SEAI: Secrecy and Efficiency Aware Inter-gNB Handover Authentication and Key Agreement Protocol in 5G Communication Network

2021 ◽  
Author(s):  
Shubham Gupta ◽  
Balu L. Parne ◽  
Narendra S. Chaudhari ◽  
Sandeep Saxena
Keyword(s):  
Key Agreement ◽  
Mutual Authentication ◽  
Base Station ◽  
Security Evaluation ◽  
Communication Overhead ◽  
Session Key ◽  
Handover Authentication ◽  
Authentication And Key Agreement ◽  
Security Proof ◽  
5G Network

Abstract Recently, the Third Generation Partnership Project (3GPP) has initiated to work in the Fifth Generation (5G) network to fulfill the security characteristics of IoT-based services. 3GPP has proposed the 5G handover key structure and framework in a recently published technical report. In this paper, we evaluate the handover authentication methodologies available in the literature and identify the security vulnerabilities such as violation of global base-station, failure of key forward/backward secrecy, de-synchronization attack, and huge network congestion. Also, these protocols suffer from high bandwidth consumption that doesn’t suitable for energy efficient mobile devices in 5G network. To overcome these concerns, we introduce Secrecy and Efficiency Aware Inter-gNB (SEAI) handover Authentication and Key Agreement (AKA) protocol. The formal security proof of the protocol is carried out by random oracle model to achieve the session key secrecy, confidentiality, and integrity. For the protocol correctness and achieve the mutual authentication property, simulation is performed using the AVISPA tool. Also, the informal security evaluation represents that the protocol defeats all the possible attacks and achieves the necessary security properties. Moreover, the performance evaluation of the earlier 5G handover protocols and proposed SEAI protocol is carried out. From the evaluations, the significant results are obtained based on computation, transmission, and communication overhead.

SALMAKA: Secured, Anonymity Preserving and Lightweight Mutual Authentication and Key Agreement Scheme for WBAN

2020 ◽  
Vol 10 ◽  
Author(s):  
Bhawna Narwal ◽  
Amar Kumar Mohapatra
Keyword(s):  
Key Agreement ◽  
Mutual Authentication ◽  
Internet Security ◽  
Communication Process ◽  
Security Evaluation ◽  
Session Key ◽  
Efficient Manner ◽  
Authentication And Key Agreement ◽  
Processing Cost ◽  
And Performance

Background: It is paramount to secure the healthcare system from unauthorized users and security attacks through appropriate security mechanisms as a break in communication process leads to leaked or blurred messages, which is totally unacceptable. Moreover, mutual authentication is a core requirement for privacy protection as it is paramount to control who is accessing the sensed data and whether they are authenticated or not. In addition to this, energy efficiency is a major issue to be dealt with. Objective: After examination of the present related schemes, we proposed a novel Secured, Anonymity Preserving and Lightweight Mutual Authentication and Key Agreement Scheme (SALMAKA) for two-hop WBAN topology; where the scheme mutually authenticates the sensing nodes with the controller node in an anonymous, energy efficient manner and establishes session key securely. Method: To corroborate the accuracy of the proposed scheme, Burrows-Abadi-Needham (BAN) logic and Automated Validation of Internet Security Protocols and Applications (AVISPA) simulator are used. Apart from this, informal security evaluation is also performed in detail. Results: To exhibit the practical application and performance of the proposed scheme, it is compared with the existing related schemes and the results reveal that the proposed scheme reduces energy consumption, processing cost and processing time significantly. Conclusion: A Secured, Anonymity Preserving and Lightweight Mutual Authentication and Key Agreement Scheme (SALMAKA) for two-hop WBAN topology is propounded.

scholarly journals Improved Authenticated Key Agreement Scheme for Fog-Driven IoT Healthcare System

2021 ◽  
Vol 2021 ◽  
pp. 1-16
Author(s):  
Tsu-Yang Wu ◽  
Tao Wang ◽  
Yu-Qi Lee ◽  
Weimin Zheng ◽  
Saru Kumari ◽  
...  
Keyword(s):  
Key Agreement ◽  
Low Cost ◽  
Fog Computing ◽  
Security Analysis ◽  
Transportation Systems ◽  
Security Evaluation ◽  
Medical Systems ◽  
Session Key ◽  
Authentication And Key Agreement ◽  
Secure Authentication

The Internet of things (IoT) has been widely used for various applications including medical and transportation systems, among others. Smart medical systems have become the most effective and practical solutions to provide users with low-cost, noninvasive, and long-term continuous health monitoring. Recently, Jia et al. proposed an authentication and key agreement scheme for smart medical systems based on fog computing and indicated that it is safe and can withstand a variety of known attacks. Nevertheless, we found that it consists of several flaws, including known session-specific temporary information attacks and lack of per-verification. The opponent can readily recover the session key and user identity. In this paper, we propose a secure authentication and key agreement scheme, which compensates for the imperfections of the previously proposed. For a security evaluation of the proposed authentication scheme, informal security analysis and the Burrows–Abadi–Needham (BAN) logic analysis are implemented. In addition, the ProVerif tool is used to normalize the security verification of the scheme. Finally, the performance comparisons with the former schemes show that the proposed scheme is more applicable and secure.

scholarly journals A Secure Anonymous D2D Mutual Authentication and Key Agreement Protocol for IoT Environments

2021 ◽  
Author(s):  
Rahman Hajian ◽  
Abbas Haghighat ◽  
S.Hossein Erfani
Keyword(s):  
Key Agreement ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Third Party ◽  
Security Requirements ◽  
Authentication And Key Agreement ◽  
Key Agreement Protocol ◽  
Security Proof ◽  
Private And Public ◽  
Shared Networks

Abstract Internet of Things (IoT) is a developing technology in our time that is prone to security problems as it uses wireless and shared networks. A challenging scenario in IoT environments is Device-to-Device (D2D) communication that an authentication server as a trusted third-party, does not involve in the authentication and key agreement process. It is only involved in the process of allocating long-term secret keys and their update. A lot of authentication protocols have been suggested for such situations. This article demonstrated that three state-of-the-art related protocols failed to remain anonymous, insecure against key compromise impersonation (KCI) attack, and clogging attack. To counter the pitfalls of them, a new D2D mutual authentication and key agreement protocol is designed here. The proposed protocol is anonymous, untraceable, and highly secure. Moreover, there is no need for a secure channel to generate a pair of private and public keys in the registration phase.) Formal security proof and security analysis using BAN logic, Real-Or-Random (ROR) model, and Scyther tool showed that our proposed protocol satisfied security requirements. Furthermore, communication cost, computation cost, and energy consumption comparisons denoted our schema has better performance, compared to other protocols.

scholarly journals pKAS: A Secure Password-Based Key Agreement Scheme for the Edge Cloud

2021 ◽  
Vol 2021 ◽  
pp. 1-10
Author(s):  
Ping Liu ◽  
Syed Hamad Shirazi ◽  
Wei Liu ◽  
Yong Xie
Keyword(s):  
Network Security ◽  
Data Collection ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Communication Costs ◽  
Authentication And Key Agreement ◽  
Security Proof ◽  
Data Collecting ◽  
Cloud Servers ◽  
Password Based Authentication

For the simplicity and feasibility, password-based authentication and key agreement scheme has gradually become a popular way to protect network security. In order to achieve mutual authentication between users and edge cloud servers during data collection, password-based key agreement scheme has attracted much attention from researchers and users. However, security and simplicity are a contradiction, which is one of the biggest difficulties in designing a password-based key agreement scheme. Aimed to provide secure and efficient key agreement schemes for data collecting in edge cloud, we propose an efficient and secure key agreement in this paper. Our proposed scheme is proved by rigorous security proof, and the proposed scheme can be protected from various attacks. By comparing with other similar password-based key agreement schemes, our proposed scheme has lower computational and communication costs and has higher security.

scholarly journals Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

2014 ◽  
Vol 2014 ◽  
pp. 1-15 ◽  
Author(s):  
Younsung Choi ◽  
Junghyun Nam ◽  
Donghoon Lee ◽  
Jiye Kim ◽  
Jaewook Jung ◽  
...  
Keyword(s):  
Key Agreement ◽  
User Authentication ◽  
Mutual Authentication ◽  
Smart Cards ◽  
Security Requirements ◽  
Impersonation Attack ◽  
Single Server ◽  
Authenticated Key Agreement ◽  
Session Key ◽  
Authentication Schemes

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

scholarly journals A lightweight authentication and key agreement scheme for smart grid

2017 ◽  
Vol 13 (2) ◽  
pp. 155014771769417 ◽  
Author(s):  
Lili Yan ◽  
Yan Chang ◽  
Shibin Zhang
Keyword(s):  
Smart Grid ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Special Importance ◽  
Advanced Metering Infrastructure ◽  
Electrical Grid ◽  
Authentication And Key Agreement ◽  
And Performance ◽  
Advanced Metering ◽  
Lightweight Authentication

Smart grid is a modernized electrical grid. It is used to collect information about behaviors of suppliers and consumers and improve the efficiency, reliability, and economics of electricity. Recently, advanced metering infrastructure is proposed as a critical part of the smart grid. The security of advanced metering infrastructure is special importance for smart grid. In order to achieve data confidentiality, privacy, and authentication in advanced metering infrastructure, a lightweight authentication and key agreement scheme is proposed in this article. The scheme provides mutual authentication, key agreement, key refreshment, and multicast mechanism which can prevent various attacks. Furthermore, we analyze the security and performance of the scheme. The analysis shows that the proposed scheme is suitable for smart grid.

Sign in / Sign up

Export Citation Format

Share Document