Research on Lightweight Mutual Authentication for the Product Authorization Chain

With the development of the globalization economic integration in Internet of Things (IoT), it is very crucial to protect the wireless two-way authentication between users’ intelligent terminals and servers in the product authorization chain. In order to ensure that legitimate users connect to the wireless network correctly, a lightweight wireless mutual authentication scheme for the product authorization chain was proposed contrapose to the security defect of Kaul and Awasthi’s scheme, which easily suffered from offline password guessing attack. The improved scheme uses lightweight hash function and verifies the freshness of messages by using the send packet sequence number instead of timestamp, which can avoid strict clock synchronization between devices, and user passwords can be updated by themselves. Security analysis and cost and efficiency analysis show that the scheme presented in this paper has higher security, lower storage and communication costs, and lower computational complexity.

A Lightweight Three-Factor Authentication and Key Agreement Scheme for Multigateway WSNs in IoT

The Internet of Things (IoT) has built an information bridge between people and the objective world, wherein wireless sensor networks (WSNs) are an important driving force. For applications based on WSN, such as environment monitoring, smart healthcare, user legitimacy authentication, and data security, are always worth exploring. In recent years, many multifactor user authentication schemes for WSNs have been proposed using smart cards, passwords, as well as biometric features. Unfortunately, these schemes are revealed to various vulnerabilities (e.g., password guessing attack, impersonation attack, and replay attack) due to nonuniform security evaluation criteria. Wang et al. put forward 12 pieces of widely accepted evaluation criteria by investigating quantities of relevant literature. In this paper, we first propose a lightweight multifactor authentication protocol for multigateway WSNs using hash functions and XOR operations. Further, BAN logic and BPR model are employed to formally prove the correctness and security of the proposed scheme, and the informal analysis with Wang et al.’s criteria also indicates that it can resist well-known attacks. Finally, performance analysis of the compared schemes is given, and the evaluation results show that only the proposed scheme can satisfy all 12 evaluation criteria and keep efficient among these schemes.

An Efficient ECC-Based Authentication Scheme against Clock Asynchronous for Spatial Information Network

With the rapid development of mobile communication technology, the spatial information networks (SIN) have been used for various space tasks’ coverage in commercial, meteorology, emergency, and military scenarios. In SIN, one basic issue is to achieve mutual authentication and secret communication among the participants. Although many researches have designed authentication schemes for SIN, they have not considered the situation where the clock is not synchronized as the broad coverage space in wireless environment. In this paper, we disclose several flaws of Altaf et al.’s scheme (2020), in which the main weakness is that a malicious user can easily obtain the master key of the network control center after launching the offline password-guessing attack. Then, we design an authentication scheme against clock asynchronous for SIN by utilizing elliptic curve cryptosystem (ECC) and identity-based cryptography (IBC). Based on a brief introduction to the main design ideas of our scheme, the security protocol analysis tools of Scyther and AVISPA are used to prove that the scheme can resist various existing active and passive attacks. We further discuss our scheme that provides five essential requirements of security properties to design a robust scheme for SIN and is superior in terms of resistance to security functionality and computational performance by comparison with two other representative schemes. As a result, our scheme will be workable and efficient security for mobile users in the actual environment.

A Quantum Secure Entity Authentication Protocol Design for Network Security

Authentication is one of the significant issues for all kinds of network communications. Most of the authentication protocols designed and implemented so far for entity authentication are based on classical cryptographic techniques to prevent themselves from different types of attacks. These protocols use either password or challenge for authentication. In this article, the design of the proposed quantum secure entity authentication protocol is shown. The proposed protocol is based on the challenge response method. Due to quantum computer capability to break mathematical complexity-based cryptographic techniques, the proposed protocol uses the one-time pad (OTP) to secure itself from attacks, i.e., eavesdropping, reply attack, password guessing attack, man-in-the-middle attack, brute-force attack, quantum computer attack, etc. Security of the proposed protocol was analyzed, and it shows that the proposed protocol may prevent itself from different types of attacks. Further, analysis for quantum Secure was carried out. From the analysis, it is found that if the OTP key is truly random and cannot be reused, then a computer with infinite capacity or quantum computer cannot break the encrypted challenge and response. The proposed protocol may be used for entity authentication for the client, server, process, and user.

An enhanced approach for three factor remote user authentication in multi - server environment

With the agile development of the Internet era, starting from the message transmission to money transactions, everything is online now. Remote user authentication (RUA) is a mechanism in which a remote server verifies the user’s correctness over the shared or public channel. In this paper, we analyze an RUA scheme proposed by Chen for the multi-server environment and prove that their scheme is not secured. We also find numerous vulnerabilities such as password guessing attack, replay attack, Registration Center (RC) spoofing attack, session key verification attack, and perfect forward secrecy attack for Chen’s scheme. After performing the cryptanalysis of Chen’s scheme, we propose a biometric-based RUA scheme for the same multi-server environment. We prove that the proposed authentication scheme achieves higher security than Chen’s scheme with the use of informal security analysis as well as formal security analysis. The formal security analysis of the proposed scheme is done using a widely adopted random oracle method.

A Novel Machine Learning-Based Approach for Security Analysis of Authentication and Key Agreement Protocols

The application of machine learning in the security analysis of authentication and key agreement protocol was first launched by Ma et al. in 2018. Although they received remarkable results with an accuracy of 72% for the first time, their analysis is limited to replay attack and key confirmation attack. In addition, their suggested framework is based on a multiclassification problem in which every protocol or dataset instance is either secure or prone to a security attack such as replay attack, key confirmation, or other attacks. In this paper, we show that multiclassification is not an appropriate framework for such analysis, since authentication protocols may suffer different attacks simultaneously. Furthermore, we consider more security properties and attacks to analyze protocols against. These properties include strong authentication and Unknown Key Share (UKS) attack, key freshness, key authentication, and password guessing attack. In addition, we propose a much more efficient dataset construction model using a tenth number of features, which improves the solving speed to a large extent. The results indicate that our proposed model outperforms the previous models by at least 10–20 percent in all of the machine learning solving algorithms such that upper-bound performance reaches an accuracy of over 80% in the analysis of all security properties and attacks. Despite the previous models, the classification accuracy of our proposed dataset construction model rises in a rational manner along with the increase of the dataset size.

Elliptic Curve Cryptography based Secure and Efficient Authentication Protocol for Smart Card Users

Communication scheme which is used to have communication between authorized remote users over an insecure network is generally the authentication scheme which uses the password for the authentication. Remote user authentication techniques using the smart card have been proposed by many researchers. The main benefit of using the smart card is the storage availability and the computation speed. Huang et al. proposed a scheme for user authentication with smart cards which uses the concept of the timestamp. In Huang et al.’s protocol authors argued that their protocol is secure and efficient against any type of attack. Unfortunately Jung et al. show that Huang et al.’s model fails against the offline password guessing attack and with this scheme wrong password detection is not easy. In Huang et al.’s scheme, RSA cryptosystem is used to offer the authentication. In this article, advanced and secure smart card based authentication protocol using elliptic curve cryptography (ECC) is proposed. This proposed scheme thus overcomes all the possible drawbacks of Huang et al.’s scheme, and it has faster computation as compared to the available schemes

Mobile Agent Security Based on Mutual Authentication and Elliptic Curve Cryptography

Mobile agent system is a satisfying solution for the implementation and maintenance of applications distributed over large-scale networks, this solution is very used in solving complex problems since they are autonomous, Intelligent, robust and faulttolerant. Mobile agents have the capacity to migrate from one node to another all over the network allowing reduction in communication costs. Although they possess all these advantages, using them in distributed environment increases the threat to mobile agent security and during their mobility they can face different types of attacks such as of attacks like Replay attack, man-in-the-middle attack, Cookie theft attack, Offline password guessing attack, Stolen-verifier attack. In this paper we investigate the security of distributed mobile agent system. We propose a solution based on a secure Elliptic Curve Cryptography (ECC) protocol to ensure mutual authentication and protect the agent from different known attacks. The implementation of the proposed solution is obtained using Java Agent Development Framework (JADE). Also, Binary serialization is used to establish a flexible portability of the agent. Finally, we present security and performance analysis, for our solution to secure mobile agent in distributed systems.

Improvement of a Security Enhanced One-time Mutual Authentication and Key Agreement Scheme

So far, many one-time password based authentication schemes have been proposed; however, none is secure enough. In 2004, W.C.Ku proposed hash-based strongpassword based authentication scheme without using smart card that is vulnerable to the password guessing attack, not achieving mutual authentication and key agreement. In this paper, we propose a new improved version of Ku’s scheme that is eliminated these weaknesses.

A Quantum Secure Entity Authentication Protocol Design for Network Security

Authentication is one of the significant issues for all kinds of network communications. Most of the authentication protocols designed and implemented so far for entity authentication are based on classical cryptographic techniques to prevent themselves from different types of attacks. These protocols use either password or challenge for authentication. In this article, the design of the proposed quantum secure entity authentication protocol is shown. The proposed protocol is based on the challenge response method. Due to quantum computer capability to break mathematical complexity-based cryptographic techniques, the proposed protocol uses the one-time pad (OTP) to secure itself from attacks, i.e., eavesdropping, reply attack, password guessing attack, man-in-the-middle attack, brute-force attack, quantum computer attack, etc. Security of the proposed protocol was analyzed, and it shows that the proposed protocol may prevent itself from different types of attacks. Further, analysis for quantum Secure was carried out. From the analysis, it is found that if the OTP key is truly random and cannot be reused, then a computer with infinite capacity or quantum computer cannot break the encrypted challenge and response. The proposed protocol may be used for entity authentication for the client, server, process, and user.