Sian-Teng Chen

Bio: Sian-Teng Chen is an academic researcher from Shih Hsin University. The author has contributed to research in topics: Password & Smart card. The author has an hindex of 1, co-authored 1 publications receiving 157 citations.

Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards

Abstract: User authentication and key agreement is an important security primitive for creating a securely distributed information system. Additionally, user authentication and key agreement is very useful for providing identity privacy to users. In this paper, we propose a robust and efficient user authentication and key agreement scheme using smart cards. The main merits include the following: 1) the computation and communication cost is very low; 2) there is no need for any password or verification table in the server; 3) a user can freely choose and change his own password; 4) it is a nonce-based scheme that does not have a serious time-synchronization problem; 5) servers and users can authenticate each other; 6) the server can revoke a lost card and issue a new card for a user without changing his identity; 7) the privacy of users can be protected; 8) it generates a session key agreed upon by the user and the server; and 9) it can prevent the offline dictionary attack even if the secret information stored in a smart card is compromised.

An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics

Abstract: Password-based remote user authentication schemes are widely investigated, with recent research increasingly combining a user's biometrics with a password to design a remote user authentication scheme that enhances the level of the security However, these authentication schemes are designed for a single server environment and result in users needing to register many times when they want to access different application servers To solve this problem, in this paper we propose an anonymous multi-server authenticating key agreement scheme based on trust computing using smart cards, password, and biometrics Our scheme not only supports multi-server environments but also achieves many security requirements In addition, our scheme is a lightweight authentication scheme which only uses the nonce and a hash function From the subsequent analysis, the proposed scheme can be seen to resist several kinds of attacks, and to have more security properties than other comparable schemes

An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks

Abstract: User authentication with unlinkability is one of the corner stone services for many security and privacy services which are required to secure communications in wireless sensor networks (WSNs). Recently, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs, and claimed that their scheme achieves identity and password protection, and the resiliency of stolen smart card attacks. However, we observe that Xue et al.’s scheme is subject to identity guessing attack, tracking attack, privileged insider attack and weak stolen smart card attack. In order to fix the drawbacks, we propose an enhanced authentication scheme with unlinkability. Additionally, the proposed scheme further cuts the computational cost. Therefore, the proposed scheme not only remedies its security flaws but also improves its performance. It is more suitable for practical applications of WSNs than Xue et al.’s scheme.

Security in Building Automation Systems

Abstract: Building automation systems are traditionally concerned with the control of heating, ventilation, and air conditioning, as well as lighting and shading, systems. They have their origin in a time where security has been considered as a side issue at best. Nowadays, with the rising desire to integrate security-critical services that were formerly provided by isolated subsystems, security must no longer be neglected. Thus, the development of a comprehensive security concept is of utmost importance. This paper starts with a security threat analysis and identifies the challenges of providing security in the building automation domain. Afterward, the security mechanisms of available standards are thoroughly analyzed. Finally, two approaches that provide both secure communication and secure execution of possibly untrusted control applications are presented.

Anonymity Enhancement on Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards

Abstract: By exploiting a smart card, this paper presents a robust and efficient password-authenticated key agreement scheme. This paper strengthens the security of the scheme by addressing untraceability property such that any third party over the communication channel cannot tell whether or not he has seen the same (unknown) smart card twice through the authentication sessions. The proposed remedy also prevents a kind of denial of service attack found in the original scheme. High performance and other good functionalities are preserved.