Remote Quantum-Safe Authentication of Entities with Physical Unclonable Functions

Physical unclonable functions have been shown to be a useful resource of randomness for implementing various cryptographic tasks including entity authentication. All the related entity authentication protocols that have been discussed in the literature so far, either they are vulnerable to an emulation attack, or they are limited to short distances. Hence, quantum-safe remote entity authentication over large distances remains an open question. In the first part of this work, we discuss the requirements that an entity authentication protocol has to offer, to be useful for remote entity authentication in practice. Subsequently, we propose a protocol, which can operate over large distances, and offers security against both classical and quantum adversaries. The proposed protocol relies on standard techniques, it is fully compatible with the infrastructure of existing and future photonic networks, and it can operate in parallel with other quantum protocols, including QKD protocols.

Download Full-text

A Secure Authentication Infrastructure for Mobile Users

Advances in Security and Payment Methods for Mobile Commerce ◽

10.4018/978-1-59140-345-6.ch004 ◽

2011 ◽

pp. 56-80

Author(s):

Gregor V. Bochmann ◽

Eric Zhen Zhang

Keyword(s):

Electronic Commerce ◽

Authentication Protocol ◽

Security Requirements ◽

Mobile Users ◽

Authentication Protocols ◽

Its Analysis ◽

Trust Relationships ◽

Authentication Schemes ◽

Access Rights ◽

Secure Authentication

The requirements for an authentication infrastructure for electronic commerce are explained by identifying the partners involved in e-commerce transactions and the trust relationships required. Related security requirements are also explained, such as authentication, access rights, payment credentials, anonymity (in certain cases), and privacy and integrity of message exchanges. Then several general authentication schemes and specific protocols are reviewed and their suitability for mobile users is discussed. Finally, an improved authentication protocol is presented which can provide trust relationships for mobile e-commerce users. Its analysis and comparison with other proposed authentication protocols indicate that it is a good candidate for use in the context of mobile e-commerce.

Download Full-text

An Authentication Protocol to Address the Problem of the Trusted 3rd Party Authentication Protocols

Innovative Algorithms and Techniques in Automation, Industrial Electronics and Telecommunications ◽

10.1007/978-1-4020-6266-7_95 ◽

2007 ◽

pp. 523-526 ◽

Cited By ~ 1

Author(s):

Y. Kirsal ◽

O. Gemikonakli

Keyword(s):

Authentication Protocol ◽

Authentication Protocols

Download Full-text

Intercept-Resend Emulation Attacks against a Continuous-Variable Quantum Authentication Protocol with Physical Unclonable Keys

Cryptography ◽

10.3390/cryptography3040025 ◽

2019 ◽

Vol 3 (4) ◽

pp. 25 ◽

Cited By ~ 1

Author(s):

Lukas Fladung ◽

Georgios M. Nikolopoulos ◽

Gernot Alber ◽

Marc Fischlin

Keyword(s):

Coherent States ◽

Continuous Variable ◽

Authentication Protocol ◽

Physical Parameters ◽

Authentication Protocols ◽

Quantum Authentication ◽

Different Types

Optical physical unclonable keys are currently considered to be rather promising candidates for the development of entity authentication protocols, which offer security against both classical and quantum adversaries. In this work, we investigate the robustness of a continuous-variable protocol, which relies on the scattering of coherent states of light from the key, against three different types of intercept–resend emulation attacks. The performance of the protocol is analyzed for a broad range of physical parameters, and our results are compared to existing security bounds.

Download Full-text

A Revised Serverless Authentication Protocol with Forward Security for RFID

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.29-32.2267 ◽

2010 ◽

Vol 29-32 ◽

pp. 2267-2272

Author(s):

Lei He ◽

Yong Gan ◽

Na Na Li ◽

Tao Zhang

Keyword(s):

Computational Complexity ◽

Information Security ◽

Privacy Protection ◽

Authentication Protocol ◽

Forward Security ◽

Authentication Protocols ◽

Rfid System ◽

Security Problem ◽

Lightweight Authentication

Information security problem has become one of the hottest issues in RFID system. More and more researchers begin to study how to provide security protection in the RFID system. In the paper, we mainly research lightweight authentication protocols in RFID system. Firstly, we analyze some protocols. Secondly, we introduce a serverless authentication protocol for RFID system and analyze its security. We find it does not provide forward security. Thirdly, we propose a revised serverless authentication protocol with forward security. It provides two-way authentication and privacy protection, resists tracking and cloning attack as well as the original protocol. Moreover, it provides forward security protection and resists desynchronization attack. For the efficiency, its computational complexity is at the same level with the protocol proposed by Tan et al.

Download Full-text

Security of an RFID Based Authentication Protocol with Bitwise Operations for Supply Chain

10.21203/rs.3.rs-413438/v1 ◽

2021 ◽

Author(s):

Muhammad Arslan Akram ◽

Adnan Noor Mian

Keyword(s):

Supply Chain ◽

Low Cost ◽

Authentication Protocol ◽

Rfid Tags ◽

Authentication Protocols ◽

Physically Unclonable Functions ◽

Lightweight Authentication ◽

Secure Authentication ◽

Bitwise Operations

Abstract Due to the stringent computational capabilities of low-cost RFID tags, several lightweight secure authentication protocols have been proposed for an RFID-based supply chain using bitwise operations. In this paper, we study the vulnerabilities associated with bitwise operations by doing cryptanalysis of a secure lightweight authentication protocol for RFID tags. The bitwise operations like rotation and XOR show that the protocol is vulnerable to tag, reader, and supply chain node impersonation attacks. We find that the major cause of the vulnerability is bitwise operations and suggest using the physically unclonable functions rather than bitwise operations to secure such lightweight protocols.

Download Full-text

SLEC: A Novel Serverless RFID Authentication Protocol Based on Elliptic Curve Cryptography

Electronics ◽

10.3390/electronics8101166 ◽

2019 ◽

Vol 8 (10) ◽

pp. 1166

Author(s):

Rania Baashirah ◽

Abdelshakour Abuzneid

Keyword(s):

Elliptic Curve ◽

Radio Frequency Identification ◽

Elliptic Curve Cryptography ◽

Secure Communication ◽

Mutual Authentication ◽

Authentication Protocol ◽

New Paradigm ◽

Authentication Protocols ◽

Rfid System ◽

Setup Phase

Internet of Things (IoT) is a new paradigm that has been evolving into the wireless sensor networks to expand the scope of networked devices (or things). This evolution drives communication engineers to design secure and reliable communication at a low cost for many network applications such as radio frequency identification (RFID). In the RFID system, servers, readers, and tags communicate wirelessly. Therefore, mutual authentication is necessary to ensure secure communication. Normally, a central server supports the authentication of readers and tags by distributing and managing the credentials. Recent lightweight RFID authentication protocols have been proposed to satisfy the security features of RFID networks. Using a serverless RFID system is an alternative solution to using a central server. In this model, both the reader and the tag perform mutual authentication without the need for the central server. However, many security challenges arise from implementing lightweight authentication protocols in serverless RFID systems. We propose a new secure serverless RFID authentication protocol based on the famous elliptic curve cryptography (ECC). The protocol also maintains the confidentiality and privacy of the messages, tag information, and location. Although most of the current serverless protocols assume secure channels in the setup phase, we assume an insecure environment during the setup phase between the servers, readers, and tags. We ensure that the credentials can be renewed by any checkpoint server in the mobile RFID network. Thus, we implement ECC in the setup phase (renewal phase), to transmit and store the communication credentials of the server to multiple readers so that the tags can perform the mutual authentication successfully while far from the server. The proposed protocol is compared with other serverless frameworks proposed in the literature in terms of computation cost and attacks resistance.

Download Full-text

Cost and Lightweight Modeling Analysis of RFID Authentication Protocols in Resource Constraint Internet of Things

Journal of Communications Software and Systems ◽

10.24138/jcomss.v10i3.122 ◽

2017 ◽

Vol 10 (3) ◽

pp. 179

Author(s):

Adarsh Kumar ◽

Krishna Gopal ◽

Alok Aggarwal

Keyword(s):

Internet Of Things ◽

Radio Frequency ◽

Radio Frequency Identification ◽

Mutual Authentication ◽

Authentication Protocol ◽

Resource Constraint ◽

Authentication Protocols ◽

Pervasive Environment ◽

Rfid Authentication Protocols ◽

Mutual Authentication Protocol

Internet of Things (IoT) is a pervasive environment to interconnect the things like: smart objects, devices etc. in a structure like internet. Things can be interconnected in IoT if these are uniquely addressable and identifiable. Radio Frequency Identification (RFID) is one the important radio frequency based addressing scheme in IoT. Major security challenge in resource constraint RFID networks is how to achieve traditional CIA security i.e. Confidentiality, Integrity and Authentication. Computational and communication costs for Lightweight Mutual Authentication Protocol (LMAP), RFID mutual Authentication Protocol with Permutation (RAPP) and kazahaya authentication protocols are analyzed. These authentication protocols are modeled to analyze the delays using lightweight modeling language. Delay analysis is performed using alloy model over LMAP, RAPP and kazahaya authentication protocols where one datacenter (DC) is connected to different number of readers (1,5 or 10) with connectivity to 1, 5 or 25 tags associated with reader and its results show that for LMAP delay varies from 30-156 msec, for RAPP from 31-188 while for kazahaya from 61-374 msec. Further, performance of RFID authentication protocols is analyzed for group construction through more than one DC (1,5 or 10) with different number of readers (10, 50 or 100) and tags associated with these readers (50, 500, 1000) and results show that DC based binary tree topology with LMAP authentication protocol is having a minimum delay for 50 or 100 readers. Other authentication protocols fail to give authentication results because of large delays in the network. Thus, RAPP and Kazahaya are not suitable for scenarios where there is large amount of increase in number of tags or readers.

Download Full-text

A construction of a conformal Chebyshev chaotic map based authentication protocol for healthcare telemedicine services

Complex & Intelligent Systems ◽

10.1007/s40747-021-00441-7 ◽

2021 ◽

Author(s):

Dharminder Dharminder ◽

Uddeshaya Kumar ◽

Pratik Gupta

Keyword(s):

Information Systems ◽

Secure Communication ◽

Medical Information ◽

Chaotic Map ◽

Authentication Protocol ◽

Telecare Medicine Information System ◽

Medicine Information ◽

Authentication Protocols ◽

Telecare Medicine Information Systems ◽

Chebyshev Chaotic Map

AbstractThe outbreak of coronavirus has caused widespread global havoc, and the implementation of lockdown to contain the spread of the virus has caused increased levels of online healthcare services. Upgraded network technology gives birth to a new interface “telecare medicine information systems” in short TMIS. In this system, a user from a remote area and a server located at the hospital can establish a connection to share the necessary information between them. But, it is very clear that all the information is always being transmitted over a public channel. Chaotic map possesses a dynamic structure and it plays a very important role in the construction of a secure and efficient authentication protocols, but they are generally found vulnerable to identity-guess, password-guess, impersonation, and stolen smart-card. We have analyzed (Li et al. in Fut Gen Comput Syst 840:149–159, 2018; Madhusudhan and Nayak Chaitanya in A robust authentication scheme for telecare medical information systems, 2008; Zhang et al in Privacy protection for telecare medicine information systems using a chaotic map-based three-factor authenticated key agreement scheme, 2017; Dharminder and Gupta in Pratik security analysis and application of Chebyshev Chaotic map in the authentication protocols, 2019) and found that Bergamo’s attack (IEEE Trans Circ Syst 52(7):1382–1393, 2005) cannot be resisted by the protocol. Although few of the protocols ensures efficient computations but they cannot ensure an anonymous and secure communication. Therefore, we have proposed a secure and efficient chaotic map based authentication protocol that can be used in telecare medicine information system. This protocol supports verified session keys with only two messages of exchange. Moreover, we have analysed the performance of proposed protocol with relevant protocols and it is being implemented in “Automated Validation of Internet Security Protocols and Applications” respectively.

Download Full-text

Node Authentication in Networks Using Zero-Knowledge Proofs

Web Services Security and E-Business ◽

10.4018/978-1-59904-168-1.ch008 ◽

2007 ◽

pp. 142-164

Author(s):

Richard S. Norville ◽

Kamesh Namuduri ◽

Ravi Pendse

Keyword(s):

Data Analysis ◽

Authentication Protocol ◽

Authentication Protocols ◽

Zero Knowledge ◽

Authentication Schemes ◽

Zero Knowledge Proof

Zero-knowledge proof (ZKP) based authentication protocols provide a smart way to prove an identity of a node without giving away any information about the secret of that identity. There are many advantages as well as disadvantages to using this protocol over other authentication schemes, and challenges to overcome in order to make it practical for general use. This chapter examines the viability of ZKPs for use in authentication protocols in networks. It is concluded that nodes in a network can achieve a desired level of security by trading off key size, interactivity, and other parameters of the authentication protocol. This chapter also provides data analysis that can be useful in determining expected authentication times based on device capabilities. Pseudocode is provided for implementing a graph-based ZKP on small or limited processing devices.

Download Full-text

A Protocol for Provably Secure Authentication of a Tiny Entity to a High Performance Computing One

Mathematical Problems in Engineering ◽

10.1155/2016/9289050 ◽

2016 ◽

Vol 2016 ◽

pp. 1-9 ◽

Cited By ~ 1

Author(s):

Siniša Tomović ◽

Miodrag J. Mihaljević ◽

Aleksandar Perović ◽

Zoran Ognjanović

Keyword(s):

High Performance Computing ◽

High Performance ◽

Authentication Protocol ◽

Authentication Protocols ◽

Man In The Middle ◽

Lpn Problem ◽

Secure Authentication ◽

Performance Computing ◽

Specific Scenario ◽

Provably Secure

The problem of developing authentication protocols dedicated to a specific scenario where an entity with limited computational capabilities should prove the identity to a computationally powerful Verifier is addressed. An authentication protocol suitable for the considered scenario which jointly employs the learning parity with noise (LPN) problem and a paradigm of random selection is proposed. It is shown that the proposed protocol is secure against active attacking scenarios and so called GRS man-in-the-middle (MIM) attacking scenarios. In comparison with the related previously reported authentication protocols the proposed one provides reduction of the implementation complexity and at least the same level of the cryptographic security.

Download Full-text