Visible to the public Biblio

Filters: Keyword is mutual authentication  [Clear All Filters]
Wu, Xiaohe, Xu, Jianbo, Huang, Weihong, Jian, Wei.  2020.  A new mutual authentication and key agreement protocol in wireless body area network. 2020 IEEE International Conference on Smart Cloud (SmartCloud). :199—203.

Due to the mobility and openness of wireless body area networks (WBANs), the security of WBAN has been questioned by people. The patient's physiological information in WBAN is sensitive and confidential, which requires full consideration of user anonymity, untraceability, and data privacy protection in key agreement. Aiming at the shortcomings of Li et al.'s protocol in terms of anonymity and session unlinkability, forward/backward confidentiality, etc., a new anonymous mutual authentication and key agreement protocol was proposed on the basis of the protocol. This scheme only uses XOR and the one-way hash operations, which not only reduces communication consumption but also ensures security, and realizes a truly lightweight anonymous mutual authentication and key agreement protocol.

Zhang, Shuaipeng, Liu, Hong.  2019.  Environment Aware Privacy-Preserving Authentication with Predictability for Medical Edge Computing. 2019 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC). :90–96.
With the development of IoT, smart health has significantly improved the quality of people's life. A large amount of smart health monitoring system has been proposed, which provides an opportunity for timely and efficient diagnosis. Nevertheless, most of them ignored the impact of environment on patients' health. Due to the openness of the communication channel, data security and privacy preservation are crucial problems to be solved. In this work, an environment aware privacy-preserving authentication protocol based on the fuzzy extractor and elliptic curve cryptography (ecc) is designed for health monitoring system with mutual authentication and anonymity. Edge computing unit can authenticate all environmental sensors at one time. Fuzzy synthetic evaluation model is utilized to evaluate the environment equality with the patients' temporal health index (THI) as an assessment factor, which can help to predict the appropriate environment. The session key is established for secure communication based on the predicted result. Through security analysis, the proposed protocol can prevent common attacks. Moreover, performance analysis shows that the proposed protocol is applicable for resource-limited smart devices in edge computing health monitoring system.
Sain, Mangal, Kim, Ki-Hwan, Kang, Young-Jin, lee, hoon jae.  2019.  An Improved Two Factor User Authentication Framework Based on CAPTCHA and Visual Secret Sharing. 2019 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). :171—175.

To prevent unauthorized access to adversaries, strong authentication scheme is a vital security requirement in client-server inter-networking systems. These schemes must verify the legitimacy of such users in real-time environments and establish a dynamic session key fur subsequent communication. Of late, T. H. Chen and J. C. Huang proposed a two-factor authentication framework claiming that the scheme is secure against most of the existing attacks. However we have shown that Chen and Huang scheme have many critical weaknesses in real-time environments. The scheme is prone to man in the middle attack and information leakage attack. Furthermore, the scheme does not provide two essential security services such user anonymity and session key establishment. In this paper, we present an enhanced user participating authenticating scheme which overcomes all the weaknesses of Chen et al.'s scheme and provide most of the essential security features.

Gu, Chongyan, Chang, Chip Hong, Liu, Weiqiang, Yu, Shichao, Ma, Qingqing, O'Neill, Maire.  2019.  A Modeling Attack Resistant Deception Technique for Securing PUF based Authentication. 2019 Asian Hardware Oriented Security and Trust Symposium (AsianHOST). :1—6.

Due to practical constraints in preventing phishing through public network or insecure communication channels, simple physical unclonable function (PDF)-based authentication protocol with unrestricted queries and transparent responses is vulnerable to modeling and replay attacks. In this paper, we present a PUF-based authentication method to mitigate the practical limitations in applications where a resource-rich server authenticates a device with no strong restriction imposed on the type of PUF designs or any additional protection on the binary channel used for the authentication. Our scheme uses an active deception protocol to prevent machine learning (ML) attacks on a device. The monolithic system makes collection of challenge response pairs (CRPs) easy for model building during enrollment but prohibitively time consuming upon device deployment. A genuine server can perform a mutual authentication with the device at any time with a combined fresh challenge contributed by both the server and the device. The message exchanged in clear does not expose the authentic CRPs. The false PUF multiplexing is fortified against prediction of waiting time by doubling the time penalty for every unsuccessful authentication.

Jiang, Qi, Zhang, Xin, Zhang, Ning, Tian, Youliang, Ma, Xindi, Ma, Jianfeng.  2019.  Two-Factor Authentication Protocol Using Physical Unclonable Function for IoV. 2019 IEEE/CIC International Conference on Communications in China (ICCC). :195–200.
As an extension of Internet of Things (IoT) in transportation sector, the Internet of Vehicles (IoV) can greatly facilitate vehicle management and route planning. With ever-increasing penetration of IoV, the security and privacy of driving data should be guaranteed. Moreover, since vehicles are often left unattended with minimum human interventions, the onboard sensors are vulnerable to physical attacks. Therefore, the physically secure authentication and key agreement (AKA) protocol is urgently needed for IoV to implement access control and information protection. In this paper, physical unclonable function (PUF) is introduced in the AKA protocol to ensure that the system is secure even if the user devices or sensors are compromised. Specifically, PUF, as a hardware fingerprint generator, eliminates the storage of any secret information in user devices or vehicle sensors. By combining password with PUF, the user device cannot be used by someone else to be successfully authenticated as the user. By resorting to public key cryptography, the proposed protocol can provide anonymity and desynchronization resilience. Finally, the elaborate security analysis demonstrates that the proposed protocol is free from the influence of known attacks and can achieve expected security properties, and the performance evaluation indicates the efficiency of our protocol.
Janjua, K., Ali, W..  2018.  Enhanced Secure Mechanism for Virtual Machine Migration in Clouds. 2018 International Conference on Frontiers of Information Technology (FIT). :135–140.
Live VM migration is the most vulnerable process in cloud federations for DDOS attacks, loss of data integrity, confidentiality, unauthorized access and injection of malicious viruses on VM disk images. We have scrutinized following set of crucial security features which are; authorization, confidentiality, replay protection (accountability), integrity, mutual authentication and source non-repudiation (availability) to cater different threats and vulnerabilities during live VM migration. The investigated threats and vulnerabilities are catered and implemented in a proposed solution, presented in this paper. Six security features-authorization, confidentiality, replay protection, integrity, mutual authentication and source non-repudiation are focused and modular implementation has been done. Solution is validated in AVISPA tool in modules for threats for all the notorious security requirements and no outbreak were seen.
Taher, Bahaa Hussein, Wei, Lu Hong, Yassin, Ali A..  2018.  Flexible and Efficient Authentication of IoT Cloud Scheme Using Crypto Hash Function. Proceedings of the 2018 2Nd International Conference on Computer Science and Artificial Intelligence. :487–494.
The Internet of Things and cloud computing (IoT Cloud) have a wide resonance in the Internet and modern communication technology, which allows laptops, phones, sensors, embedded devices, and other things to connect and exchange information via the Internet. Therefore, IoT Cloud offers several facilities, such as resources, storage, sharing, exchange, and communication. However, IoT Cloud suffers from security problems, which are a vital issue in the information technology world. All embedded devices in IoT Cloud need to be supported by strong authentication and preservation of privacy data during information exchange via the IoT Cloud environment. Malicious attacks (such as replay, man-in-the-middle [MITM], and impersonation attacks) play the negative role of obtaining important information of devices. In this study, we propose a good scheme that overcomes the mentioned issues by resisting well-known attacks, such as MITM, insider, offline password guessing, dictionary, replay, and eavesdropping. Our work achieves device anonymity, forward secrecy, confidentiality, and mutual authentication. Security and performance analyses show that our proposed scheme is more efficient, flexible, and secure with respect to several known attacks compared with related schemes.
Wu, Hsiao-Ling, Chang, Chin-Chen, Chen, Long-Sheng.  2018.  On the Security of a Secure Anonymous Authentication Protocol for Mobile Services on Elliptic Curve Cryptography. Proceedings of the 6th International Conference on Information Technology: IoT and Smart City. :88–91.
With the rapid development of mobile communication technologies, more and more mobile users use their mobile devices anywhere. Therefore, it is important to provide authentication process in three parties, i.e., a mobile user (MU), a home agent (HA), and a foreign agent (FA). In 2016, Reddy et al. proposed a secure and anonymous mobile authentication scheme. In their scheme, they first pointed out that Memon et al.'s scheme suffer from four secure issues, i.e., the impersonation attack, imperfect mutual authentication, unverifiable password changing phase, and the insider attack. Then, the authors proposed an improved scheme and claimed that their scheme can provide user anonymity and resist most famous attacks. Unfortunately, we have found that their scheme cannot resist known session-specific temporary information attack (KSTIA). In addition, when HA wants to charge MU fees for providing service, or, as FA and MU have argued, HA cannot find the real identity of MU. Finally, their scheme cannot achieve the mutual authentication and the session key agreement. Therefore, in this paper, we presented those weaknesses of Reddy et al.'s scheme.
Kim, H., Yun, S., Lee, J., Yi, O..  2018.  Lightweight Mutual Authentication and Key Agreement in IoT Networks and Wireless Sensor Networks Proposal of Authentication and Key Agreement in IoT Network and Sensor Network Using Poor Wireless Communication of Less Than 1 Kbps. 2018 International Conference on Platform Technology and Service (PlatCon). :1–6.

Recently, as the age of the Internet of Things is approaching, there are more and more devices that communicate data with each other by incorporating sensors and communication functions in various objects. If the IoT is miniaturized, it can be regarded as a sensor having only the sensing ability and the low performance communication ability. Low-performance sensors are difficult to use high-quality communication, and wireless security used in expensive wireless communication devices cannot be applied. Therefore, this paper proposes authentication and key Agreement that can be applied in sensor networks using communication with speed less than 1 Kbps and has limited performances.

Walsh, Kevin, Manferdelli, John.  2017.  Mechanisms for Mutual Attested Microservice Communication. Companion Proceedings of the10th International Conference on Utility and Cloud Computing. :59–64.
For systems composed of many rapidly-deployed microservices that cross networks and span trust domains, strong authentication between microservices is a prerequisite for overall system trustworthiness. We examine standard authentication mechanisms in this context, and we introduce new comprehensive, automated, and fine-grained mutual authentication mechanisms that rely on attestation, with particular attention to provisioning and managing secrets. Prototype implementations and benchmark results indicate that mutual attestation introduces only modest overheads and can be made to meet or exceed the performance of common but weaker authentication mechanisms in many scenarios.
Win, E. K., Yoshihisa, T., Ishi, Y., Kawakami, T., Teranishi, Y., Shimojo, S..  2017.  A Lightweight Multi-receiver Encryption Scheme with Mutual Authentication. 2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC). 2:491–497.

In this paper, we propose a lightweight multi-receiver encryption scheme for the device to device communications on Internet of Things (IoT) applications. In order for the individual user to control the disclosure range of his/her own data directly and to prevent sensitive personal data disclosure to the trusted third party, the proposed scheme uses device-generated public keys. For mutual authentication, third party generates Schnorr-like lightweight identity-based partial private keys for users. The proposed scheme provides source authentication, message integrity, replay-attack prevention and implicit user authentication. In addition to more security properties, computation expensive pairing operations are eliminated to achieve less time usage for both sender and receiver, which is favourable property for IoT applications. In this paper, we showed a proof of security of our scheme, computational cost comparison and experimental performance evaluations. We implemented our proposed scheme on real embedded Android devices and confirmed that it achieves less time cost for both encryption and decryption comparing with the existing most efficient certificate-based multi-receiver encryption scheme and certificateless multi-receiver encryption scheme.

Zheng, L., Xue, Y., Zhang, L., Zhang, R..  2017.  Mutual Authentication Protocol for RFID Based on ECC. 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). 2:320–323.

In this paper, a mutual authentication protocol based on ECC is designed for RFID systems. This protocol is described in detail and the performance of this protocol is analyzed. The results show that the protocol has many advantages, such as mutual authentication, confidentiality, anonymity, availability, forward security, scalability and so on, which can resist camouflage attacks, tracking attacks, denial of service attacks, system internal attack.

Urien, P..  2016.  Three Innovative Directions Based on Secure Elements for Trusted and Secured IoT Platforms. 2016 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS). :1–2.

This paper presents the foundations of secured and trusted architecture for the Internet of Things platforms, based on Secure Elements (SE). Some IoT networks could be managed by service providers, dealing with smart grids or healthcare. Many platforms are using DTLS or TLS protocols. Therefore SEs running such stacks could provide strong mutual authentication and secure communications. Three future research directions are illustrated by previous experiments. TLS/DTLS SE servers for objects, CoAP DTLS clients for SIM modules, and RACS authorization servers based on SE TLS servers.

Michalevsky, Yan, Nath, Suman, Liu, Jie.  2016.  MASHaBLE: Mobile Applications of Secret Handshakes over Bluetooth LE. Proceedings of the 22Nd Annual International Conference on Mobile Computing and Networking. :387–400.

We present new applications for cryptographic secret handshakes between mobile devices on top of Bluetooth Low-Energy (LE). Secret handshakes enable mutual authentication, with the property that the parties learn nothing about each other unless they have been both issued credentials by a group administrator. This property provides strong privacy guarantees that enable interesting applications. One of them is proximity-based discovery for private communities. We introduce MASHaBLE, a mobile application that enables participants to discover and interact with nearby users if and only if they belong to the same secret community. We use direct peer-to-peer communication over Bluetooth LE, rather than relying on a central server. We discuss the specifics of implementing secret handshakes over Bluetooth LE and present our prototype implementation.

Litian, D., Fu, D., Zizhong, W. J..  2015.  A Mixed and Batching Authentication Protocol for Grouped Tags in Mobile RFID System. 2015 IEEE International Conference on Data Science and Data Intensive Systems. :75–80.

Mobile radio frequency identification (RFID) systems are being employed in many applications such as supply chain management. Since the communications between RFID-reader and server, RFID-tag and RFID-reader are all wireless, security and privacy attracts more attentions, reflected in the research on authentication protocols. But most of the existing authentications only care about the front end (reader to tag) and ignore the back end (reader to server), which could not satisfy the security demands in the mobile RFID systems. Moreover, the tags have to be grouped when the population is large enough, but the existing authentication protocols are inapplicable in this scenario. In this paper, we propose a mixed authentication protocol composed of hash-based authentication for readers and lightweight authentication for low-cost tags to fit the mobile RFID system with grouping tags. Analysis demonstrates that the proposed authentication protocol could efficiently counteract the impersonation attack, reply attack and tracking attack.

C. Zhang, W. Zhang, H. Mu.  2015.  "A Mutual Authentication Security RFID Protocol Based on Time Stamp". 2015 First International Conference on Computational Intelligence Theory, Systems and Applications (CCITSA). :166-170.

In the RFID technology, the privacy of low-cost tag is a hot issue in recent years. A new mutual authentication protocol is achieved with the time stamps, hash function and PRNG. This paper analyzes some common attack against RFID and the relevant solutions. We also make the security performance comparison with original security authentication protocol. This protocol can not only speed up the proof procedure but also save cost and it can prevent the RFID system from being attacked by replay, clone and DOS, etc..

Nicanfar, H., Jokar, P., Beznosov, K., Leung, V.C.M..  2014.  Efficient Authentication and Key Management Mechanisms for Smart Grid Communications. Systems Journal, IEEE. 8:629-640.

A smart grid (SG) consists of many subsystems and networks, all working together as a system of systems, many of which are vulnerable and can be attacked remotely. Therefore, security has been identified as one of the most challenging topics in SG development, and designing a mutual authentication scheme and a key management protocol is the first important step. This paper proposes an efficient scheme that mutually authenticates a smart meter of a home area network and an authentication server in SG by utilizing an initial password, by decreasing the number of steps in the secure remote password protocol from five to three and the number of exchanged packets from four to three. Furthermore, we propose an efficient key management protocol based on our enhanced identity-based cryptography for secure SG communications using the public key infrastructure. Our proposed mechanisms are capable of preventing various attacks while reducing the management overhead. The improved efficiency for key management is realized by periodically refreshing all public/private key pairs as well as any multicast keys in all the nodes using only one newly generated function broadcasted by the key generator entity. Security and performance analyses are presented to demonstrate these desirable attributes.

Balamurugan, B., Krishna, P.V., Nirmala Devi, M., Meenakshi, R., Ahinaya, V..  2014.  Enhanced framework for verifying user authorization and data correctness using token management system in the cloud. Circuit, Power and Computing Technologies (ICCPCT), 2014 International Conference on. :1443-1447.

Cloud computing is an application and set of services given through the internet. However it is an emerging technology for shared infrastructure but it lacks with an access rights and security mechanism. As it lacks security issues for the cloud users our system focuses only on the security provided through the token management system. It is based on the internet where computing is done through the virtual shared servers for providing infrastructure, software, platform and security as a services. In which security plays an important role in the cloud service. Hence, this security has been given with three types of services such as mutual authentication, directory services, token granting for the resources. Since, existing token issuing mechanism does not provide scalability to large data sets and also increases memory overhead between the client and the server. Hence, our proposed work focuses on providing tokens to the users, which addresses the problem of scalability and memory overhead. The proposed framework of token management system monitors the entire operations of the cloud and there by managing the entire cloud infrastructure. Our model comes under the new category of cloud model known as "Security as a Service". This paper provides the security framework as an architectural model to verify user authorization and data correctness of the resource stored thereby provides guarantee to the data owner for their resource stored into the cloud This framework also describes about the storage of token in a secured manner and it also facilitates search and usage of tokens for auditing purpose and supervision of the users.