A Lattice-Based Authentication Scheme for Roaming Service in Ubiquitous Networks with Anonymity

In the ubiquitous networks, mobile nodes can obtain roaming service that enables them to get access to the services extended by their home networks in the field of foreign network. To provide secure and anonymous communication for legal mobile users in roaming services, there should be a mutual authentication between mobile user and foreign agent with the help of home agent. There are many roaming authentication schemes which have been proposed; however, with the progress of quantum computation, quantum attack poses security threats to many traditional public key cryptography-based authentication schemes; thus, antiquantum attack roaming authentication schemes need to be investigated. On account of the limitation of computational resources for mobile nodes, a lightweight anonymous and antiquantum authentication schemes need to be developed to enable mobile nodes to roam across multiple service domains securely and seamlessly. In consideration of the advantages of lattice in antiquantum, an NTRU-based authentication scheme with provable security and conditional privacy preservation is proposed to remedy these security weaknesses. Compared with the existing scheme, the proposed scheme not only improves efficiency but also can resist the quantum attack.

Download Full-text

Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services

The Scientific World JOURNAL ◽

10.1155/2014/687879 ◽

2014 ◽

Vol 2014 ◽

pp. 1-8 ◽

Cited By ~ 1

Author(s):

Youngsook Lee ◽

Juryon Paik

Keyword(s):

Mutual Authentication ◽

Security Analysis ◽

Mobile User ◽

Authentication Scheme ◽

Third Party ◽

Dictionary Attack ◽

Session Key ◽

Foreign Agent ◽

Anonymous Authentication ◽

Man In The Middle

An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.’s scheme can be addressed without degrading the efficiency of the scheme.

Download Full-text

A New Threshold Password Authentication Scheme

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.143-144.915 ◽

2010 ◽

Vol 143-144 ◽

pp. 915-919

Author(s):

Yung Cheng Lee

Keyword(s):

Ad Hoc Networks ◽

Mobile Devices ◽

Ad Hoc ◽

Mutual Authentication ◽

Authentication Scheme ◽

Network Infrastructure ◽

Password Authentication ◽

Unauthorized Access ◽

Authentication Schemes ◽

Hoc Networks

The well-known password authentication mechanisms are widely used in networks to protect resources from unauthorized access. The ad hoc networks, due to their dynamic and lack of network infrastructure features, require authentication schemes to ensure security. In this paper, we propose a new threshold password authentication scheme for ad hoc networks. Our scheme can be efficiently implemented in mobile devices, and can achieve mutual authentication with registered users.

Download Full-text

Biometric-Based Remote Mutual Authentication Scheme for Mobile Device

10.21203/rs.3.rs-454092/v1 ◽

2021 ◽

Author(s):

Sheng-Kai Chen ◽

Jenq-Shiou Leu ◽

Hsieh Wen-Bin ◽

Jui-Tang Wang ◽

Tian Song

Keyword(s):

Smart Card ◽

Mobile Device ◽

Communication Channel ◽

User Authentication ◽

Mutual Authentication ◽

Authentication Scheme ◽

Mobile Payment ◽

Remote Authentication ◽

Authentication Schemes ◽

Remote User

Abstract Remote user authentication schemes provide a system to verify the legitimacy of remote users’ authentication request over insecure communication channel. In last years, many authentication schemes using password and smart card have been proposed. However, password might be revealed or forgotten and smart card might be shared, lost or stolen. In contrast, the biometrics, such as face, ﬁngerprint or iris, have no such weakness. With the trend of mobile payment, more and more applications of mobile payment use biometrics to replace password and smart card. In this paper, we propose a biometric-based remote authentication scheme substituting biometric and mobile device bounded by user for password and smart card. This scheme is more convenient, suitable and securer than the schemes using smart cards on mobile payment environment.

Download Full-text

Authentication protocols for smart homes

10.32920/ryerson.14652960 ◽

2021 ◽

Author(s):

Maninder Singh Raniyal

Keyword(s):

Smart Home ◽

User Authentication ◽

Mutual Authentication ◽

Smart Homes ◽

Authentication Scheme ◽

Security Requirements ◽

Iot Security ◽

Communication Topology ◽

User Authentication Scheme ◽

Authentication Schemes

One of the IoT's greatest opportunity and application still lies ahead in the form of smart home. In this ubiquitous/automated environment, due to the most likely heterogeneity of objects, communication, topology, security protocols, and the computationally limited na- ture of IoT objects, conventional authentication schemes may not comply with IoT security requirements since they are considered impractical, weak, or outdated. This thesis proposes: (1) The design of a two-factor device-to-device (D2D) Mutual Authentication Scheme for Smart Homes using OTP over Infrared Channel (referred to as D2DA-OTP-IC scheme); (2) The design of two proxy-password protected OTP-based schemes for smart homes, namely, the Password Protected Inter-device OTP-based Authentication scheme over Infrared Chan- nel and the Password Protected Inter-device OTP-based Authentication scheme using public key infrastructure; and (3) The design of a RSA-based two-factor user Authentication scheme for Smart Home using Smart Card.

Download Full-text

Rotating behind Privacy: An Improved Lightweight Authentication Scheme for Cloud-based IoT Environment

ACM Transactions on Internet Technology ◽

10.1145/3425707 ◽

2021 ◽

Vol 21 (3) ◽

pp. 1-19

Author(s):

Shehzad Ashraf Chaudhry ◽

Azeem Irshad ◽

Khalid Yahya ◽

Neeraj Kumar ◽

Mamoun Alazab ◽

...

Keyword(s):

Mutual Authentication ◽

Authentication Scheme ◽

Security Requirements ◽

User Privacy ◽

Registered User ◽

Authentication Schemes ◽

A Minor ◽

Lightweight Authentication ◽

Privacy And Anonymity ◽

The Internet Of Things

The advancements in the internet of things (IoT) require specialized security protocols to provide unbreakable security along with computation and communication efficiencies. Moreover, user privacy and anonymity has emerged as an integral part, along with other security requirements. Unfortunately, many recent authentication schemes to secure IoT-based systems were either proved as vulnerable to different attacks or prey of inefficiencies. Some of these schemes suffer from a faulty design that happened mainly owing to undue emphasis on privacy and anonymity alongside performance efficiency. This article aims to show the design faults by analyzing a very recent hash functions-based authentication scheme for cloud-based IoT systems with misunderstood privacy cum efficiency tradeoff owing to an unadorned design flaw, which is also present in many other such schemes. Precisely, it is proved in this article that the scheme of Wazid et al. cannot provide mutual authentication and key agreement between a user and a sensor node when there exists more than one registered user. We then proposed an improved scheme and proved its security through formal and informal methods. The proposed scheme completes the authentication cycle with a minor increase in computation cost but provides all security goals along with privacy.

Download Full-text

An Efficient Mobile User Authentication Scheme with User Anonymity for Wireless Communications

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.631-632.906 ◽

2014 ◽

Vol 631-632 ◽

pp. 906-909

Author(s):

Wei Jing Li ◽

Ping Zhu ◽

Hua Zhang ◽

Zheng Ping Jin

Keyword(s):

Wireless Communications ◽

Performance Analysis ◽

Elliptic Curve Cryptography ◽

User Authentication ◽

Mobile User ◽

User Anonymity ◽

Authentication Scheme ◽

User Authentication Scheme ◽

Authentication Schemes ◽

And Performance

Recently, many mobile user authentication schemes with user anonymity for wireless communications have been proposed. In 2012, Li and Lee proposed a novel user authentication and privacy preserving scheme with smart cards for wireless communications. In 2013, Jeon et al. proposed an improved user authentication scheme, and claimed their scheme achieves user anonymity and more efficient. On the basis of their work, we put forward a new user authentication scheme using elliptic curve cryptography with user anonymity for wireless communications. The security and performance analysis show that the new scheme is more secure and efficient for wireless communications.

Download Full-text

Robust and Efficient Authentication Scheme for Session Initiation Protocol

Mathematical Problems in Engineering ◽

10.1155/2015/894549 ◽

2015 ◽

Vol 2015 ◽

pp. 1-9 ◽

Cited By ~ 9

Author(s):

Yanrong Lu ◽

Lixiang Li ◽

Yixian Yang

Keyword(s):

Performance Analysis ◽

Key Agreement ◽

Mutual Authentication ◽

Session Initiation Protocol ◽

Authentication Scheme ◽

Application Layer ◽

Crucial Issue ◽

Authentication And Key Agreement ◽

Authentication Schemes ◽

Key Compromise Impersonation

The session initiation protocol (SIP) is a powerful application-layer protocol which is used as a signaling one for establishing, modifying, and terminating sessions among participants. Authentication is becoming an increasingly crucial issue when a user asks to access SIP services. Hitherto, many authentication schemes have been proposed to enhance the security of SIP. In 2014, Arshad and Nikooghadam proposed an enhanced authentication and key agreement scheme for SIP and claimed that their scheme could withstand various attacks. However, in this paper, we show that Arshad and Nikooghadam’s authentication scheme is still susceptible to key-compromise impersonation and trace attacks and does not provide proper mutual authentication. To conquer the flaws, we propose a secure and efficient ECC-based authentication scheme for SIP. Through the informal and formal security analyses, we demonstrate that our scheme is resilient to possible known attacks including the attacks found in Arshad et al.’s scheme. In addition, the performance analysis shows that our scheme has similar or better efficiency in comparison with other existing ECC-based authentication schemes for SIP.

Download Full-text

Authentication protocols for smart homes

10.32920/ryerson.14652960.v1 ◽

2021 ◽

Author(s):

Maninder Singh Raniyal

Keyword(s):

Smart Home ◽

User Authentication ◽

Mutual Authentication ◽

Smart Homes ◽

Authentication Scheme ◽

Security Requirements ◽

Iot Security ◽

Communication Topology ◽

User Authentication Scheme ◽

Authentication Schemes

Download Full-text

Improvement of a Security Enhanced One-time Mutual Authentication and Key Agreement Scheme

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.l3761.1081219 ◽

2019 ◽

Vol 8 (12) ◽

pp. 5031-5036

Keyword(s):

Smart Card ◽

Key Agreement ◽

Mutual Authentication ◽

Authentication Scheme ◽

Authentication And Key Agreement ◽

Password Guessing Attack ◽

Authentication Schemes ◽

One Time Password ◽

Guessing Attack ◽

Password Based Authentication

So far, many one-time password based authentication schemes have been proposed; however, none is secure enough. In 2004, W.C.Ku proposed hash-based strongpassword based authentication scheme without using smart card that is vulnerable to the password guessing attack, not achieving mutual authentication and key agreement. In this paper, we propose a new improved version of Ku’s scheme that is eliminated these weaknesses.

Download Full-text

DIRECTED USER AUTHENTICATION SCHEME BASED ON DISCRETE LOGARITHM

Journal of Circuits System and Computers ◽

10.1142/s0218126699000244 ◽

1999 ◽

Vol 09 (05n06) ◽

pp. 299-306 ◽

Cited By ~ 2

Author(s):

SHAOHUA TANG ◽

WEIHUA MA

Keyword(s):

User Authentication ◽

Mutual Authentication ◽

Discrete Logarithm ◽

Authentication Scheme ◽

User Authentication Scheme ◽

Authentication Schemes ◽

And Performance

One new concept, "directed" authentication is presented in this letter. By "directed", we mean "of one direction", i.e., only the specified verifier can validate the verifiee's identity, anyone else cannot verify it without the help of this specified verifier. One strong directed authentication scheme based on the discrete logarithm is proposed in this letter, and the security and performance of which are also analyzed. It is shown in this letter that the proposed scheme is secure and the performance is superior to those of the mutual authentication schemes based on ID-based cryptosystems.

Download Full-text