Chaotic Map-Based Authentication and Key Agreement Protocol with Low-Latency for Metasystem

With the rapid advancement in exploring perceptual interactions and digital twins,metaverse technology has emerged to transcend the constraints of space-time and reality,facilitating remote AI-based collaboration.In this dynamic metasystem environment,frequent information exchanges necessitate robust security measures,with Authentication and Key Agreement(AKA)serving as the primary line of defense to ensure communication security.However,traditional AKA protocols fall short in meeting the low-latency requirements essential for synchronous interactions within the metaverse.To address this challenge and enable nearly latency-free interactions,a novel low-latency AKA protocol based on chaotic maps is proposed.This protocol not only ensures mutual authentication of entities within the metasystem but also generates secure session keys.The security of these session keys is rigorously validated through formal proofs,formal verification,and informal proofs.When confronted with the Dolev-Yao(DY)threat model,the session keys are formally demonstrated to be secure under the Real-or-Random(ROR)model.The proposed protocol is further validated through simulations conducted using VMware workstation compiled in HLPSL language and C language.The simulation results affirm the protocol’s effectiveness in resisting well-known attacks while achieving the desired low latency for optimal metaverse interactions.

Authentication of Cassia seeds on the basis of two-wavelength HPLC fingerprinting with the use of chemometrics

High performance liquid chromatographic(HPLC) fingerprints of Cassia seed,a traditional Chinese medicine(TCM),were developed by means of the chromatograms at two wavelengths of 238 and 282 nm.Then,the two data sets were combined into one matrix.The application of principal component analysis(PCA) for this data matrix showed that the samples were clustered into four groups in accordance with the plant sources and preparation procedures.Furthermore,partial least squares(PLS),back propagation artificial neural...

Biometric-PKI Authentication System Using Fingerprint Minutiae

A digital certificate under Public Key Infrastructure has a defect of Man-in-the-Middle Attack that performs hash collision attacks. In this paper, we propose a robust biometric-PKI authentication system against Man-in-the-Middle Attack. The biometric-PKI authentication system consists of current PKI authentication and biometric authentication, which employs biometric data and a public key from a digital certificate. In the proposed biometric-PKI authentication system, an au- thentication process performs that it extracts consistent features of fingerprint images, encrypts consistent features, and matches features with prepared templates. The simulation results of the proposed authentication system prove that our system achieves low false acceptance rate and high accuracy rate.

Novel Chaotic Fragile Watermarking Algorithm for Image Authentication

Taking full advantage of the randomicity of chaotic system and its extreme sensitivity to the initial value, a new chaotic fragile watermarking algorithm is proposed. In the algorithm, the location key is looked as a logistic chaotic initial value for iteration to create a location matrix. According to this location matrix, a mapping image is generated and the embedding location of watermarking in image blocks is identified. Then, the watermarking sequence, which is related with the mapping image blocks and generated by H6non chaotic map, is embedded into the least significant bit （ LSB ） of the corresponding location in each block. Since the image content and watermarking are staggered, the algorithm has a higher security. Simulation results showed that the algorithm can detect and locate the tamper in watermarked images with an accuracy of 2 × 2 block pixels. At the same time, the watermarking images has good invisibility, and the original image is not required when extracting watermarking.

Accuracy Analysis in Fingerprint Authentication Using the Fractional Fourier Transform without Misalignment Correction of Scanned Images

In many fingerprint authentication devices, a frame to insert the fingertip or a hollow to put the fingertip is used to avoid the position or rotation misalignment of a newly scanned genuine fingerprint image, when the fingerprint authentication is conducted. Moreover, the misalignment correction by the numerical calculation is indispensable for the fingerprint authentication devices to achieve the high accuracy. In this study, we investigated the effects of misalignment of the scanned genuine fingerprint image with the one used for generating the template on the accuracy in our fingerprint authentication method using the fractional Fourier transform (FRT). As a result, it was found that our method can achieve high authentication accuracy under the condition that the position-misalignment ratio is 17.6% or less and the rotation misalignment (rotation angle) is 28 degrees or less, even if the misalignment correction is not conducted.

Fingerprint Recognition on Various Authentication Sensors

Fingerprint is a very popular and an ancient biometric technology to uniquely identify a person. In this paper, a fingerprint matcher is proposed which uses the global and local adaptive binarization and global minutia features. The fingerprint data is collected using three different authentication devices based on optical sensors. The experimental results are compared with the National Institute of Standards and Technology （NIST） Bozorth algorithm and various authentication fingerprint sensors. The accuracy of the proposed algorithm has been improved significantly compared with that of the NIST Bozorth algorithm.

Improved Authentication Accuracy by Individually Set Orders of the Fractional Fourier Transform and Effects of Damage of Fingerprint Image on Authentication Accuracy

Recently, ubiquitous personal devices with a fingerprint authentication function have been increasing. In such devices, there is almost no possibility of the authentication by impostors unless they are lost or stolen. However, for example, in the management of entering and leaving a building, not only the fingerprint authentication device but also the other authentication measures, such as an IC card, a key, etc., are generally used. In our previous studies, we have analyzed the authentication accuracy of the fingerprint authentication devices for personal possessions where other authentication measures are not needed. As a result, we made clear that the authentication accuracy in our method has extremely high compared with that in the marketed compact fingerprint authentication products, even if dirt, sebum, etc., are attached to the fingertip and there are scratches. In this study, we analyze the damage ratio of the fingerprint image where the genuine authentication can be conducted without problems, because the fingertip is easily got large cuts. Moreover, we analyze the impostor authentication of the fingerprint authentication devices for public possessions in the two cases of without and with other authentication measures. As a result, it is found that clearer impostor authentication can be achieved in the case of with other authentication measures. In addition, it is found that the damage ratio of the fingerprint image to conduct clearer genuine authentication without the image correction is less than 14.3%.

Reduction of False Rejection in an Authentication System by Fingerprint with Deep Neural Networks

Faultless authentication of individuals by fingerprints results in high false rejections rate for rigorously built systems. Indeed, the authors prefer that the system erroneously reject a pattern when it does not meet a number of predetermined correspondence criteria. In this work, after discussing existing techniques, we propose a new algorithm to reduce the false rejection rate during the authentication-using fingerprint. This algorithm extracts the minutiae of the fingerprint with their relative orientations and classifies them according to the different classes already established;then, make the correspondence between two templates by simple probabilities calculations from a deep neural network. The merging of these operations provides very promising results both on the NIST4 international data reference and on the SOCFing database.

An Indirect Fingerprint Authentication Scheme in Cloud Computing

The cloud computing offers dynamically scalable online resources provisioned as a service over the Internet cheaply. However, the security challenges it poses are equally slriking. The reliable user authentication techniques are required to combat the rising security threat in cloud communications. Due to the non-denial requirements of remote user authentication scheme, it is most commonly achieved using some form of biomeO＇ics-based method. Fingerprint authentication is one of the popular and effective approaches to allow the only authorized users to access the cryptographic keys. While the critical issue in remote biometric cryptosystem is to protect the template of a user stored in a database. The biometric template is not secure and the stolen templates cannot be revoked, which is easy to leak user identity information. To overcome these shortcomings, in this paper, an indirect fingerprint authentication scheme is proposed. Further, we apply this secure scheme to the cloud system combing with PKI mechanism. At last, a comprehensive and detailed security analysis of the proposed scheme in cloud computing is provided.

T-ATMChain:Blockchain-Based Identity Authentication for Air Traffic Management

The air traffic management(ATM)system is an intelligent system,which integrates the ground computer network,airborne network and space satellite(communication and navigation)network by the ground-air data link system.Due to the openness and widely distribution of ATM system,the trust relationship of all parties in the system is pretty complex.At present,public key infrastructure(PKI)based identity authentication method is more and more difficult to meet the growing demand of ATM service.First,through the analysis of the organizational structure and operation mode of ATM system,this paper points out the existing identity authentication security threats in ATM system,and discusses the advantages of adopting blockchain technology in ATM system.Further,we briefly analyze some shortcomings of the current PKI-based authentication system in ATM.Particularly,to address the authentication problem,this paper proposes and presents a trusted ATM Security Authentication Model and authentication protocol based on blockchain.Finally,this paper makes a comprehensive analysis and simulation of the proposed security authentication scheme,and gets the expected effect.

Blockchain-Based Certificateless Cross-Domain Authentication Scheme in the Industrial Internet of Things

The Industrial Internet of Things(IIoT)consists of massive devices in different management domains,and the lack of trust among cross-domain entities leads to risks of data security and privacy leakage during information exchange.To address the above challenges,a viable solution that combines Certificateless Public Key Cryptography(CL-PKC)with blockchain technology can be utilized.However,as many existing schemes rely on a single Key Generation Center(KGC),they are prone to problems such as single points of failure and high computational overhead.In this case,this paper proposes a novel blockchain-based certificateless cross-domain authentication scheme,that integrates the threshold secret sharing mechanism without a trusted center,meanwhile,adopts blockchain technology to enable cross-domain entities to authenticate with each other and to negotiate session keys securely.This scheme also supports the dynamic joining and removing of multiple KGCs,ensuring secure and efficient cross-domain authentication and key negotiation.Comparative analysiswith other protocols demonstrates that the proposed cross-domain authentication protocol can achieve high security with relatively lowcomputational overhead.Moreover,this paper evaluates the scheme based on Hyperledger Fabric blockchain environment and simulates the performance of the certificateless scheme under different threshold parameters,and the simulation results show that the scheme has high performance.

A Hybrid and Lightweight Device-to-Server Authentication Technique for the Internet of Things

The Internet of Things(IoT)is a smart networking infrastructure of physical devices,i.e.,things,that are embedded with sensors,actuators,software,and other technologies,to connect and share data with the respective server module.Although IoTs are cornerstones in different application domains,the device’s authenticity,i.e.,of server(s)and ordinary devices,is the most crucial issue and must be resolved on a priority basis.Therefore,various field-proven methodologies were presented to streamline the verification process of the communicating devices;however,location-aware authentication has not been reported as per our knowledge,which is a crucial metric,especially in scenarios where devices are mobile.This paper presents a lightweight and location-aware device-to-server authentication technique where the device’s membership with the nearest server is subjected to its location information along with other measures.Initially,Media Access Control(MAC)address and Advance Encryption Scheme(AES)along with a secret shared key,i.e.,λ_(i) of 128 bits,have been utilized by Trusted Authority(TA)to generate MaskIDs,which are used instead of the original ID,for every device,i.e.,server and member,and are shared in the offline phase.Secondly,TA shares a list of authentic devices,i.e.,server S_(j) and members C_(i),with every device in the IoT for the onward verification process,which is required to be executed before the initialization of the actual communication process.Additionally,every device should be located such that it lies within the coverage area of a server,and this location information is used in the authentication process.A thorough analytical analysis was carried out to check the susceptibility of the proposed and existing authentication approaches against well-known intruder attacks,i.e.,man-in-the-middle,masquerading,device,and server impersonations,etc.,especially in the IoT domain.Moreover,proposed authentication and existing state-of-the-art approaches have been simulated in the real environment of IoT to verify their performance,particularly in terms of various evaluation metrics,i.e.,processing,communication,and storage overheads.These results have verified the superiority of the proposed scheme against existing state-of-the-art approaches,preferably in terms of communication,storage,and processing costs.

Internet of Things Authentication Protocols: Comparative Study

Nowadays, devices are connected across all areas, from intelligent buildings and smart cities to Industry 4.0 andsmart healthcare. With the exponential growth of Internet of Things usage in our world, IoT security is still thebiggest challenge for its deployment. The main goal of IoT security is to ensure the accessibility of services providedby an IoT environment, protect privacy, and confidentiality, and guarantee the safety of IoT users, infrastructures,data, and devices. Authentication, as the first line of defense against security threats, becomes the priority ofeveryone. It can either grant or deny users access to resources according to their legitimacy. As a result, studyingand researching authentication issues within IoT is extremely important. As a result, studying and researchingauthentication issues within IoT is extremely important. This article presents a comparative study of recent researchin IoT security;it provides an analysis of recent authentication protocols from2019 to 2023 that cover several areaswithin IoT (such as smart cities, healthcare, and industry). This survey sought to provide an IoT security researchsummary, the biggest susceptibilities, and attacks, the appropriate technologies, and the most used simulators. Itillustrates that the resistance of protocols against attacks, and their computational and communication cost arelinked directly to the cryptography technique used to build it. Furthermore, it discusses the gaps in recent schemesand provides some future research directions.

Joint Authentication Public Network Cryptographic Key Distribution Protocol Based on Single Exposure Compressive Ghost Imaging

In the existing ghost-imaging-based cryptographic key distribution(GCKD)protocols,the cryptographic keys need to be encoded by using many modulated patterns,which undoubtedly incurs long measurement time and huge memory consumption.Given this,based on snapshot compressive ghost imaging,a public network cryptographic key distribution protocol is proposed,where the cryptographic keys and joint authentication information are encrypted into several color block diagrams to guarantee security.It transforms the previous single-pixel sequential multiple measurements into multi-pixel single exposure measurements,significantly reducing sampling time and memory storage.Both simulation and experimental results demonstrate the feasibility of this protocol and its ability to detect illegal attacks.Therefore,it takes GCKD a big step closer to practical applications.

A Blockchain-Based Efficient Cross-Domain Authentication Scheme for Internet of Vehicles

The Internet of Vehicles(IoV)is extensively deployed in outdoor and open environments to effectively address traffic efficiency and safety issues by connecting vehicles to the network.However,due to the open and variable nature of its network topology,vehicles frequently engage in cross-domain interactions.During such processes,directly uploading sensitive information to roadside units for interaction may expose it to malicious tampering or interception by attackers,thus compromising the security of the cross-domain authentication process.Additionally,IoV imposes high real-time requirements,and existing cross-domain authentication schemes for IoV often encounter efficiency issues.To mitigate these challenges,we propose CAIoV,a blockchain-based efficient cross-domain authentication scheme for IoV.This scheme comprehensively integrates technologies such as zero-knowledge proofs,smart contracts,and Merkle hash tree structures.It divides the cross-domain process into anonymous cross-domain authentication and safe cross-domain authentication phases to ensure efficiency while maintaining a balance between efficiency and security.Finally,we evaluate the performance of CAIoV.Experimental results demonstrate that our proposed scheme reduces computational overhead by approximately 20%,communication overhead by around 10%,and storage overhead by nearly 30%.

Privacy Enhanced Mobile User Authentication Method Using Motion Sensors

With the development of hardware devices and the upgrading of smartphones,a large number of users save privacy-related information in mobile devices,mainly smartphones,which puts forward higher demands on the protection of mobile users’privacy information.At present,mobile user authenticationmethods based on humancomputer interaction have been extensively studied due to their advantages of high precision and non-perception,but there are still shortcomings such as low data collection efficiency,untrustworthy participating nodes,and lack of practicability.To this end,this paper proposes a privacy-enhanced mobile user authentication method with motion sensors,which mainly includes:(1)Construct a smart contract-based private chain and federated learning to improve the data collection efficiency of mobile user authentication,reduce the probability of the model being bypassed by attackers,and reduce the overhead of data centralized processing and the risk of privacy leakage;(2)Use certificateless encryption to realize the authentication of the device to ensure the credibility of the client nodes participating in the calculation;(3)Combine Variational Mode Decomposition(VMD)and Long Short-TermMemory(LSTM)to analyze and model the motion sensor data of mobile devices to improve the accuracy of model certification.The experimental results on the real environment dataset of 1513 people show that themethod proposed in this paper can effectively resist poisoning attacks while ensuring the accuracy and efficiency of mobile user authentication.

A Post-Quantum Cross-Domain Authentication Scheme Based on Multi-Chain Architecture

Due to the rapid advancements in network technology,blockchain is being employed for distributed data storage.In the Internet of Things(IoT)scenario,different participants manage multiple blockchains located in different trust domains,which has resulted in the extensive development of cross-domain authentication techniques.However,the emergence of many attackers equipped with quantum computers has the potential to launch quantum computing attacks against cross-domain authentication schemes based on traditional cryptography,posing a significant security threat.In response to the aforementioned challenges,our paper demonstrates a post-quantum cross-domain identity authentication scheme to negotiate the session key used in the cross-chain asset exchange process.Firstly,our paper designs the hiding and recovery process of user identity index based on lattice cryptography and introduces the identity-based signature from lattice to construct a post-quantum cross-domain authentication scheme.Secondly,our paper utilizes the hashed time-locked contract to achieves the cross-chain asset exchange of blockchain nodes in different trust domains.Furthermore,the security analysis reduces the security of the identity index and signature to Learning With Errors(LWE)and Short Integer Solution(SIS)assumption,respectively,indicating that our scheme has post-quantum security.Last but not least,through comparison analysis,we display that our scheme is efficient compared with the cross-domain authentication scheme based on traditional cryptography.

Artificial intelligence in physiological characteristics recognition for internet of things authentication

Effective user authentication is key to ensuring equipment security,data privacy,and personalized services in Internet of Things(IoT)systems.However,conventional mode-based authentication methods(e.g.,passwords and smart cards)may be vulnerable to a broad range of attacks(e.g.,eavesdropping and side-channel attacks).Hence,there have been attempts to design biometric-based authentication solutions,which rely on physiological and behavioral characteristics.Behavioral characteristics need continuous monitoring and specific environmental settings,which can be challenging to implement in practice.However,we can also leverage Artificial Intelligence(AI)in the extraction and classification of physiological characteristics from IoT devices processing to facilitate authentication.Thus,we review the literature on the use of AI in physiological characteristics recognition pub-lished after 2015.We use the three-layer architecture of the IoT(i.e.,sensing layer,feature layer,and algorithm layer)to guide the discussion of existing approaches and their limitations.We also identify a number of future research opportunities,which will hopefully guide the design of next generation solutions.

BLS-identification:A device fingerprint classification mechanism based on broad learning for Internet of Things

The popularity of the Internet of Things(IoT)has enabled a large number of vulnerable devices to connect to the Internet,bringing huge security risks.As a network-level security authentication method,device fingerprint based on machine learning has attracted considerable attention because it can detect vulnerable devices in complex and heterogeneous access phases.However,flexible and diversified IoT devices with limited resources increase dif-ficulty of the device fingerprint authentication method executed in IoT,because it needs to retrain the model network to deal with incremental features or types.To address this problem,a device fingerprinting mechanism based on a Broad Learning System(BLS)is proposed in this paper.The mechanism firstly characterizes IoT devices by traffic analysis based on the identifiable differences of the traffic data of IoT devices,and extracts feature parameters of the traffic packets.A hierarchical hybrid sampling method is designed at the preprocessing phase to improve the imbalanced data distribution and reconstruct the fingerprint dataset.The complexity of the dataset is reduced using Principal Component Analysis(PCA)and the device type is identified by training weights using BLS.The experimental results show that the proposed method can achieve state-of-the-art accuracy and spend less training time than other existing methods.

GestureID:Gesture-Based User Authentication on Smart Devices Using Acoustic Sensing

User authentication on smart devices is crucial to protecting user privacy and device security.Due to the development of emerging attacks,existing physiological feature-based authentication methods,such as fingerprint,iris,and face recognition are vulnerable to forgery and attacks.In this paper,GestureID,a system that utilizes acoustic sensing technology to distinguish hand features among users,is proposed.It involves using a speaker to send acoustic signals and a microphone to receive the echoes affected by the reflection of the hand movements of the users.To ensure system accuracy and effectively distinguish users’gestures,a second-order differential-based phase extraction method is proposed.This method calculates the gradient of received signals to separate the effects of the user’s hand movements on the transmitted signal from the background noise.Then,the secondorder differential phase and phase-dependent acceleration information are used as inputs to a Convolutional Neural Networks-Bidirectional Long Short-Term Memory(CNN-BiLSTM)model to model hand motion features.To decrease the time it takes to collect data for new user registration,a transfer learning method is used.This involves creating a user authentication model by utilizing a pre-trained gesture recognition model.As a result,accurate user authentication can be achieved without requiring extensive amounts of training data.Experiments demonstrate that GestureID can achieve 97.8%gesture recognition accuracy and 96.3%user authentication accuracy.