scholarly journals An Enhanced Lightweight Dynamic Pseudonym Identity Based Authentication and Key Agreement Scheme Using Wireless Sensor Networks for Agriculture Monitoring

Sensors ◽  
2019 ◽  
Vol 19 (5) ◽  
pp. 1146 ◽  
Author(s):  
Meriske Chen ◽  
Tian-Fu Lee ◽  
Jiann-I Pan
Keyword(s):  
Key Agreement ◽  
Raw Materials ◽  
Denial Of Service ◽  
Modern Technology ◽  
User Privacy ◽  
Session Key ◽  
Authentication And Key Agreement ◽  
Monitoring Process ◽  
Perfect Forward Secrecy ◽  
Enhance Efficiency

Agriculture plays an important role for many countries. It provides raw materials for foodand provides large employment opportunities for people in the country, especially for countrieswith a dense population. To enhance agriculture productivity, modern technology such as wirelesssensor networks (WSNs) can be utilized to help in monitoring important parameters in thwagricultural field such as temperature, light, soil moisture, etc. During the monitoring process, ifsecurity compromises happen, such as interception or modification of the parameters, it may leadto false decisions and bring damage to agriculture productivity. Therefore, it is very important todevelop secure authentication and key agreement for the system. Recently, Ali et al. proposed anauthentication and key agreement scheme using WSNs for agriculture monitoring. However, it failsto provide user untraceability, user anonymity, and session key security; it suffers from sensor nodeimpersonation attack and perfect forward secrecy attack; and even worse has denial of service as aservice. This study discusses these limitations and proposes a new secure and more efficientauthentication and key agreement scheme for agriculture monitoring using WSNs. The proposedscheme utilizes dynamic pseudonym identity to guarantee user privacy and eliminates redundantcomputations to enhance efficiency.

scholarly journals Perfect Forward Secrecy in VoIP Networks Through Design a Lightweight and Secure Authenticated Communication Scheme

2020 ◽  
Author(s):  
kazem saedi ◽  
Mahdi Nikooghadam ◽  
Amirhossein Mohajerzadeh
Keyword(s):  
Key Agreement ◽  
Forward Secrecy ◽  
Session Key ◽  
Replay Attack ◽  
The Public ◽  
Authentication And Key Agreement ◽  
Key Agreement Protocol ◽  
Main Paper ◽  
Communication Scheme ◽  
Perfect Forward Secrecy

Abstract In this research, we have tried to first focus on the previous work and after getting familiar with the base papers, focus on the main paper. In this paper, we try to determine the security problems in the proposed protocols and present appropriate solutions for them. One of the subjects studied by security and encryption researchers is the matter of authentication and key agreement in SIP. Recently, an authentication and key agreement protocol in SIP has been presented in a scheme. In this paper, it was proven that their presented protocol is vulnerable to the replay attack. Such that if an attacker resends the messages sent on the public channel back to the server, the server does not notice the duplicate messages and proceeds with the session process. Also, their protocol is not resistant to the temporary parameter disclosure attack and it is possible for the attacker to discover the session key in case the temporary parameters are disclosed. Furthermore, user anonymity does neither provide re-registration prevention with the real user ID nor early detection. In this paper, we have tried to present a protocol which prevents replay and parameter disclosure attacks.

Deep Analysis of Enhanced Authentication for Next Generation Networks

2010 ◽  
Vol 2 (2) ◽  
pp. 37-52 ◽  
Author(s):  
Mamdouh Gouda
Keyword(s):  
Key Agreement ◽  
Denial Of Service ◽  
Next Generation Networks ◽  
Security Level ◽  
Ip Multimedia Subsystem ◽  
Next Generation ◽  
Dos Attacks ◽  
Authentication Protocols ◽  
Minimal Impact ◽  
Authentication And Key Agreement

Next Generation Networks (NGN) is the evolution of the telecommunication core. The user has to execute multi-pass Authentication and Key Agreement (AKA) procedures in order to get access to the IP Multimedia Subsystem (IMS). This causes overhead on the AAA server and increases the delay of authenticating the user and that is because of unnecessary and repeated procedures and protocols. This paper presents an enhanced one-pass AKA procedure that eliminates the repeated steps without affecting the security level, in addition it reduces the Denial of Service (DoS) attacks. The presented mechanism has minimal impact on the network infrastructure and functionality and does not require any changes to the existing authentication protocols.

scholarly journals A Lightweight Three-Factor Authentication and Key Agreement Scheme in Wireless Sensor Networks for Smart Homes

Sensors ◽  
2019 ◽  
Vol 19 (9) ◽  
pp. 2012 ◽  
Author(s):  
Sooyeon Shin ◽  
Taekyoung Kwon
Keyword(s):  
Smart Home ◽  
Key Agreement ◽  
Smart Homes ◽  
Security Requirements ◽  
Wireless Sensor ◽  
Impersonation Attack ◽  
Secret Key ◽  
Session Key ◽  
Authentication And Key Agreement ◽  
Three Factor

A wireless sensor network (WSN) is used for a smart home system’s backbone that monitors home environment and controls smart home devices to manage lighting, heating, security and surveillance. However, despite its convenience and potential benefits, there are concerns about various security threats that may infringe on privacy and threaten our home life. For protecting WSNs for smart homes from those threats, authentication and key agreement are basic security requirements. There have been a large number of proposed authentication and key agreement scheme for WSNs. In 2017, Jung et al. proposed an efficient and security enhanced anonymous authentication with key agreement scheme by employing biometrics information as the third authentication factor. They claimed that their scheme resists on various security attacks and satisfies basic security requirements. However, we have discovered that Jung et al.’s scheme possesses some security weaknesses. Their scheme cannot guarantee security of the secret key of gateway node and security of session key and protection against user tracking attack, information leakage attack, and user impersonation attack. In this paper, we describe how those security weaknesses occur and propose a lightweight three-factor authentication and key agreement scheme in WSNs for smart homes, as an improved version of Jung et al.’s scheme. We then present a detailed analysis of the security and performance of the proposed scheme and compare the analysis results with other related schemes.

scholarly journals Improved Authenticated Key Agreement Scheme for Fog-Driven IoT Healthcare System

2021 ◽  
Vol 2021 ◽  
pp. 1-16
Author(s):  
Tsu-Yang Wu ◽  
Tao Wang ◽  
Yu-Qi Lee ◽  
Weimin Zheng ◽  
Saru Kumari ◽  
...  
Keyword(s):  
Key Agreement ◽  
Low Cost ◽  
Fog Computing ◽  
Security Analysis ◽  
Transportation Systems ◽  
Security Evaluation ◽  
Medical Systems ◽  
Session Key ◽  
Authentication And Key Agreement ◽  
Secure Authentication

The Internet of things (IoT) has been widely used for various applications including medical and transportation systems, among others. Smart medical systems have become the most effective and practical solutions to provide users with low-cost, noninvasive, and long-term continuous health monitoring. Recently, Jia et al. proposed an authentication and key agreement scheme for smart medical systems based on fog computing and indicated that it is safe and can withstand a variety of known attacks. Nevertheless, we found that it consists of several flaws, including known session-specific temporary information attacks and lack of per-verification. The opponent can readily recover the session key and user identity. In this paper, we propose a secure authentication and key agreement scheme, which compensates for the imperfections of the previously proposed. For a security evaluation of the proposed authentication scheme, informal security analysis and the Burrows–Abadi–Needham (BAN) logic analysis are implemented. In addition, the ProVerif tool is used to normalize the security verification of the scheme. Finally, the performance comparisons with the former schemes show that the proposed scheme is more applicable and secure.

Deep Analysis of Enhanced Authentication for Next Generation Networks

2012 ◽  
pp. 197-211
Author(s):  
Mamdouh Gouda
Keyword(s):  
Key Agreement ◽  
Denial Of Service ◽  
Next Generation Networks ◽  
Security Level ◽  
Ip Multimedia Subsystem ◽  
Next Generation ◽  
Dos Attacks ◽  
Authentication Protocols ◽  
Minimal Impact ◽  
Authentication And Key Agreement

Next Generation Networks (NGN) is the evolution of the telecommunication core. The user has to execute multi-pass Authentication and Key Agreement (AKA) procedures in order to get access to the IP Multimedia Subsystem (IMS). This causes overhead on the AAA server and increases the delay of authenticating the user and that is because of unnecessary and repeated procedures and protocols. This paper presents an enhanced one-pass AKA procedure that eliminates the repeated steps without affecting the security level, in addition it reduces the Denial of Service (DoS) attacks. The presented mechanism has minimal impact on the network infrastructure and functionality and does not require any changes to the existing authentication protocols.

scholarly journals Efficient and Provably Secure Key Agreement for Modern Smart Metering Communications

Energies ◽  
2018 ◽  
Vol 11 (10) ◽  
pp. 2662 ◽  
Author(s):  
An Braeken ◽  
Pardeep Kumar ◽  
Andrew Martin
Keyword(s):  
Smart Grid ◽  
Key Agreement ◽  
Denial Of Service ◽  
Mutual Authentication ◽  
Third Party ◽  
Security Model ◽  
Smart Metering ◽  
Session Key ◽  
Area Of Interest ◽  
Provably Secure

Security in modern smart metering communications and in smart grid networks has been an area of interest recently. In this field, identity-based mutual authentication including credential privacy without active involvement of a trusted third party is an important building block for smart grid technology. Recently, several schemes have been proposed for the smart grid with various security features (e.g., mutual authentication and key agreement). Moreover, these schemes are said to offer session key security under the widely accepted Canetti-Krawczyk (CK) security model. Instead, we argue that all of them are still vulnerable under the CK model. To remedy the problem, we present a new provably secure key agreement model for smart metering communications. The proposed model preserves the security features and provides more resistance against a denial of service attack. Moreover, our scheme is pairing-free, resulting in highly efficient computational and communication efforts.

scholarly journals A Lightweight Authentication and Key Agreement Schemes for IoT Environments

Sensors ◽  
2020 ◽  
Vol 20 (18) ◽  
pp. 5350
Author(s):  
Dae-Hwi Lee ◽  
Im-Yeong Lee
Keyword(s):  
Key Agreement ◽  
Essential Element ◽  
Public Key Cryptography ◽  
Security Requirements ◽  
Public Key ◽  
Smart Devices ◽  
The Internet ◽  
Session Key ◽  
Authentication And Key Agreement ◽  
Lightweight Authentication

In the Internet of Things (IoT) environment, more types of devices than ever before are connected to the internet to provide IoT services. Smart devices are becoming more intelligent and improving performance, but there are devices with little computing power and low storage capacity. Devices with limited resources will have difficulty applying existing public key cryptography systems to provide security. Therefore, communication protocols for various kinds of participating devices should be applicable in the IoT environment, and these protocols should be lightened for resources-restricted devices. Security is an essential element in the IoT environment, so for secure communication, it is necessary to perform authentication between the communication objects and to generate the session key. In this paper, we propose two kinds of lightweight authentication and key agreement schemes to enable fast and secure authentication among the objects participating in the IoT environment. The first scheme is an authentication and key agreement scheme with limited resource devices that can use the elliptic curve Qu–Vanstone (ECQV) implicit certificate to quickly agree on the session key. The second scheme is also an authentication and key agreement scheme that can be used more securely, but slower than first scheme using certificateless public key cryptography (CL-PKC). In addition, we compare and analyze existing schemes and propose new schemes to improve security requirements that were not satisfactory.

A New Group Key Agreement Protocol with Anonymity

2013 ◽  
Vol 380-384 ◽  
pp. 2256-2261
Author(s):  
Gang Yao ◽  
Li Guo
Keyword(s):  
Privacy Protection ◽  
Key Agreement ◽  
Forward Secrecy ◽  
Session Key ◽  
Group Key ◽  
Group Key Agreement ◽  
Key Agreement Protocol ◽  
Perfect Forward Secrecy ◽  
Agreement Protocols ◽  
Group Key Agreement Protocol

Popularity of group-oriented applications motivates research on security protection for group communications. A number of group key agreement protocols have been proposed for this objective, but most current group key agreement protocols do not consider privacy protection. Group key agreement protocols for networks should also handle dynamic group membership events such as user join and leave events. The Join and Leave Protocols provide backward and forward secrecy respectively. In this paper, we proposed a new anonymous group key agreement protocol based on ID-based encryption cryptosystems. The proposed protocol not only benefits from the desirable features of ID-based cryptosystem, but also provides privacy protection for users. The proposed protocol achieves the following security attribute: anonymity, unlinkability, group key secrecy, group forward secrecy, group backward secrecy, perfect forward secrecy for the group session key and entity authentication.

SALMAKA: Secured, Anonymity Preserving and Lightweight Mutual Authentication and Key Agreement Scheme for WBAN

2020 ◽  
Vol 10 ◽  
Author(s):  
Bhawna Narwal ◽  
Amar Kumar Mohapatra
Keyword(s):  
Key Agreement ◽  
Mutual Authentication ◽  
Internet Security ◽  
Communication Process ◽  
Security Evaluation ◽  
Session Key ◽  
Efficient Manner ◽  
Authentication And Key Agreement ◽  
Processing Cost ◽  
And Performance

Background: It is paramount to secure the healthcare system from unauthorized users and security attacks through appropriate security mechanisms as a break in communication process leads to leaked or blurred messages, which is totally unacceptable. Moreover, mutual authentication is a core requirement for privacy protection as it is paramount to control who is accessing the sensed data and whether they are authenticated or not. In addition to this, energy efficiency is a major issue to be dealt with. Objective: After examination of the present related schemes, we proposed a novel Secured, Anonymity Preserving and Lightweight Mutual Authentication and Key Agreement Scheme (SALMAKA) for two-hop WBAN topology; where the scheme mutually authenticates the sensing nodes with the controller node in an anonymous, energy efficient manner and establishes session key securely. Method: To corroborate the accuracy of the proposed scheme, Burrows-Abadi-Needham (BAN) logic and Automated Validation of Internet Security Protocols and Applications (AVISPA) simulator are used. Apart from this, informal security evaluation is also performed in detail. Results: To exhibit the practical application and performance of the proposed scheme, it is compared with the existing related schemes and the results reveal that the proposed scheme reduces energy consumption, processing cost and processing time significantly. Conclusion: A Secured, Anonymity Preserving and Lightweight Mutual Authentication and Key Agreement Scheme (SALMAKA) for two-hop WBAN topology is propounded.

Sign in / Sign up

Export Citation Format

Share Document