A Secure Authentication Infrastructure for Mobile Users

Advances in Security and Payment Methods for Mobile Commerce ◽

10.4018/978-1-59140-345-6.ch004 ◽

2011 ◽

pp. 56-80

Author(s):

Gregor V. Bochmann ◽

Eric Zhen Zhang

Keyword(s):

Electronic Commerce ◽

Authentication Protocol ◽

Security Requirements ◽

Mobile Users ◽

Authentication Protocols ◽

Its Analysis ◽

Trust Relationships ◽

Authentication Schemes ◽

Access Rights ◽

Secure Authentication

The requirements for an authentication infrastructure for electronic commerce are explained by identifying the partners involved in e-commerce transactions and the trust relationships required. Related security requirements are also explained, such as authentication, access rights, payment credentials, anonymity (in certain cases), and privacy and integrity of message exchanges. Then several general authentication schemes and specific protocols are reviewed and their suitability for mobile users is discussed. Finally, an improved authentication protocol is presented which can provide trust relationships for mobile e-commerce users. Its analysis and comparison with other proposed authentication protocols indicate that it is a good candidate for use in the context of mobile e-commerce.

Download Full-text

Formal Analysis of an Efficient Handover Authentication Scheme for EAP-Based Wireless Networks with Extending BAN Logic

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.401-403.1864 ◽

2013 ◽

Vol 401-403 ◽

pp. 1864-1867 ◽

Cited By ~ 2

Author(s):

Li Ling Cao ◽

Wan Cheng Ge

Keyword(s):

Wireless Networks ◽

Privacy Preservation ◽

Formal Analysis ◽

Main Idea ◽

Authentication Protocol ◽

Security Requirements ◽

Ban Logic ◽

Handover Authentication ◽

Authentication Schemes ◽

Extensible Authentication Protocol

The existing Extensible Authentication Protocol (EAP) based handover authentication schemes have show robust security features especially the Qi Jing et al.'s design, which not only meets the essential security requirements in handover authentication but also achieves privacy preservation. However, it still suffers pitfalls in the process of authentication. The main idea of this paper is to extend the work by Qi Jing et al. and particularly focus on the formal analysis using extending BAN logic which is more concise yet practical to use on PKI-based protocols.

Download Full-text

Security of an RFID Based Authentication Protocol with Bitwise Operations for Supply Chain

10.21203/rs.3.rs-413438/v1 ◽

2021 ◽

Author(s):

Muhammad Arslan Akram ◽

Adnan Noor Mian

Keyword(s):

Supply Chain ◽

Low Cost ◽

Authentication Protocol ◽

Rfid Tags ◽

Authentication Protocols ◽

Physically Unclonable Functions ◽

Lightweight Authentication ◽

Secure Authentication ◽

Bitwise Operations

Abstract Due to the stringent computational capabilities of low-cost RFID tags, several lightweight secure authentication protocols have been proposed for an RFID-based supply chain using bitwise operations. In this paper, we study the vulnerabilities associated with bitwise operations by doing cryptanalysis of a secure lightweight authentication protocol for RFID tags. The bitwise operations like rotation and XOR show that the protocol is vulnerable to tag, reader, and supply chain node impersonation attacks. We find that the major cause of the vulnerability is bitwise operations and suggest using the physically unclonable functions rather than bitwise operations to secure such lightweight protocols.

Download Full-text

Node Authentication in Networks Using Zero-Knowledge Proofs

Web Services Security and E-Business ◽

10.4018/978-1-59904-168-1.ch008 ◽

2007 ◽

pp. 142-164

Author(s):

Richard S. Norville ◽

Kamesh Namuduri ◽

Ravi Pendse

Keyword(s):

Data Analysis ◽

Authentication Protocol ◽

Authentication Protocols ◽

Zero Knowledge ◽

Authentication Schemes ◽

Zero Knowledge Proof

Zero-knowledge proof (ZKP) based authentication protocols provide a smart way to prove an identity of a node without giving away any information about the secret of that identity. There are many advantages as well as disadvantages to using this protocol over other authentication schemes, and challenges to overcome in order to make it practical for general use. This chapter examines the viability of ZKPs for use in authentication protocols in networks. It is concluded that nodes in a network can achieve a desired level of security by trading off key size, interactivity, and other parameters of the authentication protocol. This chapter also provides data analysis that can be useful in determining expected authentication times based on device capabilities. Pseudocode is provided for implementing a graph-based ZKP on small or limited processing devices.

Download Full-text

A Protocol for Provably Secure Authentication of a Tiny Entity to a High Performance Computing One

Mathematical Problems in Engineering ◽

10.1155/2016/9289050 ◽

2016 ◽

Vol 2016 ◽

pp. 1-9 ◽

Cited By ~ 1

Author(s):

Siniša Tomović ◽

Miodrag J. Mihaljević ◽

Aleksandar Perović ◽

Zoran Ognjanović

Keyword(s):

High Performance Computing ◽

High Performance ◽

Authentication Protocol ◽

Authentication Protocols ◽

Man In The Middle ◽

Lpn Problem ◽

Secure Authentication ◽

Performance Computing ◽

Specific Scenario ◽

Provably Secure

The problem of developing authentication protocols dedicated to a specific scenario where an entity with limited computational capabilities should prove the identity to a computationally powerful Verifier is addressed. An authentication protocol suitable for the considered scenario which jointly employs the learning parity with noise (LPN) problem and a paradigm of random selection is proposed. It is shown that the proposed protocol is secure against active attacking scenarios and so called GRS man-in-the-middle (MIM) attacking scenarios. In comparison with the related previously reported authentication protocols the proposed one provides reduction of the implementation complexity and at least the same level of the cryptographic security.

Download Full-text

An Efficient Anonymous Authentication Scheme for Mobile Pay-TV Systems

Wireless Communications and Mobile Computing ◽

10.1155/2020/8850083 ◽

2020 ◽

Vol 2020 ◽

pp. 1-12

Author(s):

Yuting Li ◽

Qingfeng Cheng ◽

Jinzheng Cao

Keyword(s):

Mobile Devices ◽

Mobile Communication ◽

Service Providers ◽

Authentication Protocol ◽

Authentication Scheme ◽

Mobile Users ◽

Anonymous Authentication ◽

Authentication Schemes ◽

Pay Tv ◽

And Storage

As a component of mobile communication, the pay-TV system has attracted a lot of attention. By using mobile devices, users interact with the head end system in service providers to acquire TV services. With the growth of mobile users, how to protect the privacy of users while improving efficiency of the network has become an issue worthy of attention. Anonymous authentication schemes for mobile pay-TV systems came into being. In this paper, we analyze the shortcomings of the existing authentication protocol and then propose an improved one, which is secure against stored set attack and user traceability attack. The proposed scheme is proved to be secure. Moreover, our new scheme performs better in efficiency and storage, compared with several other schemes.

Download Full-text

Secure Data Integrity Protocol for Fog Computing Environment

Advances in Computer and Electrical Engineering - Advancing Consumer-Centric Fog Computing Architectures ◽

10.4018/978-1-5225-7149-0.ch007 ◽

2019 ◽

pp. 126-144

Author(s):

Kashif Munir ◽

Lawan Ahmed Mohammed

Keyword(s):

Internet Of Things ◽

Low Cost ◽

Fog Computing ◽

Authentication Protocol ◽

Smart Device ◽

Computing Environment ◽

Authentication Protocols ◽

Iot Devices ◽

Secure Authentication ◽

Distributed Infrastructure

Fog computing is a distributed infrastructure in which certain application processes or services are managed at the edge of the network by a smart device. Fog systems are capable of processing large amounts of data locally, operate on-premise, are fully portable, and can be installed on heterogeneous hardware. These features make the fog platform highly suitable for time and location-sensitive applications. For example, internet of things (IoT) devices are required to quickly process a large amount of data. The significance of enterprise data and increased access rates from low-resource terminal devices demand reliable and low-cost authentication protocols. Lots of researchers have proposed authentication protocols with varied efficiencies. As a part of this chapter, the authors propose a secure authentication protocol that is strongly secure and best suited for the fog computing environment.

Download Full-text

Model Checking M2M and Centralised IOT authentication Protocols.

Journal of Physics Conference Series ◽

10.1088/1742-6596/2161/1/012042 ◽

2022 ◽

Vol 2161 (1) ◽

pp. 012042

Author(s):

H Rekha ◽

M. Siddappa

Keyword(s):

Model Checking ◽

High Reliability ◽

Security Protocols ◽

Authentication Protocol ◽

Good Choice ◽

Security Protocol ◽

Security Requirements ◽

Authentication Protocols ◽

Security Properties ◽

Functional Correctness

Abstract It is very difficult to develop a perfect security protocol for communication over the IoT network and developing a reliable authentication protocol requires a detailed understanding of cryptography. To ensure the reliability of security protocols of IoT, the validation method is not a good choice because of its several disadvantages and limitations. To prove the high reliability of Cryptographic Security Protocols(CSP) for IoT networks, the functional correctness of security protocols must be proved secure mathematically. Using the Formal Verification technique we can prove the functional correctness of IoT security protocols by providing the proofs mathematically. In this work, The CoAP Machine to Machine authentication protocol and centralied IoT network Authentication Protocol RADIUS is formally verified using the well-known verification technique known as model checking technique and we have used the Scyther model checker for the verification of security properties of the respective protocols. The abstract protocol models of the IoT authentication protocols were specified in the security protocol description language and the security requirements of the authentication protocols were specified as claim events.

Download Full-text

Secure Authentication Protocol to Cloud

International Journal of Computer Sciences and Engineering ◽

10.26438/ijcse/v7i5.15511557 ◽

2019 ◽

Vol 7 (5) ◽

pp. 1551-1557

Author(s):

Arif Mohammad Abdul ◽

Sudarson Jena ◽

M Bal Raju

Keyword(s):

Authentication Protocol ◽

Secure Authentication

Download Full-text

Remote Quantum-Safe Authentication of Entities with Physical Unclonable Functions

Photonics ◽

10.3390/photonics8070289 ◽

2021 ◽

Vol 8 (7) ◽

pp. 289

Author(s):

Georgios M. Nikolopoulos

Keyword(s):

Authentication Protocol ◽

Authentication Protocols ◽

Photonic Networks ◽

Physical Unclonable Functions ◽

Quantum Protocols ◽

Open Question ◽

Standard Techniques

Physical unclonable functions have been shown to be a useful resource of randomness for implementing various cryptographic tasks including entity authentication. All the related entity authentication protocols that have been discussed in the literature so far, either they are vulnerable to an emulation attack, or they are limited to short distances. Hence, quantum-safe remote entity authentication over large distances remains an open question. In the first part of this work, we discuss the requirements that an entity authentication protocol has to offer, to be useful for remote entity authentication in practice. Subsequently, we propose a protocol, which can operate over large distances, and offers security against both classical and quantum adversaries. The proposed protocol relies on standard techniques, it is fully compatible with the infrastructure of existing and future photonic networks, and it can operate in parallel with other quantum protocols, including QKD protocols.

Download Full-text