scholarly journals Efficient and Provably Secure Key Agreement for Modern Smart Metering Communications

Energies ◽  
2018 ◽  
Vol 11 (10) ◽  
pp. 2662 ◽  
Author(s):  
An Braeken ◽  
Pardeep Kumar ◽  
Andrew Martin
Keyword(s):  
Smart Grid ◽  
Key Agreement ◽  
Denial Of Service ◽  
Mutual Authentication ◽  
Third Party ◽  
Security Model ◽  
Smart Metering ◽  
Session Key ◽  
Area Of Interest ◽  
Provably Secure

Security in modern smart metering communications and in smart grid networks has been an area of interest recently. In this field, identity-based mutual authentication including credential privacy without active involvement of a trusted third party is an important building block for smart grid technology. Recently, several schemes have been proposed for the smart grid with various security features (e.g., mutual authentication and key agreement). Moreover, these schemes are said to offer session key security under the widely accepted Canetti-Krawczyk (CK) security model. Instead, we argue that all of them are still vulnerable under the CK model. To remedy the problem, we present a new provably secure key agreement model for smart metering communications. The proposed model preserves the security features and provides more resistance against a denial of service attack. Moreover, our scheme is pairing-free, resulting in highly efficient computational and communication efforts.

scholarly journals A Provably Secure Biometrics-Based Authentication Scheme for Multiserver Environment

2019 ◽  
Vol 2019 ◽  
pp. 1-15 ◽  
Author(s):  
Feifei Wang ◽  
Guoai Xu ◽  
Chenyu Wang ◽  
Junhao Peng
Keyword(s):  
High Efficiency ◽  
Rapid Development ◽  
Denial Of Service ◽  
Mutual Authentication ◽  
Mobile Services ◽  
Authentication Scheme ◽  
Impersonation Attack ◽  
Careful Examination ◽  
Session Key ◽  
Provably Secure

With the rapid development of mobile services, multiserver authentication protocol with its high efficiency has emerged as an indispensable security mechanism for mobile services. Recently, Ali et al. introduced a biometric-based multiserver authentication scheme and claimed the scheme is resistant to various attacks. However, after a careful examination, we find that Ali et al.’s scheme is vulnerable to various security attacks, such as user impersonation attack, server impersonation attack, privileged insider attack, denial of service attack, fails to provide forward secrecy and three-factor secrecy. To overcome these weaknesses, we propose an improved biometric-based multiserver authentication scheme using elliptic curve cryptosystem. Formal security analysis under the random oracle model proves that our scheme is provably secure. Furthermore, BAN (Burrows-Abadi-Needham) logic analysis demonstrates our scheme achieves mutual authentication and session key agreement. In addition, the informal analysis proves that our scheme is secure against all current known attacks and achieves desirable features. Besides, the performance and security comparison shows that our scheme is superior to related schemes.

A Lightweight and Provably Secure Key Agreement System for a Smart Grid With Elliptic Curve Cryptography

2019 ◽  
Vol 13 (3) ◽  
pp. 2830-2838 ◽  
Author(s):  
Fan Wu ◽  
Lili Xu ◽  
Xiong Li ◽  
Saru Kumari ◽  
Marimuthu Karuppiah ◽  
...  
Keyword(s):  
Smart Grid ◽  
Elliptic Curve ◽  
Elliptic Curve Cryptography ◽  
Key Agreement ◽  
Provably Secure

scholarly journals Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

2014 ◽  
Vol 2014 ◽  
pp. 1-15 ◽  
Author(s):  
Younsung Choi ◽  
Junghyun Nam ◽  
Donghoon Lee ◽  
Jiye Kim ◽  
Jaewook Jung ◽  
...  
Keyword(s):  
Key Agreement ◽  
User Authentication ◽  
Mutual Authentication ◽  
Smart Cards ◽  
Security Requirements ◽  
Impersonation Attack ◽  
Single Server ◽  
Authenticated Key Agreement ◽  
Session Key ◽  
Authentication Schemes

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

scholarly journals A lightweight authentication and key agreement scheme for smart grid

2017 ◽  
Vol 13 (2) ◽  
pp. 155014771769417 ◽  
Author(s):  
Lili Yan ◽  
Yan Chang ◽  
Shibin Zhang
Keyword(s):  
Smart Grid ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Special Importance ◽  
Advanced Metering Infrastructure ◽  
Electrical Grid ◽  
Authentication And Key Agreement ◽  
And Performance ◽  
Advanced Metering ◽  
Lightweight Authentication

Smart grid is a modernized electrical grid. It is used to collect information about behaviors of suppliers and consumers and improve the efficiency, reliability, and economics of electricity. Recently, advanced metering infrastructure is proposed as a critical part of the smart grid. The security of advanced metering infrastructure is special importance for smart grid. In order to achieve data confidentiality, privacy, and authentication in advanced metering infrastructure, a lightweight authentication and key agreement scheme is proposed in this article. The scheme provides mutual authentication, key agreement, key refreshment, and multicast mechanism which can prevent various attacks. Furthermore, we analyze the security and performance of the scheme. The analysis shows that the proposed scheme is suitable for smart grid.

scholarly journals An Enhanced Lightweight Dynamic Pseudonym Identity Based Authentication and Key Agreement Scheme Using Wireless Sensor Networks for Agriculture Monitoring

Sensors ◽  
2019 ◽  
Vol 19 (5) ◽  
pp. 1146 ◽  
Author(s):  
Meriske Chen ◽  
Tian-Fu Lee ◽  
Jiann-I Pan
Keyword(s):  
Key Agreement ◽  
Raw Materials ◽  
Denial Of Service ◽  
Modern Technology ◽  
User Privacy ◽  
Session Key ◽  
Authentication And Key Agreement ◽  
Monitoring Process ◽  
Perfect Forward Secrecy ◽  
Enhance Efficiency

Agriculture plays an important role for many countries. It provides raw materials for foodand provides large employment opportunities for people in the country, especially for countrieswith a dense population. To enhance agriculture productivity, modern technology such as wirelesssensor networks (WSNs) can be utilized to help in monitoring important parameters in thwagricultural field such as temperature, light, soil moisture, etc. During the monitoring process, ifsecurity compromises happen, such as interception or modification of the parameters, it may leadto false decisions and bring damage to agriculture productivity. Therefore, it is very important todevelop secure authentication and key agreement for the system. Recently, Ali et al. proposed anauthentication and key agreement scheme using WSNs for agriculture monitoring. However, it failsto provide user untraceability, user anonymity, and session key security; it suffers from sensor nodeimpersonation attack and perfect forward secrecy attack; and even worse has denial of service as aservice. This study discusses these limitations and proposes a new secure and more efficientauthentication and key agreement scheme for agriculture monitoring using WSNs. The proposedscheme utilizes dynamic pseudonym identity to guarantee user privacy and eliminates redundantcomputations to enhance efficiency.

scholarly journals Password Based Client-Server-User Authenticated Key Agreement Mechanism for Cloud System

2019 ◽  
Vol 8 (4) ◽  
pp. 12839-12841
Keyword(s):  
Key Agreement ◽  
Identity Management ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Impersonation Attack ◽  
Session Key ◽  
Replay Attack ◽  
Authentication Mechanism ◽  
Diffie Hellman ◽  
Cloud Server

The authentication is an essential concern in the cloud environment to restrict the unauthorized users to retrieve the files from cloud server. Moreover, authentication mechanisms are used to prevent illegal access of resources over insecure channel. Thus proposed work provides the strong and efficient authentication process in cloud computing environment by chebyshev polynomial based chaotic maps Diffie Hellman property. The proposed authentication mechanism does not disclose the identity of the user to CSP. Moreover proposed authentication mechanism enables mutual authentication, Identity management, and session-key agreement. The Proposed mechanism of security analysis includes the enabling mutual authentication and key agreement, restricting the impersonation attack, man in the middle attack and replay attack.

A Secure Two-Factor Remote User Authentication and Session Key Agreement Scheme

2016 ◽  
Vol 12 (2) ◽  
pp. 62-79 ◽  
Author(s):  
Preeti Chandrakar ◽  
Hari Om
Keyword(s):  
Key Agreement ◽  
User Authentication ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Session Key ◽  
Key Agreement Protocol ◽  
Remote User Authentication ◽  
Session Key Agreement ◽  
Man In The Middle ◽  
Remote User

In this article, the authors have proposed a secure two-factor remote user authentication and session key agreement protocol. As they have shown in the presented scheme, is precise and secure according to both formal and informal security analysis. For formal security analysis, they have applied BAN (Burrows-Abadi-Needham) logic which certifies that the presented scheme provides the amenity of mutual authentication and session key agreement safely. The informal security verification has shown that the proposed scheme is more vigorous against various sort of cruel threats. Moreover, the authors have simulated the presented scheme using broadly accepted AVISPA tool, whose simulation results make sure that the protocol is not dangerous from active and passive attacks together with replay and man-in-the-middle attacks. In addition, the performance evaluation and the security comparison have revealed that the presented scheme gives strong security as well as better complexity in the context of smart card memory requirement, communication cost and computation cost.

Sign in / Sign up

Export Citation Format

Share Document