Ashok Kumar Das

Bio: Ashok Kumar Das is an academic researcher from International Institute of Information Technology, Hyderabad. The author has contributed to research in topics: Authentication & Internet security. The author has an hindex of 56, co-authored 278 publications receiving 9166 citations. Previous affiliations of Ashok Kumar Das include International Institute of Minnesota & International Institute of Information Technology.

A Secure Biometrics-Based Multi-Server Authentication Protocol Using Smart Cards

Abstract: Recently, in 2014, He and Wang proposed a robust and efficient multi-server authentication scheme using biometrics-based smart card and elliptic curve cryptography (ECC). In this paper, we first analyze He–Wang’s scheme and show that their scheme is vulnerable to a known session-specific temporary information attack and impersonation attack. In addition, we show that their scheme does not provide strong user’s anonymity. Furthermore, He–Wang’s scheme cannot provide the user revocation facility when the smart card is lost/stolen or user’s authentication parameter is revealed. Apart from these, He–Wang’s scheme has some design flaws, such as wrong password login and its consequences, and wrong password update during password change phase. We then propose a new secure multi-server authentication protocol using biometric-based smart card and ECC with more security functionalities. Using the Burrows–Abadi–Needham logic, we show that our scheme provides secure authentication. In addition, we simulate our scheme for the formal security verification using the widely accepted and used automated validation of Internet security protocols and applications tool, and show that our scheme is secure against passive and active attacks. Our scheme provides high security along with low communication cost, computational cost, and variety of security features. As a result, our scheme is very suitable for battery-limited mobile devices as compared with He–Wang’s scheme.

Secure Signature-Based Authenticated Key Establishment Scheme for Future IoT Applications

Abstract: Internet of Things (IoT) is a network of all devices that can be accessed through the Internet. These devices can be remotely accessed and controlled using existing network infrastructure, thus allowing a direct integration of computing systems with the physical world. This also reduces human involvement along with improving accuracy and efficiency, resulting in economic benefit. The devices in IoT facilitate the day-to-day life of people. However, the IoT has an enormous threat to security and privacy due to its heterogeneous and dynamic nature. Authentication is one of the most challenging security requirements in the IoT environment, where a user (external party) can directly access information from the devices, provided the mutual authentication between user and devices happens. In this paper, we present a new signature-based authenticated key establishment scheme for the IoT environment. The proposed scheme is tested for security with the help of the widely used Burrows-Abadi–Needham logic, informal security analysis, and also the formal security verification using the broadly accepted automated validation of Internet security protocols and applications tool. The proposed scheme is also implemented using the widely accepted NS2 simulator, and the simulation results demonstrate the practicability of the scheme. Finally, the proposed scheme provides more functionality features, and its computational and communication costs are also comparable with other existing approaches.

Design of Secure User Authenticated Key Management Protocol for Generic IoT Networks

Abstract: In recent years, the research in generic Internet of Things (IoT) attracts a lot of practical applications including smart home, smart city, smart grid, industrial Internet, connected healthcare, smart retail, smart supply chain and smart farming. The hierarchical IoT network (HIoTN) is a special kind of the generic IoT network, which is composed of the different nodes, such as the gateway node, cluster head nodes, and sensing nodes organized in a hierarchy. In HIoTN, there is a need, where a user can directly access the real-time data from the sensing nodes for a particular application in generic IoT networking environment. This paper emphasizes on the design of a new secure lightweight three-factor remote user authentication scheme for HIoTNs, called the user authenticated key management protocol (UAKMP). The three factors used in UAKMP are the user smart card, password, and personal biometrics. The security of the scheme is thoroughly analyzed under the formal security in the widely accepted real-or-random model, the informal security as well as the formal security verification using the widely accepted automated validation of Internet security protocols and applications tool. UAKMP offers several functionality features including offline sensing node registration, freely password and biometric update facility, user anonymity, and sensing node anonymity compared to other related existing schemes. In addition, UAKMP is also comparable in computation and communication costs as compared to other existing schemes.

Provably Secure Authenticated Key Agreement Scheme for Smart Grid

Abstract: Due to the rapid development of wireless communication systems, authentication becomes a key security component in smart grid environments. Authentication then plays an important role in the smart grid domain by providing a variety of security services including credentials’ privacy, session-key (SK) security, and secure mutual authentication. In this paper, we analyze the security of a recent relevant work in smart grid, and it is unfortunately not able to deal with SK-security and smart meter secret credentials’ privacy under the widely accepted Canetti–Krawczyk adversary (CK-adversary) model. We then propose a new efficient provably secure authenticated key agreement scheme for smart grid. Through the rigorous formal security analysis, we show that the proposed scheme achieves the well-known security functionalities including smart meter credentials’ privacy and SK-security under the CK-adversary model. The proposed scheme reduces the computation overheads for both smart meters and service providers. Furthermore, the proposed scheme offers more security functionalities as compared to the existing related schemes.

Prevalence of dyslipidemia in urban and rural India: the ICMR-INDIAB study.

Abstract: Aim: To study the pattern and prevalence of dyslipidemia in a large representative sample of four selected regions in India. Methods: Phase I of the Indian Council of Medical Research–India Diabetes (ICMR-INDIAB) study was conducted in a representative population of three states of India [Tamil Nadu, Maharashtra and Jharkhand] and one Union Territory [Chandigarh], and covered a population of 213 million people using stratified multistage sampling design to recruit individuals $20 years of age. All the study subjects (n=16,607) underwent anthropometric measurements and oral glucose tolerance tests were done using capillary blood (except in self-reported diabetes). In addition, in every 5th subject (n=2042), a fasting venous sample was collected and assayed for lipids. Dyslipidemia was diagnosed using National Cholesterol Education Programme (NCEP) guidelines. Results: Of the subjects studied, 13.9% had hypercholesterolemia, 29.5% had hypertriglyceridemia, 72.3% had low HDL-C, 11.8% had high LDL-C levels and 79% had abnormalities in one of the lipid parameters. Regional disparity exists with the highest rates of hypercholesterolemia observed in Tamilnadu (18.3%), highest rates of hypertriglyceridemia in Chandigarh (38.6%), highest rates of low HDL-C in Jharkhand (76.8%) and highest rates of high LDL-C in Tamilnadu (15.8%). Except for low HDL-C and in the state of Maharashtra, in all other states, urban residents had the highest prevalence of lipid abnormalities compared to rural residents. Low HDL-C was the most common lipid abnormality (72.3%) in all the four regions studied; in 44.9% of subjects, it was present as an isolated abnormality. Common significant risk factors for dyslipidemia included obesity, diabetes, and dysglycemia. Conclusion: The prevalence of dyslipidemia is very high in India, which calls for urgent lifestyle intervention strategies to prevent and manage this important cardiovascular risk factor.

[서평]「Applied Cryptography」

Abstract: The objective of this paper is to give a comprehensive introduction to applied cryptography with an engineer or computer scientist in mind. The emphasis is on the knowledge needed to create practical systems which supports integrity, confidentiality, or authenticity. Topics covered includes an introduction to the concepts in cryptography, attacks against cryptographic systems, key use and handling, random bit generation, encryption modes, and message authentication codes. Recommendations on algorithms and further reading is given in the end of the paper. This paper should make the reader able to build, understand and evaluate system descriptions and designs based on the cryptographic components described in the paper.

A Survey on IoT Security: Application Areas, Security Threats, and Solution Architectures

Abstract: The Internet of Things (IoT) is the next era of communication. Using the IoT, physical objects can be empowered to create, receive, and exchange data in a seamless manner. Various IoT applications focus on automating different tasks and are trying to empower the inanimate physical objects to act without any human intervention. The existing and upcoming IoT applications are highly promising to increase the level of comfort, efficiency, and automation for the users. To be able to implement such a world in an ever-growing fashion requires high security, privacy, authentication, and recovery from attacks. In this regard, it is imperative to make the required changes in the architecture of the IoT applications for achieving end-to-end secure IoT environments. In this paper, a detailed review of the security-related challenges and sources of threat in the IoT applications is presented. After discussing the security issues, various emerging and existing technologies focused on achieving a high degree of trust in the IoT applications are discussed. Four different technologies, blockchain, fog computing, edge computing, and machine learning, to increase the level of security in IoT are discussed.

UAV Communications for 5G and Beyond: Recent Advances and Future Trends

Abstract: Providing ubiquitous connectivity to diverse device types is the key challenge for 5G and beyond 5G (B5G). Unmanned aerial vehicles (UAVs) are expected to be an important component of the upcoming wireless networks that can potentially facilitate wireless broadcast and support high rate transmissions. Compared to the communications with fixed infrastructure, UAV has salient attributes, such as flexible deployment, strong line-of-sight (LoS) connection links, and additional design degrees of freedom with the controlled mobility. In this paper, a comprehensive survey on UAV communication towards 5G/B5G wireless networks is presented. We first briefly introduce essential background and the space-air-ground integrated networks, as well as discuss related research challenges faced by the emerging integrated network architecture. We then provide an exhaustive review of various 5G techniques based on UAV platforms, which we categorize by different domains including physical layer, network layer, and joint communication, computing and caching. In addition, a great number of open research problems are outlined and identified as possible future research directions.