Generalized Elliptic Curve Digital Signature Chain Based Authentication and Key Agreement Scheme

2010 ◽  
Vol 108-111 ◽  
pp. 1503-1508
Author(s):  
Li Hua Zhang ◽  
Li Ping Zhang ◽  
Er Fei Bai
Keyword(s):  
Elliptic Curve ◽  
Digital Signature ◽  
Key Agreement ◽  
Clock Synchronization ◽  
Mutual Authentication ◽  
Password Authentication ◽  
Authentication And Key Agreement ◽  
Insider Attack ◽  
Authentication Schemes ◽  
One Time Password

Recently, several one time password authentication schemes have been proposed. However, most one-time password authentication schemes have security flaws. In this paper, a novel one-time password authentication and key agreement scheme (EAKAS) based on elliptic curve digital signature chain is developed. The proposed scheme has the following merits password or verification table is not required in the server; users can choose or change password; it can resist off-line dictionary attacks and achieves mutual authentication; it has no system clock synchronization and no constraint of transmission delay; it can resist replay attacks, man-in-the-middle attack and insider attack; it is sensitive to password error and strong in security restoration; the session keys in proposed scheme have the feature of freshness, confidentiality, known key security and forward security. Compared with the related schemes, our proposed scheme has better security and well suited to scenarios requiring a high level security.

scholarly journals Improvement of a Security Enhanced One-time Mutual Authentication and Key Agreement Scheme

2019 ◽  
Vol 8 (12) ◽  
pp. 5031-5036
Keyword(s):  
Smart Card ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Authentication Scheme ◽  
Authentication And Key Agreement ◽  
Password Guessing Attack ◽  
Authentication Schemes ◽  
One Time Password ◽  
Guessing Attack ◽  
Password Based Authentication

So far, many one-time password based authentication schemes have been proposed; however, none is secure enough. In 2004, W.C.Ku proposed hash-based strongpassword based authentication scheme without using smart card that is vulnerable to the password guessing attack, not achieving mutual authentication and key agreement. In this paper, we propose a new improved version of Ku’s scheme that is eliminated these weaknesses.

scholarly journals Robust and Efficient Authentication Scheme for Session Initiation Protocol

2015 ◽  
Vol 2015 ◽  
pp. 1-9 ◽  
Author(s):  
Yanrong Lu ◽  
Lixiang Li ◽  
Yixian Yang
Keyword(s):  
Performance Analysis ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Session Initiation Protocol ◽  
Authentication Scheme ◽  
Application Layer ◽  
Crucial Issue ◽  
Authentication And Key Agreement ◽  
Authentication Schemes ◽  
Key Compromise Impersonation

The session initiation protocol (SIP) is a powerful application-layer protocol which is used as a signaling one for establishing, modifying, and terminating sessions among participants. Authentication is becoming an increasingly crucial issue when a user asks to access SIP services. Hitherto, many authentication schemes have been proposed to enhance the security of SIP. In 2014, Arshad and Nikooghadam proposed an enhanced authentication and key agreement scheme for SIP and claimed that their scheme could withstand various attacks. However, in this paper, we show that Arshad and Nikooghadam’s authentication scheme is still susceptible to key-compromise impersonation and trace attacks and does not provide proper mutual authentication. To conquer the flaws, we propose a secure and efficient ECC-based authentication scheme for SIP. Through the informal and formal security analyses, we demonstrate that our scheme is resilient to possible known attacks including the attacks found in Arshad et al.’s scheme. In addition, the performance analysis shows that our scheme has similar or better efficiency in comparison with other existing ECC-based authentication schemes for SIP.

scholarly journals On Security Analysis of Recent Password Authentication and Key Agreement Schemes Based on Elliptic Curve Cryptography

2015 ◽  
Vol 6 (1) ◽  
pp. 39-52
Author(s):  
Prabhdeep Kaur ◽  
Sheetal Kalra
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curve Cryptography ◽  
Smart Grids ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Public Key ◽  
Attractive Alternative ◽  
Successful Implementation ◽  
Authentication And Key Agreement

Secure and efficient mutual authentication and key agreement schemes form the basis for any robust network communication system. Elliptic Curve Cryptography (ECC) has emerged as one of the most successful Public Key Cryptosystem that efficiently meets all the security challenges. Comparison of ECC with other Public Key Cryptosystems (RSA, Rabin, ElGamal) shows that it provides equal level of security for a far smaller bit size, thereby substantially reducing the processing overhead. This makes it suitable for constrained environments like wireless networks and mobile devices as well as for security sensitive applications like electronic banking, financial transactions and smart grids. With the successful implementation of ECC in security applications (e-passports, e-IDs, embedded systems), it is getting widely commercialized. ECC is simple and faster and is therefore emerging as an attractive alternative for providing security in lightweight device, which contributes to its popularity in the present scenario. In this paper, we have analyzed some of the recent password based authentication and key agreement schemes using ECC for various environments. Furthermore, we have carried out security, functionality and performance comparisons of these schemes and found that they are unable to satisfy their claimed security goals.

A New Threshold Password Authentication Scheme

2010 ◽  
Vol 143-144 ◽  
pp. 915-919
Author(s):  
Yung Cheng Lee
Keyword(s):  
Ad Hoc Networks ◽  
Mobile Devices ◽  
Ad Hoc ◽  
Mutual Authentication ◽  
Authentication Scheme ◽  
Network Infrastructure ◽  
Password Authentication ◽  
Unauthorized Access ◽  
Authentication Schemes ◽  
Hoc Networks

The well-known password authentication mechanisms are widely used in networks to protect resources from unauthorized access. The ad hoc networks, due to their dynamic and lack of network infrastructure features, require authentication schemes to ensure security. In this paper, we propose a new threshold password authentication scheme for ad hoc networks. Our scheme can be efficiently implemented in mobile devices, and can achieve mutual authentication with registered users.

scholarly journals Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

2014 ◽  
Vol 2014 ◽  
pp. 1-15 ◽  
Author(s):  
Younsung Choi ◽  
Junghyun Nam ◽  
Donghoon Lee ◽  
Jiye Kim ◽  
Jaewook Jung ◽  
...  
Keyword(s):  
Key Agreement ◽  
User Authentication ◽  
Mutual Authentication ◽  
Smart Cards ◽  
Security Requirements ◽  
Impersonation Attack ◽  
Single Server ◽  
Authenticated Key Agreement ◽  
Session Key ◽  
Authentication Schemes

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

scholarly journals A lightweight authentication and key agreement scheme for smart grid

2017 ◽  
Vol 13 (2) ◽  
pp. 155014771769417 ◽  
Author(s):  
Lili Yan ◽  
Yan Chang ◽  
Shibin Zhang
Keyword(s):  
Smart Grid ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Special Importance ◽  
Advanced Metering Infrastructure ◽  
Electrical Grid ◽  
Authentication And Key Agreement ◽  
And Performance ◽  
Advanced Metering ◽  
Lightweight Authentication

Smart grid is a modernized electrical grid. It is used to collect information about behaviors of suppliers and consumers and improve the efficiency, reliability, and economics of electricity. Recently, advanced metering infrastructure is proposed as a critical part of the smart grid. The security of advanced metering infrastructure is special importance for smart grid. In order to achieve data confidentiality, privacy, and authentication in advanced metering infrastructure, a lightweight authentication and key agreement scheme is proposed in this article. The scheme provides mutual authentication, key agreement, key refreshment, and multicast mechanism which can prevent various attacks. Furthermore, we analyze the security and performance of the scheme. The analysis shows that the proposed scheme is suitable for smart grid.

Sign in / Sign up

Export Citation Format

Share Document