scholarly journals A Time-Bound Ticket-Based Mutual Authentication Scheme for Cloud Computing

2011 ◽  
Vol 6 (2) ◽  
pp. 227 ◽  
Author(s):  
Zhuo Hao ◽  
Sheng Zhong ◽  
Nenghai Yu
Keyword(s):  
Cloud Computing ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Data Integrity ◽  
Authentication Scheme ◽  
Replay Attack ◽  
Good Efficiency ◽  
Password Guessing Attack ◽  
Integrity Checking ◽  
Guessing Attack

<p>Cloud computing is becoming popular quickly. In cloud computing, people store their important data in the cloud, which makes it important to ensure the data integrity and availability. Remote data integrity checking enables the client to perform data integrity verification without access to the complete file. This service brings convenience to clients, but degrades the server’s performance severely. Proper schemes must be designed to reduce the performance degradation.<br /> In this paper, a time-bound ticket-based mutual authentication scheme is proposed for solving this problem. The proposed authentication scheme achieves mutual authentication between the server and the client. The use of timebound tickets reduces the server’s processing overhead efficiently. The correspondence relationship between the digital ticket and the client’s smart card prevents user masquerade attack effectively. By security analysis, we show that the proposed scheme is resistant to masquerade attack, replay attack and password guessing attack. By performance analysis, we show that the proposed scheme has good efficiency. The proposed scheme is very suitable for cloud computing.</p>

scholarly journals Revisiting Anonymous Two-Factor Authentication Schemes for IoT-Enabled Devices in Cloud Computing Environments

2019 ◽  
Vol 2019 ◽  
pp. 1-13 ◽  
Author(s):  
Ping Wang ◽  
Bin Li ◽  
Hongjin Shi ◽  
Yaosheng Shen ◽  
Ding Wang
Keyword(s):  
Cloud Computing ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Replay Attack ◽  
Password Guessing Attack ◽  
Symmetric Key ◽  
Computing Environments ◽  
Guessing Attack ◽  
Key Techniques ◽  
User Friendly

Investigating the security pitfalls of cryptographic protocols is crucial to understand how to improve security. At ICCCS’17, Wu and Xu proposed an efficient smart-card-based password authentication scheme for cloud computing environments to cope with the vulnerabilities in Jiang et al.’s scheme. However, we reveal that Wu-Xu’s scheme actually is subject to various security flaws, such as offline password guessing attack and replay attack. Besides security, user friendly is also another great concern. In 2017, Roy et al. found that in most previous two-factor schemes a user has to manage different credentials for different services and further suggested a user-friendly scheme which is claimed to be suitable for multiserver architecture and robust against various attacks. In this work, we show that Roy et al.’s scheme fails to achieve truly two-factor security and shows poor scalability. At FGCS’18, Amin et al. pointed out that most of existing two-factor schemes are either insecure or inefficient for mobile devices due to the use of public-key techniques and thus suggested an improved protocol by using only light-weight symmetric key techniques. Almost at the same time, Wei et al. also observed this issue and proposed a new scheme based on symmetric key techniques with formal security proofs in the random oracle model. Nevertheless, we point out that both Amin et al.’s and Wei et al.’s schemes cannot achieve the claimed security goals (including the most crucial goal of “truly two-factor security”). Our results invalidate any use of the scrutinized schemes for cloud computing environments.

scholarly journals A Novel Machine Learning-Based Approach for Security Analysis of Authentication and Key Agreement Protocols

2020 ◽  
Vol 2020 ◽  
pp. 1-15
Author(s):  
Behnam Zahednejad ◽  
Lishan Ke ◽  
Jing Li
Keyword(s):  
Machine Learning ◽  
Key Agreement ◽  
Security Analysis ◽  
Replay Attack ◽  
Authentication And Key Agreement ◽  
Password Guessing Attack ◽  
Dataset Size ◽  
Security Properties ◽  
Guessing Attack ◽  
Construction Model

The application of machine learning in the security analysis of authentication and key agreement protocol was first launched by Ma et al. in 2018. Although they received remarkable results with an accuracy of 72% for the first time, their analysis is limited to replay attack and key confirmation attack. In addition, their suggested framework is based on a multiclassification problem in which every protocol or dataset instance is either secure or prone to a security attack such as replay attack, key confirmation, or other attacks. In this paper, we show that multiclassification is not an appropriate framework for such analysis, since authentication protocols may suffer different attacks simultaneously. Furthermore, we consider more security properties and attacks to analyze protocols against. These properties include strong authentication and Unknown Key Share (UKS) attack, key freshness, key authentication, and password guessing attack. In addition, we propose a much more efficient dataset construction model using a tenth number of features, which improves the solving speed to a large extent. The results indicate that our proposed model outperforms the previous models by at least 10–20 percent in all of the machine learning solving algorithms such that upper-bound performance reaches an accuracy of over 80% in the analysis of all security properties and attacks. Despite the previous models, the classification accuracy of our proposed dataset construction model rises in a rational manner along with the increase of the dataset size.

scholarly journals Research on Lightweight Mutual Authentication for the Product Authorization Chain

2021 ◽  
Vol 2021 ◽  
pp. 1-9
Author(s):  
Hanqing Ding ◽  
Qing Zhang ◽  
Yifeng Yin ◽  
Yong Gan ◽  
Weihua Liu
Keyword(s):  
Computational Complexity ◽  
Economic Integration ◽  
Hash Function ◽  
Clock Synchronization ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Efficiency Analysis ◽  
Communication Costs ◽  
Password Guessing Attack ◽  
Guessing Attack

With the development of the globalization economic integration in Internet of Things (IoT), it is very crucial to protect the wireless two-way authentication between users’ intelligent terminals and servers in the product authorization chain. In order to ensure that legitimate users connect to the wireless network correctly, a lightweight wireless mutual authentication scheme for the product authorization chain was proposed contrapose to the security defect of Kaul and Awasthi’s scheme, which easily suffered from offline password guessing attack. The improved scheme uses lightweight hash function and verifies the freshness of messages by using the send packet sequence number instead of timestamp, which can avoid strict clock synchronization between devices, and user passwords can be updated by themselves. Security analysis and cost and efficiency analysis show that the scheme presented in this paper has higher security, lower storage and communication costs, and lower computational complexity.

scholarly journals Improvement of a Security Enhanced One-time Mutual Authentication and Key Agreement Scheme

2019 ◽  
Vol 8 (12) ◽  
pp. 5031-5036
Keyword(s):  
Smart Card ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Authentication Scheme ◽  
Authentication And Key Agreement ◽  
Password Guessing Attack ◽  
Authentication Schemes ◽  
One Time Password ◽  
Guessing Attack ◽  
Password Based Authentication

So far, many one-time password based authentication schemes have been proposed; however, none is secure enough. In 2004, W.C.Ku proposed hash-based strongpassword based authentication scheme without using smart card that is vulnerable to the password guessing attack, not achieving mutual authentication and key agreement. In this paper, we propose a new improved version of Ku’s scheme that is eliminated these weaknesses.

Security Weaknesses and Improvements of a Remote User Authentication Scheme Preserving User Anonymity

2011 ◽  
Vol 145 ◽  
pp. 184-188
Author(s):  
Young Hwa An
Keyword(s):  
User Authentication ◽  
User Anonymity ◽  
Authentication Scheme ◽  
Impersonation Attack ◽  
Replay Attack ◽  
Password Guessing Attack ◽  
Insider Attack ◽  
Man In The Middle ◽  
User Authentication Scheme ◽  
Guessing Attack

In 2008, Bindu et al. proposed an improvement to Chien et al.'s remote password authentication scheme preserving user anonymity, and has asserted that the scheme is secure against replay attack, guessing attack, insider attack and man-in-the-middle attack, etc. However, in this paper, we have shown that Bindu et al.'s scheme is still insecure against man-in-the-middle attack and password guessing attack, and does not provide user anonymity. Also, we propose an improved scheme to withstand these weaknesses, while preserving their merits, even if the secret information stored in the smart card is revealed. As a result of analysis, the proposed scheme is secure against user impersonation attack, server masquerading attack, password guessing attack and does provide user anonymity. And we can see that the proposed scheme is relatively more effective than Bindu et al.'s scheme.

scholarly journals A Robust Mutual Authentication with a Key Agreement Scheme for Session Initiation Protocol

2018 ◽  
Vol 8 (10) ◽  
pp. 1789 ◽  
Author(s):  
Chien-Ming Chen ◽  
Bin Xiang ◽  
King-Hang Wang ◽  
Kuo-Hui Yeh ◽  
Tsu-Yang Wu
Keyword(s):  
Secure Communication ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Memory Device ◽  
Session Initiation Protocol ◽  
Application Layer ◽  
Password Guessing Attack ◽  
Guessing Attack ◽  
Layer Control

Session initiation protocol (SIP) is the most widely used application layer control protocol for creating, modifying, and terminating session processes. Many authentication schemes have been proposed for SIP aimed at providing secure communication. Recently, a new authentication and key agreement scheme for SIP has been proposed, and it was claimed that it could resist a variety of attacks. However, in this paper, we show that this scheme is vulnerable to an offline password guessing attack and a stolen memory device attack. Furthermore, we show that it lacks the verification mechanism for a wrong password, and that the password updating process is not efficient. To mitigate the flaws and inefficiencies of this scheme, we design a new robust mutual authentication with a key agreement scheme for SIP. A security analysis revealed that our proposed scheme was robust to several kinds of attacks. In addition, the proposed scheme was simulated by the automatic cryptographic protocol tool ProVerif. A performance analysis showed that our proposed scheme was superior to other related schemes.

scholarly journals Video Data Integrity Verification Method Based on Full Homomorphic Encryption in Cloud System

2018 ◽  
Vol 2018 ◽  
pp. 1-9 ◽  
Author(s):  
Ruoshui Liu ◽  
Jianghui Liu ◽  
Jingjie Zhang ◽  
Moli Zhang
Keyword(s):  
Cloud Computing ◽  
Data Storage ◽  
Homomorphic Encryption ◽  
Data Integrity ◽  
Video Data ◽  
Verification Method ◽  
Whole Process ◽  
Integrity Checking ◽  
Verification Methods ◽  
Cloud Servers

Cloud computing is a new way of data storage, where users tend to upload video data to cloud servers without redundantly local copies. However, it keeps the data out of users' hands which would conventionally control and manage the data. Therefore, it becomes the key issue on how to ensure the integrity and reliability of the video data stored in the cloud for the provision of video streaming services to end users. This paper details the verification methods for the integrity of video data encrypted using the fully homomorphic crytosystems in the context of cloud computing. Specifically, we apply dynamic operation to video data stored in the cloud with the method of block tags, so that the integrity of the data can be successfully verified. The whole process is based on the analysis of present Remote Data Integrity Checking (RDIC) methods.

scholarly journals Security Analysis and Improvements on a Remote Integrity Checking Scheme for Regenerating-Coding-Based Distributed Storage

2021 ◽  
Vol 2021 ◽  
pp. 1-8
Author(s):  
Guangjun Liu ◽  
Wangmei Guo ◽  
Ximeng Liu ◽  
Jinbo Xiong
Keyword(s):  
Distributed Storage ◽  
Security Analysis ◽  
Data Integrity ◽  
Integrity Checking ◽  
Cloud Server ◽  
Data Integrity Checking ◽  
Checking Scheme ◽  
Data Auditing ◽  
Distributed Cloud ◽  
Remote Data

Enabling remote data integrity checking with failure recovery becomes exceedingly critical in distributed cloud systems. With the properties of a lower repair bandwidth while preserving fault tolerance, regenerating coding and network coding (NC) have received much attention in the coding-based storage field. Recently, an outstanding outsourced auditing scheme named NC-Audit was proposed for regenerating-coding-based distributed storage. The scheme claimed that it can effectively achieve lightweight privacy-preserving data verification remotely for these networked distributed systems. However, our algebraic analysis shows that NC-Audit can be easily broken due to a potential defect existing in its schematic design. That is, an adversarial cloud server can forge some illegal blocks to cheat the auditor with a high probability when the coding field is large. From the perspective of algebraic security, we propose a remote data integrity checking scheme RNC-Audit by resorting to hiding partial critical information to the server without compromising system performance. Our evaluation shows that the proposed scheme has significantly lower overhead compared to the state-of-the-art schemes for distributed remote data auditing.

Sign in / Sign up

Export Citation Format

Share Document