scholarly journals Anonymous and Efficient Message Authentication Scheme for Smart Grid

2019 ◽  
Vol 2019 ◽  
pp. 1-12 ◽  
Author(s):  
Libing Wu ◽  
Jing Wang ◽  
Sherali Zeadally ◽  
Debiao He
Keyword(s):  
Smart Grid ◽  
Power Flow ◽  
Denial Of Service ◽  
Mutual Authentication ◽  
Authentication Scheme ◽  
Impersonation Attack ◽  
Message Authentication ◽  
Electricity Grid ◽  
Denial Of Service Attack ◽  
And Performance

Smart grid has emerged as the next-generation electricity grid with power flow optimization and high power quality. Smart grid technologies have attracted the attention of industry and academia in the last few years. However, the tradeoff between security and efficiency remains a challenge in the practical deployment of the smart grid. Most recently, Li et al. proposed a lightweight message authentication scheme with user anonymity and claimed that their scheme is provably secure. But we found that their scheme fails to achieve mutual authentication and mitigate some typical attacks (e.g., impersonation attack, denial of service attack) in the smart grid environment. To address these drawbacks, we present a new message authentication scheme with reasonable efficiency. Security and performance analysis results show that the proposed scheme can satisfy the security and lightweight requirements of practical implementations and deployments of the smart grid.

On the Security of the Discrete Logarithm Based Remote Authentication Scheme Using Smart Cards

2013 ◽  
Vol 479-480 ◽  
pp. 963-967
Author(s):  
Yung Cheng Lee ◽  
Pei Ju Lee
Keyword(s):  
Denial Of Service ◽  
Mutual Authentication ◽  
Discrete Logarithm ◽  
Smart Cards ◽  
Authentication Scheme ◽  
Forgery Attack ◽  
Denial Of Service Attack ◽  
Remote Authentication ◽  
Service Attack ◽  
Stolen Verifier Attack

Nowadays, we can easily obtain variety of services through network. But due to the open environment, networks are vulnerable to variety of security threats. Ramasamy et al. proposed a discrete logarithm based remote authentication scheme with smart cards. Their scheme provides mutual authentication and withstanding the denial of service attack, forgery attack, parallel session attack and smart card loss attack. In this article, we show that their scheme is not a practical solution for remote accessing. It also lacks key agreement mechanism; and users cannot update password freely. Moreover, their scheme cannot resist the stolen verifier attack and off-line guessing attack.

scholarly journals A Provably Secure Biometrics-Based Authentication Scheme for Multiserver Environment

2019 ◽  
Vol 2019 ◽  
pp. 1-15 ◽  
Author(s):  
Feifei Wang ◽  
Guoai Xu ◽  
Chenyu Wang ◽  
Junhao Peng
Keyword(s):  
High Efficiency ◽  
Rapid Development ◽  
Denial Of Service ◽  
Mutual Authentication ◽  
Mobile Services ◽  
Authentication Scheme ◽  
Impersonation Attack ◽  
Careful Examination ◽  
Session Key ◽  
Provably Secure

With the rapid development of mobile services, multiserver authentication protocol with its high efficiency has emerged as an indispensable security mechanism for mobile services. Recently, Ali et al. introduced a biometric-based multiserver authentication scheme and claimed the scheme is resistant to various attacks. However, after a careful examination, we find that Ali et al.’s scheme is vulnerable to various security attacks, such as user impersonation attack, server impersonation attack, privileged insider attack, denial of service attack, fails to provide forward secrecy and three-factor secrecy. To overcome these weaknesses, we propose an improved biometric-based multiserver authentication scheme using elliptic curve cryptosystem. Formal security analysis under the random oracle model proves that our scheme is provably secure. Furthermore, BAN (Burrows-Abadi-Needham) logic analysis demonstrates our scheme achieves mutual authentication and session key agreement. In addition, the informal analysis proves that our scheme is secure against all current known attacks and achieves desirable features. Besides, the performance and security comparison shows that our scheme is superior to related schemes.

scholarly journals An Improved and Privacy-Preserving Mutual Authentication Scheme with Forward Secrecy in VANETs

2021 ◽  
Vol 2021 ◽  
pp. 1-12
Author(s):  
Mengting Yao ◽  
Xiaoming Wang ◽  
Qingqing Gan ◽  
Yijian Lin ◽  
Chengpeng Huang
Keyword(s):  
Mutual Authentication ◽  
Privacy Preserving ◽  
Identity Authentication ◽  
Authentication Scheme ◽  
Security And Privacy ◽  
Impersonation Attack ◽  
Message Authentication ◽  
Forward Secrecy ◽  
Open Communication ◽  
Security Proof

Vehicular ad hoc network (VANETs) plays a major part in intelligent transportation to enhance traffic efficiency and safety. Security and privacy are the essential matters needed to be tackled due to the open communication channel. Most of the existing schemes only provide message authentication without identity authentication, especially the inability to support forward secrecy which is a major security goal of authentication schemes. In this article, we propose a privacy-preserving mutual authentication scheme with batch verification for VANETs which support both message authentication and identity authentication. More importantly, the proposed scheme achieves forward secrecy, which means the exposure of the shared key will not compromise the previous interaction. The security proof shows that our scheme can withstand various known security attacks, such as the impersonation attack and forgery attack. The experiment analysis results based on communication and computation cost demonstrate that our scheme is more efficient compared with the related schemes.

scholarly journals A lightweight authentication and key agreement scheme for smart grid

2017 ◽  
Vol 13 (2) ◽  
pp. 155014771769417 ◽  
Author(s):  
Lili Yan ◽  
Yan Chang ◽  
Shibin Zhang
Keyword(s):  
Smart Grid ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Special Importance ◽  
Advanced Metering Infrastructure ◽  
Electrical Grid ◽  
Authentication And Key Agreement ◽  
And Performance ◽  
Advanced Metering ◽  
Lightweight Authentication

Smart grid is a modernized electrical grid. It is used to collect information about behaviors of suppliers and consumers and improve the efficiency, reliability, and economics of electricity. Recently, advanced metering infrastructure is proposed as a critical part of the smart grid. The security of advanced metering infrastructure is special importance for smart grid. In order to achieve data confidentiality, privacy, and authentication in advanced metering infrastructure, a lightweight authentication and key agreement scheme is proposed in this article. The scheme provides mutual authentication, key agreement, key refreshment, and multicast mechanism which can prevent various attacks. Furthermore, we analyze the security and performance of the scheme. The analysis shows that the proposed scheme is suitable for smart grid.

Cryptanalysis of an Anonymous Message Authentication Scheme for Smart Grid

2020 ◽  
pp. 455-461
Author(s):  
Xiao-Cong Liang ◽  
Tsu-Yang Wu ◽  
Yu-Qi Lee ◽  
Tao Wang ◽  
Chien-Ming Chen ◽  
...  
Keyword(s):  
Smart Grid ◽  
Authentication Scheme ◽  
Message Authentication

scholarly journals Analysis and Enhancement of a Password Authentication and Update Scheme Based on Elliptic Curve Cryptography

2014 ◽  
Vol 2014 ◽  
pp. 1-11 ◽  
Author(s):  
Lili Wang
Keyword(s):  
Denial Of Service ◽  
Impersonation Attack ◽  
Password Authentication ◽  
Denial Of Service Attack ◽  
Password Guessing Attack ◽  
Insider Attack ◽  
Service Attack ◽  
Low Performance ◽  
Guessing Attack ◽  
Stolen Verifier Attack

Recently, a password authentication and update scheme has been presented by Islam and Biswas to remove the security weaknesses in Lin and Huang’s scheme. Unfortunately, He et al., Wang et al., and Li have found out that Islam and Biswas’ improvement was vulnerable to offline password guessing attack, stolen verifier attack, privilege insider attack, and denial of service attack. In this paper, we further analyze Islam and Biswas’ scheme and demonstrate that their scheme cannot resist password compromise impersonation attack. In order to remedy the weaknesses mentioned above, we propose an improved anonymous remote authentication scheme using smart card without using bilinear paring computation. In addition, the verifier tables are no longer existent, and the privacy of users could be protected better. Furthermore, our proposal not only inherits the advantages in Islam and Biswas’ scheme, but also provides more features, including preserving user anonymity, supporting offline password change, revocation, reregistration with the same identifier, and system update. Finally, we compare our enhancement with related works to illustrate that the improvement is more secure and robust, while maintaining low performance cost.

scholarly journals Provable Secure and Efficient Digital Rights Management Authentication Scheme Using Smart Card Based on Elliptic Curve Cryptography

2015 ◽  
Vol 2015 ◽  
pp. 1-16
Author(s):  
Yuanyuan Zhang ◽  
Muhammad Khurram Khan ◽  
Jianhua Chen ◽  
Debiao He
Keyword(s):  
Elliptic Curve ◽  
Smart Card ◽  
Elliptic Curve Cryptography ◽  
Denial Of Service ◽  
Digital Rights Management ◽  
Authentication Scheme ◽  
Session Key ◽  
Digital Rights ◽  
Denial Of Service Attack ◽  
Rights Management

Since the concept of ubiquitous computing is firstly proposed by Mark Weiser, its connotation has been extending and expanding by many scholars. In pervasive computing application environment, many kinds of small devices containing smart cart are used to communicate with others. In 2013, Yang et al. proposed an enhanced authentication scheme using smart card for digital rights management. They demonstrated that their scheme is secure enough. However, Mishra et al. pointed out that Yang et al.’s scheme suffers from the password guessing attack and the denial of service attack. Moreover, they also demonstrated that Yang et al.’s scheme is not efficient enough when the user inputs an incorrect password. In this paper, we analyze Yang et al.’s scheme again, and find that their scheme is vulnerable to the session key attack. And, there are some mistakes in their scheme. To surmount the weakness of Yang et al.’s scheme, we propose a more efficient and provable secure digital rights management authentication scheme using smart card based on elliptic curve cryptography.

scholarly journals An Anonymous and Efficient ECC-Based Authentication Scheme for SIP

2020 ◽  
Vol 2020 ◽  
pp. 1-11
Author(s):  
Yousheng Zhou ◽  
Xinyun Chen
Keyword(s):  
Performance Analysis ◽  
Elliptic Curve ◽  
Elliptic Curve Cryptography ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Impersonation Attack ◽  
Authentication Schemes ◽  
And Performance ◽  
Secure Authentication ◽  
Key Compromise Impersonation

Session initiation protocol (SIP), a widely used signal protocol for controlling multimedia communication sessions, is under numerous attacks when performing the authentication steps between the user and server. So secure authentication schemes are needed to be presented for SIP. Recently, Arshad et al. advanced novel schemes for SIP using elliptic curve cryptography (ECC) and claimed their schemes can resist various attacks. However, Lu et al. found that Arshad et al.’s scheme cannot resist trace and key-compromise impersonation attacks; hence, it cannot provide proper mutual authentication. Meanwhile, an enhanced scheme was advanced by Lu et al. and they stated that their scheme can stand up to possible known attacks. Nevertheless, in this paper, we conclude that Arshad and Nikooghadam’s scheme is insecure against impersonation attack and Lu et al.’s scheme is still vulnerable to impersonation attack. To overcome these weaknesses of their schemes, we present a novel anonymous ECC-based scheme for SIP. Security analysis and performance analysis show that our proposed scheme can resist various known attacks and efficient in the meantime.

scholarly journals Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards

2012 ◽  
Vol 2012 ◽  
pp. 1-6 ◽  
Author(s):  
Younghwa An
Keyword(s):  
User Authentication ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Smart Cards ◽  
Authentication Scheme ◽  
Impersonation Attack ◽  
Insider Attack ◽  
Remote User Authentication ◽  
User Authentication Scheme ◽  
Remote User

Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das’s authentication scheme, and we have shown that Das’s authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das’s authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

Sign in / Sign up

Export Citation Format

Share Document