scholarly journals A secure e-mail protocol using ID-based FNS multicast mechanism

2014 ◽  
Vol 11 (3) ◽  
pp. 1091-1112 ◽  
Author(s):  
Hsing-Chung Chen ◽  
Cheng-Ying Yang ◽  
Hui-Kai Su ◽  
Ching-Chuan Wei ◽  
Chao-Ching Lee
Keyword(s):  
Key Management ◽  
Communication Systems ◽  
Electronic Mail ◽  
Impersonation Attack ◽  
Replay Attack ◽  
Forgery Attack ◽  
Secure Multicast ◽  
Insider Attack ◽  
Delivery Mechanism ◽  
E Mail

Electronic mail (e-mail) has been used to transfer various types of electronic data in Internet. Usually, a user has to send an e-mail to a specific group of users with a secure delivery mechanism. In this paper, a novel and feasible e-mail delivery mechanism using the secure multicast protocol with an ID-based factorial number structure (FNS) is proposed in the multicast system. In the proposed e-mail delivery mechanism, the e-mail is required to be encrypted before sending out in order to safeguard the message via a public channel, such as wire public switching communication links and wireless communication systems. Without loss generality, the public-key system is adopted in the proposed secure multicast system for a convenient and easy key management. The proposed scheme outperforms the existing methods for more easily to construct secure e-mail system. Furthermore, the security of the proposed scheme is analyzed, including replay attack, sender impersonation attack, unknown key-share attack, forgery attack and insider attack. Finally, the computation complexities of the proposed mechanism are discussed. The result shows that the proposed scheme outperforms the CRT-based secure e-mail scheme.

scholarly journals New Secure and Practical E-Mail Protocol with Perfect Forward Secrecy

Symmetry ◽  
2021 ◽  
Vol 13 (7) ◽  
pp. 1144
Author(s):  
Chien-Ding Lee ◽  
Tzung-Her Chen
Keyword(s):  
Key Management ◽  
Electronic Mail ◽  
Mutual Authentication ◽  
Computational Cost ◽  
The Internet ◽  
Security Level ◽  
Secret Key ◽  
Forward Secrecy ◽  
Perfect Forward Secrecy ◽  
E Mail

The invention of electronic mail (e-mail) has made communication through the Internet easier than before. However, because the fundamental functions of the Internet are built on opensource technologies, it is critical to keep all transmitted e-mail secure and secret. Most current e-mail protocols only allow recipients to check their e-mail after the recipients are authenticated by the e-mail server. Unfortunately, the subsequent e-mail transmission from the server to the recipient remains unprotected in the clear form without encryption. Sometimes, this is not allowed, especially in consideration of issues such as confidentiality and integrity. In this paper, we propose a secure and practical e-mail protocol with perfect forward secrecy, as well as a high security level, in which the session keys used to encrypt the last e-mail will not be disclosed even if the long-term secret key is compromised for any possible reason. Thus, the proposed scheme benefits from the following advantages: (1) providing mutual authentication to remove the threat of not only impersonation attacks, but also spam; (2) guaranteeing confidentiality and integrity while providing the service of perfect forward secrecy; (3) simplifying key management by avoiding the expense of public key infrastructure involvement; and (4) achieving lower computational cost while meeting security criteria compared to the related works. The security analysis and the discussion demonstrate that the proposed scheme works well.

Security Weaknesses and Improvements of a Remote User Authentication Scheme Preserving User Anonymity

2011 ◽  
Vol 145 ◽  
pp. 184-188
Author(s):  
Young Hwa An
Keyword(s):  
User Authentication ◽  
User Anonymity ◽  
Authentication Scheme ◽  
Impersonation Attack ◽  
Replay Attack ◽  
Password Guessing Attack ◽  
Insider Attack ◽  
Man In The Middle ◽  
User Authentication Scheme ◽  
Guessing Attack

In 2008, Bindu et al. proposed an improvement to Chien et al.'s remote password authentication scheme preserving user anonymity, and has asserted that the scheme is secure against replay attack, guessing attack, insider attack and man-in-the-middle attack, etc. However, in this paper, we have shown that Bindu et al.'s scheme is still insecure against man-in-the-middle attack and password guessing attack, and does not provide user anonymity. Also, we propose an improved scheme to withstand these weaknesses, while preserving their merits, even if the secret information stored in the smart card is revealed. As a result of analysis, the proposed scheme is secure against user impersonation attack, server masquerading attack, password guessing attack and does provide user anonymity. And we can see that the proposed scheme is relatively more effective than Bindu et al.'s scheme.

scholarly journals A novel multi-stage distributed authentication scheme for smart meter communication

2021 ◽  
Vol 7 ◽  
pp. e643
Author(s):  
Manjunath Hegde ◽  
Adnan Anwar ◽  
Karunakar Kotegar ◽  
Zubair Baig ◽  
Robin Doss
Keyword(s):  
Building Blocks ◽  
Energy System ◽  
Critical Energy ◽  
Data Availability ◽  
Impersonation Attack ◽  
Smart Meter ◽  
Smart Meters ◽  
Replay Attack ◽  
Insider Attack ◽  
Multi Stage

Smart meters have ensured effective end-user energy consumption data management and helping the power companies towards network operation efficiency. However, recent studies highlighted that cyber adversaries may launch attacks on smart meters that can cause data availability, integrity, and confidentiality issues both at the consumer side or at a network operator’s end. Therefore, research on smart meter data security has been attributed as one of the top priorities to ensure the safety and reliability of the critical energy system infrastructure. Authentication is one of the basic building blocks of any secure system. Numerous authentication schemes have been proposed for the smart grid, but most of these methods are applicable for two party communication. In this article, we propose a distributed, dynamic multistage authenticated key agreement scheme for smart meter communication. The proposed scheme provides secure authentication between smart meter, NAN gateway, and SCADA energy center in a distributed manner. Through rigorous cryptanalysis we have proved that the proposed scheme resist replay attack, insider attack, impersonation attack and man-in-the-middle attack. Also, it provides perfect forward secrecy, device anonymity and data confidentiality. The proposed scheme security is formally proved in the CK—model and, using BAN logic, it is proved that the scheme creates a secure session between the communication participants. The proposed scheme is simulated using the AVISPA tool and verified the safety against all active attacks. Further, efficiency analysis of the scheme has been made by considering its computation, communication, and functional costs. The computed results are compared with other related schemes. From these analysis results, it is proved that the proposed scheme is robust and secure when compared to other schemes.

Security Analysis of Wireless Authentication Protocols

2019 ◽  
Vol 9 (2) ◽  
pp. 247-252 ◽  
Author(s):  
Ashish Joshi ◽  
Amar Kumar Mohapatra
Keyword(s):  
Execution Time ◽  
Communication Systems ◽  
Security Analysis ◽  
Cryptographic Protocols ◽  
Command Line ◽  
Time Analysis ◽  
Authentication Protocols ◽  
Replay Attack ◽  
Peer Communication ◽  
Digital Communication Systems

Background & Objective: Cryptographic protocols had been evident method for ensuring con dentiality, Integrity and authentication in various digital communication systems. However the validation and analysis of such cryptographic protocols was limited to usage of formal mathematical models until few years back. Methods: In this paper, various popular cryptographic protocols have been studied. Some of these protocols (PAP, CHAP, and EAP) achieve security goals in peer to peer communication while others (RADIUS, DIAMETER and Kerberos) can work in multiparty environment. These protocols were validated and analysed over two popular security validation and analysis tools AVISPA and Scyther. The protocols were written according to their documentation using the HLPSL and SPDL for analysis over AVISPA and Scyther respectively. The results of these tools were analysed to nd the possible attack an each protocol. Afterwards The execution time analysis of the protocols were done by repeating the experiment for multiple iterations over the command line versions of these tools.As the literature review suggested, this research also validates that using password based protocols (PAP) is faster in terms of execution time as compared to other methods, Usage of nonces tackles the replay attack and DIAMETER is secure than RADIUS. Results and Conclusion: The results also showed us that DIAMETER is faster than RADIUS. Though Kerberos protocol was found to safe, the results tell us that it is compromisable under particular circumstances.

scholarly journals Didi Bima 165100122

2019 ◽  
Author(s):  
Didi Bima Yudha
Keyword(s):  
Electronic Commerce ◽  
Customer Service ◽  
Computer Technology ◽  
Electronic Mail ◽  
Personal Digital Assistant ◽  
Advanced Technology ◽  
Business Interests ◽  
Business Partners ◽  
Networking Technologies ◽  
E Mail

Electronic Commerce (e-commerce) is the process of buying, selling orexchanging products, services and information via computer networks. e- commerce is part of the e-business, where the scope of e-business more broadly, not just commercial but also include business partners, customer service, job vacancies. In addition to networking technologies www, e-commerce technology also requires a database or a database (database), e-mail or electronic mail (e- mail), and the form of non-computer technology as well as other delivery systems, and means of payment for e -Commerce. Given the electronic commerce (e- commerce) is then the customer can access and perform orders from various places. Given the current era of advanced technology is the customer who wants to access e-commerce does not have to be somewhere, it is because in the big cities in Indonesia have a lot of places that provide an internet access facility using only the laptop / notebook or by Personal Digital Assistant (PDA) using wifi technology. Thus the time is now very necessary and desirable companies to implement e-commerceservices. The use of e-commerce in Indonesia is still very limited. From the background that there is then the author will discuss how e- commerce pemanfaaatan in their business interests.

Electronic mail-E-mail at work

IEEE Spectrum ◽  
1992 ◽  
Vol 29 (10) ◽  
pp. 24-28 ◽  
Author(s):  
T.S. Perry
Keyword(s):  
Electronic Mail ◽  
E Mail

Electronic Mail Security

2011 ◽  
pp. 147-160 ◽  
Author(s):  
Edwin I. Achugbue
Keyword(s):  
Electronic Mail ◽  
The Internet ◽  
Security Threat ◽  
The Future ◽  
History Of ◽  
The Individual ◽  
Mail Address ◽  
E Mail

The chapter focuses on the history of the internet system of e-mail; e-mail security; threat to e-mail security, usefulness of e-mail address and country codes, how e-mails can be secured by the individual and electronic mail policy. The future of e-mail security is also described.

Future of Small Business E-Commerce

2011 ◽  
pp. 2159-2163 ◽  
Author(s):  
Simpson Poon
Keyword(s):  
Small Business ◽  
Small Businesses ◽  
Electronic Mail ◽  
The Internet ◽  
File Transfer Protocol ◽  
File Transfer ◽  
Research Findings ◽  
Use Of The Internet ◽  
In The Beginning ◽  
E Mail

The use of the Internet for business purposes among small businesses started quite early in the e-commerce evolution. In the beginning, innovative and entrepreneurial owners of small businesses attempted to use rudimentary Internet tools such as electronic mail (e-mail) and file transfer protocol (FTP) to exchange messages and documents. While primitive, it fulfilled much of the business needs at the time. Even to date, e-mail and document exchange, according to some of the latest research findings, are still the most commonly used tools despite the fact that tools themselves have become more sophisticated.

Sign in / Sign up

Export Citation Format

Share Document