共查询到20条相似文献,搜索用时 22 毫秒
1.
SK Hafizul Islam 《International Journal of Communication Systems》2016,29(11):1708-1719
With the fast development of the Internet and the telecommunication technologies, internet users are carrying out various electronic transactions over internet by means of the authentication protocols. To ensure efficient and robust online transaction, security of authentication protocol turns out to be a great concern nowadays. As a result, smartcard‐based password authentication and session key agreement scheme receives significant attention in recent years. In the literature, various authentication schemes have been proposed by the cryptographic research community. Recently, Li et al. analyze some security weaknesses of the authentication scheme of Chen et al. and propose an enhancement based on the discrete logarithm problem and computational Diffie–Hellman problem. This paper further cryptanalyzes the scheme of Li et al. and identifies various security loopholes and then constructs a modified authentication scheme as a remedy. The security and efficiency evaluations demonstrate that our scheme has more security features and low computation costs than the related schemes. Copyright © 2014 John Wiley & Sons, Ltd. 相似文献
2.
3.
本文研究认证码的构造问题,给出一种在不增加编码规则数量的情况下将Cartesian认证码改变成完备安全认证码的方法,同时给出一种由小的公开认证矩阵构造具有很高安全性的认证码的方法,探讨了认证码的实用性问题。 相似文献
4.
通过实例说明了BAN逻辑在公钥体制认证协议中的局限性,分析了该局限性产生的原因,引入了“公开”的逻辑概念,提出了一种扩展BAN逻辑,并通过实例验证了扩展BAN逻辑的有效性. 相似文献
5.
介绍了BAN逻辑,并用其对一个认证协议进行了分析,找到了该认证协议的一些弱点,说明了用BAN逻辑来对认证协议进行分析是有效的。最后,指出了BAN的发展方向。 相似文献
6.
3G认证和密钥分配协议的形式化分析及改进 总被引:4,自引:0,他引:4
介绍了第三代移动通信系统所采用的认证和密钥分配(AKA)协议,网络归属位置寄存器/访问位置寄存器(HLR/VLR)对用户UE(用户设备)的认证过程和用户UE对网络HLR/VLR的认证过程分别采用了两种不同的认证方式,前者采用基于"询问-应答"式的认证过程,后者采用基于"知识证明"式的认证过程.使用BAN形式化逻辑分析方法分别对这两种认证过程进行了分析,指出在假定HLR与VLR之间系统安全的前提下,基于"知识证明"式的认证过程仍然存在安全漏洞.3GPP采取基于顺序号的补充措施;同时,文中指出了另一种改进方案. 相似文献
7.
With the broad implementations of the electronic business and government applications,robust system security and strong privacy protection have become essential requirements for remote user authentication schemes.Recently,Chen et al.pointed out that Wang et al.’s scheme is vulnerable to the user impersonation attack and parallel session attack,and proposed an enhanced version to overcome the identified security flaws.In this paper,however,we show that Chen et al.’s scheme still cannot achieve the claimed security goals and report its following problems:(1) It suffers from the offline password guessing attack,key compromise impersonation attack and known key attack;(2) It fails to provide forward secrecy;(3) It is not easily repairable.As our main contribution,a robust dynamic ID-based scheme based on non-tamper resistance assumption of the smart cards is presented to cope with the aforementioned defects,while preserving the merits of different related schemes.The analysis demonstrates that our scheme meets all the proposed criteria and eliminates several grave security threats that are difficult to be tackled at the same time in previous scholarship. 相似文献
8.
Saru Kumari Muhammad Khurram Khan Xiong Li Fan Wu 《International Journal of Communication Systems》2016,29(3):441-458
Recently, Jiang et al. and He et al. independently found security problems in Chen et al.'s remote user authentication scheme for non‐tamper‐proof storage devices like Universal Serial Bus stick and proposed improvements. Nonetheless, we detect that the schemes proposed by Jiang et al. and He et al. overlook a user's privacy. We also observe that Jiang et al.'s scheme is vulnerable to insider attack and denial of service attacks and lacks forward secrecy. We point out that the password changing facility in He et al.'s scheme is equivalent to undergoing registration, whereas in Jiang et al.'s scheme, it is unsuitable. Moreover, the login phase of both the schemes is incapable to prevent the use of wrong password leading to the computation of an unworkable login request. Therefore, we design a new scheme with user anonymity to surmount the identified weaknesses. Without adding much in communication/computational cost, our scheme provides more security characteristics and keeps the merits of the original schemes. As compared with its predecessor schemes, the proposed scheme stands out as a more apt user authentication method for common storage devices. We have also presented a formal proof of security of the proposed scheme based on the logic proposed by Burrows, Abadi and Needham (BAN logic). Copyright © 2014 John Wiley & Sons, Ltd. 相似文献
9.
10.
To attain ubiquitous connectivity of everything, Internet of Things (IoT) systems must include “multimedia things.” Internet of Multimedia Things (IoMT) is a heterogeneous network of smart multimedia things connected together and with other physical devices to the Internet so as to achieve globally available multimedia services and applications. Due to the ever increasing amount of multimedia data in IoT environments, securing these systems becomes crucial. This is because these systems are easily susceptible to attacks when information or any service is accessed by the users. In this paper, we propose a secure three‐factor remote user authentication scheme for IoMT systems using ECC. The formal security proof performed using ROR model and BAN logic confirms that an attacker will not be able to extract sensitive user information. Through informal security analysis, we justify the resistance of the scheme against several security attacks. The performance comparison shows that the scheme is efficient in terms of computational cost, security features, and attack resistance. Furthermore, simulation of the scheme using AVISPA and Proverif proves that the scheme is secure against all active and passive attacks. 相似文献
11.
As the combine of cloud computing and Internet breeds many flexible IT services,cloud computing becomes more and more significant.In cloud computing,a user should be authenticated by a trusted third party or a certification authority before using cloud applications and services.Based on this,a protocol composition logic (PCL) secure user authentication protocol named UCAP for cloud computing was proposed.The protocol used a symmetric encryption symmetric encryption based on a trusted third party to achieve the authentication and confidentiality of the protocol session,which comprised the initial authentication phase and the re-authentication phase.In the initial authentication phase,the trusted third party generated a root communication session key.In the re-authentication phase,communication users negotiated a sub session key without the trusted third party.To verify the security properties of the protocol,a sequential compositional proof method was used under the protocol composition logic model.Compared with certain related works,the proposed protocol satisfies the PCL security.The performance of the initial authentication phase in the proposed scheme is slightly better than that of the existing schemes,while the performance of the re-authentication phase is better than that of other protocols due to the absence of the trusted third party.Through the analysis results,the proposed protocol is suitable for the mutual authentication in cloud computing. 相似文献
12.
H. Cruickshank I. Mertzanis B. G. Evans H. Leitold R. Posch 《International Journal of Satellite Communications and Networking》1998,16(4):183-195
In recent years there has been increasing interest in interconnecting satellite and ATM networks, because both share common characteristics of the ability to provide bandwidth-on-demand and flexibility of integrating voice, video and data services. There are several new satellite constellation proposals that support multimedia service and transport ATM traffic. For a successful implementation of such systems it is essential to address the security requirements of users, satellite ATM network operators and multimedia service providers. In order to minimize delay and the cost of implementing security systems for satellite ATM networks, the network operator role (in security services) can be limited to the mutual authentication with satellite users during call set-up periods. In this paper a mutual authentication protocol between the user and the satellite network is presented using digital signature and public key systems. Also, another mutual authentication protocol between the user and the service provider is presented to provide end-to-end authentication and negotiation of security options such as selecting a secret key system and the key length. Finally, a detailed hardware implementation of ATM cell payload encryption is presented using the DES/TripleDES secret key system. © 1998 John Wiley & Sons, Ltd. 相似文献
13.
针对基于功率倒置算法的空时自适应抗干扰技术中天线阵元间互耦误差严重恶化算法性能这一问题,分析比较了目前常见的应对解决方案,并提出一种新的可用于抗干扰卫星导航终端的天线阵列降耦方法。该方法通过在卫星导航抗干扰天线阵列中加载电磁谐振吸波器,降低天线阵元间互耦。实验数据表明,利用该方法可以使阵元间互耦降低10 dB,使抗干扰接收机最大抑制干信比提升5 dB。 相似文献
14.
15.
Anil Kumar Sutrala Ashok Kumar Das Neeraj Kumar Alavalapati Goutham Reddy Athanasios V. Vasilakos Joel J. P. C. Rodrigues 《International Journal of Communication Systems》2018,31(8)
In wireless sensor networks (WSNs), there are many critical applications (for example, healthcare, vehicle tracking, and battlefield), where the online streaming data generated from different sensor nodes need to be analyzed with respect to quick control decisions. However, as the data generated by these sensor nodes usually flow through open channel, so there are higher chances of various types of attacks either on the nodes or on to the data captured by these nodes. In this paper, we aim to design a new elliptic curve cryptography–based user authenticated key agreement protocol in a hierarchical WSN so that a legal user can only access the streaming data from generated from different sensor nodes. The proposed scheme is based upon 3‐factor authentication, as it applies smart card, password, and personal biometrics of a user (for ticket generation). The proposed scheme maintains low computation cost for resource‐constrained sensor nodes, as it uses efficient 1‐way cryptographic hash function and bitwise exclusive‐OR operations for secure key establishment between different sensor nodes. The security analysis using the broadly accepted Burrows‐Abadi‐Needham logic, formal security verification using the popular simulation tool (automated validation of Internet security protocols and applications), and informal security show that the proposed scheme is resilient against several well‐known attacks needed for a user authentication scheme in WSNs. The comparison of security and functionality requirements, communication and computation costs of the proposed scheme, and other related existing user authentication schemes shows the superior performance of the proposed scheme. 相似文献
16.
Application of authentication protocol and key exchange scheme are major research issues in current internet, and entity identification (users or servers) accuracy and security are thereby safeguarded by various types of verification programs. Therefore, in the last 10 years, it was accompanied with productive discussions, but those discussions mainly focus on single issues, and because of the lack of security, there still existed improvements. The concept of zero‐knowledge proofs is well suited for the identification and signing within network system, which has been widely used since proposed in 1985. However, common identification methods are only fit for individual user. In an increasingly complex network environment of today, information is usually conveyed through many unidentified servers, as a result, we have to encrypt messages by adopting different kinds of session keys. As for the chaotic maps technology, it also serves as a new encryption technology, widely adopted in communication protocols and key agreements over the years. As a consequence, in this study, we are going to propose an authentication protocol with key exchange function by taking advantage of characters of zero‐knowledge proofs and chaotic maps, as well as adopt the BAN‐logic to prove the security of this protocol. This study also compares the results of the security analysis of our protocol and related works. As a result, our proposed protocol has more security than others. Copyright © 2015 John Wiley & Sons, Ltd. 相似文献
17.
In the literature, several dynamic ID-based remote user mutual authentication schemes are implemented using password, smartcard and Elliptic Curve Cryptography (ECC), however, none of them provides resilience against different attacks. Therefore, there is a great need to design an efficient scheme for practical applications. In this paper, we proposed such a scheme in order to provide desired security attributes and computation efficiencies. Compared with other existing techniques, our scheme is more efficient and secured. In addition, our scheme is provably secure in the random oracle model under the hardness assumption of computational Diffie-Hellman problem. 相似文献
18.
Jung Yeon Hwang Ji Young Chun Dong Hoon Lee 《Wireless Communications and Mobile Computing》2009,9(12):1565-1571
Recently, to provide data confidentiality against intermediate relaying proxies, Hur, Shin, and Yoon proposed a decentralized group key management(GKM) scheme for dynamic networks that uses proxy cryptography. We show that the GKM scheme unfortunately does not provide data confidentiality. We also present a counter measure to fix the security breaches. Copyright © 2009 John Wiley & Sons, Ltd. 相似文献
19.
Recently, Li et al have developed a smartcard‐based remote user authentication scheme in multiserver environment. They have claimed that their scheme is secured against some possible cryptographic attacks. However, we have analyzed that the scheme of Li et al cannot preserve all the proclaimed security goals, which are given as follows: (1) It is not withstanding password‐guessing, user impersonation, insider, and smartcard theft attacks, and (2) it fails to facilitate user anonymity property. To remedy these above‐mentioned security flaws, we have proposed an efficient three factor–based authentication scheme in a multiserver environment using elliptic curve cryptography. The Burrows‐Abadi‐Needham logic is used to confirm the security validation of our scheme, which ensures that it provides mutual‐authentication and session‐key agreement securely. Then, the random oracle model is also considered to analyze the proposed scheme, and it shows that the backbone parameters, ie, identity, password, biometrics, and the session key, are secure from an adversary. Further, the informal security analysis confirms that the suggested scheme can withstand against some possible mentioned attacks. Later, the Automated Validation of Internet Security Protocols and Applications tool is incorporated to ensure its security against passive and active attacks. Finally, the performance comparison of the scheme is furnished to confirm its enhanced security with other relevant schemes. 相似文献
20.
