A Rabin Cryptosystem-Based Lightweight Authentication Protocol and Session Key-Generation Scheme for IoT Deployment

2022 ◽  
pp. 88-106
Author(s):  
Priyanka Ahlawat ◽  
Ankit Attkan
Keyword(s):  
Sensor Network ◽  
Mutual Authentication ◽  
Sensitive Information ◽  
Session Key ◽  
Processing Power ◽  
Almost Complex ◽  
Man In The Middle ◽  
Key Leakage ◽  
Active Attacks ◽  
Lightweight Authentication

Handling unpredictable attack vulnerabilities in self-proclaiming secure algorithms in WSNs is an issue. Vulnerabilities provide loop holes for adversary to barge in the privacy of the network. Attacks performed by the attacker can be active or passive. Adversary may listen to the sensitive information and exploit its confidentiality which is passive, or adversary may modify sensitive information being transferred over a WSN in case of active attacks. As Internet of things has basically three layers, middle-ware layer, Application layer, perceptron layer, most of the attacks are observed to happen at the perceptron layer in case of both wireless sensor network and RFID Tag implication Layer. Both are a major part of the perceptron layer that consist a small part of the IoT. Some of the major attack vulnerabilities are exploited by executing the attacks through certain flaws in the protocol that are difficult to identify and almost complex to identify in complicated bigger protocols. As most of the sensors are resource constrained in terms of memory, battery power, processing power, bandwidth and due to which implementation of complex cryptosystem to keep the data being transferred secure is a challenging phase. The three main objectives studied in this scenario are setting up the system, registering user and the sensors via multiple gateways. Generating a common key which can be used for a particular interaction session among user, gateway and the sensor network. In this paper, we address one or more of these objectives for some of the fundamental problems in authentication and mutual authentication phase of the WSN in IoT deployment. We prevent the leakage of sensitive information using the rabin cryptosystem to avoid attacks like Man-in-the-middle attack, sensor session key leakage, all session hi-jacking attack and sniffing attacks in which data is analyzed maliciously by the adversary. We also compare and prove the security of our protocol using proverif protocol verifier tool.

scholarly journals A Secure Lightweight Three-Factor Authentication Scheme for IoT in Cloud Computing Environment

Sensors ◽  
2019 ◽  
Vol 19 (16) ◽  
pp. 3598 ◽  
Author(s):  
SungJin Yu ◽  
KiSung Park ◽  
YoungHo Park
Keyword(s):  
Cloud Computing ◽  
Mutual Authentication ◽  
Internet Security ◽  
Authentication Scheme ◽  
Sensitive Information ◽  
Computing Environment ◽  
Session Key ◽  
Cloud Computing Environment ◽  
Smart Healthcare ◽  
Three Factor

With the development of cloud computing and communication technology, users can access the internet of things (IoT) services provided in various environments, including smart home, smart factory, and smart healthcare. However, a user is insecure various types of attacks, because sensitive information is often transmitted via an open channel. Therefore, secure authentication schemes are essential to provide IoT services for legal users. In 2019, Pelaez et al. presented a lightweight IoT-based authentication scheme in cloud computing environment. However, we prove that Pelaez et al.’s scheme cannot prevent various types of attacks such as impersonation, session key disclosure, and replay attacks and cannot provide mutual authentication and anonymity. In this paper, we present a secure and lightweight three-factor authentication scheme for IoT in cloud computing environment to resolve these security problems. The proposed scheme can withstand various attacks and provide secure mutual authentication and anonymity by utilizing secret parameters and biometric. We also show that our scheme achieves secure mutual authentication using Burrows–Abadi–Needham logic analysis. Furthermore, we demonstrate that our scheme resists replay and man-in-the-middle attacks usingthe automated validation of internet security protocols and applications (AVISPA) simulation tool. Finally, we compare the performance and the security features of the proposed scheme with some existing schemes. Consequently, we provide better safety and efficiency than related schemes and the proposed scheme is suitable for practical IoT-based cloud computing environment.

A Secure Two-Factor Remote User Authentication and Session Key Agreement Scheme

2016 ◽  
Vol 12 (2) ◽  
pp. 62-79 ◽  
Author(s):  
Preeti Chandrakar ◽  
Hari Om
Keyword(s):  
Key Agreement ◽  
User Authentication ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Session Key ◽  
Key Agreement Protocol ◽  
Remote User Authentication ◽  
Session Key Agreement ◽  
Man In The Middle ◽  
Remote User

In this article, the authors have proposed a secure two-factor remote user authentication and session key agreement protocol. As they have shown in the presented scheme, is precise and secure according to both formal and informal security analysis. For formal security analysis, they have applied BAN (Burrows-Abadi-Needham) logic which certifies that the presented scheme provides the amenity of mutual authentication and session key agreement safely. The informal security verification has shown that the proposed scheme is more vigorous against various sort of cruel threats. Moreover, the authors have simulated the presented scheme using broadly accepted AVISPA tool, whose simulation results make sure that the protocol is not dangerous from active and passive attacks together with replay and man-in-the-middle attacks. In addition, the performance evaluation and the security comparison have revealed that the presented scheme gives strong security as well as better complexity in the context of smart card memory requirement, communication cost and computation cost.

scholarly journals Formal security analysis of lightweight authenticated key agreement protocol for IoT in cloud computing

2021 ◽  
Vol 24 (1) ◽  
pp. 621
Author(s):  
Ahmed H. Aly ◽  
Atef Ghalwash ◽  
Mona M. Nasr ◽  
Ahmed A. Abd-El Hafez
Keyword(s):  
Cloud Computing ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Internet Security ◽  
Cyber Attacks ◽  
Session Key ◽  
Sensitive Data ◽  
Processing Power ◽  
Iot Devices

The internet of things (IoT) and cloud computing are evolving technologies in the information technology field. Merging the pervasive IoT technology with cloud computing is an innovative solution for better analytics and decision-making. Deployed IoT devices offload different types of data to the cloud, while cloud computing converges the infrastructure, links up the servers, analyzes information obtained from the IoT devices, reinforces processing power, and offers huge storage capacity. However, this merging is prone to various cyber threats that affect the IoT-Cloud environment. Mutual authentication is considered as the forefront mechanism for cyber-attacks as the IoT-Cloud participants have to ensure the authenticity of each other and generate a session key for securing the exchanged traffic. While designing these mechanisms, the constrained nature of the IoT devices must be taken into consideration. We proposed a novel lightweight protocol (Light-AHAKA) for authenticating IoT-Cloud elements and establishing a key agreement for encrypting the exchanged sensitive data was proposed. In this paper, the formal verification of (Light-AHAKA) was presented to prove and verify the correctness of our proposed protocol to ensure that the protocol is free from design flaws before the deployment phase. The verification is performed based on two different approaches, the strand space model and the automated validation of internet security protocols and applications (AVISPA) tool.

scholarly journals Privacy-Preserving Lightweight Authentication Protocol for Demand Response Management in Smart Grid Environment

2020 ◽  
Vol 10 (5) ◽  
pp. 1758 ◽  
Author(s):  
SungJin Yu ◽  
KiSung Park ◽  
JoonYoung Lee ◽  
YoungHo Park ◽  
YoHan Park ◽  
...  
Keyword(s):  
Smart Grid ◽  
Demand Response ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Privacy Preserving ◽  
Authentication Protocol ◽  
Session Key ◽  
Energy Services ◽  
Lightweight Authentication ◽  
Secure Authentication

With the development in wireless communication and low-power device, users can receive various useful services such as electric vehicle (EV) charging, smart building, and smart home services at anytime and anywhere in smart grid (SG) environments. The SG devices send demand of electricity to the remote control center and utility center (UC) to use energy services, and UCs handle it for distributing electricity efficiently. However, in SG environments, the transmitted messages are vulnerable to various attacks because information related to electricity is transmitted over an insecure channel. Thus, secure authentication and key agreement are essential to provide secure energy services for legitimate users. In 2019, Kumar et al. presented a secure authentication protocol for demand response management in the SG system. However, we demonstrate that their protocol is insecure against masquerade, the SG device stolen, and session key disclosure attacks and does not ensure secure mutual authentication. Thus, we propose a privacy-preserving lightweight authentication protocol for demand response management in the SG environments to address the security shortcomings of Kumar et al.’s protocol. The proposed protocol withstands various attacks and ensures secure mutual authentication and anonymity. We also evaluated the security features of the proposed scheme using informal security analysis and proved the session key security of proposed scheme using the ROR model. Furthermore, we showed that the proposed protocol achieves secure mutual authentication between the SG devices and the UC using Burrows–Abadi–Needham (BAN) logic analysis. We also demonstrated that our authentication protocol prevents man-in-the-middle and replay attacks utilizing AVISPA simulation tool and compared the performance analysis with other existing protocols. Therefore, the proposed scheme provides superior safety and efficiency other than existing related protocols and can be suitable for practical SG environments.

scholarly journals Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services

2014 ◽  
Vol 2014 ◽  
pp. 1-8 ◽  
Author(s):  
Youngsook Lee ◽  
Juryon Paik
Keyword(s):  
Mutual Authentication ◽  
Security Analysis ◽  
Mobile User ◽  
Authentication Scheme ◽  
Third Party ◽  
Dictionary Attack ◽  
Session Key ◽  
Foreign Agent ◽  
Anonymous Authentication ◽  
Man In The Middle

An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.’s scheme can be addressed without degrading the efficiency of the scheme.

scholarly journals Secure Key Agreement and Authentication Protocol for Message Confirmation in Vehicular Cloud Computing

2020 ◽  
Vol 10 (18) ◽  
pp. 6268
Author(s):  
JoonYoung Lee ◽  
SungJin Yu ◽  
MyeongHyun Kim ◽  
YoungHo Park ◽  
SangWoo Lee ◽  
...  
Keyword(s):  
Cloud Computing ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Internet Security ◽  
Malicious Attacks ◽  
Session Key ◽  
Vehicular Cloud Computing ◽  
Vehicular Cloud ◽  
Man In The Middle

With the development of vehicular ad-hoc networks (VANETs) and Internet of vehicles (IoVs), a large amount of useful information is generated for vehicle drivers and traffic management systems. The amount of vehicle and traffic information is as large as the number of vehicles and it is enormous when compared to vehicle calculation and storage performance. To resolve this problem, VANET uses a combined cloud computing technology, called vehicular cloud computing (VCC), which controls vehicle-related data, and helps vehicle drivers directly or indirectly. However, VANETs remain vulnerable to attacks such as tracking, masquerade and man-in-the-middle attacks because VANETs communicate via open networks. To overcome these issues, many researchers have proposed secure authentication protocols for message confirmation with vehicular cloud computing. However, many researchers have pointed out that some proposed protocols use ideal tamper-proof devices (TPDs). They demonstrated that realistic TPDs cannot prevent adversaries attack. Limbasiya et al. presented a message confirmation scheme for vehicular cloud computing using a realistic TPD in order to prevent these problems. However, their proposed scheme still has security weaknesses over a TPD and does not guarantee mutual authentication. This paper proposes a secure key agreement and authentication protocol to address the security weaknesses inherent in the protocol of Limbasiya et al. The suggested protocol withstands malicious attacks and ensures secure mutual authentication for privacy-preserving. We prove that the proposed protocol can provide session key security using Real-Or-Random (ROR) model. We also employed Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool to show that the proposed protocol is able to defeat replay and man-in-the-middle attacks. Furthermore, we established that the proposed protocol can resist other malicious attacks by conducting the informal security analysis. We proved that our proposed protocol is lightweight and suitable for VCC environments.

Multi-Factor Identity Authenticated Key Agreement Protocol

2014 ◽  
Vol 556-562 ◽  
pp. 5597-5602
Author(s):  
Jun Wang ◽  
Yue Chen ◽  
Gang Yang ◽  
Hong Yong Jia ◽  
Ju Long Lan
Keyword(s):  
Smart Card ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Impersonation Attack ◽  
Forward Security ◽  
Session Key ◽  
Session Key Agreement ◽  
Man In The Middle ◽  
Mutual Identity ◽  
Weak Resistance

This paper proposes scheme can achieve mutual authentication and session key agreement based on multi-factor. It improves the scheme proposed by Chuang et al on protecting from the stolen smart card attack, impersonation attack, server spoofing attack and man-in-the-middle attack, and guaranteeing on the forward security. It solves the problem of weak resistance to attacks in single-factor authentication approaches, by combining the smart card with biometrics and password. It also guarantees the security of mutual identity authentication between users and servers and that of session keys. It consumes more computing resources that the Chuang’s scheme, but it can resist to several known attacks efficiently.

scholarly journals Secure and Efficient Anonymous Authentication Scheme in Global Mobility Networks

2013 ◽  
Vol 2013 ◽  
pp. 1-12 ◽  
Author(s):  
Jun-Sub Kim ◽  
Jin Kwak
Keyword(s):  
Mutual Authentication ◽  
Authentication Scheme ◽  
Session Key ◽  
Replay Attack ◽  
Anonymous Authentication ◽  
Computational Overhead ◽  
Global Mobility ◽  
Global Mobility Network ◽  
Man In The Middle ◽  
Perfect Forward Secrecy

In 2012, Mun et al. pointed out that Wu et al.’s scheme failed to achieve user anonymity and perfect forward secrecy and disclosed the passwords of legitimate users. And they proposed a new enhancement for anonymous authentication scheme. However, their proposed scheme has vulnerabilities that are susceptible to replay attack and man-in-the-middle attack. It also incurs a high overhead in the database. In this paper, we examine the vulnerabilities in the existing schemes and the computational overhead incurred in the database. We then propose a secure and efficient anonymous authentication scheme for roaming service in global mobility network. Our proposed scheme is secure against various attacks, provides mutual authentication and session key establishment, and incurs less computational overhead in the database than Mun et al.'s scheme.

scholarly journals Efficient Multi-linear Key Pairing Cryptosystem for Reliable Cloud-based Service Provisioning

2021 ◽  
Vol 11 (4) ◽  
pp. 4440-4455
Author(s):  
Dr. Sabout Nagaraju ◽  
S.K.V. Jayakumar ◽  
C. Swetha Priya
Keyword(s):  
Cloud Computing ◽  
Key Management ◽  
Mutual Authentication ◽  
Critical Role ◽  
Service Provisioning ◽  
Secret Key ◽  
Session Key ◽  
Perfect Forward Secrecy ◽  
Key Leakage ◽  
Accuracy Rates

Cloud computing has gained rapid growth in the development of different fields of science and engineering. However, due to the distributed nature of cloud computing, session key generation and establishment is the pressing issue. Session key management plays the utmost important role in the secure exchange of sensitive login credentials and transaction information. Moreover, conventional session key management mechanisms are inadequate and cannot be directly adopted in cloud-based environments. Hence, session key management is very much solely needed solution for reliable cloud-based service provisioning. In mutual authentication, bi-linear key pairing cryptosystem plays a critical role to generate and establish a session key. The existing mutual authentication schemes fail to support true mutual authentication in cloud-based environments as they are vulnerable to secret key leakage, perfect forward secrecy, and untraceability. To mitigate the effect of these attacks, this research develops an efficient multi-linear key pairing cryptosystem. In this cryptosystem, challenge-response messages are used for generating and establishing a one-time shared session key. Furthermore, the performance analysis of the proposed cryptosystem depicts a significant reduction of computation cost, authentication accuracy rates, and resistance to the aforementioned attacks.

scholarly journals A Bilinear Pairing-Based Dynamic Key Management and Authentication for Wireless Sensor Networks

2015 ◽  
Vol 2015 ◽  
pp. 1-14 ◽  
Author(s):  
Chin-Ling Chen ◽  
Tzay-Farn Shih ◽  
Yu-Ting Tsai ◽  
De-Kui Li
Keyword(s):  
Wireless Sensor Networks ◽  
Sensor Networks ◽  
Sensor Network ◽  
Key Management ◽  
Mutual Authentication ◽  
Bilinear Pairing ◽  
Wireless Sensor ◽  
Session Key ◽  
Dynamic Key Management ◽  
Dynamic Key

In recent years, wireless sensor networks have been used in a variety of environments; a wireless network infrastructure, established to communicate and exchange information in a monitoring area, has also been applied in different environments. However, for sensitive applications, security is the paramount issue. In this paper, we propose using bilinear pairing to design dynamic key management and authentication scheme of the hierarchical sensor network. We use the dynamic key management and the pairing-based cryptography (PBC) to establish the session key and the hash message authentication code (HMAC) to support the mutual authentication between the sensors and the base station. In addition, we also embed the capability of the Global Positioning System (GPS) to cluster nodes to find the best path of the sensor network. The proposed scheme can also provide the requisite security of the dynamic key management, mutual authentication, and session key protection. Our scheme can defend against impersonation attack, replay attack, wormhole attack, and message manipulation attack.

Sign in / Sign up

Export Citation Format

Share Document