An Improved Anonymous Authentication Protocol for Wearable Health Monitoring Systems

Wearable health monitoring system (WHMS), which helps medical professionals to collect patients’ healthcare data and provides diagnosis via mobile devices, has become increasingly popular thanks to the significant advances in the wireless sensor network. Because health data are privacy-related, they should be protected from illegal access when transmitted over a public wireless channel. Recently, Jiang et al. presented a two-factor authentication protocol on quadratic residues with fuzzy verifier for WHMS. However, we observe that their scheme is vulnerable to known session special temporary information (KSSTI) attack, privileged insider attack, and denial-of-service (DoS) attack. To defeat these weaknesses, we propose an improved two-factor authentication and key agreement scheme for WHMS. Through rigorous formal proofs under the random oracle model and comprehensive informal security analysis, we demonstrate that the improved scheme overcomes the disadvantages of Jiang et al.’s protocol and withstands possible known attacks. In addition, comparisons with several relevant protocols show that the proposed scheme achieves more security features and has suitable efficiency. Thus, our scheme is a reasonable authentication solution for WHMS.

Download Full-text

Lightweight Authentication Protocol for NFC based Anti-Counterfeiting System in IoT Infrastructure

International Journal for Research in Applied Science and Engineering Technology ◽

10.22214/ijraset.2021.35473 ◽

2021 ◽

Vol 9 (VI) ◽

pp. 2138-2143

Author(s):

Dr. Rekha N

Keyword(s):

Near Field ◽

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Authentication Protocol ◽

Health Issues ◽

Manufacturing Companies ◽

Mobile Environment ◽

Face Threats ◽

Lightweight Authentication

Counterfeit medications are known as the medications that were manufactured for the purpose of deceptively representing as authentic, effective and original in the market. Such medications cause severe health issues for patients. Counterfeited drugs have an inimical effect on the human health. The legal manufacturing companies also face threats to their revenue loss due to these counterfeited medicines. In this paper, we introduce a novel authentication protocol for anti-counterfeited drugs systems based on Internet of Things (IoT) to help checking the validity of drugs ‘‘unit dosage’’. Our protocol uses the near-field communication (NFC) as it is convenient for mobile environment. The protocol also offers reliable update phase for NFC. Furthermore, our scheme is complemented with performance evaluation along with the use of random oracle model for formal security analysis.

Download Full-text

Efficient Group ID-Based Encryption With Equality Test Against Insider Attack

The Computer Journal ◽

10.1093/comjnl/bxaa120 ◽

2020 ◽

Author(s):

Yunhao Ling ◽

Sha Ma ◽

Qiong Huang ◽

Ximing Li ◽

Yijian Zhong ◽

...

Keyword(s):

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Insider Attack ◽

Efficient Test ◽

Public Keys ◽

Test Algorithm ◽

The Cost ◽

And Storage ◽

Equality Test

Abstract ID-based encryption with equality test (IBEET) allows a tester to compare ciphertexts encrypted under different public keys for checking whether they contain the same message. In this paper, we first introduce group mechanism into IBEET and propose a new primitive, namely group ID-based encryption with equality test (G-IBEET). With the group mechanism: (1) group administrator can authorize a tester to make comparison between ciphertexts of group users, but it cannot compare their ciphertexts with any ciphertext of any user who is not in the group. Such group granularity authorization can make IBEET that adapts to group scenario; (2) for the group granularity authorization, only one trapdoor, named group trapdoor, should be issued to the tester, which can greatly reduce the cost of computation, transmission and storage of trapdoors in traditional IBEET schemes; (3) G-IBEET can resist the insider attack launched by the authorized tester, which is an open problem in IBEET. We give definitions for G-IBEET and propose a concrete construction with an efficient test algorithm. We then give its security analysis in the random oracle model.

Download Full-text

A Mutual Authentication Protocol with Resynchronisation Capability for Mobile Satellite Communications

Privacy Solutions and Security Frameworks in Information Protection ◽

10.4018/978-1-4666-2050-6.ch003 ◽

2013 ◽

pp. 35-51

Author(s):

Ioana Lasc ◽

Reiner Dojen ◽

Tom Coffey

Keyword(s):

Denial Of Service ◽

Mutual Authentication ◽

Security Analysis ◽

Service Condition ◽

Satellite Communications ◽

Authentication Protocol ◽

Security Protocol ◽

New Type ◽

Mobile Satellite ◽

Mutual Authentication Protocol

Many peer-to-peer security protocols proposed for wireless communications use one-time shared secrets for authentication purposes. This paper analyses online update mechanisms for one-time shared secrets. A new type of attack against update mechanisms, called desynchronisation attack, is introduced. This type of attack may lead to a permanent denial of service condition. A case study demonstrates the effectiveness of desynchronisation attacks against a security protocol for mobile satellite communications. A new mutual authentication protocol for satellite communications, incorporating a resynchronisation capability, is proposed to counter the disruptive effects of desynchronisation attacks. The new protocol has an esynchronisation phase that is initiated whenever desynchronisation is suspected. Thus, the possibility of causing permanent denial of service conditions by mounting desynchronisation attacks is eliminated. A security analysis of the proposed protocol establishes its resistance against attacks like replay attacks, dictionary attacks, and desynchronisation attacks.

Download Full-text

An efficient certificateless multi-receiver threshold decryption scheme

RAIRO - Theoretical Informatics and Applications ◽

10.1051/ita/2019001 ◽

2019 ◽

Vol 53 (1-2) ◽

pp. 67-84 ◽

Cited By ~ 1

Author(s):

Ronghai Gao ◽

Jiwen Zeng ◽

Lunzhi Deng

Keyword(s):

Security Analysis ◽

Mobile Network ◽

Random Oracle Model ◽

Bilinear Pairings ◽

Random Oracle ◽

Bilinear Pairing ◽

Public And Private ◽

The Public ◽

Public Keys ◽

Threshold Decryption

Threshold decryption allows only quorum cooperate users to decrypt ciphertext encrypted under a public key. However, such threshold decryption scheme cannot be applied well in this situation where all users have their public and private key pairs, but do not share any private keys corresponding to the public keys, such as mobile network featured with dynamic character. The direct way to achieve threshold decryption in this case is to divide the message into several pieces and then encrypt these pieces with the public keys of different users. However, this is very inefficient. Multireceiver threshold decryption scheme that could be applied efficiently in the above situation. Recently, some certificateless (ID-based) multireceiver threshold decryption (signcryption) schemes are introduced. But the bilinear pairings are used in most of the existing schemes. In this paper, we propose an efficient certificateless threshold decryption scheme using elliptic curve cryptography (ECC) without bilinear pairing. Performance analysis shows that the proposed scheme has lower computation cost than existing some threshold decryption schemes in both encryption and decryption process. Security analysis shows that our scheme is IND-CCA secure, and no one outside of selected receivers can disclose receivers identities, against the adversaries defined in CL-PKC system under the random oracle model.

Download Full-text

Provably Secure Crossdomain Multifactor Authentication Protocol for Wearable Health Monitoring Systems

Wireless Communications and Mobile Computing ◽

10.1155/2020/8818704 ◽

2020 ◽

Vol 2020 ◽

pp. 1-13

Author(s):

Hui Zhang ◽

Yuanyuan Qian ◽

Qi Jiang

Keyword(s):

Health Monitoring ◽

Security Analysis ◽

Wearable Devices ◽

Authentication Protocol ◽

Security And Privacy ◽

Monitoring Systems ◽

Multifactor Authentication ◽

Health Monitoring Systems ◽

Wearable Health Monitoring Systems ◽

Provably Secure

Wearable health monitoring systems (WHMSs) have become the most effective and practical solutions to provide users with low-cost, noninvasive, long-term continuous health monitoring. Authentication is one of the key means to ensure physiological information security and privacy. Although numerous authentication protocols have been proposed, few of them cater to crossdomain WHMSs. In this paper, we present an efficient and provably secure crossdomain multifactor authentication protocol for WHMSs. First, we propose a ticket-based authentication model for multidomain WHMSs. Specifically, a mobile device of one domain can request a ticket from the cloud server of another domain with which wearable devices are registered and remotely access the wearable devices with the ticket. Secondly, we propose a crossdomain three-factor authentication scheme based on the above model. Only a doctor who can present all three factors can request a legitimate ticket and use it to access the wearable devices. Finally, a comprehensive security analysis of the proposed scheme is carried out. In particular, we give a provable security analysis in the random oracle model. The comparisons of security and efficiency with the related schemes demonstrate that the proposed scheme is secure and practical.

Download Full-text

An Efficient Chaotic Map-Based Authentication Scheme with Mutual Anonymity

Applied Computational Intelligence and Soft Computing ◽

10.1155/2016/3916942 ◽

2016 ◽

Vol 2016 ◽

pp. 1-10

Author(s):

Yousheng Zhou ◽

Junfeng Zhou ◽

Feng Wang ◽

Feng Guo

Keyword(s):

Key Management ◽

Chaotic Map ◽

Mutual Authentication ◽

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Authentication Scheme ◽

Session Key ◽

The Real ◽

Shared Key

A chaotic map-based mutual authentication scheme with strong anonymity is proposed in this paper, in which the real identity of the user is encrypted with a shared key between the user and the trusted server. Only the trusted server can determine the real identity of a user during the authentication, and any other entities including other users of the system get nothing about the user’s real identity. In addition, the shared key of encryption can be easily computed by the user and trusted server using the Chebyshev map without additional burdensome key management. Once the partnered two users are authenticated by the trusted server, they can easily proceed with the agreement of the session key. Formal security analysis demonstrates that the proposed scheme is secure under the random oracle model.

Download Full-text

Improving an Anonymous and Provably Secure Authentication Protocol for a Mobile User

Security and Communication Networks ◽

10.1155/2017/1378128 ◽

2017 ◽

Vol 2017 ◽

pp. 1-13 ◽

Cited By ~ 8

Author(s):

Jongho Moon ◽

Youngsook Lee ◽

Jiye Kim ◽

Dongho Won

Keyword(s):

Chaotic Map ◽

Mutual Authentication ◽

Security Analysis ◽

Random Oracle ◽

Authentication Protocol ◽

Mobile User ◽

Internet Security ◽

Computationally Efficient ◽

Fuzzy Extractor ◽

On Line

Recently many authentication protocols using an extended chaotic map were suggested for a mobile user. Many researchers demonstrated that authentication protocol needs to provide key agreement, mutual authentication, and user anonymity between mobile user and server and resilience to many possible attacks. In this paper, we cautiously analyzed chaotic-map-based authentication scheme and proved that it is still insecure to off-line identity guessing, user and server impersonation, and on-line identity guessing attacks. To address these vulnerabilities, we proposed an improved protocol based on an extended chaotic map and a fuzzy extractor. We proved the security of the proposed protocol using a random oracle and AVISPA (Automated Validation of Internet Security Protocols and Applications) tool. Furthermore, we present an informal security analysis to make sure that the improved protocol is invulnerable to possible attacks. The proposed protocol is also computationally efficient when compared to other previous protocols.

Download Full-text

Efficient Certificateless Conditional Privacy-Preserving Authentication Scheme in VANETs

Mobile Information Systems ◽

10.1155/2019/7593138 ◽

2019 ◽

Vol 2019 ◽

pp. 1-19 ◽

Cited By ~ 12

Author(s):

Yang Ming ◽

Hongliang Cheng

Keyword(s):

Traffic Safety ◽

Vehicular Ad Hoc Networks ◽

Ad Hoc ◽

Security Analysis ◽

Real Life ◽

Random Oracle Model ◽

Random Oracle ◽

Privacy Preserving ◽

Bilinear Pairing ◽

Security And Privacy

Vehicular ad hoc networks (VANETs) are an increasing important paradigm for greatly enhancing roadway system efficiency and traffic safety. To widely deploy VANETs in real life, it is critical to deal with the security and privacy issues in VANETs. In this paper, we propose a certificateless conditional privacy preserving authentication (CCPPA) scheme based on certificateless cryptography and elliptic curve cryptography for secure vehicle-to-infrastructure communication in VANETs. In the proposed scheme, a roadside unit (RSU) can simultaneously verify plenty of received messages such that the total verification time may be sharply decreased. Furthermore, the security analysis indicates that the proposed scheme is provably secure in the random oracle model and fulfills all the requirements on security and privacy. To further improve efficiency, both map-to-point hash operation and bilinear pairing operation are not employed. Compared with previous CCPPA schemes, the proposed scheme prominently cuts down computation delay of message signing and verification by 66.9%–85.5% and 91.8%–93.4%, respectively, and reduces communication cost by 44.4%. Extensive simulations show that the proposed scheme is practicable and achieves prominent performances of very little average message delay and average message loss ratio and thus is appropriate for realistic applications.

Download Full-text

Efficient Certificateless Anonymous Multi-Receiver Encryption Scheme without Bilinear Parings

Mathematical Problems in Engineering ◽

10.1155/2018/1486437 ◽

2018 ◽

Vol 2018 ◽

pp. 1-13 ◽

Cited By ~ 2

Author(s):

Ronghai Gao ◽

Jiwen Zeng ◽

Lunzhi Deng

Keyword(s):

Mobile Devices ◽

Security Analysis ◽

Mobile Network ◽

Random Oracle Model ◽

Random Oracle ◽

Bilinear Pairing ◽

Internet Technology ◽

Security And Privacy ◽

Encryption Scheme ◽

The Troubles

With the growing development of Internet technology and popularization of mobile devices, we easily access the Internet anytime and anywhere by mobile devices. It has brought great convenience for our lives. But it brought more challenges than traditional wired communication, such as confidentiality and privacy. In order to improve security and privacy protection in using mobile network, numerous multi-receiver identity-based encryption schemes have been proposed with bilinear pairing and probabilistic hap-to-point (HTP) function. To address the troubles of private key escrow in multi-receiver encryption scheme based on ID-PKC, recently, some certificateless anonymous multi-receiver encryption (CLAMRE) schemes are introduced. But previous CLAMRE schemes using the bilinear pairing are not suitable to mobile device because the use of bilinear pairing and probabilistic hash-to-point (HTP) function results in expensive operation costs in encryption or decryption. In this paper, we propose an efficient CLAMRE scheme using elliptic curve cryptography (ECC) without bilinear pairing and HTP hash function. Since our scheme does not use bilinear pairing and HTP operation during the encryption and decryption process, the proposed CLAMRE scheme has much less computation cost than the latest CLAMRE schemes. Performance analysis shows that runtime of our scheme is much less when the sender generates ciphertext, compared with existing schemes. Security analysis shows proposed CLAMRE scheme provides confidentiality of message and receiver anonymity under the random oracle model with the difficulties of decision Diffie-Hellman problem and against the adversaries defined in CL-PKC system.

Download Full-text

A Multi-User, Single-Authentication Protocol for Smart Grid Architectures

Sensors ◽

10.3390/s20061581 ◽

2020 ◽

Vol 20 (6) ◽

pp. 1581

Author(s):

Ahmed S. Alfakeeh ◽

Sarmadullah Khan ◽

Ali Hilal Al-Bayatti

Keyword(s):

Smart Grid ◽

Demand Response ◽

Security Analysis ◽

Authentication Protocol ◽

Wireless Channel ◽

Public Key ◽

Sensitive Information ◽

Session Key ◽

Fine Grained ◽

Smart Grid System

In a smart grid system, the utility server collects data from various smart grid devices. These data play an important role in the energy distribution and balancing between the energy providers and energy consumers. However, these data are prone to tampering attacks by an attacker, while traversing from the smart grid devices to the utility servers, which may result in energy disruption or imbalance. Thus, an authentication is mandatory to efficiently authenticate the devices and the utility servers and avoid tampering attacks. To this end, a group authentication algorithm is proposed for preserving demand–response security in a smart grid. The proposed mechanism also provides a fine-grained access control feature where the utility server can only access a limited number of smart grid devices. The initial authentication between the utility server and smart grid device in a group involves a single public key operation, while the subsequent authentications with the same device or other devices in the same group do not need a public key operation. This reduces the overall computation and communication overheads and takes less time to successfully establish a secret session key, which is used to exchange sensitive information over an unsecured wireless channel. The resilience of the proposed algorithm is tested against various attacks using formal and informal security analysis.

Download Full-text