Secure Remote Login Scheme with Password and Smart Card Update Facilities
01 Jan 2016-pp 495-505
TL;DR: The main aim of this paper is to design a secure user authentication protocol which provides complete facilities to the registered user and the performance of the proposed scheme is relatively better than existing related schemes.
Abstract: Smart card and password-based user authentication scheme is popular for accessing remote services from the remote server over insecure communication. In this regard, numerous user authentication protocols have been proposed in the literature. However, we have observed that still none of the protocols provide complete facilities such as password change process, password recover process, and smart card revocation process to the registered user. The main aim of this paper is to design a secure user authentication protocol which provides complete facilities to the registered user. The security analysis of the protocol is presented which confirms that the same protocol is secure against various common attacks. Our protocol is not only provide complete facilities to the registered user, but also provides session key agreement as well as mutual authentication between the \(U_i\) and RS. The performance of the proposed scheme is relatively better than existing related schemes.
Citations
More filters
TL;DR: A light weight authentication protocol for TMIS that ensures resilience of all possible security attacks and the performance of the protocol is relatively standard in comparison with the related previous research.
Abstract: Telecare Medical Information System (TMIS) supports a standard platform to the patient for getting necessary medical treatment from the doctor(s) via Internet communication. Security protection is important for medical records (data) of the patients because of very sensitive information. Besides, patient anonymity is another most important property, which must be protected. Most recently, Chiou et al. suggested an authentication protocol for TMIS by utilizing the concept of cloud environment. They claimed that their protocol is patient anonymous and well security protected. We reviewed their protocol and found that it is completely insecure against patient anonymity. Further, the same protocol is not protected against mobile device stolen attack. In order to improve security level and complexity, we design a light weight authentication protocol for the same environment. Our security analysis ensures resilience of all possible security attacks. The performance of our protocol is relatively standard in comparison with the related previous research.
77 citations
TL;DR: This paper aims at presenting a pairing-free threshold-based ABE scheme (PT-ABE) over multiplicative group, secured under the standard decisional Diffie–Hellman (DDH) assumption, and both error-tolerant and collusion-free.
Abstract: In several distributed environments, users can decrypt a secret message using a certain number of valid attributes or credentials. Attribute-based encryption (ABE) is the most promising technique to achieve such fine-grain access control. In recent years, many ABE schemes have been proposed, but most of them are constructed based on the concept of pairing and secret sharing scheme. This paper aims at presenting a pairing-free threshold-based ABE scheme (PT-ABE) over multiplicative group. The propose work is secured under the standard decisional Diffie–Hellman (DDH) assumption, and both error-tolerant and collusion-free. The scheme does not consider random oracle operation to prove its security. We compare the PT-ABE scheme with other relevant ABE schemes and find that our scheme is much more efficient and flexible than others. Besides, we propose a protocol based on PT-ABE scheme and show that PT-ABE is perfectly suitable in cloud environment to provide cloud security. To the best of our knowledge, the proposed scheme should be implemented in real- life distributed scenarios, as it is well secured, flexible and perform better than existing ones.
20 citations
TL;DR: This paper has proposed efficient and secure communication protocols for flexible CCN business model to protect the existing business policies of the content publisher while maintaining the salient CCN features like in‐network content caching and Interest packet aggregation.
Abstract: Int J Commun Syst. 2019;32:e3839. https://doi.org/10.1002/dac.3839 Summary Initially, Internet has evolved as a resource sharing model where resources are identified by IP addresses. However, with rapid technological advancement, resources/hardware has become cheap and thus, the need of sharing hardware over Internet is reduced. Moreover, people are using Internet mainly for information exchange and hence, Internet has gradually shifted from resource sharing to information sharing model. To meet the recent growing demand of information exchange, Content Centric Network (CCN) is envisaged as a clean‐slate future network architecture which is specially destined for smooth content distribution over Internet. In CCN, content is easily made available using network caching mechanism which is misaligned with the existing business policy of content providers/publishers in IP‐based Internet. Hence, the transition from contemporary IP‐based Internet to CCN demands attention for redesigning the business policy of the content publishers/providers. In this paper, we have proposed efficient and secure communication protocols for flexible CCN business model to protect the existing business policies of the content publisher while maintaining the salient CCN features like in‐network content caching and Interest packet aggregation. To enhance the efficiency and security, the Elliptic Curve Cryptography (ECC) is used. The proposed ECC‐based scheme is analyzed to show that it is resilient to relevant existing cryptographic attacks. The performance analysis in terms of less computation and communication overheads and increased efficiency is given. Moreover, a formal security verification of the proposed scheme is done using widely used AVISPA simulator and BAN logic that shows our scheme is well secured.
14 citations
Cites background from "Secure Remote Login Scheme with Pas..."
...In 2016, Kumar et al.(34) proposed an improved password and smartcard based remote user authentication scheme which found to be susceptible to replay and session key disclosure attack....
[...]
...In 2016, Kumar et al.34 proposed an improved password and smartcard based remote user authentication scheme which found to be susceptible to replay and session key disclosure attack.35 Recently, in 2017, Li et al.36 proposed an ECC and biometric based authentication scheme for IoT environment but due to the use of biometric, the scheme becomes expensive....
[...]
01 Apr 2019
TL;DR: A pairing‐free and random oracle‐free encryption scheme with a small‐size public parameter where the anonymity of IoT‐recipient is maintained and the proposed designated verifier signature scheme facilitates the signatory to send a signature without sending the original message.
14 citations
Cites background from "Secure Remote Login Scheme with Pas..."
...(14) Based on Equations (13) and (14), it is noticed that both the signatures ?...
[...]
...According to the successful forgery, knows (by assuming SKID∗A is the secret key of user having public key PKID∗A ) H∗ = [ SKID∗A(t ∗ + i) + SKID∗B ]2 s∗(t∗ + i) mod N. (18) Therefore, from Equations (17) and (18), realizes that[ SKID∗A(t ∗ + i) + SKID∗B ]2 s∗(t∗ + i) ≡ G + ( x∗i + v ∗ i ) U∗A (mod N)....
[...]
...Based on Equations (13) and (14), it is noticed that both the signatures ?̃?, generated by the signer S, and ?̂?, produced by the designated verifier V, are identical to each other....
[...]
...dn) = D̃, di = { mi ⊕ F [( s(t+i) N )] mi = 1 0 mi = 0 Z = SKIDS s mod N = Z̃ US = SK2 IDS mod N = ŨS W = H(M || US || IDV || Z) = W̃ ⎤⎥⎥⎥⎥⎥⎥⎥⎥⎥⎦ = 1 N4 (13)...
[...]
03 Mar 2016
TL;DR: This paper proposes malicious node detection protocol using authentication technique for ad hoc as well as internet networks, and the protocol depends on one-way hash operation and does not consider any high computation such as exponentiation or pairing computation, so it achieves high performance.
Abstract: In ad-hoc as well as internet networks, there may exist several malicious nodes which may reduce system reliability and robustness of the network. Therefore, detection of malicious node in the networks is a vibrant research area. For this, several techniques have been adopted in the literature. In this paper, we proposed malicious node detection protocol using authentication technique for ad hoc as well as internet networks. As the protocol depends on one-way hash operation and does not consider any high computation such as exponentiation or pairing computation, so it achieves high performance. Besides, the number of message passes is also reduced to authenticate a node within the network. The proposed protocol is simulated using AVISPA software, and the simulation results make certain that the protocol is SAFE under OFMC and CL-AtSe models. In addition, the complexities of the protocol are satisfactory.
2 citations
Cites background from "Secure Remote Login Scheme with Pas..."
...Several mutual authentication techniques [4, 12,23, 24, 25] have been proposed in the literature....
[...]
References
More filters
15 Aug 1999
TL;DR: In this paper, the authors examine specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. And they also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.
Abstract: Cryptosystem designers frequently assume that secrets will be manipulated in closed, reliable computing environments. Unfortunately, actual computers and microchips leak information about the operations they process. This paper examines specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. We also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.
6,757 citations
TL;DR: A method of user password authentication is described which is secure even if an intruder can read the system's data, and can tamper with or eavesdrop on the communication between the user and the system.
Abstract: A method of user password authentication is described which is secure even if an intruder can read the system's data, and can tamper with or eavesdrop on the communication between the user and the system. The method assumes a secure one-way encryption function and can be implemented with a microcomputer in the user's terminal.
2,874 citations
"Secure Remote Login Scheme with Pas..." refers background in this paper
...first proposed by Lamport [24] based on the one-way hash function and thereafter many password-based authentication protocols [1, 2, 4, 6, 7, 10, 14–16, 18–21] have been proposed in the literature....
[...]
..., Proceedings of the 4th International Conference on Frontiers in Intelligent Computing: Theory and Applications (FICTA) 2015, Advances in Intelligent Systems and Computing 404, DOI 10.1007/978-81-322-2695-6_41 495 first proposed by Lamport [24] based on the one-way hash function and thereafter many password-based authentication protocols [1, 2, 4, 6, 7, 10, 14–16, 18–21] have been proposed in the literature....
[...]
...Lamport, L.: Password authentication with insecure communication....
[...]
TL;DR: In this paper, the authors examined the noise characteristics of the power signals and developed an approach to model the signal-to-noise ratio (SNR) using a multiple-bit attack.
Abstract: This paper examines how monitoring power consumption signals might breach smart-card security. Both simple power analysis and differential power analysis attacks are investigated. The theory behind these attacks is reviewed. Then, we concentrate on showing how power analysis theory can be applied to attack an actual smart card. We examine the noise characteristics of the power signals and develop an approach to model the signal-to-noise ratio (SNR). We show how this SNR can be significantly improved using a multiple-bit attack. Experimental results against a smart-card implementation of the Data Encryption Standard demonstrate the effectiveness of our multiple-bit attack. Potential countermeasures to these attacks are also discussed.
1,554 citations
TL;DR: The weaknesses of Chien et al.'s scheme are shown, and an improved scheme with better security strength is proposed, which is vulnerable to a reflection attack and an insider attack.
Abstract: Recently, Chien et al. proposed an efficient remote authentication scheme using smart cards. However, we find that their scheme is vulnerable to a reflection attack and an insider attack. In addition, their scheme lacks reparability. Herein, we first show the weaknesses of Chien et al.'s scheme, and then propose an improved scheme with better security strength.
296 citations
"Secure Remote Login Scheme with Pas..." refers background in this paper
...[29] illustrated that the schemes [27, 32] cannot withstand forgery attack, offline password guessing attack, and denial-of-service attack and presented better solutions to fix the problems....
[...]
...It has been observed that many schemes [17, 23, 27] suffer from smart card stolen attack resulting in offline password guessing....
[...]
01 Jan 2016
TL;DR: The proposed protocol not only resists the above mentioned security weaknesses, but also achieves complete security requirements including specially energy efficiency, user anonymity, mutual authentication and user-friendly password change phase.
Abstract: Wireless sensor networks can be deployed in any attended or unattended environments like environmental monitoring, agriculture, military, health care etc., where the sensor nodes forward the sensing data to the gateway node. As the sensor node has very limited battery power and cannot be recharged after deployment, it is very important to design a secure, effective and light weight user authentication and key agreement protocol for accessing the sensed data through the gateway node over insecure networks. Most recently, Turkanovic et?al. proposed a light weight user authentication and key agreement protocol for accessing the services of the WSNs environment and claimed that the same protocol is efficient in terms of security and complexities than related existing protocols. In this paper, we have demonstrated several security weaknesses of the Turkanovic et?al. protocol. Additionally, we have also illustrated that the authentication phase of the Turkanovic et?al. is not efficient in terms of security parameters. In order to fix the above mentioned security pitfalls, we have primarily designed a novel architecture for the WSNs environment and basing upon which a proposed scheme has been presented for user authentication and key agreement scheme. The security validation of the proposed protocol has done by using BAN logic, which ensures that the protocol achieves mutual authentication and session key agreement property securely between the entities involved. Moreover, the proposed scheme has simulated using well popular AVISPA security tool, whose simulation results show that the protocol is SAFE under OFMC and CL-AtSe models. Besides, several security issues informally confirm that the proposed protocol is well protected in terms of relevant security attacks including the above mentioned security pitfalls. The proposed protocol not only resists the above mentioned security weaknesses, but also achieves complete security requirements including specially energy efficiency, user anonymity, mutual authentication and user-friendly password change phase. Performance comparison section ensures that the protocol is relatively efficient in terms of complexities. The security and performance analysis makes the system so efficient that the proposed protocol can be implemented in real-life application.
260 citations
"Secure Remote Login Scheme with Pas..." refers background in this paper
...Resembling user impersonation attack [8], the attacker tries to impersonate as valid server after providing valid reply message ⟨Fi,Gi⟩ to the user, where Gi = Ri ⊕ Rrs, Fi = h(IDi ∥ Ri ∥ Rrs ∥ Regi)....
[...]