A Quantum Secure Entity Authentication Protocol Design for Network Security

Authentication is one of the significant issues for all kinds of network communications. Most of the authentication protocols designed and implemented so far for entity authentication are based on classical cryptographic techniques to prevent themselves from different types of attacks. These protocols use either password or challenge for authentication. In this article, the design of the proposed quantum secure entity authentication protocol is shown. The proposed protocol is based on the challenge response method. Due to quantum computer capability to break mathematical complexity-based cryptographic techniques, the proposed protocol uses the one-time pad (OTP) to secure itself from attacks, i.e., eavesdropping, reply attack, password guessing attack, man-in-the-middle attack, brute-force attack, quantum computer attack, etc. Security of the proposed protocol was analyzed, and it shows that the proposed protocol may prevent itself from different types of attacks. Further, analysis for quantum Secure was carried out. From the analysis, it is found that if the OTP key is truly random and cannot be reused, then a computer with infinite capacity or quantum computer cannot break the encrypted challenge and response. The proposed protocol may be used for entity authentication for the client, server, process, and user.

Download Full-text

An improved authentication protocol–based dynamic identity for multi-server environments

International Journal of Distributed Sensor Networks ◽

10.1177/1550147718777654 ◽

2018 ◽

Vol 14 (5) ◽

pp. 155014771877765 ◽

Cited By ~ 2

Author(s):

Jianming Cui ◽

Xiaojun Zhang ◽

Ning Cao ◽

Dexue Zhang ◽

Jianrui Ding ◽

...

Keyword(s):

Formal Analysis ◽

Authentication Protocol ◽

Object Identification ◽

Third Party ◽

Password Guessing Attack ◽

Insider Attack ◽

Dynamic Identity ◽

Guessing Attack ◽

Exclusive Or ◽

Multi Server

The age of Internet of things gives rise to more challenges to various secure demands when designing the protocols, such as object identification and tracking, and privacy control. In many of the current protocols, a malicious server may cheat users as if it was a legal server, making it vital to verify the legality of both users and servers with the help of a trusted third-party, such as a registration center. Li et al. proposed an authentication protocol based on dynamic identity for multi-server environment, which is still susceptible to password-guessing attack, eavesdropping attack, masquerade attack, and insider attack etc. Besides, their protocol does not provide the anonymity of users, which is an essential request to protect users’ privacy. In this article, we present an improved authentication protocol, depending on the registration center in multi-server environments to remedy these security flaws. Different from the previous protocols, registration center in our proposed protocol is one of parties in authentication phase to verify the legality of the users and the servers, thus can effectively avoid the server spoofing attack. Our protocol only uses nonce, exclusive-OR operation, and one-way hash function in its implementation. Formal analysis has been performed using the Burrows–Abadi–Needham logic to show its security.

Download Full-text

Elliptic Curve Cryptography based Secure and Efficient Authentication Protocol for Smart Card Users

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.a7115.129219 ◽

2019 ◽

Vol 9 (2) ◽

pp. 3393-3397

Keyword(s):

Elliptic Curve ◽

Smart Card ◽

Elliptic Curve Cryptography ◽

User Authentication ◽

Authentication Protocol ◽

Password Guessing Attack ◽

Communication Scheme ◽

Guessing Attack ◽

S Model ◽

Remote User

Communication scheme which is used to have communication between authorized remote users over an insecure network is generally the authentication scheme which uses the password for the authentication. Remote user authentication techniques using the smart card have been proposed by many researchers. The main benefit of using the smart card is the storage availability and the computation speed. Huang et al. proposed a scheme for user authentication with smart cards which uses the concept of the timestamp. In Huang et al.’s protocol authors argued that their protocol is secure and efficient against any type of attack. Unfortunately Jung et al. show that Huang et al.’s model fails against the offline password guessing attack and with this scheme wrong password detection is not easy. In Huang et al.’s scheme, RSA cryptosystem is used to offer the authentication. In this article, advanced and secure smart card based authentication protocol using elliptic curve cryptography (ECC) is proposed. This proposed scheme thus overcomes all the possible drawbacks of Huang et al.’s scheme, and it has faster computation as compared to the available schemes

Download Full-text

Off-line password-guessing attack to Peyravian–Jeffries’s remote user authentication protocol

Computer Communications ◽

10.1016/j.comcom.2006.07.012 ◽

2006 ◽

Vol 30 (1) ◽

pp. 52-54 ◽

Cited By ~ 12

Author(s):

J. Munilla ◽

A. Peinado

Keyword(s):

User Authentication ◽

Authentication Protocol ◽

Password Guessing Attack ◽

Remote User Authentication ◽

Guessing Attack ◽

Remote User

Download Full-text

Attack and Improvement of the Secure Password Authentication Protocol in Wireless Networks

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.216.506 ◽

2011 ◽

Vol 216 ◽

pp. 506-509

Author(s):

Yung Cheng Lee

Keyword(s):

Wireless Networks ◽

Authentication Protocol ◽

Authentication Protocols ◽

Password Authentication ◽

Computation Cost ◽

Password Guessing Attack ◽

Guessing Attack

Password authentication protocols are widely used mechanisms to authenticate identities in networks. In 2006, Yoon et al. proposed a secure password authentication protocol in wireless networks that fixed the drawback of Ma et al.’s protocol. In this article we show that the Yoon et al.’s protocol is still vulnerable to the off-line password guessing attack. We propose an improvement to solve the problem. The improvement protocol is secure while the computation cost is the same with Yoon et al.’s protocol.

Download Full-text

An improved NFC device authentication protocol

PLoS ONE ◽

10.1371/journal.pone.0256367 ◽

2021 ◽

Vol 16 (8) ◽

pp. e0256367

Author(s):

He-Jun Lu ◽

Dui Liu

Keyword(s):

Near Field ◽

Transmission Efficiency ◽

Authentication Protocol ◽

Encryption Algorithm ◽

Symmetric Encryption ◽

Replay Attack ◽

Security Authentication ◽

Man In The Middle ◽

Asymmetric Encryption ◽

Brute Force Attack

Aimed at the security authentication problem between Near Field Communication (NFC) devices, this paper uses the technology of asymmetric encryption algorithm, symmetric encryption algorithm, hash function, timestamp and survival period to improve the confidentiality, performance and security of the protocol. The symmetric encryption algorithm encrypts the transmission content, while the asymmetric encryption algorithm encrypts the shared key. The whole authentication process is secure, and the key distribution is secure. The improved NFC device authentication protocol can effectively resist the brute force attack, man-in-the-middle attack and replay attack in the authentication process, it can reduce the number of message transmission in the authentication process, improve the transmission efficiency, enhance the confidentiality, integrity, non-repudiation and improve the security of NFC device authentication.

Download Full-text

A Secure and Efficient ECC-Based Anonymous Authentication Protocol

Security and Communication Networks ◽

10.1155/2019/4656281 ◽

2019 ◽

Vol 2019 ◽

pp. 1-13 ◽

Cited By ~ 4

Author(s):

Feifei Wang ◽

Guoai Xu ◽

Lize Gu

Keyword(s):

User Authentication ◽

Authentication Protocol ◽

Performance Comparison ◽

Impersonation Attack ◽

Session Key ◽

Anonymous Authentication ◽

Password Guessing Attack ◽

Authentication Schemes ◽

And Performance ◽

Guessing Attack

Nowadays, remote user authentication protocol plays a great role in ensuring the security of data transmission and protecting the privacy of users for various network services. In this study, we discover two recently introduced anonymous authentication schemes are not as secure as they claimed, by demonstrating they suffer from offline password guessing attack, desynchronization attack, session key disclosure attack, failure to achieve user anonymity, or forward secrecy. Besides, we reveal two environment-specific authentication schemes have weaknesses like impersonation attack. To eliminate the security vulnerabilities of existing schemes, we propose an improved authentication scheme based on elliptic curve cryptosystem. We use BAN logic and heuristic analysis to prove our scheme provides perfect security attributes and is resistant to known attacks. In addition, the security and performance comparison show that our scheme is superior with better security and low computation and communication cost.

Download Full-text

Security Weaknesses and Improvements of a Remote User Authentication Scheme Preserving User Anonymity

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.145.184 ◽

2011 ◽

Vol 145 ◽

pp. 184-188

Author(s):

Young Hwa An

Keyword(s):

User Authentication ◽

User Anonymity ◽

Authentication Scheme ◽

Impersonation Attack ◽

Replay Attack ◽

Password Guessing Attack ◽

Insider Attack ◽

Man In The Middle ◽

User Authentication Scheme ◽

Guessing Attack

In 2008, Bindu et al. proposed an improvement to Chien et al.'s remote password authentication scheme preserving user anonymity, and has asserted that the scheme is secure against replay attack, guessing attack, insider attack and man-in-the-middle attack, etc. However, in this paper, we have shown that Bindu et al.'s scheme is still insecure against man-in-the-middle attack and password guessing attack, and does not provide user anonymity. Also, we propose an improved scheme to withstand these weaknesses, while preserving their merits, even if the secret information stored in the smart card is revealed. As a result of analysis, the proposed scheme is secure against user impersonation attack, server masquerading attack, password guessing attack and does provide user anonymity. And we can see that the proposed scheme is relatively more effective than Bindu et al.'s scheme.

Download Full-text

Practical Quantum Computing

ACM Transactions on Quantum Computing ◽

10.1145/3430030 ◽

2021 ◽

Vol 2 (1) ◽

pp. 1-35

Author(s):

Adrien Suau ◽

Gabriel Staffelbach ◽

Henri Calandra

Keyword(s):

Wave Equation ◽

Quantum Computer ◽

Quantum Algorithms ◽

Quantum Algorithm ◽

Quantum Circuit ◽

Equation Solving ◽

Small Quantum ◽

Quantum Wave ◽

Variational Algorithms ◽

The One

In the last few years, several quantum algorithms that try to address the problem of partial differential equation solving have been devised: on the one hand, “direct” quantum algorithms that aim at encoding the solution of the PDE by executing one large quantum circuit; on the other hand, variational algorithms that approximate the solution of the PDE by executing several small quantum circuits and making profit of classical optimisers. In this work, we propose an experimental study of the costs (in terms of gate number and execution time on a idealised hardware created from realistic gate data) associated with one of the “direct” quantum algorithm: the wave equation solver devised in [32]. We show that our implementation of the quantum wave equation solver agrees with the theoretical big-O complexity of the algorithm. We also explain in great detail the implementation steps and discuss some possibilities of improvements. Finally, our implementation proves experimentally that some PDE can be solved on a quantum computer, even if the direct quantum algorithm chosen will require error-corrected quantum chips, which are not believed to be available in the short-term.

Download Full-text

A Bird’s-Eye View of Cell Sources for Cell-Based Therapies in Blood Cancers

Cancers ◽

10.3390/cancers12051333 ◽

2020 ◽

Vol 12 (5) ◽

pp. 1333

Author(s):

Benjamin Motais ◽

Sandra Charvátová ◽

Matouš Hrdinka ◽

Michal Šimíček ◽

Tomáš Jelínek ◽

...

Keyword(s):

Hematological Malignancies ◽

Antigen Receptors ◽

Chimeric Antigen Receptors ◽

Blood Cancer ◽

Cell Based Therapy ◽

Cell Source ◽

Different Types ◽

Cell Sources ◽

The One ◽

Initial Results

Hematological malignancies comprise over a hundred different types of cancers and account for around 6.5% of all cancers. Despite the significant improvements in diagnosis and treatment, many of those cancers remain incurable. In recent years, cancer cell-based therapy has become a promising approach to treat those incurable hematological malignancies with striking results in different clinical trials. The most investigated, and the one that has advanced the most, is the cell-based therapy with T lymphocytes modified with chimeric antigen receptors. Those promising initial results prepared the ground to explore other cell-based therapies to treat patients with blood cancer. In this review, we want to provide an overview of the different types of cell-based therapies in blood cancer, describing them according to the cell source.

Download Full-text