scholarly journals Trusted Authority Assisted Three-Factor Authentication and Key Agreement Protocol for the Implantable Medical System

2018 ◽  
Vol 2018 ◽  
pp. 1-16 ◽  
Author(s):  
Deming Mao ◽  
Ling Zhang ◽  
Xiaoyu Li ◽  
Dejun Mu
Keyword(s):  
Key Agreement ◽  
Security Analysis ◽  
User Anonymity ◽  
Medical System ◽  
Security And Privacy ◽  
Medical Community ◽  
Implantable Medical Devices ◽  
Authentication And Key Agreement ◽  
Key Agreement Protocol ◽  
Privacy Issues

The application of implantable medical devices (IMDs), which solves the problems of geographical distance limitation and real-time health monitoring that plague patients and doctors, has caused great repercussions in the medical community. Despite the great potential of wide application, it also brings some security and privacy issues, such as the leakage of health data and unauthorized access to IMDs. Although a number of authentication and key agreement (AKA) schemes have been developed, we find that some subtle attacks still remain to be addressed. Then we propose an improved AKA scheme which achieves strong security features including user anonymity and known key security. It is formally proved to be secure under the Real-or-Random model. Moreover, a comprehensive security analysis shows that our scheme can resist various attacks and satisfy the desired requirements. Finally, the performance analysis shows the superiority of our protocol which is suitable for the implantable medical system.

scholarly journals An efficient anonymous authentication and key agreement scheme with privacy-preserving for smart cities

2021 ◽  
Vol 17 (6) ◽  
pp. 155014772110268
Author(s):  
Xueya Xia ◽  
Sai Ji ◽  
Pandi Vijayakumar ◽  
Jian Shen ◽  
Joel J. P. C. Rodrigues
Keyword(s):  
Internet Of Things ◽  
Privacy Preservation ◽  
Key Agreement ◽  
Smart Cities ◽  
Security Analysis ◽  
Security And Privacy ◽  
Experimental Simulation ◽  
Authentication And Key Agreement ◽  
Anonymous Authentication ◽  
Evaluation Mechanism

Internet of Things devices are responsible for collecting and transmitting data in smart cities, assisting smart cities to release greater potential. As Internet of Things devices are increasingly connected to smart cities, security and privacy have gradually become important issues. Recently, research works on mitigating security challenges of Internet of Things devices in smart cities mainly focused on authentication. However, in most of the existing authentication protocols, the trustworthiness evaluation of Internet of Things devices in smart cities is ignored. Considering the trustworthiness evaluation of Internet of Things devices is an important constituent of data source authentication, in this article, a cloud-aided trustworthiness evaluation mechanism is first designed to improve the credibility of the Internet of Things devices in smart cities. Furthermore, aiming at the problem that the user’s privacy is easy to leak in the process of authentication, an anonymous authentication and key agreement scheme based on non-interactive zero knowledge argument is proposed. The proposed scheme can ensure the privacy preservation and data security of Internet of Things devices in smart cities. The security analysis demonstrates that the proposed scheme is secure under q-SDH problem. The experimental simulation indicates that the performance of the proposal is greatly improved compared with other similar schemes.

scholarly journals A Secure Anonymous D2D Mutual Authentication and Key Agreement Protocol for IoT Environments

2021 ◽  
Author(s):  
Rahman Hajian ◽  
Abbas Haghighat ◽  
S.Hossein Erfani
Keyword(s):  
Key Agreement ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Third Party ◽  
Security Requirements ◽  
Authentication And Key Agreement ◽  
Key Agreement Protocol ◽  
Security Proof ◽  
Private And Public ◽  
Shared Networks

Abstract Internet of Things (IoT) is a developing technology in our time that is prone to security problems as it uses wireless and shared networks. A challenging scenario in IoT environments is Device-to-Device (D2D) communication that an authentication server as a trusted third-party, does not involve in the authentication and key agreement process. It is only involved in the process of allocating long-term secret keys and their update. A lot of authentication protocols have been suggested for such situations. This article demonstrated that three state-of-the-art related protocols failed to remain anonymous, insecure against key compromise impersonation (KCI) attack, and clogging attack. To counter the pitfalls of them, a new D2D mutual authentication and key agreement protocol is designed here. The proposed protocol is anonymous, untraceable, and highly secure. Moreover, there is no need for a secure channel to generate a pair of private and public keys in the registration phase.) Formal security proof and security analysis using BAN logic, Real-Or-Random (ROR) model, and Scyther tool showed that our proposed protocol satisfied security requirements. Furthermore, communication cost, computation cost, and energy consumption comparisons denoted our schema has better performance, compared to other protocols.

scholarly journals An Efficient Authentication and Key Agreement Protocol  for IoT-Enabled Devices in Distributed Cloud Computing Architecture

2020 ◽  
Author(s):  
Huihui Huang ◽  
Siqi Lu ◽  
Zehui Wu ◽  
Qiang Wei
Keyword(s):  
Cloud Computing ◽  
Key Agreement ◽  
Smart Cities ◽  
Security Protocol ◽  
Security And Privacy ◽  
Computing Architecture ◽  
Authentication And Key Agreement ◽  
Key Agreement Protocol ◽  
Use Of Internet ◽  
Distributed Cloud

Abstract With the widespread use of Internet of Things and cloud computing in smart cities, various security and privacy challenges may be encountered. The most basic problem is authentication between each application. Recently, in order to prevent counterfeiting attacks in the protocol of Amin et al.(2018), Kang et al. improved an authentication protocol for IoT-Enabled devices in a distributed cloud computing environment (2020). However, We found that the Kang et al.'s protocol still has a fatal vulnerability, that is, it is attacked by offline password guessing, and malicious users can easily obtain the master key of the control server. In this article, we extend their work to design a lightweight pseudonym identity based authentication and key agreement protocol using smart card. For illustrating the security of our protocol, we used the security protocol analysis tools of AVISPA and Scyther to prove that the protocol can defend against various existing attacks. We will further analyze the interaction between participants authentication path to ensure security protection from simulated attacks detailedly. In addition, based on the comparison of security functions and computing performance, our protocol is superior to the other two related protocols. As a result, the enhanced protocol will be efficient and secure in distributed cloud computing architecture for smart city.

scholarly journals An efficient authentication and key agreement protocol for IoT-enabled devices in distributed cloud computing architecture

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Huihui Huang ◽  
Siqi Lu ◽  
Zehui Wu ◽  
Qiang Wei
Keyword(s):  
Cloud Computing ◽  
Key Agreement ◽  
Smart Cities ◽  
Security Protocol ◽  
Security And Privacy ◽  
Computing Architecture ◽  
Authentication And Key Agreement ◽  
Key Agreement Protocol ◽  
Iot Devices ◽  
Distributed Cloud

AbstractWith the widespread use of Internet of Things and cloud computing in smart cities, various security and privacy challenges may be encountered.The most basic problem is authentication between each application, such as participating users, IoT devices, distributed servers, authentication centers, etc. In 2020, Kang et al. improved an authentication protocol for IoT-Enabled devices in a distributed cloud computing environment and its main purpose was in order to prevent counterfeiting attacks in Amin et al.’ protocol, which was published in 2018. However, We found that the Kang et al.’s protocol still has a fatal vulnerability, that is, it is attacked by offline password guessing, and malicious users can easily obtain the master key of the control server. In this article, we extend their work to design a lightweight pseudonym identity based authentication and key agreement protocol using smart card. For illustrating the security of our protocol, we used the security protocol analysis tools of AVISPA and Scyther to prove that the protocol can defend against various existing attacks. We will further analyze the interaction between participants authentication path to ensure security protection from simulated attacks detailedly. In addition, based on the comparison of security functions and computing performance, our protocol is superior to the other two related protocols. As a result, the enhanced protocol will be efficient and secure in distributed cloud computing architecture for smart city.

Sign in / Sign up

Export Citation Format

Share Document