scholarly journals An Anonymous Device to Device Authentication Protocol Using ECC and Self Certified Public Keys Usable in Internet of Things Based Autonomous Devices

Electronics ◽  
2020 ◽  
Vol 9 (3) ◽  
pp. 520
Author(s):  
Bander A. Alzahrani ◽  
Shehzad Ashraf Chaudhry ◽  
Ahmed Barnawi ◽  
Abdullah Al-Barakati ◽  
Taeshik Shon
Keyword(s):  
Internet Of Things ◽  
Key Agreement ◽  
Formal Model ◽  
Third Party ◽  
Impersonation Attack ◽  
Internet Of Vehicles ◽  
Moving Vehicles ◽  
Public Keys ◽  
Device To Device ◽  
Authentication Schemes

Two party authentication schemes can be good candidates for deployment in Internet of Things (IoT)-based systems, especially in systems involving fast moving vehicles. Internet of Vehicles (IoV) requires fast and secure device-to-device communication without interference of any third party during communication, and this task can be carried out after registration of vehicles with a trusted certificate issuing party. Recently, several authentication protocols were proposed to enable key agreement in two party settings. In this study, we analyze two recent protocols and show that both protocols are insecure against key compromise impersonation attack (KCIA) as well as both lack of user anonymity. Therefore, this paper proposes an improved protocol that does not only resist KCIA and related attacks, but also offers comparable computation and communication. The security of proposed protocol is tested under formal model as well as using well known Burrows–Abadi–Needham (BAN) logic along with a discussion on security features. While resisting the KCIA and related attacks, proposed protocol also provides comparable trade-of between security features and efficiency and completes a round of key agreement in just 13.42 ms, which makes it a promising candidate to be deployed in IoT environments.

scholarly journals Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

2014 ◽  
Vol 2014 ◽  
pp. 1-15 ◽  
Author(s):  
Younsung Choi ◽  
Junghyun Nam ◽  
Donghoon Lee ◽  
Jiye Kim ◽  
Jaewook Jung ◽  
...  
Keyword(s):  
Key Agreement ◽  
User Authentication ◽  
Mutual Authentication ◽  
Smart Cards ◽  
Security Requirements ◽  
Impersonation Attack ◽  
Single Server ◽  
Authenticated Key Agreement ◽  
Session Key ◽  
Authentication Schemes

An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

A WSN-Oriented Key Agreement Protocol in Internet of Things

2013 ◽  
Vol 401-403 ◽  
pp. 1792-1795 ◽  
Author(s):  
Tao Liu ◽  
Ya Wen Guan ◽  
Yi Qun Yan ◽  
Li Liu ◽  
Qi Chao Deng
Keyword(s):  
Internet Of Things ◽  
Trust Management ◽  
Key Agreement ◽  
Bilinear Pairing ◽  
Negotiation Process ◽  
Third Party ◽  
Security And Privacy ◽  
The Internet ◽  
Key Agreement Protocol ◽  
The Internet Of Things

Aimed to the security and privacy issues which restrict the construction and development of the Internet of Things, a WSN-oriented key agreement protocol in the Internet of Things ( IOT) has been proposed . Trust management was introduced the security mechanism of IOT, the use of bilinear pairing technology, the identity-based key agreement was realized. Using the protocol not only can effectively prevent attacks from outside the network and can recognize the abnormal nodes which were captured or lapsed efficacy. Thus it can reduce communication with abnormal nodes to improve network security, extending the lifetime of the network. The distributed self-organizing key negotiation process without credible third-party management can enhance the survivability of IOT, and the network has a good scalability.

scholarly journals Security Analysis of a Lightweight Identity-Based Two-Party Authenticated Key Agreement Protocol for IIoT Environments

2021 ◽  
Vol 2021 ◽  
pp. 1-6
Author(s):  
Yuting Li ◽  
Qingfeng Cheng ◽  
Wenbo Shi
Keyword(s):  
Internet Of Things ◽  
Social Life ◽  
Key Agreement ◽  
Security Analysis ◽  
Impersonation Attack ◽  
Industrial Internet Of Things ◽  
Authenticated Key Agreement ◽  
Key Agreement Protocol ◽  
Industrial Internet ◽  
Identity Based

Internet of Things brings convenience to the social life, at the same time, putting forward higher requirements for the security of data transmission and storage. Security incidents based on industrial Internet of Things have occurred frequently recently, which should be given full consideration. The identity-based authenticated key agreement protocol can solve these security threats to a certain extent. Recently, a lightweight identity-based authenticated key agreement protocol for Industrial Internet of Things, called ID-2PAKA protocol, was claimed to achieve secure authentication and meet security properties. In this paper, we show that the ID-2PAKA protocol is insecure in identity authentication and cannot resisting ephemeral key compromise impersonation attack.

scholarly journals An Improved Dynamic ID-Based Remote User Authentication with Key Agreement Scheme

2013 ◽  
Vol 2013 ◽  
pp. 1-5 ◽  
Author(s):  
Juan Qu ◽  
Li-min Zou
Keyword(s):  
Key Agreement ◽  
User Authentication ◽  
Impersonation Attack ◽  
Forward Secrecy ◽  
Insider Attack ◽  
Remote User Authentication ◽  
Dynamic Id ◽  
User Authentication Scheme ◽  
Authentication Schemes ◽  
Remote User

In recent years, several dynamic ID-based remote user authentication schemes have been proposed. In 2012, Wen and Li proposed a dynamic ID-based remote user authentication with key agreement scheme. They claimed that their scheme can resist impersonation attack and insider attack and provide anonymity for the users. However, we will show that Wen and Li's scheme cannot withstand insider attack and forward secrecy, does not provide anonymity for the users, and inefficiency for error password login. In this paper, we propose a novel ECC-based remote user authentication scheme which is immune to various known types of attack and is more secure and practical for mobile clients.

scholarly journals An access control model for the Internet of Things based on zero-knowledge token and blockchain

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Lihua Song ◽  
Xinran Ju ◽  
Zongke Zhu ◽  
Mengchen Li
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Single Point ◽  
Control Model ◽  
Third Party ◽  
Security Level ◽  
Zero Knowledge ◽  
Access Control Model ◽  
Test Analysis ◽  
Zero Knowledge Proof

AbstractInformation security has become a hot topic in Internet of Things (IoT), and traditional centralized access control models are faced with threats such as single point failure, internal attack, and central leak. In this paper, we propose a model to improve the access control security of the IoT, which is based on zero-knowledge proof and smart contract technology in the blockchain. Firstly, we deploy attribute information of access control in the blockchain, which relieves the pressure and credibility problem brought by the third-party information concentration. Secondly, encrypted access control token is used to gain the access permission of the resources, which makes the user's identity invisible and effectively avoids attribute ownership exposure problem. Besides, the use of smart contracts solves the problem of low computing efficiency of IoT devices and the waste of blockchain computing power resources. Finally, a prototype of IoT access control system based on blockchain and zero-knowledge proof technology is implemented. The test analysis results show that the model achieves effective attribute privacy protection, compared with the Attribute-Based Access Control model of the same security level, the access efficiency increases linearly with the increase of access scale.

scholarly journals Internet of Vehicles: Commencing Intellectual Hoarse Towards Self-Regulating Cars and Vehicular Clouds for Smart Transportation Structure [Vehicular Ad-Hoc Network: A Review and Application in the Internet of Vehicles]

2018 ◽  
Vol 7 (3.12) ◽  
pp. 545
Author(s):  
Risabh Mishra ◽  
M Safa ◽  
Aditya Anand
Keyword(s):  
Internet Of Things ◽  
Wireless Communication ◽  
Automobile Industry ◽  
Information Exchange ◽  
Large Scale ◽  
Intelligent Transportation System ◽  
Information Service ◽  
The Internet ◽  
Internet Of Vehicles ◽  
The Internet Of Things

Recent advances in wireless communication technologies and automobile industry have triggered a significant research interest in the field of Internet of Vehicles over the past few years.The advanced period of the Internet of Things is guiding the development of conventional Vehicular Networks to the Internet of Vehicles.In the days of Internet connectivity there is need to be in safe and problem-free environment.The Internet of Vehicles (IoV) is normally a mixing of three networks: an inter-vehicleNetwork, an intra-vehicle network, and a vehicle to vehicle network.Based on  idea of three networks combining into one, we define  Internet of Vehicles as a large-scale distributed system to wireless communication and information exchange between vehicle2X (X: vehicle, road, human and internet).It is a combined   network for supporting intelligent traffic management, intelligent dynamic information service, and intelligent vehicle control, representation of an application of the Internet of Things (IoT) technology for intelligent transportation system (ITS).  

Sign in / Sign up

Export Citation Format

Share Document