A novel authenticated group key agreement protocol for mobile environment

An authenticated group key agreement protocol allows a group of parties to authenticate each other and then determine a group key via an insecure network environment. In 2009, Lee et al. first adopted bilinear pairings to propose a new nonauthenticated group key agreement protocol and then extend it to an authenticated group key agreement protocol. This paper points out that the authenticated protocol of Lee et al. is vulnerable to an impersonation attack such that any adversary can masquerade as a legal node to determine a group key with the other legal nodes and the powerful node. This paper shall employ the short signature scheme of Zhang et al. to propose a new authenticated group key agreement protocol. The short signature scheme of Zhang et al. is proven to be secure against the adaptive chosen-message attacks in the random oracle model, so the proposed protocol can withstand the possible attacks. Besides, compared with the authenticated protocol of Lee et al., the proposed protocol is more secure and efficient.     

Analysis and improvement of a new authenticated group key agreement in a mobile environment

In 2009, Lee et al. (Ann Telecommun 64:735–744, 2009) proposed a new authenticated group key agreement protocol for imbalanced wireless networks. Their protocol based on bilinear pairing was proven the security under computational Diffie–Hellman assumption. It remedies the security weakness of Tseng’s nonauthenticated protocol that cannot ensure the validity of the transmitted messages. In this paper, the authors will show that Lee et al.’s authenticated protocol also is insecure. An adversary can impersonate any mobile users to cheat the powerful node. Furthermore, the authors propose an improvement of Lee et al.’s protocol and prove its security in the Manulis et al.’s model. The new protocol can provide mutual authentication and resist ephemeral key compromise attack via binding user’s static private key and ephemeral key.     

Key management protocol with end-to-end data security and key revocation for a multi-BS wireless sensor network

Focusing on a large-scale wireless sensor network with multiple base stations (BS), a key management protocol is designed in this paper. For securely relaying data between a node and a base station or two nodes, an end-to-end data security method is adopted by this protocol. Further employing a distributed key revocation scheme to efficiently remove compromised nodes then forms our key management protocol celled multi-BS key management protocol (MKMP). Through performance evaluation, we show that MKMP outperforms LEDS Ren et al. (IEEE Trans Mobile Comput 7(5):585–598, 2008) in terms of efficiency of resilience against the node capture attack. With the analysis of key storage overheads, we demonstrate that MKMP performs better than mKeying Wang et al. (A key management protocol for wireless sensor networks with multiple base stations. In: Procceedings of ICC'08, pp 1625–1629, 2008) in terms of this overhead.     

Secure multi‐factor remote user authentication scheme for Internet of Things environments

Because of the exponential growth of Internet of Things (IoT), several services are being developed. These services can be accessed through smart gadgets by the user at any place, every time and anywhere. This makes security and privacy central to IoT environments. In this paper, we propose a lightweight, robust, and multi‐factor remote user authentication and key agreement scheme for IoT environments. Using this protocol, any authorized user can access and gather real‐time sensor data from the IoT nodes. Before gaining access to any IoT node, the user must first get authenticated by the gateway node as well as the IoT node. The proposed protocol is based on XOR and hash operations, and includes: (i) a 3‐factor authentication (ie, password, biometrics, and smart device); (ii) mutual authentication ; (iii) shared session key ; and (iv) key freshness . It satisfies desirable security attributes and maintains acceptable efficiency in terms of the computational overheads for resource constrained IoT environment. Further, the informal and formal security analysis using AVISPA proves security strength of the protocol and its robustness against all possible security threats. Simulation results also prove that the scheme is secure against attacks.     

WSN中基于乱序多项式对偶密钥的攻击方案

针对Guo等的WSN中基于乱序对称多项式的对偶密钥方案提出一种攻击方案。通过构造黑盒的方式,对多项式进行攻击,通过整体求解多项式集合,而不是求解单个多项式的方式,使多项式的排列顺序在多项式的破解中失去作用,从而实现乱序多项式的破解。定理证明和实例分析表明Guo等的方案不能抵御大规模节点俘获攻击,未能突破多项式的容忍门限,是一种不安全的方案。     

WSN key recovery attack based on symmetric matrix decomposition

The key protocol is one of the crucial technologies to ensure the security for wireless sensor network（WSN）.Parakh,et al.proposed a key agreement for WSN based on matrix decomposition.However,the study revealed that the protocol had security risks.A key recovery attack scheme against this protocol was proposed by using the properties of symmetric matrix and permutation matrix.Based on intercepting the row and column vector of the node,elementary transformation was performed to construct a linear algebraic attack algorithm and the equivalent key was obtained.The computational complexity is O(N⁶).Experimental results show that the method can recover the equivalent key of the above protocol within the polynomial computational complexity and the memory consumption is within an acceptable range.In addition,an improved scheme for key agreement was proposed to resist the linear algebraic attack by using a random disturbance matrix,and the correctness and security analysis were also carried out.     

An efficient remote user authentication and key agreement protocol for mobile client–server environment from pairings

With the continue evaluation of mobile devices in terms of the capabilities and services, security concerns increase dramatically. To provide secured communication in mobile client–server environment, many user authentication protocols from pairings have been proposed. In 2009, Goriparthi et al. proposed a new user authentication scheme for mobile client–server environment. In 2010, Wu et al. demonstrated that Goriparthi et al.’s protocol fails to provide mutual authentication and key agreement between the client and the server. To improve security, Wu et al. proposed an improved protocol and demonstrated that their protocol is provably secure in random oracle model. Based on Wu et al.’s work, Yoon et al. proposed another scheme to improve performance. However, their scheme just reduces one hash function operation at the both of client side and the server side. In this paper, we present a new user authentication and key agreement protocol using bilinear pairings for mobile client–server environment. Performance analysis shows that our protocol has better performance than Wu et al.’s protocol and Yoon et al.’s protocol. Then our protocol is more suited for mobile client–server environment. Security analysis is also given to demonstrate that our proposed protocol is provably secure against previous attacks.     

A New Lightweight User Authentication and Key Agreement Scheme for WSN

The Internet of Things (IoT) is one of the most up-to-date and newest technologies that allows remote control of heterogeneous networks and has a good outlook for industrial applications. Wireless sensor networks (or in brief WSNs) have a key role on the Internet of industrial objects. Due to the limited resources of the sensor nodes, designing a balanced authentication scheme to provide security in reasonable performance in wireless sensor networks is a major challenge in these applications. So far, several security schemes have been presented in this context, but unfortunately, none of these schemes have provided desired security in reasonable cost. In 2017, Khemissa et al. proposed a security protocol for mutual authentication between sensor node and user in WSNs, however, in this paper we show that this protocol is not safe enough in the confrontation of desynchronization, user impersonation and gateway impersonation attacks. The proposed attacks succeed with the probability of one and to be realized only require an execution of the protocol. Given merits of the Khemissa et al.’s protocol, we also improved their protocol in such a way that provides suitable level of security, and also we prove its security using two formal ways, i.e. BAN logic and also the Scyther tool. We also argue informally about the improved protocol’s security.

     

Trust-Aware Fuzzy Evaluation Method for Preventive Route Generation in Mobile Network

The existence of a non-cooperative or black hole node as an intermediate node in a mobile network can degrade the performance of the network and affects the trust of neighbor nodes. In this paper, a trust-aware routing protocol is defined for improving the routing reliability against black hole attacks. A new Trust aware and fuzzy regulated AODV (TFAODV) protocol is investigated in this work as an improvement over the existing AODV protocol. The session-driven evaluation of stability, communication-delay, and failure-ratio parameters are conducted for evaluating the trust of nodes. The fuzzy rules apply to these parameters for computing the degree of trust. This trust vector isolates the attack-suspected and trustful nodes. The proposed TFAODV protocol used the trustful mobile nodes as the intermediate path nodes. The proposed protocol has been experimented with in the NS2 simulation environment. The analytical results are obtained in terms of PDR ratio, Packet Communication, Loss rate parameters. The comparative results are derived against the AODV, Probabilistic AODV, PDS-AODV, PSAODV, and Juneja et al. protocols. The analysis is performed on different scenarios varied in terms of network density, degree of stability, and the number of attackers. The simulation results ensured the proposed TFAODV protocol has improved the PDR ratio and reduced the communication loss significantly against these state-of-art protocols.

     

An anonymous and untraceable password‐based authentication scheme for session initiation protocol using smart cards

Recently, Zhang et al. proposed a password‐based authenticated key agreement for session initiation protocol (Int J Commun Syst 2013, doi:10.1002/dac.2499). They claimed that their protocol is secure against known security attacks. However, in this paper, we indicate that the protocol by Zhang et al. is vulnerable to impersonation attack whereby an active adversary without knowing the user's password is able to introduce himself/herself as the user. In addition, we show that the protocol by Zhang et al. suffers from password changing attack. To overcome the weaknesses, we propose an improved authentication scheme for session initiation protocol. The rigorous analysis shows that our scheme achieves more security than the scheme by Zhang et al. Copyright © 2014 John Wiley & Sons, Ltd.     

Authenticated Adversarial Routing

The aim of this paper is to demonstrate the feasibility of authenticated throughput-efficient routing in an unreliable and dynamically changing synchronous network in which the majority of malicious insiders try to destroy and alter messages or disrupt communication in any way. More specifically, in this paper we seek to answer the following question: Given a network in which the majority of nodes are controlled by a node-controlling adversary and whose topology is changing every round, is it possible to develop a protocol with polynomially bounded memory per processor (with respect to network size) that guarantees throughput-efficient and correct end-to-end communication? We answer the question affirmatively for extremely general corruption patterns: we only request that the topology of the network and the corruption pattern of the adversary leaves at least one path each round connecting the sender and receiver through honest nodes (though this path may change at every round). Out construction works in the public-key setting and enjoys optimal transfer rate and bounded memory per processor (that is polynomial in the network size and does not depend on the amount of traffic). We stress that our protocol assumes no knowledge of which nodes are corrupted nor which path is reliable at any round, and is also fully distributed with nodes making decisions locally, so that they need not know the topology of the network at any time. The optimality that we prove for our protocol is very strong. Given any routing protocol, we evaluate its efficiency (rate of message delivery) in the “worst case,” that is with respect to the worst possible graph and against the worst possible (polynomially bounded) adversarial strategy (subject to the above mentioned connectivity constraints). Using this metric, we show that there does not exist any protocol that can be asymptotically superior (in terms of throughput) to ours in this setting. We remark that the aim of our paper is to demonstrate via explicit example the feasibility of throughput-efficient authenticated adversarial routing. However, we stress that out protocol is not intended to provide a practical solution, as due to its complexity, no attempt thus far has been made to reduce constants and memory requirements. Our result is related to recent work of Barak et al. (Proc. of Advances in Cryptology—27th EUROCRYPT 2008, LNCS, vol. 4965, pp. 341–360, 2008) who studied fault localization in networks assuming a private-key trusted-setup setting. Our work, in contrast, assumes a public-key PKI setup and aims at not only fault localization, but also transmission optimality. Among other things, our work answers one of the open questions posed in the Barak et al. paper regarding fault localization on multiple paths. The use of a public-key setting to achieve strong error-correction results in networks was inspired by the work of Micali et al. (Proc. of 2nd Theory of Cryptography Conf., LNCS, vol. 3378, pp. 1–16, 2005) who showed that classical error correction against a polynomially bounded adversary can be achieved with surprisingly high precision. Our work is also related to an interactive coding theorem of Rajagopalan and Schulman (Proc. 26th ACM Symp. on Theory of Computing, pp. 790–799, 1994) who showed that in noisy-edge static-topology networks a constant overhead in communication can also be achieved (provided none of the processors are malicious), thus establishing an optimal-rate routing theorem for static-topology networks. Finally, our work is closely related and builds upon to the problem of End-To-End Communication in distributed networks, studied by Afek and Gafni (Proc. of the 7th ACM Symp. on Principles of Distributed Computing, pp. 131–148, 1988); Awebuch et al. (Proc. of the 30th IEEE Symp. on Foundations of Computer Science, FOCS, 1989); Afek et al. (Proc. of the 11th ACM Symp. on Principles of Distributed Computing, pp. 35–46, 1992); and Afek et al. (J. Algorithms 22:158–186, 1997), though none of these papers consider or ensure correctness in the setting of a node-controlling adversary that may corrupt the majority of the network.     

An Identity-Based Group Key Agreement Proto col for Low-Power Mobile Devices

In wireless mobile networks, group mem-bers join and leave the group frequently, a dynamic group key agreement protocol is required to provide a group of users with a shared secret key to achieve cryptographic goal. Most of previous group key agreement protocols for wireless mobile networks are static and employ traditional PKI. This paper presents an ID-based dynamic authen-ticated group key agreement protocol for wireless mobile networks. In Setup and Join algorithms, the protocol re-quires two rounds and each low-power node transmits con-stant size of messages. Furthermore, in Leave algorithm, only one round is required and none of low-power nodes is required to transmit any message, which improves the e?-ciency of the entire protocol. The protocol’s AKE-security with forward secrecy is proved under Decisional bilinear in-verse Di?e-Hellman (DBIDH) assumption. It is addition-ally proved to be contributory.     

Access control in wireless sensor networks

Nodes in a sensor network may be lost due to power exhaustion or malicious attacks. To extend the lifetime of the sensor network, new node deployment is necessary. In military scenarios, adversaries may directly deploy malicious nodes or manipulate existing nodes to introduce malicious “new” nodes through many kinds of attacks. To prevent malicious nodes from joining the sensor network, access control is required in the design of sensor network protocols. In this paper, we propose an access control protocol based on Elliptic Curve Cryptography (ECC) for sensor networks. Our access control protocol accomplishes node authentication and key establishment for new nodes. Different from conventional authentication methods based on the node identity, our access control protocol includes both the node identity and the node bootstrapping time into the authentication procedure. Hence our access control protocol cannot only identify the identity of each node but also differentiate between old nodes and new nodes. In addition, each new node can establish shared keys with its neighbors during the node authentication procedure. Compared with conventional sensor network security solutions, our access control protocol can defend against most well-recognized attacks in sensor networks, and achieve better computation and communication performance due to the more efficient algorithms based on ECC than those based on RSA.     

SeRWA: A secure routing protocol against wormhole attacks in sensor networks

A wormhole attack is particularly harmful against routing in sensor networks where an attacker receives packets at one location in the network, tunnels and then replays them at another remote location in the network. A wormhole attack can be easily launched by an attacker without compromising any sensor nodes. Since most of the routing protocols do not have mechanisms to defend the network against wormhole attacks, the route request can be tunneled to the target area by the attacker through wormholes. Thus, the sensor nodes in the target area build the route through the attacker. Later, the attacker can tamper the data, messages, or selectively forward data messages to disrupt the functions of the sensor network. Researchers have used some special hardware such as the directional antenna and the precise synchronized clock to defend the sensor network against wormhole attacks during the neighbor discovery process. In this paper, we propose a Secure Routing protocol against wormhole attacks in sensor networks (SeRWA). SeRWA protocol avoids using any special hardware such as the directional antenna and the precise synchronized clock to detect a wormhole. Moreover, it provides a real secure route against the wormhole attack. Simulation results show that SeRWA protocol only has very small false positives for wormhole detection during the neighbor discovery process (less than 10%). The average energy usage at each node for SeRWA protocol during the neighbor discovery and route discovery is below 25 mJ, which is much lower than the available energy (15 kJ) at each node. The cost analysis shows that SeRWA protocol only needs small memory usage at each node (below 14 kB if each node has 20 neighbors), which is suitable for the sensor network.     

An efficient pairing‐free identity‐based authenticated group key agreement protocol

An authenticated group key agreement protocol allows participants to agree on a group key that will be subsequently used to provide secure group communication over an insecure network. In this paper, we give a security analysis on a pairing‐free identity‐based authenticated group key agreement because of Islam et al. We show that the protocol of Islam et al. cannot satisfy the minimal security requirements of the key agreement protocols. We propose an efficient pairing‐free identity‐based authenticated group key agreement for imbalanced mobile network. The proposed protocol can be implemented easily for practical application in mobile networks as it is free from bilinear. Under the difficulty of the InvCDH and CDH we demonstrate that the proposed protocol provides perfect forward secrecy, implicit key authentication and the dynamic functionality. As compared with the group key agreement protocols for imbalanced mobile network, the proposed protocol provides stronger security properties and high efficiency. Copyright © 2013 John Wiley & Sons, Ltd.     

Energy efficient secured routing protocol for MANETs

The design of routing protocol with energy efficiency and security is a challenging task. To overcome this challenge, we propose energy-efficient secured routing protocol. The objective of our work is to provide a secured routing protocol, which is energy efficient. To provide security for both link and message without relying on the third party, we provide security to the protocol by choosing a secure link for routing using Secure Optimized Link State Routing Protocol. Each node chooses multipoint relay nodes amongst the set of one-hop neighbors, so as to reach all two-hop neighbors. The access control entity authorizes nodes announcing the node identification to the network. In addition, the access control entity signs a public key Ki, a private key ki, and the certificate Ci required by an authorized node to obtain the group key. Each node maintains a route table with power status as one of its entry. After selecting the link, on requirement of a new route, we check nodes’ power status in its routing table and then accordingly arise a route. Then, we perform group key distribution using the generated keys using a small number of messages which helps reducing energy consumption. The group key can be altered periodically to avoid nonauthorized nodes and to avoid the use of the same group key in more than some amount of data. Then, we provide communication privacy for both message sender and message recipient using Secure Source Anonymous Message Authentication Scheme. Thereby, the message sender or the sending node generates a source anonymous message authentication for message for releasing each message based on the MES scheme. Hence, our approach will provide message content authenticity without relying on any trusted third parties.     

Secure Access Control Guarding Against Internal Attacks in Distributed Networks

In this paper, we propose a secure and efficient trust scheme with Bayesian theory to detect whether a node is malicious or not. In order to improve the correctness of detecting behavior, we aim to consider the influence with respect to the internal attacks of compromised nodes as many as possible. Moreover, the information of malicious behaviors is collected by their neighboring nodes and fused by the foregoing hop nodes. And then, the trust value concerning some node is computed by its father node in a route. Moreover, the key exchange of a secure route is implemented by the modified Diffie–Hellman key agreement protocol to guard against man-in-the-middle attack. The simulation results show that, with the increase of trust ratio, the Bayesian theorem can make more credible judgment on whether the network nodes are secure than the Beta function and the efficient clustering scheme for group key management in the present of malicious nodes.     

Cryptanalysis and improvement of a three‐party password‐based authenticated key exchange protocol with user anonymity using extended chaotic maps

Three‐party password‐authenticated key exchange (3PAKE) protocols allow two clients to agree on a secret session key through a server via a public channel. 3PAKE protocols have been designed using different arithmetic aspects including chaotic maps. Recently, Lee et al. proposed a 3PAKE protocol using Chebyshev chaotic maps and claimed that their protocol has low computation and communication cost and can also resist against numerous attacks. However, this paper shows that in spite of the computation and communication efficiency of the Lee et al. protocol, it is not secure against the modification attack. To conquer this security weakness, we propose a simple countermeasure, which maintains the computation and communication efficiency of the Lee et al. protocol. Copyright © 2014 John Wiley & Sons, Ltd.     

SEAD: secure efficient distance vector routing for mobile wireless ad hoc networks

An ad hoc network is a collection of wireless computers (nodes), communicating among themselves over possibly multihop paths, without the help of any infrastructure such as base stations or access points. Although many previous ad hoc network routing protocols have been based in part on distance vector approaches, they have generally assumed a trusted environment. In this paper, we design and evaluate the Secure Efficient Ad hoc Distance vector routing protocol (SEAD), a secure ad hoc network routing protocol based on the design of the Destination-Sequenced Distance-Vector routing protocol. In order to support use with nodes of limited CPU processing capability, and to guard against Denial-of-Service attacks in which an attacker attempts to cause other nodes to consume excess network bandwidth or processing time, we use efficient one-way hash functions and do not use asymmetric cryptographic operations in the protocol. SEAD performs well over the range of scenarios we tested, and is robust against multiple uncoordinated attackers creating incorrect routing state in any other node, even in spite of any active attackers or compromised nodes in the network.     

标准模型下增强的基于身份的认证密钥协商协议

密钥抽取是密钥协商协议的一个重要环节,该文指出2007年王圣宝等人提出的标准模型下基于身份的认证密钥协商协议在该环节存在重要缺陷;并根据密钥抽取函数的不同功能,将标准模型下密钥抽取细化为随机提取和密钥抽取两个步骤,并基于Kiltz等人提出的基于身份的加密方案,设计了一个新的认证密钥协商协议IBAKE,其安全性证明规约更严谨,协议执行效率更高。