Security analysis and improvement of a mutual authentication scheme under trusted computing

2015 ◽  
Vol 18 (1/2) ◽  
pp. 37 ◽  
Author(s):  
Fahad T. Bin Muhaya
Keyword(s):  
Trusted Computing ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Authentication Scheme

scholarly journals An Efficient Chaotic Map-Based Authentication Scheme with Mutual Anonymity

2016 ◽  
Vol 2016 ◽  
pp. 1-10
Author(s):  
Yousheng Zhou ◽  
Junfeng Zhou ◽  
Feng Wang ◽  
Feng Guo
Keyword(s):  
Key Management ◽  
Chaotic Map ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Authentication Scheme ◽  
Session Key ◽  
The Real ◽  
Shared Key

A chaotic map-based mutual authentication scheme with strong anonymity is proposed in this paper, in which the real identity of the user is encrypted with a shared key between the user and the trusted server. Only the trusted server can determine the real identity of a user during the authentication, and any other entities including other users of the system get nothing about the user’s real identity. In addition, the shared key of encryption can be easily computed by the user and trusted server using the Chebyshev map without additional burdensome key management. Once the partnered two users are authenticated by the trusted server, they can easily proceed with the agreement of the session key. Formal security analysis demonstrates that the proposed scheme is secure under the random oracle model.

An Enhanced Authentication Scheme for Internet of Things Based E-Healthcare System

2020 ◽  
Vol 17 (1) ◽  
pp. 246-253 ◽  
Author(s):  
Ravi Raushan Kumar Chaudhary ◽  
Ashish Singh ◽  
Kakali Chatterjee
Keyword(s):  
Mutual Authentication ◽  
Security Analysis ◽  
Authentication Scheme ◽  
Key Generation ◽  
Key Exchange Protocol ◽  
Session Key ◽  
Diffie Hellman ◽  
Healthcare Monitoring ◽  
Diffie Hellman Key Exchange ◽  
Mutual Authentication Protocol

Security is a major challenge in modern IoT based healthcare monitoring systems. It provides many benefits such as critical patient monitoring, remote diagnosis at anytime, anywhere. Hence, security of this data is essential when the healthcare professionals access it. Also, while storing the patients record; it must be kept safe from misuse and modification of data as other devices can easily track it. To prevent this type of threats, we have proposed a mutual authentication protocol to enhance health care security and to resist vulnerable attacks. The proposed scheme used Challenge response protocol for the authentication purpose and the Diffie-Hellman key exchange protocol is used for generation of the session key generation. The security analysis of the proposed scheme shows that the scheme is more secure and resist all the major attacks as compared to other schemes. The Formal verification of this schema also ensures that it resists most probable attacks in this system. The result of the proposed authentication scheme shows that it has low computational and communicational load.

scholarly journals Password authentication scheme based on smart card and QR code

2021 ◽  
Vol 23 (1) ◽  
pp. 140
Author(s):  
Mushtaq Hasson ◽  
Ali A. Yassin ◽  
Abdulla J. Yassin ◽  
Abdullah Mohammed Rashid ◽  
Aqeel A. Yaseen ◽  
...  
Keyword(s):  
Smart Card ◽  
Key Management ◽  
Service Providers ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Cloud Service ◽  
Cloud Services ◽  
Authentication Scheme ◽  
Qr Code ◽  
Practical Applications

As a hopeful computing paradigm, cloud services are obtainable to end users based on pay-as-you-go service. Security is represented one of the vital issues for the extended adoption of cloud computing, with the object of accessing several cloud service providers, applications, and services by using anonymity features to authenticate the user. We present a good authentication scheme based on quick response (QR) code and smart card. Furthermore, our proposed scheme has several crucial merits such as key management, mutual authentication, one-time password, user anonymity, freely chosen password, secure password changes, and revocation by using QR code. The security of proposed scheme depends on crypto-hash function, QR-code validation, and smart card. Moreover, we view that our proposed scheme can resist numerous malicious attacks and are more appropriate for practical applications than other previous works. The proposed scheme has proved as a strong mutual authentication based on burrows-abadi-needham (BAN) logic and security analysis. Furthermore, our proposed scheme has good results compared with related work.

scholarly journals Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards

2012 ◽  
Vol 2012 ◽  
pp. 1-6 ◽  
Author(s):  
Younghwa An
Keyword(s):  
User Authentication ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Smart Cards ◽  
Authentication Scheme ◽  
Impersonation Attack ◽  
Insider Attack ◽  
Remote User Authentication ◽  
User Authentication Scheme ◽  
Remote User

Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das’s authentication scheme, and we have shown that Das’s authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das’s authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

scholarly journals A Time-Bound Ticket-Based Mutual Authentication Scheme for Cloud Computing

2011 ◽  
Vol 6 (2) ◽  
pp. 227 ◽  
Author(s):  
Zhuo Hao ◽  
Sheng Zhong ◽  
Nenghai Yu
Keyword(s):  
Cloud Computing ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Data Integrity ◽  
Authentication Scheme ◽  
Replay Attack ◽  
Good Efficiency ◽  
Password Guessing Attack ◽  
Integrity Checking ◽  
Guessing Attack

<p>Cloud computing is becoming popular quickly. In cloud computing, people store their important data in the cloud, which makes it important to ensure the data integrity and availability. Remote data integrity checking enables the client to perform data integrity verification without access to the complete file. This service brings convenience to clients, but degrades the server’s performance severely. Proper schemes must be designed to reduce the performance degradation.<br /> In this paper, a time-bound ticket-based mutual authentication scheme is proposed for solving this problem. The proposed authentication scheme achieves mutual authentication between the server and the client. The use of timebound tickets reduces the server’s processing overhead efficiently. The correspondence relationship between the digital ticket and the client’s smart card prevents user masquerade attack effectively. By security analysis, we show that the proposed scheme is resistant to masquerade attack, replay attack and password guessing attack. By performance analysis, we show that the proposed scheme has good efficiency. The proposed scheme is very suitable for cloud computing.</p>

scholarly journals A Novel Authentication Scheme for Multi-Server Environment of Industrial Internet

CONVERTER ◽  
2021 ◽  
pp. 718-729
Author(s):  
Yu Zhang, Guangmin Sun
Keyword(s):  
Mutual Authentication ◽  
Security Analysis ◽  
Performance Comparison ◽  
Authentication Scheme ◽  
Session Key ◽  
Industrial Internet ◽  
The Face ◽  
And Performance ◽  
Value Decomposition ◽  
Multi Server

Aiming at the security problems of authentication in multi-server environments, a novel three-factor authentication scheme for multi-server environments of industrial Internet is proposed. After verifying password and face, a temporary session key is established for the user and server. Then the user obtains the permission of application services and accessing resources. In process of verifying password, hash function is used to hide password. The method of verifying face is the face recognition based on singular value decomposition. During the key agreement phase, only four dot multiplication operations based on elliptic curve cryptography is used to realize one-time key for cryptograph transmission and mutual authentication. Through security analysis and performance comparison, the proposed scheme has stronger robustness, higher security, better convenience and less computation cost than other similar schemes, and has high application value for multi-server environments of industrial Internet.

GROUP AUTHENTICATION SCHEME BASED ON ZERO-KNOWLEDGE PROOF

2021 ◽  
pp. 68-84
Author(s):  
E. A. Shliakhtina ◽  
◽  
D. Y. Gamayunov ◽  
Keyword(s):  
Mutual Authentication ◽  
Security Analysis ◽  
Authentication Scheme ◽  
Third Party ◽  
Convergence Time ◽  
Group Signature ◽  
Sybil Attack ◽  
Zero Knowledge ◽  
User Groups ◽  
Zero Knowledge Proof

In this paper, we address the problem of mutual authentication in user groups in decentralized messaging systems without trusted third party. We propose a mutual authentication algorithm for groups using zero-knowledge proof. Using the algorithm, which is based on trust chains existing in decentralized network, users are able to authenticate each other without establishing a shared secret over side channel. The proposed algorithm is based on Democratic Group Signature protocol (DGS) and Communication-Computation Efficient Group Key algorithm for large and dynamic groups (CCEGK). We have performed security analysis of the proposed mutual authentication scheme against several attacks including Sybil attack and have made complexity estimation for the algorithm. The algorithm is implemented in an experimental P2P group messaging application, and using this implementation we estimate overhead of the authentication scheme and convergence time for several initial configurations of user groups and trust chains.

scholarly journals Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services

2014 ◽  
Vol 2014 ◽  
pp. 1-8 ◽  
Author(s):  
Youngsook Lee ◽  
Juryon Paik
Keyword(s):  
Mutual Authentication ◽  
Security Analysis ◽  
Mobile User ◽  
Authentication Scheme ◽  
Third Party ◽  
Dictionary Attack ◽  
Session Key ◽  
Foreign Agent ◽  
Anonymous Authentication ◽  
Man In The Middle

An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.’s scheme can be addressed without degrading the efficiency of the scheme.

C-MAS: The Cloud Mutual Authentication Scheme

2013 ◽  
Vol 756-759 ◽  
pp. 3209-3214
Author(s):  
Zhen Peng Liu ◽  
Feng Long Wu ◽  
Kai Yu Shang ◽  
Wen Lei Chai
Keyword(s):  
Cloud Computing ◽  
Trusted Computing ◽  
Mutual Authentication ◽  
Computing Time ◽  
Cloud Service ◽  
Authentication Scheme ◽  
Session Key ◽  
Service Platform ◽  
Cloud Computing Environment ◽  
Cloud Computing Service

A cloud mutual authentication scheme (C-MAS) is proposed to solve the problem of authentication between user and cloud computing server. Trusted computing technology and traditional smart card methods are used in cloud computing service platform. The scheme completes the authentication of both sides in cloud computing, generates the session key according consulting, at the same time, verifies the credibility of cloud service platform. Analysis shows that our scheme can resist various kinds of possible attacks, so it is therefore more secure than other schemes. And the computing time meet the requirements of cloud computing environment.

Sign in / Sign up

Export Citation Format

Share Document