user authentication scheme
Recently Published Documents


TOTAL DOCUMENTS

694
(FIVE YEARS 95)

H-INDEX

49
(FIVE YEARS 5)

2021 ◽  
Author(s):  
Amir Mohammadi Bagha

Internet of Things (IoT) is considered as one of the emerging leading technologies that allow the mainstreaming of smart homes and smart cities in the recent years, by creating a communication system for physical objects over the Internet. In a smart home (also called push-button home automation system), devices are not necessarily homogeneous in terms of topology, security protocols, computational power and communication. This nature of the devices causes some incompatibility with conventional authentication methods and the security requirements of IoT standards. This thesis proposes an RSA-Biometric based three-factor User Authentication Scheme for Smart-Homes using Smartphone (called RSA-B-ASH-S scheme). An informal security analysis of the proposed RSA-B-ASH-S scheme is provided, along with its performance evaluation in terms of computational time, storage requirements and communication overload. Furthermore, a formal analysis of the proposed RSA-B-ASH-S scheme using the Burrows-Abadi-Needham (BAN) Logic is described, showing that the proposed scheme achieves the forward secrecy property by utilizing a fresh encryption key for each session and it also satisfies the anonymity of the user by using a one-time token. A proof of concept of the proposed RSA-B-ASH-S scheme is also provided.


2021 ◽  
Author(s):  
Amir Mohammadi Bagha

Internet of Things (IoT) is considered as one of the emerging leading technologies that allow the mainstreaming of smart homes and smart cities in the recent years, by creating a communication system for physical objects over the Internet. In a smart home (also called push-button home automation system), devices are not necessarily homogeneous in terms of topology, security protocols, computational power and communication. This nature of the devices causes some incompatibility with conventional authentication methods and the security requirements of IoT standards. This thesis proposes an RSA-Biometric based three-factor User Authentication Scheme for Smart-Homes using Smartphone (called RSA-B-ASH-S scheme). An informal security analysis of the proposed RSA-B-ASH-S scheme is provided, along with its performance evaluation in terms of computational time, storage requirements and communication overload. Furthermore, a formal analysis of the proposed RSA-B-ASH-S scheme using the Burrows-Abadi-Needham (BAN) Logic is described, showing that the proposed scheme achieves the forward secrecy property by utilizing a fresh encryption key for each session and it also satisfies the anonymity of the user by using a one-time token. A proof of concept of the proposed RSA-B-ASH-S scheme is also provided.


PLoS ONE ◽  
2021 ◽  
Vol 16 (11) ◽  
pp. e0258279
Author(s):  
Ghulam Abbas ◽  
Muhammad Tanveer ◽  
Ziaul Haq Abbas ◽  
Muhammad Waqas ◽  
Thar Baker ◽  
...  

One of the significant challenges in the Internet of Things (IoT) is the provisioning of guaranteed security and privacy, considering the fact that IoT devices are resource-limited. Oftentimes, in IoT applications, remote users need to obtain real-time data, with guaranteed security and privacy, from resource-limited network nodes through the public Internet. For this purpose, the users need to establish a secure link with the network nodes. Though the IPv6 over low-power wireless personal area networks (6LoWPAN) adaptation layer standard offers IPv6 compatibility for resource-limited wireless networks, the fundamental 6LoWPAN structure ignores security and privacy characteristics. Thus, there is a pressing need to design a resource-efficient authenticated key exchange (AKE) scheme for ensuring secure communication in 6LoWPAN-based resource-limited networks. This paper proposes a resource-efficient secure remote user authentication scheme for 6LoWPAN-based IoT networks, called SRUA-IoT. SRUA-IoT achieves the authentication of remote users and enables the users and network entities to establish private session keys between themselves for indecipherable communication. To this end, SRUA-IoT uses a secure hash algorithm, exclusive-OR operation, and symmetric encryption primitive. We prove through informal security analysis that SRUA-IoT is secured against a variety of malicious attacks. We also prove the security strength of SRUA-IoT through formal security analysis conducted by employing the random oracle model. Additionally, we prove through Scyther-based validation that SRUA-IoT is resilient against various attacks. Likewise, we demonstrate that SRUA-IoT reduces the computational cost of the nodes and communication overheads of the network.


2021 ◽  
Author(s):  
Nadire Cavus ◽  
Yakubu Bala Mohammed ◽  
Mohammed Bulama ◽  
Muhammad Lamir Isah

Nowadays, movable banking apps are thriving in international pecuniary market due to its flexibility and convenience, especially during COVID-19 pandemic lock-down. Despites these benefits, its development continues to face a lot of challenges due to security, privacy, and authentication issues, especially in developing nations where elegant technologies and explicit cyberspace laws remain an issue. This study used PRISMA approach to systematically reviewed present m-banking studies with aims of identifying other security and privacy issues, and user authentication schemes challenges. Six scholarly databases of; IEEE Xplore, EBSCOhost, Science Direct, Scopus, Taylor and Francis, and Web of Science were searched. 38 articles were carefully read and analyzed meticulously. The study results exposed customers fear of third-party intrusion through other apps, device lost or theft with account information, financial loses, and absence of clear cyberspace laws to be the main safety and privacy issues. Also, the results found that the present authentication schemes used by banks are becoming weak and open to various attacks due to increase in online fraud. Thus, proposed two frameworks for investigating other dimensions of risk and trust factors, and for design of new user authentication scheme. Lastly, missing gaps in current studies, and direction for upcoming studies are mentioned.


2021 ◽  
Author(s):  
Nadire Cavus ◽  
Yakubu Bala Mohammed ◽  
Mohammed Bulama ◽  
Muhammad Lamir Isah

Nowadays, movable banking apps are thriving in international pecuniary market due to its flexibility and convenience, especially during COVID-19 pandemic lock-down. Despites these benefits, its development continues to face a lot of challenges due to security, privacy, and authentication issues, especially in developing nations where elegant technologies and explicit cyberspace laws remain an issue. This study used PRISMA approach to systematically reviewed present m-banking studies with aims of identifying other security and privacy issues, and user authentication schemes challenges. Six scholarly databases of; IEEE Xplore, EBSCOhost, Science Direct, Scopus, Taylor and Francis, and Web of Science were searched. 38 articles were carefully read and analyzed meticulously. The study results exposed customers fear of third-party intrusion through other apps, device lost or theft with account information, financial loses, and absence of clear cyberspace laws to be the main safety and privacy issues. Also, the results found that the present authentication schemes used by banks are becoming weak and open to various attacks due to increase in online fraud. Thus, proposed two frameworks for investigating other dimensions of risk and trust factors, and for design of new user authentication scheme. Lastly, missing gaps in current studies, and direction for upcoming studies are mentioned.


Symmetry ◽  
2021 ◽  
Vol 13 (7) ◽  
pp. 1121
Author(s):  
Ya-Fen Chang ◽  
Wei-Liang Tai ◽  
Po-Lin Hou ◽  
Kuan-Yu Lai

Internet of Things (IoT) is composed of various kinds of devices such as cars, electrical appliances, machines and sensors. With IoT technologies, devices can exchange information through the network, people are allowed to get information collected by devices without interacting with them, and automatic operations for devices are realized. Because of the variety of IoT devices, some of them possess limited computational capability. On the other hand, data transmission in IoT networks is usually through a public channel. To ensure efficiency and security for IoT environments, Lee et al. proposed a three-factor authentication scheme with hash function and XOR operation. They claimed their scheme possessed superior properties and could resist common attacks. After analyzing their scheme, we find that their scheme is vulnerable to five flaws. In this paper, how these found flaws threaten Lee et al.’s scheme is shown in detail. Then, we propose an improvement to overcome the found flaws and preserve the advantages by employing ECC.


Sign in / Sign up

Export Citation Format

Share Document