共查询到20条相似文献,搜索用时 0 毫秒
2.
In mobile multi-server authentication, a client can access different servers over an insecure channel like Internet and wireless networks for numerous online applications. In the literature, several multi-server authentication schemes for mobile clients have been devised. However, most of them are insecure against ephemeral secret leakage (ESL) attack and other vulnerabilities. For mutual authentication and key agreement, mobile client and server used ephemeral secrets (random numbers) and leakage of these secrets may be possible in practice. Since these are generated by an external source that may be controlled by an adversary. Also they are generally pre-computed and stored in insecure devices. Thus, if the secrets are leaked then the session key would turn out to be known and the private keys of client and server may be compromised from the eavesdropped messages. This phenomenon is called ESL attack. To defeat the weaknesses, in this paper, we design an ESL attack-free identity-based mutual authentication and key agreement scheme for mobile multi-server environment. The proposed scheme is analyzed and proven to be provably secure in the random oracle model under the Computational Diffie–Hellman assumption. 相似文献
3.
When accessing remote services over public networks, a user authentication mechanism is required because these activities are executed in an insecure communication environment. Recently, Wang et al. proposed an authentication and key agreement scheme preserving the privacy of secret keys and providing user anonymity. Later, Chang et al. indicated that their scheme suffers from two security flaws. First, it cannot resist DoS (denial-of-service) attack because the indicators for the next session are not consistent. Second, the user password may be modified by a malicious attacker because no authentication mechanism is applied before the user password is updated. To eliminate the security flaws and preserve the advantages of Wang et al.'s scheme, we propose an improvement in this paper. 相似文献
4.
The Internet of Things (IoT) is one of the most up-to-date and newest technologies that allows remote control of heterogeneous networks and has a good outlook for industrial applications. Wireless sensor networks (or in brief WSNs) have a key role on the Internet of industrial objects. Due to the limited resources of the sensor nodes, designing a balanced authentication scheme to provide security in reasonable performance in wireless sensor networks is a major challenge in these applications. So far, several security schemes have been presented in this context, but unfortunately, none of these schemes have provided desired security in reasonable cost. In 2017, Khemissa et al. proposed a security protocol for mutual authentication between sensor node and user in WSNs, however, in this paper we show that this protocol is not safe enough in the confrontation of desynchronization, user impersonation and gateway impersonation attacks. The proposed attacks succeed with the probability of one and to be realized only require an execution of the protocol. Given merits of the Khemissa et al.’s protocol, we also improved their protocol in such a way that provides suitable level of security, and also we prove its security using two formal ways, i.e. BAN logic and also the Scyther tool. We also argue informally about the improved protocol’s security. 相似文献
5.
Wireless Personal Communications - Recently, biometric based authentication scheme gains popularity due to its high security, integrity, and authenticity properties. In the recent past, Qi et al.... 相似文献
6.
With the exponential growth of intelligent Internet of Things(IoT) applications, Cloud-Edge(CE) paradigm is emerging as a solution that facilitates resource-efficient and timely services. However,it remains an underlying issue that frequent end-edgecloud communication is over a public or adversarycontrolled channel. Additionally, with the presence of resource-constrained devices, it’s imperative to conduct the secure communication mechanism, while still guaranteeing efficiency. Physical unclonab... 相似文献
7.
In cloud computing environments, user authentication is an important security mechanism because it provides the fundamentals of authentication, authorization, and accounting (AAA). In 2009, Wang et al. proposed an identity-based (ID-based) authentication scheme to deal with the user login problem for cloud computing. However, Wang et al.’s scheme is insecure against message alteration and impersonation attacks. Besides, their scheme has large computation costs for cloud users. Therefore, we propose a novel ID-based user authentication scheme to solve the above mentioned problems. The proposed scheme provides anonymity and security for the user who accesses different cloud servers. Compared with the related schemes, the proposed scheme has less computation cost so it is very efficient for cloud computing in practice. 相似文献
8.
In cloud computing environments, user authentication is an important security mechanism because it provides the fundamentals of authentication, authorization, and accounting (AAA). In 2009, Wang et al. proposed an identity-based (ID-based) authentication scheme to deal with the user login problem for cloud computing. However, Wang et al.'s scheme is insecure against message alteration and impersonation attacks. Besides, their scheme has large computation costs for cloud users. Therefore, we propose a novel ID-based user authentication scheme to solve the above mentioned problems. The proposed scheme provides anonymity and security for the user who accesses different cloud servers. Compared with the related schemes, the proposed scheme has less computation cost so it is very efficient for cloud computing in practice. 相似文献
10.
New user authentication schemes for multipleservers environment were proposed by Liao-Wang and Tsai. In their schemes, application servers do not need to maintain a verification table and this admired merit is not addressed by previous scholarship. Besides, the privacy of users is also addressed in Liao-Wang?s scheme. In this article, we show that their schemes are not secure against the server spoofing and the impersonation attacks. Then we propose a robust user authentication scheme to withstand these attacks and keep the same merits. 相似文献
11.
该文讨论了Fang等人(2011)新近提出的一个安全高效的基于智能卡的远程用户口令认证方案,指出原方案无法实现所声称的抗离线口令猜测攻击,对平行会话攻击和已知密钥攻击是脆弱的,并且存在用户口令更新友好性差问题。给出一个改进方案,对其进行了安全性和效率分析。分析结果表明,改进方案弥补了原方案的安全缺陷,保持了较高的效率,适用于安全需求较高的资源受限应用环境。 相似文献
12.
通过改进鉴别方案的安全策略和身份鉴别信息,提出了一种基于USB Key的可有效对抗离线口令猜测攻击和内部攻击的改进方案。安全性分析表明,改进后的方案保持了非存储数据型鉴别方案特点,且没有增加计算代价,具有更好的安全性和实用性。 相似文献
13.
Remote user authentication schemes provide a system to verify the legitimacy of remote users’ authentication request over insecure communication channel. In the past years, many authentication schemes using password and smart card have been proposed. However, password might be guessed, leaked or forgotten and smart card might be shared, lost or stolen. In contrast, the biometrics which utilize biological characteristics, such as face, fingerprint or iris, have no such weakness. With the trend of mobile payment, more and more applications of mobile payment use biometrics to replace password and smart card. In this paper, we propose a biometric-based remote authentication scheme substituting biometric and mobile device bounded by user for password and smart card. This scheme is more convenient, suitable and securer than the schemes using smart cards on mobile payment environment. 相似文献
14.
Wireless Personal Communications - Sparse code multiple access (SCMA) is one of the algorithms in non-orthogonality multiple access. The algorithm utilizes advanced multi-dimensional codebook to... 相似文献
15.
本文提出了一种新的使用混沌阵列,基于HVS视觉掩盖自适应的公开图像水印算法,利用四阶累积量定义了视觉掩盖中的噪声敏感度.该方法将混沌阵列作为水印嵌入到图像子块的DCT次低频系数中去,然后根据噪声敏感度进行视觉掩盖.实验结果表明,在噪声敏感度的作用下,视觉掩盖实现了自适应地调整水印嵌入强度;在无原始数据的情况下,通过使用密钥能够清晰地检测出水印的存在;在常见的信号失真和几何失真下(有损压缩,剪切等),水印具有很好的稳健性. 相似文献
16.
当前许多双向认证与密钥协商(MAKA)协议不具有高效的撤销机制,同时不能抵抗一些新型攻击,如随机数泄露(ESL)攻击、注册中心泄露注册信息(RCDRI)攻击.另一方面,大量的MAKA协议都是基于一个注册中心(RC),这无疑对RC高效性和稳定性是个挑战.本文基于以上问题,结合自认证公钥(SCPK)提出了一个具有多个注册中心的MAKA协议,该协议能够抵抗上述的新型攻击并且具有动态的撤销机制.基于Diffie-Hellman困难假设,在随机预言机模型中给出了协议的安全性证明.由于该协议不涉及双线性对运算,比以往同类型方案在执行效率方面也有很大的优势. 相似文献
17.
As the technology of mobile devices spreads fast, the price of mobile devices is getting cheaper. Most of the people have mobile devices, and these devices have the technology of near field communication (NFC). With the long time development and research, the mobile devices use NFC technology on the payment and authentication applications, and replace the smartcard, the access control card, and the credit card by using the card emulation mode. It helps the development of NFC applications. In recent years, more and more users begin using NFC technology on mobile payment and authentication. Many researches have proposed the related NFC authentication protocols, but their schemes are still lack of some security properties and functions, which are necessary for NFC authentication protocols. In this paper, we propose a secure and efficient NFC authentication scheme between two NFC devices by the help of the authentication server that provides mutual authentication. 相似文献
18.
针对无线通信中用户进行身份认证与密钥协商存在的安全性与计算量之间的制约关系问题,提出一种基于椭圆曲线离散对数难题(Elliptic Curve Discrete Logarithm Problem,ECDLP)的用户快速认证密钥协商协议。该协议通过对用户注册与认证密钥协商阶段的安全性与计算量进行综合分析,基于ECDLP难题为用户在注册阶段分配唯一身份标识符,通过增加用户注册阶段服务器的计算量,有效降低认证密钥协商阶段的计算量,在保证通信机密性、认证性与完整性的条件下,提高用户进行认证密钥协商的效率。安全性分析与计算量对比的结果表明,与其他同类协议相比,本文所提出的协议能在满足安全需求的前提下,有效地降低认证密钥协商协议的总体计算量。 相似文献
19.
在无线移动网络环境中,服务器端对其所属客户端的用户进行密钥管理与身份重新确认等处理程序,同时藉由时间点分群验证的方式来减轻服务器端在计算上的负荷量。此外,当进行资料交换的端点发生严重错误而被迫中断联机或需重新激活时,系统将会通过本身的稽核资料对先前已验证的密钥与用户资料进行复原动作,因此可在资源有限的系统当中,避免重复运算的情况发生,同时考虑在不过度增加既有传输成本等前提下,提出安全的密钥管理与回复验证等机制,进而确保复原程序后的密钥与用户资料本身的正确性与完整性。 相似文献
20.
Wireless Personal Communications - For providing strong mutual authentication in a multi-server environment many algorithms have been proposed. Most of the algorithms provide mutual authentication... 相似文献
|
