scholarly journals A Multipurpose Key Agreement Scheme in Ubiquitous Computing Environments

2015 ◽  
Vol 2015 ◽  
pp. 1-7
Author(s):  
Chin-Chen Chang ◽  
Iuon-Chang Lin ◽  
Chia-Chi Wu
Keyword(s):  
Smart Card ◽  
Key Agreement ◽  
Service Providers ◽  
Mutual Authentication ◽  
Smart Cards ◽  
Communication Overhead ◽  
Essential Information ◽  
Cryptographic Techniques ◽  
Ubiquitous Computing Environments ◽  
Access Services

Due to the rapid advancement of cryptographic techniques, the smart card has recently become a popular device because it is capable of storing and computing essential information with such properties as tamper resistance. However, many service providers must satisfy the user’s desire to be able to access services anytime and anywhere with the smart card computing devices. Therefore, multipurpose smart cards have become very popular identification tokens. In 2011, Wang et al. proposed an authentication and key agreement scheme for smart card use. Even so, two drawbacks still exist; that is, (1) the security requirement of mutual authentication has not been satisfied and (2) the authentication scheme cannot be used for multipurpose smart cards. In this paper, we propose an efficient and secure multipurpose, authenticated, key agreement scheme in which the user is required to register only once and can be authenticated without any registration center. Furthermore, the proposed scheme can be used in ubiquitous environments because of its low computation and communication overhead.

scholarly journals Elliptic Curve Signcryption-Based Mutual Authentication Protocol for Smart Cards

2020 ◽  
Vol 10 (22) ◽  
pp. 8291
Author(s):  
Anuj Kumar Singh ◽  
Arun Solanki ◽  
Anand Nayyar ◽  
Basit Qureshi
Keyword(s):  
Elliptic Curve ◽  
Smart Card ◽  
Mutual Authentication ◽  
Computational Cost ◽  
Authentication Protocol ◽  
Security Protocol ◽  
Smart Cards ◽  
Communication Overhead ◽  
Authentication Mechanism ◽  
Computational Overhead

In the modern computing environment, smart cards are being used extensively, which are intended to authenticate a user with the system or server. Owing to the constrictions of computational resources, smart card-based systems require an effective design and efficient security scheme. In this paper, a smart card authentication protocol based on the concept of elliptic curve signcryption has been proposed and developed, which provides security attributes, including confidentiality of messages, non-repudiation, the integrity of messages, mutual authentication, anonymity, availability, and forward security. Moreover, the analysis of security functionalities shows that the protocol developed and explained in this paper is secure from password guessing attacks, user and server impersonation, replay attacks, de-synchronization attacks, insider attacks, known key attacks, and man-in-the-middle attacks. The results have demonstrated that the proposed smart card security protocol reduces the computational overhead on a smart card by 33.3% and the communication cost of a smart card by 34.5%, in comparison to the existing efficient protocols. It can, thus, be inferred from the results that using elliptic curve signcryption in the authentication mechanism reduces the computational cost and communication overhead by a significant amount.

scholarly journals Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

2014 ◽  
Vol 2014 ◽  
pp. 1-15 ◽  
Author(s):  
Younsung Choi ◽  
Junghyun Nam ◽  
Donghoon Lee ◽  
Jiye Kim ◽  
Jaewook Jung ◽  
...  
Keyword(s):  
Key Agreement ◽  
User Authentication ◽  
Mutual Authentication ◽  
Smart Cards ◽  
Security Requirements ◽  
Impersonation Attack ◽  
Single Server ◽  
Authenticated Key Agreement ◽  
Session Key ◽  
Authentication Schemes

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

scholarly journals Password authentication scheme based on smart card and QR code

2021 ◽  
Vol 23 (1) ◽  
pp. 140
Author(s):  
Mushtaq Hasson ◽  
Ali A. Yassin ◽  
Abdulla J. Yassin ◽  
Abdullah Mohammed Rashid ◽  
Aqeel A. Yaseen ◽  
...  
Keyword(s):  
Smart Card ◽  
Key Management ◽  
Service Providers ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Cloud Service ◽  
Cloud Services ◽  
Authentication Scheme ◽  
Qr Code ◽  
Practical Applications

As a hopeful computing paradigm, cloud services are obtainable to end users based on pay-as-you-go service. Security is represented one of the vital issues for the extended adoption of cloud computing, with the object of accessing several cloud service providers, applications, and services by using anonymity features to authenticate the user. We present a good authentication scheme based on quick response (QR) code and smart card. Furthermore, our proposed scheme has several crucial merits such as key management, mutual authentication, one-time password, user anonymity, freely chosen password, secure password changes, and revocation by using QR code. The security of proposed scheme depends on crypto-hash function, QR-code validation, and smart card. Moreover, we view that our proposed scheme can resist numerous malicious attacks and are more appropriate for practical applications than other previous works. The proposed scheme has proved as a strong mutual authentication based on burrows-abadi-needham (BAN) logic and security analysis. Furthermore, our proposed scheme has good results compared with related work.

Remote mutual authentication scheme with key agreement using smart cards

2007 ◽  
Vol 2 ◽  
pp. 1381-1397
Author(s):  
Chien-Lung Hsu ◽  
Hsiao-Chen Liu ◽  
Ming-Tzu Chou
Keyword(s):  
Key Agreement ◽  
Mutual Authentication ◽  
Smart Cards ◽  
Authentication Scheme

SEAI: Secrecy and Efficiency Aware Inter-gNB Handover Authentication and Key Agreement Protocol in 5G Communication Network

2021 ◽  
Author(s):  
Shubham Gupta ◽  
Balu L. Parne ◽  
Narendra S. Chaudhari ◽  
Sandeep Saxena
Keyword(s):  
Key Agreement ◽  
Mutual Authentication ◽  
Base Station ◽  
Security Evaluation ◽  
Communication Overhead ◽  
Session Key ◽  
Handover Authentication ◽  
Authentication And Key Agreement ◽  
Security Proof ◽  
5G Network

Abstract Recently, the Third Generation Partnership Project (3GPP) has initiated to work in the Fifth Generation (5G) network to fulfill the security characteristics of IoT-based services. 3GPP has proposed the 5G handover key structure and framework in a recently published technical report. In this paper, we evaluate the handover authentication methodologies available in the literature and identify the security vulnerabilities such as violation of global base-station, failure of key forward/backward secrecy, de-synchronization attack, and huge network congestion. Also, these protocols suffer from high bandwidth consumption that doesn’t suitable for energy efficient mobile devices in 5G network. To overcome these concerns, we introduce Secrecy and Efficiency Aware Inter-gNB (SEAI) handover Authentication and Key Agreement (AKA) protocol. The formal security proof of the protocol is carried out by random oracle model to achieve the session key secrecy, confidentiality, and integrity. For the protocol correctness and achieve the mutual authentication property, simulation is performed using the AVISPA tool. Also, the informal security evaluation represents that the protocol defeats all the possible attacks and achieves the necessary security properties. Moreover, the performance evaluation of the earlier 5G handover protocols and proposed SEAI protocol is carried out. From the evaluations, the significant results are obtained based on computation, transmission, and communication overhead.

Multi-Factor Identity Authenticated Key Agreement Protocol

2014 ◽  
Vol 556-562 ◽  
pp. 5597-5602
Author(s):  
Jun Wang ◽  
Yue Chen ◽  
Gang Yang ◽  
Hong Yong Jia ◽  
Ju Long Lan
Keyword(s):  
Smart Card ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Impersonation Attack ◽  
Forward Security ◽  
Session Key ◽  
Session Key Agreement ◽  
Man In The Middle ◽  
Mutual Identity ◽  
Weak Resistance

This paper proposes scheme can achieve mutual authentication and session key agreement based on multi-factor. It improves the scheme proposed by Chuang et al on protecting from the stolen smart card attack, impersonation attack, server spoofing attack and man-in-the-middle attack, and guaranteeing on the forward security. It solves the problem of weak resistance to attacks in single-factor authentication approaches, by combining the smart card with biometrics and password. It also guarantees the security of mutual identity authentication between users and servers and that of session keys. It consumes more computing resources that the Chuang’s scheme, but it can resist to several known attacks efficiently.

Sign in / Sign up

Export Citation Format

Share Document