scholarly journals A Novel Machine Learning-Based Approach for Security Analysis of Authentication and Key Agreement Protocols

2020 ◽  
Vol 2020 ◽  
pp. 1-15
Author(s):  
Behnam Zahednejad ◽  
Lishan Ke ◽  
Jing Li
Keyword(s):  
Machine Learning ◽  
Key Agreement ◽  
Security Analysis ◽  
Replay Attack ◽  
Authentication And Key Agreement ◽  
Password Guessing Attack ◽  
Dataset Size ◽  
Security Properties ◽  
Guessing Attack ◽  
Construction Model

The application of machine learning in the security analysis of authentication and key agreement protocol was first launched by Ma et al. in 2018. Although they received remarkable results with an accuracy of 72% for the first time, their analysis is limited to replay attack and key confirmation attack. In addition, their suggested framework is based on a multiclassification problem in which every protocol or dataset instance is either secure or prone to a security attack such as replay attack, key confirmation, or other attacks. In this paper, we show that multiclassification is not an appropriate framework for such analysis, since authentication protocols may suffer different attacks simultaneously. Furthermore, we consider more security properties and attacks to analyze protocols against. These properties include strong authentication and Unknown Key Share (UKS) attack, key freshness, key authentication, and password guessing attack. In addition, we propose a much more efficient dataset construction model using a tenth number of features, which improves the solving speed to a large extent. The results indicate that our proposed model outperforms the previous models by at least 10–20 percent in all of the machine learning solving algorithms such that upper-bound performance reaches an accuracy of over 80% in the analysis of all security properties and attacks. Despite the previous models, the classification accuracy of our proposed dataset construction model rises in a rational manner along with the increase of the dataset size.

Security Analysis of Two Chaotic Maps-Based Authentication Scheme

2015 ◽  
Vol 740 ◽  
pp. 885-888 ◽  
Author(s):  
Chun Xia Du ◽  
Feng Tong Wen ◽  
Hao Lin
Keyword(s):  
Information Systems ◽  
Key Agreement ◽  
Chaotic Maps ◽  
Security Analysis ◽  
Authentication Scheme ◽  
Medicine Information ◽  
Telecare Medicine Information Systems ◽  
Authentication And Key Agreement ◽  
Security Properties

In a recent paper, Chang et al. proposed an authentication scheme for E-coupon systems and proved that their scheme can prevent a range of attacks. In this paper, we reanalyze the Chang et al.’ scheme and demonstrate that it cannot resist off-line password attack, masquerading shop attack and masquerading customer attack. Moreover, it cannot achieve two security properties that is anonymity and traceability. Meanwhile, Lee proposed an efficient chaotic maps-based authentication and key agreement scheme using smartcards for telecare medicine information systems. In the scheme, we find it also cannot resist off-line password attack, masquerading attack. Unfortunately, it resists an deadly error. So the scheme cannot run.

A Simple Password-Based Authenticated Key Agreement Protocol

2011 ◽  
Vol 216 ◽  
pp. 510-513
Author(s):  
Yung Cheng Lee
Keyword(s):  
Key Agreement ◽  
Authenticated Key Agreement ◽  
Replay Attack ◽  
Computation Cost ◽  
Key Agreement Protocol ◽  
Password Guessing Attack ◽  
Modification Attack ◽  
Guessing Attack ◽  
Agreement Protocols

The authenticated key agreement protocols are widely used mechanisms for users to negotiate session keys and authenticate each other. Until now, there are many authenticated key agreement protocols proposed. However, many of them suffer from various attacks such as guessing attack, replay attack, impersonate attack, etc. In this paper, we propose a simple password-based authenticated key agreement protocol to solve these problems. The proposed protocol not only provides forward and backward secrecy, but also can resist replay attack, modification attack, and password guessing attack. Moreover, the computation cost of the protocol is very low.

scholarly journals A Time-Bound Ticket-Based Mutual Authentication Scheme for Cloud Computing

2011 ◽  
Vol 6 (2) ◽  
pp. 227 ◽  
Author(s):  
Zhuo Hao ◽  
Sheng Zhong ◽  
Nenghai Yu
Keyword(s):  
Cloud Computing ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Data Integrity ◽  
Authentication Scheme ◽  
Replay Attack ◽  
Good Efficiency ◽  
Password Guessing Attack ◽  
Integrity Checking ◽  
Guessing Attack

<p>Cloud computing is becoming popular quickly. In cloud computing, people store their important data in the cloud, which makes it important to ensure the data integrity and availability. Remote data integrity checking enables the client to perform data integrity verification without access to the complete file. This service brings convenience to clients, but degrades the server’s performance severely. Proper schemes must be designed to reduce the performance degradation.<br /> In this paper, a time-bound ticket-based mutual authentication scheme is proposed for solving this problem. The proposed authentication scheme achieves mutual authentication between the server and the client. The use of timebound tickets reduces the server’s processing overhead efficiently. The correspondence relationship between the digital ticket and the client’s smart card prevents user masquerade attack effectively. By security analysis, we show that the proposed scheme is resistant to masquerade attack, replay attack and password guessing attack. By performance analysis, we show that the proposed scheme has good efficiency. The proposed scheme is very suitable for cloud computing.</p>

scholarly journals Improvement of a Security Enhanced One-time Mutual Authentication and Key Agreement Scheme

2019 ◽  
Vol 8 (12) ◽  
pp. 5031-5036
Keyword(s):  
Smart Card ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Authentication Scheme ◽  
Authentication And Key Agreement ◽  
Password Guessing Attack ◽  
Authentication Schemes ◽  
One Time Password ◽  
Guessing Attack ◽  
Password Based Authentication

So far, many one-time password based authentication schemes have been proposed; however, none is secure enough. In 2004, W.C.Ku proposed hash-based strongpassword based authentication scheme without using smart card that is vulnerable to the password guessing attack, not achieving mutual authentication and key agreement. In this paper, we propose a new improved version of Ku’s scheme that is eliminated these weaknesses.

scholarly journals A Robust Mutual Authentication with a Key Agreement Scheme for Session Initiation Protocol

2018 ◽  
Vol 8 (10) ◽  
pp. 1789 ◽  
Author(s):  
Chien-Ming Chen ◽  
Bin Xiang ◽  
King-Hang Wang ◽  
Kuo-Hui Yeh ◽  
Tsu-Yang Wu
Keyword(s):  
Secure Communication ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Memory Device ◽  
Session Initiation Protocol ◽  
Application Layer ◽  
Password Guessing Attack ◽  
Guessing Attack ◽  
Layer Control

Session initiation protocol (SIP) is the most widely used application layer control protocol for creating, modifying, and terminating session processes. Many authentication schemes have been proposed for SIP aimed at providing secure communication. Recently, a new authentication and key agreement scheme for SIP has been proposed, and it was claimed that it could resist a variety of attacks. However, in this paper, we show that this scheme is vulnerable to an offline password guessing attack and a stolen memory device attack. Furthermore, we show that it lacks the verification mechanism for a wrong password, and that the password updating process is not efficient. To mitigate the flaws and inefficiencies of this scheme, we design a new robust mutual authentication with a key agreement scheme for SIP. A security analysis revealed that our proposed scheme was robust to several kinds of attacks. In addition, the proposed scheme was simulated by the automatic cryptographic protocol tool ProVerif. A performance analysis showed that our proposed scheme was superior to other related schemes.

scholarly journals Revisiting Anonymous Two-Factor Authentication Schemes for IoT-Enabled Devices in Cloud Computing Environments

2019 ◽  
Vol 2019 ◽  
pp. 1-13 ◽  
Author(s):  
Ping Wang ◽  
Bin Li ◽  
Hongjin Shi ◽  
Yaosheng Shen ◽  
Ding Wang
Keyword(s):  
Cloud Computing ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Replay Attack ◽  
Password Guessing Attack ◽  
Symmetric Key ◽  
Computing Environments ◽  
Guessing Attack ◽  
Key Techniques ◽  
User Friendly

Investigating the security pitfalls of cryptographic protocols is crucial to understand how to improve security. At ICCCS’17, Wu and Xu proposed an efficient smart-card-based password authentication scheme for cloud computing environments to cope with the vulnerabilities in Jiang et al.’s scheme. However, we reveal that Wu-Xu’s scheme actually is subject to various security flaws, such as offline password guessing attack and replay attack. Besides security, user friendly is also another great concern. In 2017, Roy et al. found that in most previous two-factor schemes a user has to manage different credentials for different services and further suggested a user-friendly scheme which is claimed to be suitable for multiserver architecture and robust against various attacks. In this work, we show that Roy et al.’s scheme fails to achieve truly two-factor security and shows poor scalability. At FGCS’18, Amin et al. pointed out that most of existing two-factor schemes are either insecure or inefficient for mobile devices due to the use of public-key techniques and thus suggested an improved protocol by using only light-weight symmetric key techniques. Almost at the same time, Wei et al. also observed this issue and proposed a new scheme based on symmetric key techniques with formal security proofs in the random oracle model. Nevertheless, we point out that both Amin et al.’s and Wei et al.’s schemes cannot achieve the claimed security goals (including the most crucial goal of “truly two-factor security”). Our results invalidate any use of the scrutinized schemes for cloud computing environments.

scholarly journals A Secure Authentication and Key Agreement Scheme for IoT-Based Cloud Computing Environment

Symmetry ◽  
2020 ◽  
Vol 12 (1) ◽  
pp. 150 ◽  
Author(s):  
Yicheng Yu ◽  
Liang Hu ◽  
Jianfeng Chu
Keyword(s):  
Cloud Computing ◽  
Internet Of Things ◽  
Secure Communication ◽  
Key Agreement ◽  
Security Analysis ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Authentication And Key Agreement ◽  
Insider Attack ◽  
Cloud Servers

The integration of Internet of things (IoT) and cloud computing technology has made our life more convenient in recent years. Cooperating with cloud computing, Internet of things can provide more efficient and practical services. People can accept IoT services via cloud servers anytime and anywhere in the IoT-based cloud computing environment. However, plenty of possible network attacks threaten the security of users and cloud servers. To implement effective access control and secure communication in the IoT-based cloud computing environment, identity authentication is essential. In 2016, He et al. put forward an anonymous authentication scheme, which is based on asymmetric cryptography. It is claimed that their scheme is capable of withstanding all kinds of known attacks and has good performance. However, their scheme has serious security weaknesses according to our cryptanalysis. The scheme is vulnerable to insider attack and DoS attack. For overcoming these weaknesses, we present an improved authentication and key agreement scheme for IoT-based cloud computing environment. The automated security verification (ProVerif), BAN-logic verification, and informal security analysis were performed. The results show that our proposed scheme is secure and can effectively resist all kinds of known attacks. Furthermore, compared with the original scheme in terms of security features and performance, our proposed scheme is feasible.

scholarly journals Anticollusion Attack Noninteractive Security Hierarchical Key Agreement Scheme in WHMS

2016 ◽  
Vol 2016 ◽  
pp. 1-14
Author(s):  
Kefei Mao ◽  
Jianwei Liu ◽  
Jie Chen
Keyword(s):  
Key Agreement ◽  
Security Analysis ◽  
Limited Resources ◽  
Wireless Health ◽  
Privacy And Security ◽  
Collusion Attack ◽  
Security Proof ◽  
Security Properties ◽  
Health Monitoring Systems ◽  
Biometric Information

Wireless Health Monitoring Systems (WHMS) have potential to change the way of health care and bring numbers of benefits to patients, physicians, hospitals, and society. However, there are crucial barriers not only to transmit the biometric information but also to protect the privacy and security of the patients’ information. The key agreement between two entities is an essential cryptography operation to clear the barriers. In particular, the noninteractive hierarchical key agreement scheme becomes an attractive direction in WHMS because each sensor node or gateway has limited resources and power. Recently, a noninteractive hierarchical key agreement scheme has been proposed by Kim for WHMS. However, we show that Kim’s cryptographic scheme is vulnerable to the collusion attack if the physicians can be corrupted. Obviously, it is a more practical security condition. Therefore, we proposed an improved key agreement scheme against the attack. Security proof, security analysis, and experimental results demonstrate that our proposed scheme gains enhanced security and more efficiency than Kim’s previous scheme while inheriting its qualities of one-round communication and security properties.

Sign in / Sign up

Export Citation Format

Share Document