共查询到20条相似文献,搜索用时 46 毫秒
1.
为解决无线通信网络中不同用户之间的通信安全问题,通常会采用身份认证协议来确保通信双方身份的合法性。该认证协议应能抵抗重放攻击、延时攻击等威胁,同时认证过程中的计算量应尽量小。本文针对SEAHA (secure and efficient handover authentication)认证方案存在的计算量大、不能抵抗伪装攻击的问题提出了一种基于双线性对和离散对数难题(DLP)的无证书两方认证协议。该协议中基站和节点共同生成节点密钥对来抵抗伪装攻击,利用离散对数难题生成会话密钥降低认证过程中的计算量。安全分析和性能分析结果表明,提出协议在保证安全性的前提下,有效降低了认证过程计算量。 相似文献
2.
Data security is crucial for a RFID system. Since the existing RFID mutual authentication protocols encounter the challenges such as security risks, poor performance, an ultra-lightweight authentication protocol named Succinct and Lightweight Authentication Protocol (SLAP) is proposed. SLAP is only composed of bitwise operations like XOR, left rotation and conversion which is easy to implement on a passive tag. The proposed conversion operation as the main security component guarantees the security of RFID system with the properties such as irreversibility, sensibility, full confusion and low complexity, which better performed or even absent in other previous protocols. Security analysis shows that SLAP guarantees the functionalities of mutual authentication as well as resistance to various attacks such as de-synchronization attack, replay attack and traceability attack, etc. Furthermore, performance evaluation also indicates that the proposed scheme outperforms the existing protocols in terms of less computation requirement and fewer communication messages during authentication process. 相似文献
3.
4.
Shreeya Swagatika Sahoo Sujata Mohanty Banshidhar Majhi 《Wireless Personal Communications》2018,101(3):1307-1333
The smart card based password authentication scheme is one of the most important and efficient security mechanism, which is used for providing security to authorized users over an insecure network. In this paper, we analyzed major security flaws of Jangirala et al.’s scheme and proved that it is vulnerable to forgery attack, replay attack, user impersonation attack. Also, Jangirala et al.’s scheme fail to achieve mutual authentication as it claimed. We proposed an improved two factor based dynamic ID based authenticated key agreement protocol for the multiserver environment. The proposed scheme has been simulated using widely accepted AVISPA tool. Furthermore, mutual authentication is proved through BAN logic. The rigorous security and performance analysis depicts that the proposed scheme provides users anonymity, mutual authentication, session key agreement and secure against various active attacks. 相似文献
5.
近场无线通信(NFC)是一种已经被广泛应用的短距无线通信技术.其中最常见的是将NFC技术应用于移动支付和门禁访问控制等应用.从技术上讲,这些应用利用NFC模拟卡模式将NFC设备模拟成银行卡或门禁卡,然后等待外部阅读器验证.在这类应用场景下,选取合适的安全认证方案是非常重要的.首先,介绍了现有的NFC认证系统和安全方案并分析了系统安全需求和潜在的安全风险.然后,采用Hash、AES和口令Key动态更新机制,提出了一种适用于NFC移动设备的双向认证安全方案,并设计了自同步机制.最后,利用GNY逻辑以形式化证明的形式证明了方案的安全性,分析表明该方案能解决伪造、重放攻击、窃听、篡改、异步攻击等安全问题. 相似文献
6.
Authentication is an important service in wireless sensor networks (WSNs) for an unattended environment. Recently, Das proposed a hash‐based authentication protocol for WSNs, which provides more security against the masquerade, stolen‐verifier, replay, and guessing attacks and avoids the threat which comes with having many logged‐in users with the same login‐id. In this paper, we point out one security weakness of Das' protocol in mutual authentication for WSN's preservation between users, gateway‐node, and sensor nodes. To remedy the problem, this paper provides a secrecy improvement over Das' protocol to ensure that a legal user can exercise a WSN in an insecure environment. Furthermore, by presenting the comparisons of security, computation and communication costs, and performances with the related protocols, the proposed protocol is shown to be suitable for higher security WSNs. 相似文献
7.
Anwar Ghani Khwaja Mansoor Shahid Mehmood Shehzad Ashraf Chaudhry Arif Ur Rahman Malik Najmus Saqib 《International Journal of Communication Systems》2019,32(16)
Wireless sensor networks (WSN) consist of hundreds of miniature sensor nodes to sense various events in the surrounding environment and report back to the base station. Sensor networks are at the base of internet of things (IoT) and smart computing applications where a function is performed as a result of sensed event or information. However, in resource‐limited WSN authenticating a remote user is a vital security concern. Recently, researchers put forth various authentication protocols to address different security issues. Gope et al presented a protocol claiming resistance against known attacks. A thorough analysis of their protocol shows that it is vulnerable to user traceability, stolen verifier, and denial of service (DoS) attacks. In this article, an enhanced symmetric key‐based authentication protocol for IoT‐based WSN has been presented. The proposed protocol has the ability to counter user traceability, stolen verifier, and DoS attacks. Furthermore, the proposed protocol has been simulated and verified using Proverif and BAN logic. The proposed protocol has the same communication cost as the baseline protocol; however, in computation cost, it has 52.63% efficiency as compared with the baseline protocol. 相似文献
8.
The primary goal of this research is to ensure secure communications by client‐server architectures in mobile environment. Although various two‐party authentication key exchange protocols are proposed and claimed to be resistant to a variety of attacks, studies have shown that various loopholes exist in these protocols. What's more, many two‐party authentication key exchange protocols use timestamp to prevent the replay attack and transmit the user's identity in plaintext form. Obviously, these methods will lead to the clock synchronization problem and user's anonymity problem. Fortunately, the three‐way challenged‐response handshake technique and masking user's original identity with a secret hash value used in our study address these problems well. Of course, the proposed protocol based on elliptic curve cryptography supports flawless mutual authentication of participants, agreement of session key, impersonation attack resistance, replay attack resistance, and prefect forward secrecy, as well. The analyses in the aspects of efficiency and security show that the proposed protocol is a better choice for mobile users. 相似文献
9.
In order to solve the various privacy and security problems in RFID system, a new low-cost RFID mutual authentication protocol based on ID updating mechanics is proposed. In the proposed scheme, the backend server keeps both the current ID and potential next ID for each tag, thus to solve the possible problem of de-synchronization attack in the most ID updating-based schemes. In the security analysis section, comparing several protocols in property required and attacker resistances, the comparison results s... 相似文献
10.
Security and privacy issues in RFID technology gain tremendous popularity recently. However, existing work on RFID authentication problems always make assumptions such as (1) hash function can be fully employed in designing RFID protocols; (2) channels between readers and server are always secure. The first assumption is not suitable for EPC Class-1 Gen-2 tags, which has been challenged in many research work, while the second one cannot be directly adopted in mobile RFID applications where wireless channels between readers and server are always insecure. To solve these problems, in this paper, we propose a novel ultralightweight and privacy-preserving authentication protocol for mobile RFID systems. We only use bitwise XOR, and several special constructed pseudo-random number generators to achieve our aims in the insecure mobile RFID environment. We use GNY logic to prove the security correctness of our proposed protocol. The security and privacy analysis show that our protocol can provide several privacy properties and avoid suffering from a number of attacks, including tag anonymity, tag location privacy, reader privacy, forward secrecy, and mutual authentication, replay attack, desynchronization attack etc. We implement our protocol and compare several parameters with existing work, the evaluation results indicate us that our protocol significantly improves the system performance. 相似文献
11.
针对无线传感器网络(WSN)用户远程安全认证问题,分析现有方案的不足,提出一种新颖的基于智能卡的WSN远程用户认证方案。通过用户、网关节点和传感器节点之间的相互认证来验证用户和节点的合法性,并结合动态身份标识来抵抗假冒攻击、智能卡被盗攻击、服务拒绝攻击、字典攻击和重放攻击。同时对用户信息进行匿名保护,且用户能够任意修改密码。性能比较结果表明,该方案具有较高的安全性能,且具有较小的计算开销。 相似文献
12.
13.
Min Luo Aiying Sun Debiao He Xiaohong Li 《International Journal of Communication Systems》2018,31(14)
In the last decade, the number of web‐based applications is increasing rapidly, which leads to high demand for user authentication protocol for multiserver environment. Many user‐authentication protocols have been proposed for different applications. Unfortunately, most of them either have some security weaknesses or suffer from unsatisfactory performance. Recently, Ali and Pal proposed a three‐factor user‐authentication protocol for multiserver environment. They claimed that their protocol can provide mutual authentication and is secure against many kinds of attacks. However, we find that Ali and Pal's protocol cannot provide user anonymity and is vulnerable to 4 kinds of attacks. To enhance security, we propose a new user‐authentication protocol for multiserver environment. Then, we provide a formal security analysis and a security discussion, which indicate our protocol is provably secure and can withstand various attacks. Besides, we present a performance analysis to show that our protocol is efficient and practical for real industrial environment. 相似文献
14.
Vishvas Haridas Kshirsagar Ashok M. Kanthe Dina Simunic 《Wireless Personal Communications》2018,100(2):311-320
The mobile ad hoc network (MANET) is communication network of a mobile node without any prior infrastructure of communication. The network does not have any static support; it dynamically creates the network as per requirement by using available mobile nodes. This network has a challenging security problem. The security issue mainly contains a denial of service attacks like packet drop attack, black-hole attack, gray-hole attack, etc. The mobile ad-hoc network is an open environment so the working is based on mutual trust between mobile nodes. The MANETs are vulnerable to packet drop attack in which packets travel through the different node. The network while communicating, the node drops the packet, but it is not attracting the neighboring nodes to drop the packets. This proposed algorithm works with existing routing protocol. The concept of trusted list is used for secure communication path. The trusted list along with trust values show how many times node was participated in the communication. It differentiates between altruism and selfishness in MANET with the help of energy level of mobile components. The trust and energy models are used for security and for the differentiation between altruism and selfishness respectively. 相似文献
15.
Arezou Ostad‐Sharif Morteza Nikooghadam Dariush Abbasinezhad‐Mood 《International Journal of Communication Systems》2019,32(12)
Wireless body area networks (WBANs) are a network designed to gather critical information about the physical conditions of patients and to exchange this information. WBANs are prone to attacks, more than other networks, because of their mobility and the public channel they use. Therefore, mutual authentication and privacy protection are critical for WBANs to prevent attackers from accessing confidential information of patients and executing undetectable physical attacks. In addition, in the authentication and key agreement process, messages should be transferred anonymously such that they are not linkable. In this paper, we first indicate that one of the most recently introduced authentication protocol is vulnerable to the wrong session key agreement attack and desynchronization attack. Second, we propose a lightweight authentication and key agreement protocol, which can withstand the well‐known attacks and provide the anonymity feature. Eventually, we analyze the security of our proposed protocol using both Automated Validation of Internet Security Protocols and Applications (AVISPA) and random oracle model and compare its performance with the related works. The results demonstrate the superiority of our proposed protocol in comparison with the other protocols. 相似文献
16.
Reza Fotohi Somayyeh Firoozi Bari Mehdi Yusefi 《International Journal of Communication Systems》2020,33(4)
Wireless sensor networks (WSNs) have been vastly employed in the collection and transmission of data via wireless networks. This type of network is nowadays used in many applications for surveillance activities in various environments due to its low cost and easy communications. In these networks, the sensors use a limited power source which after its depletion, since it is non‐renewable, network lifetime ends. Due to the weaknesses in sensor nodes, they are vulnerable to many threats. One notable attack threating WSN is Denial of Sleep (DoS). DoS attacks denotes the loss of energy in these sensors by keeping the nodes from going into sleep and energy‐saving mode. In this paper, the Abnormal Sensor Detection Accuracy (ASDA‐RSA) method is utilized to counteract DoS attacks to reducing the amount of energy consumed. The ASDA‐RSA schema in this paper consists of two phases to enhancement security in the WSNs. In the first phase, a clustering approach based on energy and distance is used to select the proper cluster head and in the second phase, the RSA cryptography algorithm and interlock protocol are used here along with an authentication method, to prevent DoS attacks. Moreover, ASDA‐RSA method is evaluated here via extensive simulations carried out in NS‐2. The simulation results indicate that the WSN network performance metrics are improved in terms of average throughput, Packet Delivery Ratio (PDR), network lifetime, detection ratio, and average residual energy. 相似文献
17.
Internet of Things (IoT) is a newly emerged paradigm where multiple embedded devices, known as things, are connected via the Internet to collect, share, and analyze data from the environment. In order to overcome the limited storage and processing capacity constraint of IoT devices, it is now possible to integrate them with cloud servers as large resource pools. Such integration, though bringing applicability of IoT in many domains, raises concerns regarding the authentication of these devices while establishing secure communications to cloud servers. Recently, Kumari et al proposed an authentication scheme based on elliptic curve cryptography (ECC) for IoT and cloud servers and claimed that it satisfies all security requirements and is secure against various attacks. In this paper, we first prove that the scheme of Kumari et al is susceptible to various attacks, including the replay attack and stolen-verifier attack. We then propose a lightweight authentication protocol for secure communication of IoT embedded devices and cloud servers. The proposed scheme is proved to provide essential security requirements such as mutual authentication, device anonymity, and perfect forward secrecy and is robust against security attacks. We also formally verify the security of the proposed protocol using BAN logic and also the Scyther tool. We also evaluate the computation and communication costs of the proposed scheme and demonstrate that the proposed scheme incurs minimum computation and communication overhead, compared to related schemes, making it suitable for IoT environments with low processing and storage capacity. 相似文献
18.
Kuo-Hui Yeh 《Wireless Personal Communications》2014,79(3):1621-1634
With the rapid growth of electronic commerce and demand on variants of Internet based applications, the system providing resources and business services often consists of many servers around the world. So far, a variety of authentication schemes have been published to achieve remote user authentication on multi-server communication environment. Recently, Pippal et al. proposed a multi-server based authentication protocol to pursue the system security and computation efficiency. Nevertheless, based on our analysis, the proposed scheme is insecure against user impersonation attack, server counterfeit attack, and man-in-the-middle attack. In this study, we first demonstrate how these malicious attacks can be invoked by an adversary. Then, a security enhanced authentication protocol is developed to eliminate all identified weaknesses. Meanwhile, the proposed protocol can achieve the same order of computation complexity as Pippal et al.’s protocol does. 相似文献
19.