A Provably Secure and Efficient Remote Password Authentication Scheme Using Smart Cards

Communication technology has advanced dramatically amid the 21st century,increasing the security risk in safeguarding sensitive information.The remote password authentication(RPA)scheme is the simplest cryptosystem that serves as the first line of defence against unauthorised entity attacks.Although the literature contains numerous RPA schemes,to the best of the authors’knowledge,only few schemes based on the integer factorisation problem(IFP)and the discrete logarithm problem(DLP)that provided a provision for session key agreement to ensure proper mutual authentication.Furthermore,none of the previous schemes provided formal security proof using the random oracle model.Therefore,this study proposed an improved RPA scheme with session key establishment between user and server.The design of the proposed RPA scheme is based on the widely established Dolev-Yao adversary model.Moreover,as the main contribution,a novel formal security analysis based on formal definitions of IFP and DLP under the random oracle model was presented.The proposed scheme’s performance was compared to that of other similar competitive schemes in terms of the transmission/computational cost and time complexity.The findings revealed that the proposed scheme required higher memory storage costs in smart cards.Nonetheless,the proposed scheme is more efficient regarding the transmission cost of login and response messages and the total time complexity compared to other scheme of similar security attributes.Overall,the proposed scheme outperformed the other RPA schemes based on IFP and DLP.Finally,the potential application of converting the RPA scheme to a user identification(UI)scheme is considered for future work.Since RPA and UI schemes are similar,the proposed approach can be expanded to develop a provably secure and efficientUI scheme based on IFP and DLP.

Security Considerations on Three-Factor Anonymous Authentication Scheme for WSNs

Wireless sensor networks (WSNs) are used to monitor various environmental conditions including movement, pollution level, temperature, humidity, and etc. Secure authentication is very important for the success of WSNs. Li et al. proposed a three-factor anonymous authentication scheme in WSNs over Internet of things (IoT). They argued that their authentication scheme achieves more security and functional features, which are required for WSNs over IoT. Especially, they insisted that their user authentication scheme provides security against sensor node impersonation attack, and resists session-specific temporary information attack and various other attacks. However, this paper shows some security weaknesses in Li et al.’s scheme, especially focused on sensor node masquerading attack, known session-specific temporary information attack and deficiency of perfect forward secrecy. Especially, security considerations are very important to the modern IoT based applications. Thereby, the result of this paper could be very helpful for the IoT security researches.

Analysis and Improvement of an Authentication Scheme for Fog Computing Services

Fog computing utilizes devices in the edge network to transmit data with very low latency and supports high mobility. However, fog computing inherits security and privacy problems from cloud computing. Therefore, various privacy schemes for fog computing have been proposed to prevent different types of attacks. Recently, Weng et al proposed a fog computing authentication scheme;after analyzing, we found that Weng et al's scheme cannot resist user tracking attack and user impersonation attack. Then, we propose an improved scheme through adding a password, modifying the calculation method of Ei, and adding timestamps. In addition, we also compare the improved scheme with existing authentication schemes in terms of security and computational efficiency. The results show that the improved scheme is more secure and has less computation.

Improvement on a Biometric Based User Authentication Scheme in Wireless Sensor Networks Using Smart Cards

With the development of the Internet of Things(IoT)technique,sensitive information collected by sensors may be leaked.In recent years,many authentication schemes have been proposed.Banerjee et al proposed a biometric based user authentication scheme in wireless sensor networks using smart cards in 2019.But we found that Banerjee et al's authentication scheme is vulnerable to impersonation attacks.In order to overcome the weaknesses of Banerjee et al's scheme,we propose a new authentication scheme.In our proposed scheme,we only use the exclusive-or operation and one-way Hash function for the efficiency,which can reduce the computation burden for the IoT devices.In the authentication and session key agreement phase,the secret registration parameter is not used for the authentication,and the session key is given for the all entities.In the Devol-Yao threat model,the security analysis demonstrates that our proposed authentication scheme can resist well-known attacks.

Analysis and Improvement of a Privacy-Preserving Authentication Scheme for Telecare Medical Information System Environment

Telecare Medical Information System(TMIS) can provide various telemedicine services to patients. However, information is communicated over an open channel. An attacker may intercept, replay, or modify this information. Therefore, many authentication schemes are proposed to provide secure communication for TMIS. Recently, Yu et al proposed a privacy-preserving authentication scheme in the Internet of Medical Things(IoMT)-enabled TMIS environments. They emphasize that their scheme is resistant to various attacks and ensures anonymity. Unfortunately, this paper demonstrates that Yu et al's scheme is vulnerable to impersonation attacks, replay attacks, and tracking attacks and cannot mutually authenticate. To overcome the shortcomings of Yu et al's scheme, we mainly improve the authentication and key agreement process and propose a corresponding improved scheme. We also compare the improved scheme with several existing authentication schemes in terms of security and computational efficiency.

A New Forward-Secure Authenticated Encryption Scheme with Message Linkages

Yoon and Yoo recently proposed a robust authenticated encryption scheme and claimed their scheme has the properties of forward secrecy and confidentiality. The current paper, however, points out that Yoon-Yoo＇s scheme also can not provide forward secrecy and confidentiality such that any adversary can easily recover the transferred message. Based on intractability of reversing the one-way hash function and discrete logarithm problem, an improved authenticated encryption scheme with messages linkage is proposed. The above security faults get solved perfectly. The new scheme is proven to satisfy all the basic security requirements of the authenticated encryption scheme. And by the concrete comparison, it has the similar efficiency of the original scheme.

A Lightweight Anonymous Authentication and Key Negotiation Scheme in Smart Home Environments

With the rapid development of Internet of Things(IoT)technology,smart home users can access and control smart devices remotely to enjoy convenient and efficient services.However,sensitive data collected by smart devices is vulnerable to attacks such as eavesdropping and simulation when transmitted through public channels.At the same time,the security of resource-constrained smart devices is low,and attackers may use the controlled devices to carry out malicious operations further.To address the aforementioned existing security issues,this paper proposes a lightweight user anonymous authentication scheme for resource-constrained smart home environments.At the same time,the security analysis is carried out to further prove the proposed scheme's security.Finally,the performance analysis between the proposed scheme and the existing similar schemes proves that the proposed scheme has advantages in calculation cost and safety characteristics.

Secure e-Prescription Management System:Mitigating Blended Threat in IoBE

New information and communication technologies(ICT)are being applied in various industries to upgrade the value of the major service items.Moreover,data collection,storage,processing,and security applications have led to the creation of an interrelated ICT environment in which one industry can directly influence the other.This is called the“internet of blended environ-ments”(IoBE),as it is an interrelated data environment based on internet-of-things collection activities.In this environment,security incidents may increase as size and interconnectivity of attackable operations grow.Consequently,pre-emptive responses to combined security threats are needed to securely utilize IoBE across industries.For example,the medical industry has more stringent information protection measures than other industries.Consequently,it has become a major target of attackers,as more clinician–patient interactions occur over the internet owing to COVID-19.Therefore,this study aims to acquire security for IoBE while focusing on the medical industry.Among the various types of medical ICT services,this study analyzes dataflow and potential security threats from the e-prescription lifecycle perspective,which is highly utilized,strongly data-centric,and has numerous security issues.Based on our analysis,we propose a secure authentication and data-sharing scheme.

A NEW THRESHOLD AUTHENTICATED ENCRYPTION SCHEME USING LABOR-DIVISION SIGNATURE

This paper shows several security weaknesses of a threshold authenticated encryption scheme. A new threshold authenticated encryption scheme using labor-division signature is proposed without redundancy added to message blocks. On the assumptions of EDDH problems, the proposed scheme is secure against chosen-ciphertext attacks and existentially unforgeable against the chosen- message attacks in the random oracle model.

Authenticating GNSS civilian signals:a survey

Civilian services of Global Navigation Satellite System are threatened by spoofng attacks since it is hard to determine the authenticity of a navigation signal with a detailed structure open to the public.Signal authentication efectively protects the security of the signal by attaching unforgeable information to one or several elements of the signal.Receivers can verify the authenticity of the signal by extracting and validating this information.Developing good signal authentication schemes requires understanding possible spoofng modes,signal element specialty,and performance evaluation methods.This paper is an overview of navigation signal authentication,where the theories and reported approaches are described in detail.A design/performance matrix that demonstrates the advantages and defects of the signal element and its authentication design is summarized.Recommendations are proposed to improve the robustness,security,efciency,and implementation hardness for future designs of navigation signal authentication.