Security Analysis and Enhancement of Authentication in CDMA based on Elliptic Curve Cryptography

Session initiation protocol (SIP), a widely used signal protocol for controlling multimedia communication sessions, is under numerous attacks when performing the authentication steps between the user and server. So secure authentication schemes are needed to be presented for SIP. Recently, Arshad et al. advanced novel schemes for SIP using elliptic curve cryptography (ECC) and claimed their schemes can resist various attacks. However, Lu et al. found that Arshad et al.’s scheme cannot resist trace and key-compromise impersonation attacks; hence, it cannot provide proper mutual authentication. Meanwhile, an enhanced scheme was advanced by Lu et al. and they stated that their scheme can stand up to possible known attacks. Nevertheless, in this paper, we conclude that Arshad and Nikooghadam’s scheme is insecure against impersonation attack and Lu et al.’s scheme is still vulnerable to impersonation attack. To overcome these weaknesses of their schemes, we present a novel anonymous ECC-based scheme for SIP. Security analysis and performance analysis show that our proposed scheme can resist various known attacks and efficient in the meantime.

Download Full-text

Defeating MITM Attacks on Cryptocurrency Exchange Accounts with Individual User Keys

International Journal of Network Security & Its Applications ◽

10.5121/ijnsa.2021.13104 ◽

2021 ◽

Vol 13 (1) ◽

pp. 51-64

Author(s):

Cheman Shaik

Keyword(s):

Elliptic Curve ◽

Elliptic Curve Cryptography ◽

Security Analysis ◽

Public Key ◽

Public And Private ◽

The Public ◽

Individual User ◽

Private Key ◽

Authentication Schemes

Presented herein is a User-SpecificKey Scheme based on Elliptic Curve Cryptography that defeats man-inthe-middle attacks on cryptocurrency exchange accounts. In this scheme, a separate public and private key pair is assigned to every account and the public key is shifted either forward or backward on the elliptic curve by a difference of the account user’s password. When a user logs into his account, the server sends the shifted public key of his account. The user computes the actual public key of his account by reverse shifting the shifted public key exactly by a difference of his password. Alternatively, shifting can be applied to the user’s generator instead of the public key. Described in detail is as to how aman-in-the-middle attack takes place and how the proposed scheme defeats the attack. Provided detailed security analysis in both the cases of publickey shifting and generator shifting. Further, compared the effectiveness of another three authentication schemes in defending passwords against MITM attacks.

Download Full-text

An Enhanced Image Encryption Scheme Based on ECC and PWLCM

International Journal of Scientific Research in Science Engineering and Technology ◽

10.32628/ijsrset196430 ◽

2019 ◽

pp. 285-293

Author(s):

Salma Bendaoud ◽

Fatima Amounas ◽

El Hassan El Kinani

Keyword(s):

Elliptic Curve ◽

Image Encryption ◽

Elliptic Curve Cryptography ◽

Piecewise Linear ◽

Chaotic Map ◽

Security Analysis ◽

Encryption Scheme ◽

Privacy And Security ◽

Piecewise Linear Chaotic Map ◽

Digital Image Encryption

Elliptic curve cryptography (ECC) is an effective approach to protect privacy and security of information. Digital Image encryption is an important issue widely used to protect the data and to ensure the security. Several encryption and decryption cryptosystems are available to keep image secure from unauthorized user. Elliptic Curve Cryptography (ECC) has proven to be the best solution for public key encryption. It provides a good level of security with smaller key size. In this paper we attempt to develop an enhanced Image Encryption Scheme based on ECC and PWLCM (Piecewise Linear Chaotic Map). Here, we generate a key image to enhance data security using ECC and PWLCM. From the experiment results and security analysis, we prove that our scheme cannot only achieve good encryption, but also resist the exhaustive, statistical and differential attacks.

Download Full-text

Security Analysis of Medical Images using ECC over RSA

Journal of University of Shanghai for Science and Technology ◽

10.51201/jusst/21/05143 ◽

2021 ◽

Vol 23 (05) ◽

pp. 356-367

Author(s):

Usha Verma ◽

◽

Neelam Sharma ◽

Keyword(s):

Elliptic Curve ◽

Elliptic Curve Cryptography ◽

Medical Image ◽

Medical Images ◽

Security Analysis ◽

Image Authentication ◽

Complex Method ◽

Secret Key ◽

Medical Practitioners ◽

Medical Image Authentication

The security of medical images is very important to maintain the confidentiality and privacy of patient information. Medical practitioners are required to adopt policies for the security of the access of patient’s electronic information. This paper provides the security analysis of the Medical Images based on Elliptic curve cryptography. Elliptic curve cryptography (ECC) is a complex method and involves intense computation which makes it robust for the intruder attack. In this paper, ECC based Medical Image Encryption algorithm is performed on varieties of medical images like MRI, CT scan and X-ray. Security analysis is presented based on Histogram, Entropy, NPCR and UACI measures and compared with traditional method RSA. Histogram after encryption using ECC has uniform distribution which reflects that the information of original medical image is hidden properly. Entropy and NPCR achieved are 7.86 – 7.99 and 99.62 – 99.64 % respectively which are very close to their ideal values. Results reveal that ECC is more powerful and useful for medical image authentication and key distribution. However, it can be used for exchange of secret key rather than encryption.

Download Full-text

Lightweight Data Aggregation Scheme against Internal Attackers in Smart Grid Using Elliptic Curve Cryptography

Wireless Communications and Mobile Computing ◽

10.1155/2017/3194845 ◽

2017 ◽

Vol 2017 ◽

pp. 1-11 ◽

Cited By ~ 19

Author(s):

Debiao He ◽

Sherali Zeadally ◽

Huaqun Wang ◽

Qin Liu

Keyword(s):

Smart Grid ◽

Elliptic Curve ◽

Data Aggregation ◽

Elliptic Curve Cryptography ◽

Secure Communication ◽

Security Analysis ◽

Security Requirements ◽

Grid Environment ◽

Practical Applications ◽

Aggregation Scheme

Recent advances of Internet and microelectronics technologies have led to the concept of smart grid which has been a widespread concern for industry, governments, and academia. The openness of communications in the smart grid environment makes the system vulnerable to different types of attacks. The implementation of secure communication and the protection of consumers’ privacy have become challenging issues. The data aggregation scheme is an important technique for preserving consumers’ privacy because it can stop the leakage of a specific consumer’s data. To satisfy the security requirements of practical applications, a lot of data aggregation schemes were presented over the last several years. However, most of them suffer from security weaknesses or have poor performances. To reduce computation cost and achieve better security, we construct a lightweight data aggregation scheme against internal attackers in the smart grid environment using Elliptic Curve Cryptography (ECC). Security analysis of our proposed approach shows that it is provably secure and can provide confidentiality, authentication, and integrity. Performance analysis of the proposed scheme demonstrates that both computation and communication costs of the proposed scheme are much lower than the three previous schemes. As a result of these aforementioned benefits, the proposed lightweight data aggregation scheme is more practical for deployment in the smart grid environment.

Download Full-text

Selective Image Encryption Based On Chaotic Maps And Elliptic Curve Cryptography

10.21203/rs.3.rs-509136/v1 ◽

2021 ◽

Author(s):

Ali Soleymani ◽

Md Jan Nordin

Keyword(s):

Elliptic Curve ◽

Image Encryption ◽

Elliptic Curve Cryptography ◽

Medical Information ◽

Chaotic Maps ◽

Rapid Evolution ◽

Security Analysis ◽

Computationally Efficient ◽

Public Networks ◽

The Face

Abstract The rapid evolution of imaging and communication technologies has transformed images into a widespread data type. Different types of data, such as medical information, official correspondence or governmental and military documents saved and transmitted in the form of images over public networks. Cryptography is a solution to protect confidential images by encrypting before transmission over unsecure channels. Most of the current image encryption methods based on symmetric cryptosystems, which the encryption and the decryption keys are the same and will be shared. However, asymmetric cryptosystems are more useful and secure because of the decryption key kept secret. This paper will focus on asymmetric image encryption algorithms to improve and enhance the security of transmission. Elliptic Curve Cryptography (ECC) is a new public key cryptosystem and provides equivalent security with shorter key length, low mathematical complexity and more computationally efficient rather than RSA. Selective encryption is a solution to decrease the consumed time for asymmetric cryptosystems, which reduce the encryption regions as small as possible. Hence, a hybrid cryptosystem is proposed based on the combination of ECC and chaotic maps that detects the face(s) in an image and encrypt the selected regions. This scheme will encrypt around five percent of the whole image and only confidential regions rather than whole image. The results of security analysis demonstrate the strength of the proposed cryptosystem against statistical, brute force and differential attacks. The evaluated running time for both encryption and decryption processes guarantee that the cryptosystem can work effectively in real-time applications.

Download Full-text

On Security Analysis of Recent Password Authentication and Key Agreement Schemes Based on Elliptic Curve Cryptography

Journal of Technology Management for Growing Economies ◽

10.15415/jtmge.2015.61004 ◽

2015 ◽

Vol 6 (1) ◽

pp. 39-52

Author(s):

Prabhdeep Kaur ◽

Sheetal Kalra

Keyword(s):

Elliptic Curve ◽

Elliptic Curve Cryptography ◽

Smart Grids ◽

Key Agreement ◽

Mutual Authentication ◽

Security Analysis ◽

Public Key ◽

Attractive Alternative ◽

Successful Implementation ◽

Authentication And Key Agreement

Secure and efficient mutual authentication and key agreement schemes form the basis for any robust network communication system. Elliptic Curve Cryptography (ECC) has emerged as one of the most successful Public Key Cryptosystem that efficiently meets all the security challenges. Comparison of ECC with other Public Key Cryptosystems (RSA, Rabin, ElGamal) shows that it provides equal level of security for a far smaller bit size, thereby substantially reducing the processing overhead. This makes it suitable for constrained environments like wireless networks and mobile devices as well as for security sensitive applications like electronic banking, financial transactions and smart grids. With the successful implementation of ECC in security applications (e-passports, e-IDs, embedded systems), it is getting widely commercialized. ECC is simple and faster and is therefore emerging as an attractive alternative for providing security in lightweight device, which contributes to its popularity in the present scenario. In this paper, we have analyzed some of the recent password based authentication and key agreement schemes using ECC for various environments. Furthermore, we have carried out security, functionality and performance comparisons of these schemes and found that they are unable to satisfy their claimed security goals.

Download Full-text

Study of Safe Elliptic Curve Cryptography over Gaussian Integer

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences ◽

10.1587/transfun.2020sml0002 ◽

2020 ◽

Vol E103.A (12) ◽

pp. 1624-1628

Author(s):

Kazuki NAGANUMA ◽

Takashi SUZUKI ◽

Hiroyuki TSUJI ◽

Tomoaki KIMURA

Keyword(s):

Elliptic Curve ◽

Elliptic Curve Cryptography ◽

Gaussian Integer

Download Full-text

Erratum: A High Performance FPGA Implementation of 256-bit Elliptic Curve Cryptography Processor Over GF(p) [IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences Vol. E98.A (2015) , No. 3 pp.863-869]

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences ◽

10.1587/transfun.e98.a.1057_e1 ◽

2015 ◽

Vol E98.A (4) ◽

pp. 1057_e1-1057_e1

Author(s):

Xiang FENG ◽

Shuguo LI

Keyword(s):

Elliptic Curve ◽

Elliptic Curve Cryptography ◽

High Performance ◽

Fpga Implementation

Download Full-text

Enhanced Security Authentication of WiMAX using EC3A

International Journal of Advanced Research in Computer Science and Software Engineering ◽

10.23956/ijarcsse.v7i8.54 ◽

2017 ◽

Vol 7 (8) ◽

pp. 219

Author(s):

Mohd Javed ◽

Khaleel Ahmad ◽

Ahmad Talha Siddiqui

Keyword(s):

Cellular Automata ◽

Elliptic Curve ◽

Elliptic Curve Cryptography ◽

Information Rate ◽

Security Authentication ◽

Encryption And Decryption ◽

High Information

WiMAX is the innovation and upgradation of 802.16 benchmarks given by IEEE. It has numerous remarkable qualities, for example, high information rate, the nature of the service, versatility, security and portability putting it heads and shoulder over the current advancements like broadband link, DSL and remote systems. Though like its competitors the concern for security remains mandatory. Since the remote medium is accessible to call, the assailants can undoubtedly get into the system, making the powerless against the client. Many modern confirmations and encryption methods have been installed into WiMAX; however, regardless it opens with up different dangers. In this paper, we proposed Elliptic curve Cryptography based on Cellular Automata (EC3A) for encryption and decryption the message for improving the WiMAX security

Download Full-text