Fund budget model for multipurpose transit smart card systems

The fund budget of multipurpose transit smart card systems is studied by stochastic programming to assign limited funds to different applications reasonably. Under the constraints of a gross fund, models of chance-constrained and dependentchance for the fund budget of multipurpose transit smart card systems are established with application scale and social demand as random variables, respectively aiming to maximize earnings and satisfy the service requirements the furthest; and the genetic algorithm based on stochastic simulation is adopted for model solution. The calculation results show that the fund budget differs greatly with different system objectives which can cause the systems to have distinct expansibilities, and the application scales of some applications may not satisfy user demands with limited funds. The analysis results indicate that the forecast of application scales and application future demands should be done first, and then the system objective is determined according to the system mission, which can help reduce the risks of fund budgets.

Digital signature systems based on smart card and fingerprint feature

Two signature systems based on smart cards and fingerprint features are proposed. In one signature system, the cryptographic key is stored in the smart card and is only accessible when the signer＇s extracted fingerprint features match his stored template. To resist being tampered on public channel, the user＇s message and the signed message are encrypted by the signer＇s public key and the user＇s public key, respectively. In the other signature system, the keys are generated by combining the signer＇s fingerprint features, check bits, and a rememberable key, and there are no matching process and keys stored on the smart card. Additionally, there is generally more than one public key in this system, that is, there exist some pseudo public keys except a real one.

A new modified remote user authentication scheme using smart cards

In 2000, a remote user authentication scheme using smart cards was proposed and the masquerade attacks were proved successful on this scheme. Recently, Kumar has suggested the idea of check digits to overcome the above attacks with a new scheme that removes these threats well. In this paper it is pointed out that the weakness still exists in Kumar＇s scheme, and the intruder can login to the remote system through having some information. A new scheme which can overcome these attacks and appears more secure and efficient than Kumar＇s is presented.

Design Aspects of CMOS Compatible On-Chip Antenna for Applications of Contact-Less Smart Card

Design aspects of CMOS compatible on-chip antenna for applications of contact-less smart card are discussed.An on-chip antenna model is established and a design method is demonstrated.Experimental results show that system-on-chip integrating power reception together with other electronic functions of smart card applications is feasible.In a 6×10 -4T magnetic field of 22.5MHz,an on-chip power of 1.225mW for a 10kΩ load is obtained using a 4mm2 on-chip antenna.

Security Enhanced Anonymous User Authenticated Key Agreement Scheme Using Smart Card

Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recently, Liu et al. proposed an efficient and secure smart card based password authentication scheme. However, we find that Liu et al.’s scheme is vulnerable to the off-line password guessing attack and user impersonation attack. Furthermore, it also cannot provide user anonymity. In this paper, we cryptanalyze Liu et al.’s scheme and propose a security enhanced user authentication scheme to overcome the aforementioned problems. Especially, in order to preserve the user anonymity and prevent the guessing attack, we use the dynamic identity technique. The analysis shows that the proposed scheme is more secure and efficient than other related authentication schemes.

一种基于Smart Card的远程用户身份验证方案的安全性讨论

身份验证是计算机通信的一个重要方面。由于密码验证协议的简单性,它已经被广泛地用于身份验证。最近,Lee氏等利用Smart Card,提出了一个基于随机数的远程用户验证方案。指出了这个方案并不像其提出者所声称的那样安全,同时提出了两种攻击方法以破解其验证方案。

Security Analysis and Improvement of Authentication Scheme Based on a One-way Hash Function and Diffie-Hellman Key Exchange Using Smart Card

A new authentication scheme based on a one-way hash function and Diffie-Hellman key exchange using smart card was propused by Yoon et al. in 2005. They claimed that the proposed protocol is against password guessing attack. In this paper, the author demonstrate that Yoon＇s scheme is vulnerable to the off-line password guessing attack by using a stolen smart card and the DoS attack by computational load at the re, note system. An improvement of Yoon＇s scheme to resist the above attacks is also proposed.

Extracting bus transit boarding stop information using smart card transaction data

The smart card-based automated fare collection （AFC） system has become the main method for collecting urban bus and rail transit fares in many cities worldwide. Such smart card technologies provide new opportunities for transportation data collection since the transaction data obtained through AFC system contains a significant amount of archived information which can be gathered and leveraged to help estimate public transit origin–destination matrices. Boarding location detection is an important step particularly when there is no automatic vehicle location （AVL） system or GPS information in the database in some cases. With the analysis of raw data without AVL information in this paper, an algorithm for trip direction detection is built and the directions for any bus in operation can be confirmed. The transaction interval between each adjacent record will also be analyzed to detect the boarding clusters for all trips in sequence. Boarding stops will then be distributed with the help of route information and operation schedules. Finally, the feasibility and practicality of the methodology are tested using the bus transit smart card data collected in Guangzhou, China.

Analysis of passenger boarding time difference between adults and seniors based on smart card data

As an essential component of bus dwelling time, passenger boarding time has a significant impact on bus running reliability and service quality. In order to understand the passengers’ boarding process and mitigate passenger boarding time, a regression analysis framework is proposed to capture the difference and influential factors of boarding time for adult and elderly passengers based on smart card data from Changzhou. Boarding gap, the time difference between two consecutive smart card tapping records, is calculated to approximate passenger boarding time. Analysis of variance is applied to identify whether the difference in boarding time between adults and seniors is statistically significant. The multivariate regression modeling approach is implemented to analyze the influences of passenger types, marginal effects of each additional boarding passenger and bus floor types on the total boarding time at each stop. Results show that a constant difference exists in boarding time between adults and seniors even without considering the specific bus characteristics. The average passenger boarding time decreases when the number of passenger increases. The existence of two entrance steps delays the boarding process, especially for elderly passengers.

AN IMPROVED REMOTE PASSWORD AUTHENTICATION SCHEME WITH SMART CARD

This paper analyzes the security performance of a latest proposed remote two-factor user authentication scheme and proposes an improved scheme based on the dynamic ID to avoid the attacks it suffers. Besides this, in our proposed scheme the password is no longer involved in the calculation of verification phase which makes our scheme more secure and costs less than the old one. At last we analyze the performance of our proposed scheme to prove it provides mutual authentication between the user and the server. Moreover, it also resists password guessing attack, server and user masquerade attack and replay attack effectively.

A Self-Encryption Remote User Anonymous Authentication Scheme Using Smart Cards

Remote user authentication is essential in distributed network environment to protect unauthorized access of a networked system. However, most of those existing remote user authentication schemes have not provided the user identity anonymity, while user anonymity is particularly important in some practical applications. Therefore, based on self-encryption mechanism, a new remote user authentication scheme was proposed. The scheme not only has no need of maintaining a password table at the remote server, but also can protect the user’s anonymity.

Transit smart card data mining for passenger origin information extraction

The automated fare collection(AFC) system,also known as the transit smart card(SC) system,has gained more and more popularity among transit agencies worldwide.Compared with the conventional manual fare collection system,an AFC system has its inherent advantages in low labor cost and high efficiency for fare collection and transaction data archival.Although it is possible to collect highly valuable data from transit SC transactions,substantial efforts and methodologies are needed for extracting such data because most AFC systems are not initially designed for data collection.This is true especially for the Beijing AFC system,where a passenger's boarding stop(origin) on a flat-rate bus is not recorded on the check-in scan.To extract passengers' origin data from recorded SC transaction information,a Markov chain based Bayesian decision tree algorithm is developed in this study.Using the time invariance property of the Markov chain,the algorithm is further optimized and simplified to have a linear computational complexity.This algorithm is verified with transit vehicles equipped with global positioning system(GPS) data loggers.Our verification results demonstrated that the proposed algorithm is effective in extracting transit passengers' origin information from SC transactions with a relatively high accuracy.Such transit origin data are highly valuable for transit system planning and route optimization.

Key Recovery Against 3DES in CPU Smart Card Based on Improved Correlation Power Analysis

The security of CPU smart cards, which are widely used throughout China, is currently being threatened by side-channel analysis. Typical countermeasures to side-channel analysis involve adding noise and filtering the power consumption signal. In this paper, we integrate appropriate preprocessing methods with an improved attack strategy to generate a key recovery solution to the shortcomings of these countermeasures. Our proposed attack strategy improves the attack result by combining information leaked from two adjacent clock cycles. Using our laboratory-based power analysis system, we verified the proposed key recovery solution by performing a successful correlation power analysis on a Triple Data Encryption Standard （3DES） hardware module in a real-life 32-bit CPU smart card. All 112 key bits of the 3DES were recovered with about 80 000 power traces.

A high-precision heuristic model to detect home and work locations from smart card data

Smart card-automated fare collection systems now routinely record large volumes of data comprising the origins and destinations of travelers.Processing and analyzing these data open new opportunities in urban modeling and travel behavior research.This study seeks to develop an accurate framework for the study of urban mobility from smart card data by developing a heuristic primary location model to identify the home and work locations.The model uses journey counts as an indicator of usage regularity,visit-frequency to identify activity locations for regular commuters,and stay-time for the classification of work and home locations and activities.London is taken as a case study,and the model results were validated against survey data from the London Travel Demand Survey and volunteer survey.Results demonstrate that the proposed model is able to detect meaningful home and work places with high precision.This study offers a new and cost-effective approach to travel behavior and demand research.

Improvement on a Biometric Based User Authentication Scheme in Wireless Sensor Networks Using Smart Cards

With the development of the Internet of Things(IoT)technique,sensitive information collected by sensors may be leaked.In recent years,many authentication schemes have been proposed.Banerjee et al proposed a biometric based user authentication scheme in wireless sensor networks using smart cards in 2019.But we found that Banerjee et al's authentication scheme is vulnerable to impersonation attacks.In order to overcome the weaknesses of Banerjee et al's scheme,we propose a new authentication scheme.In our proposed scheme,we only use the exclusive-or operation and one-way Hash function for the efficiency,which can reduce the computation burden for the IoT devices.In the authentication and session key agreement phase,the secret registration parameter is not used for the authentication,and the session key is given for the all entities.In the Devol-Yao threat model,the security analysis demonstrates that our proposed authentication scheme can resist well-known attacks.

Cryptanalysis and security enhancement of a remote user authentication scheme using smart cards

With the broad implementations of the electronic business and government applications, robust system security and strong privacy protection have become essential requirements for remote user authentication schemes. Recently, Chen et al. pointed out that Wang et al.＇s scheme is vulnerable to the user impersonation attack and parallel session attack, and proposed an enhanced version to overcome the identified security flaws. In this paper, however, we show that Chen et al.＇s scheme still cannot achieve the claimed security goals and report its following problems： （1） It suffers from the offline password guessing attack, key compromise impersonation attack and known key attack; （2） It fails to provide forward secrecy; （3） It is not easily repairable. As our main contribution, a robust dynamic ID-based scheme based on non-tamper resistance assumption of the smart cards is presented to cope with the aforementioned defects, while preserving the merits of different related schemes. The analysis demonstrates that our scheme meets all the proposed criteria and eliminates several grave security threats that are difficult to be tackled at the same time in previous scholarship.

Weaknesses and improvements of a remote user authentication scheme using smart cards

In 2005, Liu et al. proposed an improvement to Chien et al.＇s remote user authentication scheme, using smart cards, to prevent parallel session attack. This article, however, will demonstrate that Liu et al.＇s scheme is vulnerable to masquerading server attack and has the system＇s secret key forward secrecy problem. Therefore, an improved scheme with better security strength, by using counters instead of timestamps, is proposed. The proposed scheme does not only achieve their scheme＇s advantages, but also enhances its security by withstanding the weaknesses just mentioned.

ActivityNET:Neural networks to predict public transport trip purposes from individual smart card data and POIs

Predicting trip purpose from comprehensive and continuous smart card data is beneficial for transport and city planners in investigating travel behaviors and urban mobility.Here,we propose a framework,ActivityNET,using Machine Learning(ML)algorithms to predict passengers’trip purpose from Smart Card(SC)data and Points-of-Interest(POIs)data.The feasibility of the framework is demonstrated in two phases.Phase I focuses on extracting activities from individuals’daily travel patterns from smart card data and combining them with POIs using the proposed“activity-POIs consolidation algorithm”.Phase II feeds the extracted features into an Artificial Neural Network(ANN)with multiple scenarios and predicts trip purpose under primary activities(home and work)and secondary activities(entertainment,eating,shopping,child drop-offs/pick-ups and part-time work)with high accuracy.As a case study,the proposed ActivityNET framework is applied in Greater London and illustrates a robust competence to predict trip purpose.The promising outcomes demonstrate that the cost-effective framework offers high predictive accuracy and valuable insights into transport planning.

Analysis and design of a smart card based authentication protocol

Numerous smart card based authentication protocols have been proposed to provide strong system security and robust individual privacy for communication between parties these days. Nevertheless, most of them do not provide formal analysis proof, and the security robustness is doubtful. Chang and Cheng(2011) proposed an efficient remote authentication protocol with smart cards and claimed that their proposed protocol could support secure communication in a multi-server environment. Unfortunately, there are opportunities for security enhancement in current schemes. In this paper, we identify the major weakness, i.e., session key disclosure, of a recently published protocol. We consequently propose a novel authentication scheme for a multi-server environment and give formal analysis proofs for security guarantees.