scholarly journals A Blockchain-Based Hierarchical Authentication Scheme for Multiserver Architecture

2021 ◽  
Vol 2021 ◽  
pp. 1-20
Author(s):  
Miqi Wu ◽  
Lin You ◽  
Gengran Hu ◽  
Liang Li ◽  
Chengtang Cao
Keyword(s):  
Secure Communication ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Authentication Scheme ◽  
Security Risks ◽  
Private Key ◽  
Blockchain Technology ◽  
Man In The Middle ◽  
User Revocation ◽  
Authentication Schemes

In a multiserver architecture, authentication schemes play an important role in the secure communication of the system. In many multiserver authentication schemes, the security of the mutual authentications among the participants is based on the security of the registration center’s private key. This centralized architecture can create security risks due to the leakage of the registration center’s private key. Blockchain technology, with its decentralized, tamper-proof, and distributed features, can provide a new solution for multiserver authentication schemes. In a lot of multiserver authentication schemes, users’ permission is generally controlled by the registration center (RC), but these permission control methods cannot be applied in the decentralized blockchain system. In this paper, a blockchain-based authentication scheme for multiserver architecture is proposed. Our scheme provides a hierarchical authentication method to solve the problems of user permission control and user revocation caused by no registration center. The security of our scheme is formally proved under the random oracle model. According to our analysis, our scheme is resistant to attacks such as impersonation attacks and man-in-the-middle attacks. In addition, our performance analysis shows that the proposed scheme has less computation overhead.

scholarly journals BBAAS: Blockchain-Based Anonymous Authentication Scheme for Providing Secure Communication in VANETs

2021 ◽  
Vol 2021 ◽  
pp. 1-11
Author(s):  
Azees Maria ◽  
Vijayakumar Pandi ◽  
Jeatha Deborah Lazarus ◽  
Marimuthu Karuppiah ◽  
Mary Subaja Christo
Keyword(s):  
Secure Communication ◽  
Vehicular Ad Hoc Networks ◽  
Computational Cost ◽  
Authentication Scheme ◽  
Security Attacks ◽  
Authentication Code ◽  
Coverage Area ◽  
Anonymous Authentication ◽  
Blockchain Technology ◽  
Authentication Schemes

Smart driving has become conceivable due to the rapid growth of vehicular ad hoc networks. VANETs are considered as the main platform for providing safety road information and instant vehicle communication. Nevertheless, due to the open wireless nature of communication channels, VANET is susceptible to security attacks by malicious users. For this reason, secure anonymous authentication schemes are essential in VANETs. However, when vehicles reach a new roadside unit (RSU) coverage area, the vehicles need to perform reauthentication with the current RSU, which significantly diminishes the efficiency of the entire VANET. Therefore, the introduction of blockchain technology has created opportunities for VANETs to resolve the aforementioned challenges. Due to the decentralized nature of blockchain technology, rapid reauthentication of vehicles is achieved in this paper through secure authentication code transfer between the consecutive RSUs. The security strength of the proposed blockchain-based anonymous authentication scheme against various harmful security attacks is proven in the security analysis section to ensure that it provides better security. In addition, blockchain, as presented in the performance analysis section, is used to substantially diminish the computational cost compared to conventional authentication schemes.

scholarly journals A Private Quantum Bit String Commitment

Entropy ◽  
2020 ◽  
Vol 22 (3) ◽  
pp. 272 ◽  
Author(s):  
Mariana Gama ◽  
Paulo Mateus ◽  
André Souto
Keyword(s):  
Random Oracle Model ◽  
Random Oracle ◽  
Additional Property ◽  
Physical Unclonable Functions ◽  
Quantum Bit ◽  
Random Oracles ◽  
Man In The Middle

We propose an entanglement-based quantum bit string commitment protocol whose composability is proven in the random oracle model. This protocol has the additional property of preserving the privacy of the committed message. Even though this property is not resilient against man-in-the-middle attacks, this threat can be circumvented by considering that the parties communicate through an authenticated channel. The protocol remains secure and private (but not composable) if we realize the random oracles as physical unclonable functions (PUFs) in the so-called bad PUF model.

scholarly journals An Efficient Chaotic Map-Based Authentication Scheme with Mutual Anonymity

2016 ◽  
Vol 2016 ◽  
pp. 1-10
Author(s):  
Yousheng Zhou ◽  
Junfeng Zhou ◽  
Feng Wang ◽  
Feng Guo
Keyword(s):  
Key Management ◽  
Chaotic Map ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Authentication Scheme ◽  
Session Key ◽  
The Real ◽  
Shared Key

A chaotic map-based mutual authentication scheme with strong anonymity is proposed in this paper, in which the real identity of the user is encrypted with a shared key between the user and the trusted server. Only the trusted server can determine the real identity of a user during the authentication, and any other entities including other users of the system get nothing about the user’s real identity. In addition, the shared key of encryption can be easily computed by the user and trusted server using the Chebyshev map without additional burdensome key management. Once the partnered two users are authenticated by the trusted server, they can easily proceed with the agreement of the session key. Formal security analysis demonstrates that the proposed scheme is secure under the random oracle model.

scholarly journals Cryptanalysis of a Certificateless Aggregate Signature Scheme for Healthcare Wireless Sensor Network

2019 ◽  
Vol 2019 ◽  
pp. 1-5 ◽  
Author(s):  
Yu Zhan ◽  
Baocang Wang
Keyword(s):  
Wireless Sensor Network ◽  
Sensor Network ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Wireless Sensor ◽  
Signature Scheme ◽  
Private Key ◽  
Aggregate Signature ◽  
Target User ◽  
Aggregate Signatures

Certificateless aggregate signatures aggregate n signatures from n different users into one signature. Therefore, a verifier can judge whether all signatures are valid by verifying once. With this advantage, certificateless aggregate signatures are widely used in the environment of limited computing resources. Recently, a novel certificateless aggregate signature scheme was proposed by Kumar et al. This scheme’s security was claimed to be secure against two types of attackers under the random oracle model. In this paper, we indicate that their scheme is unable to achieve this security goal. We show an attack algorithm that the second type of attacker could forge a valid signature under an identity without the private key of the target user. Moreover, we demonstrate that the second type of attacker could forge a valid aggregate signature.

scholarly journals A lightweight batch anonymous authentication scheme for VANET based on pairing-free

2018 ◽  
Vol 15 (3) ◽  
pp. 549-567 ◽  
Author(s):  
Cheng Song ◽  
Mingyue Zhang ◽  
Zongpu Jia ◽  
Weiping Peng ◽  
Hairu Guo
Keyword(s):  
Ad Hoc ◽  
Random Oracle Model ◽  
Bilinear Pairings ◽  
Random Oracle ◽  
Authentication Scheme ◽  
Type I ◽  
The Public ◽  
Anonymous Authentication ◽  
Security Properties ◽  
Trust Authority

Aimed at improving the security and efficiency of anonymous authentication in vehicular ad hoc network (VANET), a certificateless batch anonymous authentication scheme without bilinear pairings is put forward. By coordinating Trust Authority (TA) and vehicles to generate the public/private key pairs and pseudonyms, the system security is freed from dependency on tamperproof devices. Through comprehensive analyses, this scheme is proved not only to be able to realize such security properties as authentication, anonymity, traceability, unforgeability, forward or backward security, etc., but also able to resist Type I and Type II attacks in the random oracle model. Moreover, this scheme effectively reduces system storage load by means of certificateless authentication, and the authentication efficiency can also be increased by realizing batch authentication based on pairing-free calculation. Accordingly, the scheme is proved to be significant in theory and valuable in application in the Internet of Things or embedded environment with limited resources.

scholarly journals Flexible and Lightweight Access Control for Online Healthcare Social Networks in the Context of the Internet of Things

2017 ◽  
Vol 2017 ◽  
pp. 1-15 ◽  
Author(s):  
Zhen Qin ◽  
Jianfei Sun ◽  
Dajiang Chen ◽  
Hu Xiong
Keyword(s):  
Social Networks ◽  
Internet Of Things ◽  
Access Control ◽  
Random Oracle Model ◽  
Random Oracle ◽  
The Internet ◽  
Attribute Based Encryption ◽  
Control Scheme ◽  
User Revocation ◽  
The Internet Of Things

Online healthcare social networks (OHSNs) play an essential role in sharing information among medical experts and patients who are equipped with similar experiences. To access other patients’ data or experts’ diagnosis anywhere and anytime, it is necessary to integrate the OHSN into the Internet as part of the Internet of Things (IoT). Therefore, it is crucial to design an efficient and versatile access control scheme that can grant and revoke a user to access the OHSN. In this paper, we propose novel attribute-based encryption (ABE) features with user revocation and verifiable decryption outsourcing to control the access privilege of the users. The security of the proposed ABE scheme is given in the well-studied random oracle model. With the proposed ABE scheme, the malicious users can be excluded from the system and the user can offload most of the overhead in the decryption to an untrusted cloud server in a verifiable manner. An access control scheme for the OHSN has been given in the context of the IoT based on the proposed ABE scheme. The simulation demonstrates that our access control mechanism is practical.

Cloud Security in Crypt Database Server Using Fine Grained Access Control

2016 ◽  
Vol 6 (3) ◽  
pp. 915
Author(s):  
Krishna Keerthi Chennam ◽  
M. Akka Lakshmi
Keyword(s):  
Access Control ◽  
Information Sharing ◽  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Group Model ◽  
Collusion Resistance ◽  
Fine Grained ◽  
User Revocation ◽  
Cloud Servers

Information sharing in the cloud, powered by good patterns in cloud technology, is rising as a guaranteeing procedure for permitting users to advantageously access information. However, the growing number of enterprises and customers who stores their information in cloud servers is progressively challenging users’ privacy and the security of information. This paper concentrates on providing a dependable and secure cloud information sharing services that permits users dynamic access to their information. In order to achieve this, propose an effective, adaptable and flexible privacy preserving information policy with semantic security, by using Cipher text Policy Element Based Encryption (CP-EBE) consolidated with Character Based Encryption (CBE) systems. To ensure strong information sharing security, the policy succeeds in protecting the privacy of cloud users and supports efficient and secure dynamic operations, but not constrained to, file creation, user revocation. Security analysis demonstrates that the proposed policy is secure under the generic bi- linear group model in the random oracle model and enforces fine-grained access control, full collusion resistance and retrogressive secrecy. Furthermore, performance analysis and experimental results demonstrate that the overheads are as light as possible.<br /><br />

scholarly journals Cloud Security in Crypt Database Server Using Fine Grained Access Control

2016 ◽  
Vol 6 (3) ◽  
pp. 915
Author(s):  
Krishna Keerthi Chennam ◽  
M. Akka Lakshmi
Keyword(s):  
Access Control ◽  
Information Sharing ◽  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Group Model ◽  
Collusion Resistance ◽  
Fine Grained ◽  
User Revocation ◽  
Cloud Servers

Information sharing in the cloud, powered by good patterns in cloud technology, is rising as a guaranteeing procedure for permitting users to advantageously access information. However, the growing number of enterprises and customers who stores their information in cloud servers is progressively challenging users’ privacy and the security of information. This paper concentrates on providing a dependable and secure cloud information sharing services that permits users dynamic access to their information. In order to achieve this, propose an effective, adaptable and flexible privacy preserving information policy with semantic security, by using Cipher text Policy Element Based Encryption (CP-EBE) consolidated with Character Based Encryption (CBE) systems. To ensure strong information sharing security, the policy succeeds in protecting the privacy of cloud users and supports efficient and secure dynamic operations, but not constrained to, file creation, user revocation. Security analysis demonstrates that the proposed policy is secure under the generic bi- linear group model in the random oracle model and enforces fine-grained access control, full collusion resistance and retrogressive secrecy. Furthermore, performance analysis and experimental results demonstrate that the overheads are as light as possible.<br /><br />

scholarly journals A Lightweight Three-Factor Authentication Scheme for WHSN Architecture

Sensors ◽  
2020 ◽  
Vol 20 (23) ◽  
pp. 6860
Author(s):  
Abdullah M. Almuhaideb ◽  
Kawther S. Alqudaihi
Keyword(s):  
Formal Analysis ◽  
Authentication Scheme ◽  
Blockchain Technology ◽  
Security Models ◽  
Secure Data Transmission ◽  
Perfect Forward Secrecy ◽  
User Revocation ◽  
Guessing Attack ◽  
Session Hijacking ◽  
Three Factor

Wireless Healthcare Sensor Network (WHSN) is a benchmarking technology deployed to levitate the quality of lives for the patients and doctors. WHSN systems must fit IEEE 802.15.6 standard for specific application criteria, unlike some standard criteria that are difficult to meet. Therefore, many security models were suggested to enhance the security of the WHSN and promote system performance. Yu and Park proposed a three-factor authentication scheme based on the smart card, biometric, and password, and their scheme can be easily employed in three-tier WHSN architecture. Furthermore, they claimed that their scheme can withstand guessing attack and provide anonymity, although, after cryptanalysis, we found that their scheme lacks both. Accordingly, we suggested a three-factor authentication scheme with better system confusion due to multiplex parametric features, hash function, and higher key size to increase the security and achieve anonymity for the connected nodes. Moreover, the scheme included initialization, authentication, re-authentication, secure node addition, user revocation, and secure data transmission via blockchain technology. The formal analysis of the scheme was conducted by BAN logic (Burrows Abadi Nadeem) and the simulation was carried out by Tamarin prover to validate that the proposed scheme is resistant to replay, session hijacking, and guessing attacks, plus it provides anonymity, perfect forward secrecy, and authentication along with the key agreement.

Sign in / Sign up

Export Citation Format

Share Document