scholarly journals Analysis and Improvement on a Unimodal Haptic PIN-Entry Method

2017 ◽  
Vol 2017 ◽  
pp. 1-17 ◽  
Author(s):  
Mun-Kyu Lee ◽  
Jin Yoo ◽  
Hyeonjin Nam
Keyword(s):  
Probabilistic Analysis ◽  
User Authentication ◽  
Security Level ◽  
Usability Study ◽  
Simple Modification ◽  
Design Philosophy

User authentication is a process in which a user of a system proves his/her identity to acquire access permission. An effective user authentication method should be both secure and usable. In an attempt to achieve these two objectives, Bianchi et al. recently proposed novel unimodal PIN-entry methods that use either audio or vibration cues. This paper analyzes the security of their method, in particular, the vibration version of one of their proposals, Timelock. A probabilistic analysis and real attack experiment reveal that the security level guaranteed by Timelock is lower than that claimed in Bianchi et al.’s paper. As countermeasures to this problem, three PIN-entry methods are proposed and a usability study is performed. According to the result of this study, a simple modification may improve the security significantly while retaining the design philosophy of unimodal systems. In addition, the proposed methods address the PIN compatibility issue of Timelock and they can be used to enter a legacy numerical PIN without any change in the PIN.

scholarly journals Is FIDO2 the Kingslayer of User Authentication? A Comparative Usability Study of FIDO2 Passwordless Authentication

2020 ◽  
Author(s):  
Sanam Ghorbani Lyastani ◽  
Michael Schilling ◽  
Michaela Neumayr ◽  
Michael Backes ◽  
Sven Bugiel
Keyword(s):  
User Authentication ◽  
Usability Study

scholarly journals Efficient and Secure Biometric-Based User Authenticated Key Agreement Scheme with Anonymity

2018 ◽  
Vol 2018 ◽  
pp. 1-14 ◽  
Author(s):  
Dongwoo Kang ◽  
Jaewook Jung ◽  
Hyoungshick Kim ◽  
Youngsook Lee ◽  
Dongho Won
Keyword(s):  
Key Agreement ◽  
Time Synchronization ◽  
User Authentication ◽  
Security Level ◽  
Authenticated Key Agreement ◽  
Session Key ◽  
Electronic Transactions ◽  
Security Properties ◽  
And Performance ◽  
High Possibility

At present, a number of users employ an authentication protocol so as to enjoy protected electronic transactions in wireless networks. In order to establish an efficient and robust the transaction system, numerous researches have been conducted relating to authentication protocols. Recently, Kaul and Awasthi presented an user authentication and key agreement scheme, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent two kinds of attacks, including off-line password guessing attacks and user impersonation attacks. Second, user anonymity rule cannot be upheld. Third, session key can be compromised by an attacker. Fourth, there is high possibility that the time synchronization trouble occurs. Therefore, we suggest an upgraded version of the user authenticated key agreement method that provides enhanced security. Our security and performance analysis shows that compared, to other associated protocols, our method not only improves the security level but also ensures efficiency.

scholarly journals SUBBASE: An Authentication Scheme for Wireless Sensor Networks Based on User Biometrics

2019 ◽  
Vol 2019 ◽  
pp. 1-11 ◽  
Author(s):  
Rabia Riaz ◽  
Noor-ul-Ain Gillani ◽  
SanamShahla Rizvi ◽  
Sana Shokat ◽  
Se Jin Kwon
Keyword(s):  
Network Performance ◽  
User Authentication ◽  
Access Network ◽  
Authentication Scheme ◽  
Sensor Nodes ◽  
Wireless Sensor ◽  
Battery Life ◽  
Security Level ◽  
Dos Attacks ◽  
And Performance

To keep a network secure, a user authentication scheme that allows only authenticated users to access network services is required. However, the limited resources of sensor nodes make providing authentication a challenging task. We therefore propose a new method of security for a wireless sensor network (WSN). Our technique, Secure User Biometric Based Authentication Scheme (SUBBASe), is based on the user biometrics for WSNs. It achieves a higher security level as well as improved network performance. This solution consists of easy operations and light computations. Herein, the proposed technique is evaluated and compared with previous existing techniques. This scheme increases the performance of the network by reducing network traffic, defending against DOS attacks, and increasing the battery life of a node. Consequently, the functionality and performance of the entire network is improved.

scholarly journals A User Authentication Scheme Using Physiological and Behavioral Biometrics for Multitouch Devices

2014 ◽  
Vol 2014 ◽  
pp. 1-12 ◽  
Author(s):  
Chorng-Shiuh Koong ◽  
Tzu-I Yang ◽  
Chien-Chao Tseng
Keyword(s):  
User Authentication ◽  
Mobile Network ◽  
Authentication Scheme ◽  
Security Level ◽  
Behavioral Biometrics ◽  
Vending Machines ◽  
Privacy Leakage ◽  
Authentication Mechanism ◽  
User Authentication Scheme ◽  
Biometric Information

With the rapid growth of mobile network, tablets and smart phones have become sorts of keys to access personal secured services in our daily life. People use these devices to manage personal finances, shop on the Internet, and even pay at vending machines. Besides, it also helps us get connected with friends and business partners through social network applications, which were widely used as personal identifications in both real and virtual societies. However, these devices use inherently weak authentication mechanism, based upon passwords and PINs that is not changed all the time. Although forcing users to change password periodically can enhance the security level, it may also be considered annoyances for users. Biometric technologies are straightforward because of the simple authentication process. However, most of the traditional biometrics methodologies require diverse equipment to acquire biometric information, which may be expensive and not portable. This paper proposes a multibiometric user authentication scheme with both physiological and behavioral biometrics. Only simple rotations with fingers on multitouch devices are required to enhance the security level without annoyances for users. In addition, the user credential is replaceable to prevent from the privacy leakage.

scholarly journals A Multimodal Technique for an Embedded Fingerprint Recognizer in Mobile Payment Systems

2009 ◽  
Vol 5 (2) ◽  
pp. 105-124 ◽  
Author(s):  
V. Conti ◽  
C. Militello ◽  
F. Sorbello ◽  
S. Vitabile
Keyword(s):  
Distributed Systems ◽  
Identity Management ◽  
User Authentication ◽  
Recognition Performance ◽  
Customer Relationships ◽  
Security Level ◽  
Payment Systems ◽  
Biometric Data ◽  
Access Points ◽  
Micro Features

The development and the diffusion of distributed systems, directly connected to recent communication technologies, move people towards the era of mobile and ubiquitous systems. Distributed systems make merchant-customer relationships closer and more flexible, using reliable e-commerce technologies. These systems and environments need many distributed access points, for the creation and management of secure identities and for the secure recognition of users. Traditionally, these access points can be made possible by a software system with a main central server. This work proposes the study and implementation of a multimodal technique, based on biometric information, for identity management and personal ubiquitous authentication. The multimodal technique uses both fingerprint micro features (minutiae) and fingerprint macro features (singularity points) for robust user authentication. To strengthen the security level of electronic payment systems, an embedded hardware prototype has been also created: acting as self-contained sensors, it performs the entire authentication process on the same device, so that all critical information (e.g. biometric data, account transactions and cryptographic keys), are managed and stored inside the sensor, without any data transmission. The sensor has been prototyped using the Celoxica RC203E board, achieving fast execution time, low working frequency, and good recognition performance.

Secure Remote Biometric Authentication Protocol

2014 ◽  
Vol 931-932 ◽  
pp. 1437-1440
Author(s):  
Anongporn Salaiwarakul
Keyword(s):  
User Authentication ◽  
Authentication Protocol ◽  
Security Level ◽  
Biometric Authentication ◽  
Biometric Data ◽  
Liveness Property ◽  
Live Presentation

The secure remote biometric authentication protocol proposed in this paper solves the problem from the nature of the biometric data. The proposed protocol preserves the privacy of the users biometric data when it is transmitted in the protocol. The liveness property of the protocol guarantees that the biometric data used to authenticate the user comes from the live presentation of the user. The most important property related with the intentional authentication; it confirms that the purpose of the user authentication correspondences to the users purpose. The proposed secure remote biometric authentication protocol promises three properties so that the user is confident with the security level that the protocol offers and it guarantees that the protocol does not manipulate with an intruder.

scholarly journals Smartwatch User Authentication by Sensing Tapping Rhythms and Using One-Class DBSCAN

Sensors ◽  
2021 ◽  
Vol 21 (7) ◽  
pp. 2456
Author(s):  
Hanqi Zhang ◽  
Xi Xiao ◽  
Shiguang Ni ◽  
Changsheng Dou ◽  
Wei Zhou ◽  
...  
Keyword(s):  
Clustering Algorithm ◽  
User Authentication ◽  
Real Data ◽  
Security And Privacy ◽  
Security Level ◽  
New Classification ◽  
Dbscan Clustering ◽  
Sensing Systems ◽  
Robust Measures ◽  
Lightweight Authentication

As important sensors in smart sensing systems, smartwatches are becoming more and more popular. Authentication can help protect the security and privacy of users. In addition to the classic authentication methods, behavioral factors can be used as robust measures for this purpose. This study proposes a lightweight authentication method for smartwatches based on edge computing, which identifies users by their tapping rhythms. Based on the DBSCAN clustering algorithm, a new classification method called One-Class DBSCAN is presented. It first seeks core objects and then leverages them to perform user authentication. We conducted extensive experiments on 6110 real data samples collected from more than 600 users. The results show that our method achieved the lowest Equal Error Rate (EER) of only 0.92%, which was lower than those of other state-of-the-art methods. In addition, a statistical method for detecting the security level of a tapping rhythm is proposed. It can prevent users from setting a simple tapping rhythm password, and thus improve the security of smartwatches.

scholarly journals A Handover Security Mechanism Employing the Diffie-Hellman Key Exchange Approach for the IEEE802.16e Wireless Networks

2011 ◽  
Vol 7 (3) ◽  
pp. 241-269 ◽  
Author(s):  
Yi-Fu Ciou ◽  
Fang-Yie Leu ◽  
Yi-Li Huang ◽  
Kangbin Yim
Keyword(s):  
Key Management ◽  
User Authentication ◽  
Authentication Scheme ◽  
Security Level ◽  
Handover Authentication ◽  
Authentication Mechanism ◽  
Diffie Hellman ◽  
Speed Up ◽  
Handover Process ◽  
Diffie Hellman Key Exchange

In this paper, we propose a handover authentication mechanism, called the handover key management and authentication scheme (HaKMA for short), which as a three-layer authentication architecture is a new version of our previous work, the Diffie-Hellman-PKDS-based authentication method (DiHam for short) improving its key generation flow and adding a handover authentication scheme to respectively speed up the handover process and increase the security level for mobile stations (MSs). AAA server supported authentication is also enhanced by invoking an improved extensible authentication protocol (EAP). According to the analyses of this study the HaKMA can effectively and efficiently provide user authentication and balance data security and system performance during handover.

scholarly journals Security Login System on Mobile Application with Implementation of Advanced Encryption Standard (AES) using 3 Keys Variation 128-bit, 192-bit, and 256-bit

2019 ◽  
Vol 6 (1) ◽  
pp. 34-44 ◽  
Author(s):  
Hamdan Dian Jaya Rozi Hyang Utami ◽  
Riza Arifudin ◽  
Alamsyah Alamsyah
Keyword(s):  
Mobile Applications ◽  
Mobile Application ◽  
User Authentication ◽  
Database System ◽  
Advanced Encryption Standard ◽  
Security Level ◽  
Android Application ◽  
Sql Injection ◽  
Aes Algorithm ◽  
System A

The development of mobile applications is unbalanced with the level of its security which is vulnerable to hacker attacks. Some important things that need to be considered in the security of mobile applications are login and database system. A login system that used the database as user authentication and passwords are very vulnerable to be hacking. In securing data, various ways had been developed including cryptography. Cryptographic algorithms used in securing passwords usually used MD5 encryption. However, MD5 as a broader encryption technique is very risky. Therefore, the level of login system security in an android application is needed to embed the Advanced Encryption Standard (AES) algorithm in its process. The AES algorithm was applied using variations of 3 keys 128-bit, 192-bit, and 256-bit. Security level testing was also conducted by using 40 SQL Injection samples which the system logins without security obtained 27.5% that be able to enter the system compared to the result of login systems that use AES algorithm 128-bit, 192-bit or 256-bit was obtained 100% that cannot enter into the system. The estimation of the average encryption process of AES 128, 192 and 256 bits are 5.8 seconds, 7.74 seconds, and 9.46 seconds.

scholarly journals Enhanced Security through Multi-Tier User Authentication in Wireless Sensor Networks

2019 ◽  
Vol 8 (4) ◽  
pp. 4091-4095
Keyword(s):  
Smart Home ◽  
User Authentication ◽  
Denial Of Service ◽  
Sensor Nodes ◽  
Wireless Sensor ◽  
Security Level ◽  
Battery Lifetime ◽  
High Security Level ◽  
Home Appliance ◽  
User Authentication Scheme

Paper Setup must be in A4 size with Margin: Top 0.7”, For Smart Home Appliance Devices (SHAD), a Wireless Sensor Network (WSN) utilized for monitoring the condition and controls of SHAD to supervise lighting, warming, security, and investigation. A user confirmation method is required that enables authenticated clients to access SHAD managements for securing SHAD. Providing authentication is a challenging task despite the limited properties of sensor nodes. This proposed Multi-Tier User Authentication Scheme (MTUS) a proficient and security upgraded secret validation with a key acceptance method by utilizing biometrics data as the confirmation factor. Thus, the proposed MTUS method achieves a high-security level by time consumptions, which have 0.454 m sec of improvement of user verification. MTUS comprises of tasks and less time consumptions by existing method of Denial-of-Service(DoS)-Resistant User Authentication (DRUA) systems. Thus, the proposed MTUS method is with Denial-of-Service(DoS)-Resistant User Authentication (DRUA) existing systems. The MTUS proposal increases the demonstration of the system by reducing SHAD traffic, guarding against DRUA assaults, and increasing the battery lifetime. Subsequently, the usefulness and execution of the whole system are improved.

Sign in / Sign up

Export Citation Format

Share Document