Password Based Client-Server-User Authenticated Key Agreement Mechanism for Cloud System

The authentication is an essential concern in the cloud environment to restrict the unauthorized users to retrieve the files from cloud server. Moreover, authentication mechanisms are used to prevent illegal access of resources over insecure channel. Thus proposed work provides the strong and efficient authentication process in cloud computing environment by chebyshev polynomial based chaotic maps Diffie Hellman property. The proposed authentication mechanism does not disclose the identity of the user to CSP. Moreover proposed authentication mechanism enables mutual authentication, Identity management, and session-key agreement. The Proposed mechanism of security analysis includes the enabling mutual authentication and key agreement, restricting the impersonation attack, man in the middle attack and replay attack.

Download Full-text

A Lightweight Key Agreement Protocol Based on Chinese Remainder Theorem and ECDH for Smart Homes

Sensors ◽

10.3390/s20051357 ◽

2020 ◽

Vol 20 (5) ◽

pp. 1357 ◽

Cited By ~ 1

Author(s):

Yi Jiang ◽

Yong Shen ◽

Qingyi Zhu

Keyword(s):

Smart Home ◽

Key Agreement ◽

Chinese Remainder Theorem ◽

Mutual Authentication ◽

Security Analysis ◽

Sensor Nodes ◽

Replay Attack ◽

Key Agreement Protocol ◽

Diffie Hellman ◽

Home Systems

Security and efficiency are the two main challenges for designing a smart home system. In this paper, by incorporating Chinese remainder theorem (CRT) into the elliptic curve Diffie–Hellman (ECDH), a lightweight key agreement protocol for smart home systems is constructed. Firstly, one-way hash authentication is used to identify the sensor nodes instead of mutual authentication to reduce the authentication cost. Secondly, the CRT is introduced to enhance the security of the original ECDH key agreement. Security analysis showed that the proposed protocol can validate the data integrity and resist the replay attack, the man-in-middle attack, and other attacks. Performance analysis and experiments showed that the protocol achieves high security with low communication and computation costs, and can be implemented in smart home systems.

Download Full-text

Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

The Scientific World JOURNAL ◽

10.1155/2014/281305 ◽

2014 ◽

Vol 2014 ◽

pp. 1-15 ◽

Cited By ~ 19

Author(s):

Younsung Choi ◽

Junghyun Nam ◽

Donghoon Lee ◽

Jiye Kim ◽

Jaewook Jung ◽

...

Keyword(s):

Key Agreement ◽

User Authentication ◽

Mutual Authentication ◽

Smart Cards ◽

Security Requirements ◽

Impersonation Attack ◽

Single Server ◽

Authenticated Key Agreement ◽

Session Key ◽

Authentication Schemes

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

Download Full-text

An Enhanced Authentication Scheme for Internet of Things Based E-Healthcare System

Journal of Computational and Theoretical Nanoscience ◽

10.1166/jctn.2020.8658 ◽

2020 ◽

Vol 17 (1) ◽

pp. 246-253 ◽

Cited By ~ 1

Author(s):

Ravi Raushan Kumar Chaudhary ◽

Ashish Singh ◽

Kakali Chatterjee

Keyword(s):

Mutual Authentication ◽

Security Analysis ◽

Authentication Scheme ◽

Key Generation ◽

Key Exchange Protocol ◽

Session Key ◽

Diffie Hellman ◽

Healthcare Monitoring ◽

Diffie Hellman Key Exchange ◽

Mutual Authentication Protocol

Security is a major challenge in modern IoT based healthcare monitoring systems. It provides many benefits such as critical patient monitoring, remote diagnosis at anytime, anywhere. Hence, security of this data is essential when the healthcare professionals access it. Also, while storing the patients record; it must be kept safe from misuse and modification of data as other devices can easily track it. To prevent this type of threats, we have proposed a mutual authentication protocol to enhance health care security and to resist vulnerable attacks. The proposed scheme used Challenge response protocol for the authentication purpose and the Diffie-Hellman key exchange protocol is used for generation of the session key generation. The security analysis of the proposed scheme shows that the scheme is more secure and resist all the major attacks as compared to other schemes. The Formal verification of this schema also ensures that it resists most probable attacks in this system. The result of the proposed authentication scheme shows that it has low computational and communicational load.

Download Full-text

A Secure Two-Factor Remote User Authentication and Session Key Agreement Scheme

International Journal of Business Data Communications and Networking ◽

10.4018/ijbdcn.2016070104 ◽

2016 ◽

Vol 12 (2) ◽

pp. 62-79 ◽

Cited By ~ 12

Author(s):

Preeti Chandrakar ◽

Hari Om

Keyword(s):

Key Agreement ◽

User Authentication ◽

Mutual Authentication ◽

Security Analysis ◽

Session Key ◽

Key Agreement Protocol ◽

Remote User Authentication ◽

Session Key Agreement ◽

Man In The Middle ◽

Remote User

In this article, the authors have proposed a secure two-factor remote user authentication and session key agreement protocol. As they have shown in the presented scheme, is precise and secure according to both formal and informal security analysis. For formal security analysis, they have applied BAN (Burrows-Abadi-Needham) logic which certifies that the presented scheme provides the amenity of mutual authentication and session key agreement safely. The informal security verification has shown that the proposed scheme is more vigorous against various sort of cruel threats. Moreover, the authors have simulated the presented scheme using broadly accepted AVISPA tool, whose simulation results make sure that the protocol is not dangerous from active and passive attacks together with replay and man-in-the-middle attacks. In addition, the performance evaluation and the security comparison have revealed that the presented scheme gives strong security as well as better complexity in the context of smart card memory requirement, communication cost and computation cost.

Download Full-text

Formal security analysis of lightweight authenticated key agreement protocol for IoT in cloud computing

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v24.i1.pp621-636 ◽

2021 ◽

Vol 24 (1) ◽

pp. 621

Author(s):

Ahmed H. Aly ◽

Atef Ghalwash ◽

Mona M. Nasr ◽

Ahmed A. Abd-El Hafez

Keyword(s):

Cloud Computing ◽

Key Agreement ◽

Mutual Authentication ◽

Security Analysis ◽

Internet Security ◽

Cyber Attacks ◽

Session Key ◽

Sensitive Data ◽

Processing Power ◽

Iot Devices

The internet of things (IoT) and cloud computing are evolving technologies in the information technology field. Merging the pervasive IoT technology with cloud computing is an innovative solution for better analytics and decision-making. Deployed IoT devices offload different types of data to the cloud, while cloud computing converges the infrastructure, links up the servers, analyzes information obtained from the IoT devices, reinforces processing power, and offers huge storage capacity. However, this merging is prone to various cyber threats that affect the IoT-Cloud environment. Mutual authentication is considered as the forefront mechanism for cyber-attacks as the IoT-Cloud participants have to ensure the authenticity of each other and generate a session key for securing the exchanged traffic. While designing these mechanisms, the constrained nature of the IoT devices must be taken into consideration. We proposed a novel lightweight protocol (Light-AHAKA) for authenticating IoT-Cloud elements and establishing a key agreement for encrypting the exchanged sensitive data was proposed. In this paper, the formal verification of (Light-AHAKA) was presented to prove and verify the correctness of our proposed protocol to ensure that the protocol is free from design flaws before the deployment phase. The verification is performed based on two different approaches, the strand space model and the automated validation of internet security protocols and applications (AVISPA) tool.

Download Full-text

Multi-Factor Identity Authenticated Key Agreement Protocol

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.556-562.5597 ◽

2014 ◽

Vol 556-562 ◽

pp. 5597-5602

Author(s):

Jun Wang ◽

Yue Chen ◽

Gang Yang ◽

Hong Yong Jia ◽

Ju Long Lan

Keyword(s):

Smart Card ◽

Key Agreement ◽

Mutual Authentication ◽

Impersonation Attack ◽

Forward Security ◽

Session Key ◽

Session Key Agreement ◽

Man In The Middle ◽

Mutual Identity ◽

Weak Resistance

This paper proposes scheme can achieve mutual authentication and session key agreement based on multi-factor. It improves the scheme proposed by Chuang et al on protecting from the stolen smart card attack, impersonation attack, server spoofing attack and man-in-the-middle attack, and guaranteeing on the forward security. It solves the problem of weak resistance to attacks in single-factor authentication approaches, by combining the smart card with biometrics and password. It also guarantees the security of mutual identity authentication between users and servers and that of session keys. It consumes more computing resources that the Chuang’s scheme, but it can resist to several known attacks efficiently.

Download Full-text

A Systematic Dynamic Key Agreement Mechanism for LTE Advanced Networks in the Internet of Things

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.b1031.1292s319 ◽

2019 ◽

Vol 9 (2S3) ◽

pp. 302-307

Keyword(s):

Elliptic Curve ◽

Key Agreement ◽

Mutual Authentication ◽

Session Key ◽

Machine Type ◽

Key Agreement Protocol ◽

Diffie Hellman ◽

Communication Device ◽

Lte Advanced ◽

Machine Type Communication

Of late, Session Initiation Protocol (SIP) has become one of the popular signaling protocols especially for the multimedia communication system. Various protocols have been proposed by researchers to ensure access independence, authentication, and Key Agreement security characteristic. With the extensive growth of cellular networks, mobile traffic connected with the advancements of the wireless communication channel. In this scenario, Machine Type Communication (MTC) plays a crucial role in line with Long Term Evaluation-Advanced Networks as their communication happened between Machine to machine without human intervention. In order to reach Mobile Type Transmission (MTT) security condition, the access verification process required to pursue the verification and Key Agreement protocol. Moreover, the development of Group premised communication and individual authentication mechanisms to every Machine Type Communication device (MTTD) would lead to signal-congestion in real-time networking scenarios. Jinguo et al. proposed a Group-Based Verification and Key-Agreement protocol with dynamically updating policy for mutual authentication. Especially, they chose an asynchronous secret shared key merged to work with Diffie-Hellman protocol for establishing disjoint verification and session-key establishment across LTE Advanced Networks. However, the DH algorithm could not provide message integrity to upgrade the security feature namely integrity. In this paper, the algorithms Advanced Encryption Standard (AES) in addition to Elliptic Curve Diffie-Hellman (ECDH) can be integrated called an Elliptic Curve Digital Signature Algorithm (ECDSA)” which addresses verification and integrity.

Download Full-text

Two-Party Attribute-Based Key Agreement Protocol with Constant-Size Ciphertext and Key

Security and Communication Networks ◽

10.1155/2018/8738960 ◽

2018 ◽

Vol 2018 ◽

pp. 1-10 ◽

Cited By ~ 3

Author(s):

Jiguo Li ◽

Shengzhou Hu ◽

Yichen Zhang

Keyword(s):

Key Agreement ◽

Provable Security ◽

Mutual Authentication ◽

Session Key ◽

Fine Grained ◽

Key Agreement Protocol ◽

Constant Size ◽

Diffie Hellman ◽

The Standard Model ◽

The Cost

Based on mutual authentication, the session key is established for communication nodes on the open network. In order to satisfy fine-grained access control for cloud storage, the two-party attribute-based key agreement protocol (TP-AB-KA) was proposed. However, the existing TP-AB-KA protocol is high in the cost of computation and communication and is not unfit for application in a mobile cloud setting because mobile devices are generally resource constrained. To solve the above issue, we propose a TP-AB-KA protocol with constant-size ciphertext and key. Our TP-AB-KA protocol is provable security in the standard model. The concrete proof is given under the augmented multisequence of exponents' decisional Diffie-Hellman (aMSE-DDH) hypothesis in the attribute-based BJM model (AB-BJM). Compared with the existing TP-AB-KA protocols, the computation cost and communication cost of our protocol are largely reduced.

Download Full-text

Provably Secure Authentication Approach for Data Security in Cloud Using Hashing, Encryption, and Chebyshev-Based Authentication

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2022010106 ◽

2022 ◽

Vol 16 (1) ◽

pp. 0-0

Keyword(s):

Data Security ◽

Security Analysis ◽

Data Communication ◽

Computation Time ◽

Computational Time ◽

Security Issues ◽

Authentication Mechanism ◽

Cloud Server ◽

Secure Authentication ◽

Provably Secure

Secure and efficient authentication mechanism becomes a major concern in cloud computing due to the data sharing among cloud server and user through internet. This paper proposed an efficient Hashing, Encryption and Chebyshev HEC-based authentication in order to provide security among data communication. With the formal and the informal security analysis, it has been demonstrated that the proposed HEC-based authentication approach provides data security more efficiently in cloud. The proposed approach amplifies the security issues and ensures the privacy and data security to the cloud user. Moreover, the proposed HEC-based authentication approach makes the system more robust and secured and has been verified with multiple scenarios. However, the proposed authentication approach requires less computational time and memory than the existing authentication techniques. The performance revealed by the proposed HEC-based authentication approach is measured in terms of computation time and memory as 26ms, and 1878bytes for 100Kb data size, respectively.

Download Full-text