword(s):  
Secure Communication ◽  
Channel Model ◽  
Denial Of Service ◽  
Mutual Authentication ◽  
Privacy Preserving ◽  
Key Exchange ◽  
Home Networks ◽  
Home Gateway ◽  
Diffie Hellman ◽  
Code Division Multiple

In this paper, we analyzed Sun et al.’s scheme which proposes an M2M (Machine-to-Machine) secure communication scheme by using existing TD SCMA (Time Division-Synchronous Code Division Multiple Access) networks. They offer a password-based authentication and key establishment protocol for mutual authentication. Moreover, their proposed secure channel establishment protocol uses symmetric cryptography and one-way hash algorithms and they considered using their protected channel model for mobile users and smart home networks. In this paper, we propose to complete the missing part of Sun et al.’s scheme. This can occur by addressing privacy-preserving and message modification protection. Moreover, improvements can be made to MITM (Man-In-The-Middle) attack resistance, anomaly detection and DoS (Denial-of-Service) attacks with timing. ECDH (Elliptic Curve Diffie Hellman) cryptography based protected cipher-key exchange operation used on initial setup and key-injection operations to provide secure user registration, user password change and home gateway network join phases. We simulated both the proposed and Sun et al.’s schemes. We analyzed Sun et al.’s scheme for performance, network congestion and resource usage. Missing privacy-preserving was analyzed and compared with the GLARM scheme, and the storage cost of each phase was analyzed according to Ferrag et al.’s survey proposal. In Sun et al.’s scheme, future work for the security architecture of the home network is related to Li et al.’s protocol being implemented in our proposed design.

scholarly journals Drone Secure Communication Protocol for Future Sensitive Applications in Military Zone

Sensors ◽  
2021 ◽  
Vol 21 (6) ◽  
pp. 2057
Author(s):  
Yongho Ko ◽  
Jiyoon Kim ◽  
Daniel Gerbi Duguma ◽  
Philip Virgil Astillo ◽  
Ilsun You ◽  
...  
Keyword(s):  
Performance Evaluation ◽  
Secure Communication ◽  
Communication Protocol ◽  
Denial Of Service ◽  
Mutual Authentication ◽  
Information Leakage ◽  
Security Protocol ◽  
Security Requirements ◽  
Forward Secrecy ◽  
Perfect Forward Secrecy

Unmanned Aerial Vehicle (UAV) plays a paramount role in various fields, such as military, aerospace, reconnaissance, agriculture, and many more. The development and implementation of these devices have become vital in terms of usability and reachability. Unfortunately, as they become widespread and their demand grows, they are becoming more and more vulnerable to several security attacks, including, but not limited to, jamming, information leakage, and spoofing. In order to cope with such attacks and security threats, a proper design of robust security protocols is indispensable. Although several pieces of research have been carried out with this regard, there are still research gaps, particularly concerning UAV-to-UAV secure communication, support for perfect forward secrecy, and provision of non-repudiation. Especially in a military scenario, it is essential to solve these gaps. In this paper, we studied the security prerequisites of the UAV communication protocol, specifically in the military setting. More importantly, a security protocol (with two sub-protocols), that serves in securing the communication between UAVs, and between a UAV and a Ground Control Station, is proposed. This protocol, apart from the common security requirements, achieves perfect forward secrecy and non-repudiation, which are essential to a secure military communication. The proposed protocol is formally and thoroughly verified by using the BAN-logic (Burrow-Abadi-Needham logic) and Scyther tool, followed by performance evaluation and implementation of the protocol on a real UAV. From the security and performance evaluation, it is indicated that the proposed protocol is superior compared to other related protocols while meeting confidentiality, integrity, mutual authentication, non-repudiation, perfect forward secrecy, perfect backward secrecy, response to DoS (Denial of Service) attacks, man-in-the-middle protection, and D2D (Drone-to-Drone) security.

scholarly journals An efficient 3D Diffie-Hellman based Two-Server password-only authenticated key exchange

2019 ◽  
Vol 16 (1) ◽  
Author(s):  
Anitha Kumari K ◽  
Sudha Sadasivam G
Keyword(s):  
Large Scale ◽  
Communication Complexity ◽  
Mutual Authentication ◽  
Formal Proof ◽  
Key Exchange ◽  
Authenticated Key Exchange ◽  
Diffie Hellman ◽  
Technological World ◽  
Client Side ◽  
Evaluation Parameters

In emerging technological world, security potentially remains as a highest challenge in the large-scale distributed systems, as it is suffering extensively with adversarial attacks due to insufficient mutual authentication. In order to address this, a state-of-art tetrahedron (3D) based two-server Password Authenticated and Key Exchange (PAKE) protocol has been formulated with formal proof of security by incorporating the elementary properties of plane geometry. The main intention of this work is, obtaining a password from the stored credentials must be infeasible when both the servers compromised together. At the outset to realize these goals, in this paper, the properties of the tetrahedron are utilized along with Diffie-Hellman (DH) key exchange algorithm to withstand against malicious attacks. A significant aspect of the proposed 3D PAKE protocol is, client side complexity has been reduced to a greater extent in terms of computation and communication. Both theoretically and practically, 3D PAKE protocol is the first demonstrable secure two-server PAKE protocol that breaks the assumptions of the Yang et al. and Yi et al. protocol that the two servers must not compromise together. Computational complexity, communication complexity, security key principles, best of all attacks happening dubiously are considered as the evaluation parameters to compare the performance of the proposed 3D PAKE protocol.

scholarly journals Scrutinizing the Vulnerability of Ephemeral Diffie–Hellman over COSE (EDHOC) for IoT Environment Using Formal Approaches

2021 ◽  
Vol 2021 ◽  
pp. 1-18
Author(s):  
Jiyoon Kim ◽  
Daniel Gerbi Duguma ◽  
Sangmin Lee ◽  
Bonam Kim ◽  
JaeDeok Lim ◽  
...  
Keyword(s):  
Task Force ◽  
Mutual Authentication ◽  
Key Exchange ◽  
Security Environment ◽  
Diffie Hellman ◽  
Verification Methods ◽  
Security Properties ◽  
Perfect Forward Secrecy ◽  
Resource Exhaustion ◽  
Future Work

Most existing conventional security mechanisms are insufficient, mainly attributable to their requirements for heavy processing capacity, large protocol message size, and longer round trips, for resource-intensive devices operating in an Internet of Things (IoT) context. These devices necessitate efficient communication and security protocols that are cognizant of the severe resource restrictions regarding energy, computation, communication, and storage. To realize this, the IETF (Internet Engineering Task Force) is currently working towards standardizing an ephemeral key-based lightweight and authenticated key exchange protocol called EDHOC (Ephemeral Diffie–Hellman over COSE). The protocol’s primary purpose is to build an OSCORE (Object Security for Constrained RESTful Environments) security environment by supplying crucial security properties such as secure key exchange, mutual authentication, perfect forward secrecy, and identity protection. EDHOC will most likely dominate IoT security once it becomes a standard. It is, therefore, imperative to inspect the protocol for any security flaw. In this regard, two previous studies have shown different security vulnerabilities of the protocol using formal security verification methods. Yet, both missed the vital security flaws we found in this paper: resource exhaustion and privacy attacks. In finding these vulnerabilities, we leveraged BAN-Logic and AVISPA to formally verify both EDHOC protocol variants. Consequently, we described these security flaws together with the results of the related studies and put forward recommended solutions as part of our future work.

scholarly journals Mix-Context-Based Pseudonym Changing Privacy Preserving Authentication in VANETs

2019 ◽  
Vol 2019 ◽  
pp. 1-9 ◽  
Author(s):  
Mengjia Zeng ◽  
Huibin Xu
Keyword(s):  
Secure Communication ◽  
Vehicular Ad Hoc Networks ◽  
Ad Hoc ◽  
Mutual Authentication ◽  
Privacy Preserving ◽  
Computational Costs ◽  
Authentication Mechanism ◽  
Authentication Schemes ◽  
Hoc Networks ◽  
Significant Attention

Vehicular ad hoc networks (VANETs) have attracted significant attention in academia insofar as they can provide reliable and secure communication between vehicles. It is thus essential to ensure security and preserve privacy. In this paper, we propose mix-context-based pseudonym changing privacy-preserving authentication (MPCPA). MPCPA introduces privacy protection through a mutual authentication mechanism to prevent attack-vehicles from sneaking into a VANET system. Moreover, it preserves the integrity of transmitted messages with an anonymous authentication mechanism. In addition, MPCPA adopts a mix-context-based pseudonym changing strategy to prevent vehicle tracking. A performance analysis demonstrates that MPCPA incurs low computational costs and offers a privacy-preserving scheme that is more secure than existing authentication schemes.

scholarly journals A Traceable and Privacy-Preserving Authentication for UAV Communication Control System

Electronics ◽  
2020 ◽  
Vol 9 (1) ◽  
pp. 62 ◽  
Author(s):  
Chin-Ling Chen ◽  
Yong-Yuan Deng ◽  
Wei Weng ◽  
Chi-Hua Chen ◽  
Yi-Jui Chiu ◽  
...  
Keyword(s):  
Digital Signature ◽  
Denial Of Service ◽  
Mutual Authentication ◽  
Privacy Preserving ◽  
Information Communication ◽  
Denial Of Service Attack ◽  
Service Attack ◽  
Aerial Vehicle ◽  
Communication Control ◽  
The Internet Of Things

In recent years, the concept of the Internet of Things has been introduced. Information, communication, and network technology can be integrated, so that the unmanned aerial vehicle (UAV) from consumer leisure and entertainment toys can be utilized in high value commercial, agricultural, and defense field applications, and become a killer product. In this paper, a traceable and privacy-preserving authentication is proposed to integrate the elliptic curve cryptography (ECC), digital signature, hash function, and other cryptography mechanisms for UAV application. For sensitive areas, players must obtain flight approval from the ground control station before they can control the UAV in these areas. The traditional cryptography services such as integrity, confidentiality, anonymity, availability, privacy, non-repudiation, defense against DoS (Denial-of-Service) attack, and spoofing attack can be ensured. The feasibility of mutual authentication was proved by BAN logic. In addition, the computation cost and the communication cost of the proposed scheme were analyzed. The proposed scheme provides a novel application field.

scholarly journals An efficient 3D Diffie-Hellman based Two-Server password-only authenticated key exchange

2018 ◽  
Vol 16 (1) ◽  
Author(s):  
Anitha Kumari K ◽  
Sudha Sadasivam G
Keyword(s):  
Large Scale ◽  
Communication Complexity ◽  
Mutual Authentication ◽  
Formal Proof ◽  
Key Exchange ◽  
Authenticated Key Exchange ◽  
Diffie Hellman ◽  
Technological World ◽  
Client Side ◽  
Evaluation Parameters

In emerging technological world, security potentially remains as a highest challenge in the large-scale distributed systems, as it is suffering extensively with adversarial attacks due to insufficient mutual authentication. In order to address this, a state-of-art tetrahedron (3D) based two-server Password Authenticated and Key Exchange (PAKE) protocol has been formulated with formal proof of security by incorporating the elementary properties of plane geometry. The main intention of this work is, obtaining a password from the stored credentials must be infeasible when both the servers compromised together. At the outset to realize these goals, in this paper, the properties of the tetrahedron are utilized along with Diffie-Hellman (DH) key exchange algorithm to withstand against malicious attacks. A significant aspect of the proposed 3D PAKE protocol is, client side complexity has been reduced to a greater extent in terms of computation and communication. Both theoretically and practically, 3D PAKE protocol is the first demonstrable secure two-server PAKE protocol that breaks the assumptions of the Yang et al. and Yi et al. protocol that the two servers must not compromise together. Computational complexity, communication complexity, security key principles, best of all attacks happening dubiously are considered as the evaluation parameters to compare the performance of the proposed 3D PAKE protocol.

scholarly journals Privacy-Preserving Fingerprint Authentication Using D-H Key Exchange and Secret Sharing

2021 ◽  
Vol 2021 ◽  
pp. 1-12
Author(s):  
Huiyong Wang ◽  
Mingjun Luo ◽  
Yong Ding
Keyword(s):  
Secret Sharing ◽  
Private Information ◽  
Data Privacy ◽  
Security Analysis ◽  
Privacy Preserving ◽  
Key Exchange ◽  
Security And Privacy ◽  
Sensitive Information ◽  
Biometric Data ◽  
Diffie Hellman

Biometric based remote authentication has been widely deployed. However, there exist security and privacy issues to be addressed since biometric data includes sensitive information. To alleviate these concerns, we design a privacy-preserving fingerprint authentication technique based on Diffie-Hellman (D-H) key exchange and secret sharing. We employ secret sharing scheme to securely distribute fragments of critical private information around a distributed network or group, which softens the burden of the template storage center (TSC) and the users. To ensure the security of template data, the user’s original fingerprint template is stored in ciphertext format in TSC. Furthermore, the D-H key exchange protocol allows TSC and the user to encrypt the fingerprint template in each query using a random one-time key, so as to protect the user’s data privacy. Security analysis indicates that our scheme enjoys indistinguishability against chosen-plaintext attacks and user anonymity. Through experimental analysis, we demonstrate that our scheme can provide secure and accurate remote fingerprint authentication.

Sign in / Sign up

Export Citation Format

Share Document