Tele-medical information system provides an efficient and convenient way to connect patients at home with medical personnel in clinical centers.In this system,service providers consider user authentication as a critic...Tele-medical information system provides an efficient and convenient way to connect patients at home with medical personnel in clinical centers.In this system,service providers consider user authentication as a critical requirement.To address this crucial requirement,various types of validation and key agreement protocols have been employed.The main problem with the two-way authentication of patients and medical servers is not built with thorough and comprehensive analysis that makes the protocol design yet has flaws.This paper analyzes carefully all aspects of security requirements including the perfect forward secrecy in order to develop an efficient and robust lightweight authentication and key agreement protocol.The secureness of the proposed protocol undergoes an informal analysis,whose findings show that different security features are provided,including perfect forward secrecy and a resistance to DoS attacks.Furthermore,it is simulated and formally analyzed using Scyther tool.Simulation results indicate the protocol’s robustness,both in perfect forward security and against various attacks.In addition,the proposed protocol was compared with those of other related protocols in term of time complexity and communication cost.The time complexity of the proposed protocol only involves time of performing a hash function Th,i.e.,:O(12Th).Average time required for executing the authentication is 0.006 seconds;with number of bit exchange is 704,both values are the lowest among the other protocols.The results of the comparison point to a superior performance by the proposed protocol.展开更多
Satellite networks are recognized as the most essential communication infrastructures in the world today,which complement land networks and provide valuable services for their users.Extensive coverage and service stab...Satellite networks are recognized as the most essential communication infrastructures in the world today,which complement land networks and provide valuable services for their users.Extensive coverage and service stability of these networks have increased their popularity.Since eavesdropping and active intrusion in satellite communications are much easier than in terrestrial networks,securing satellite communications is vital.So far,several protocols have been proposed for authentication and key exchange of satellite communications,but none of them fullymeet the security requirements.In this paper,we examine one of these protocols and identify its security vulnerabilities.Moreover,we propose a robust and secure authentication and session key agreement protocol using the elliptic curve cryptography(ECC).We show that the proposed protocol meets common security requirements and is resistant to known security attacks.Moreover,we prove that the proposed scheme satisfies the security features using the Automated Validation of Internet Security Protocols and Applications(AVISPA)formal verification tool and On-the fly Model-Checker(OFMC)and ATtack SEarcher(ATSE)model checkers.We have also proved the security of the session key exchange of our protocol using theReal orRandom(RoR)model.Finally,the comparison of our scheme with similar methods shows its superiority.展开更多
An efficient authenticated key agreement protocol is proposed, which makesuse of bilinear pairings and self-certificd public keys. Its security is based on the securityassumptions of the bilinear Diff ie-Hellman probl...An efficient authenticated key agreement protocol is proposed, which makesuse of bilinear pairings and self-certificd public keys. Its security is based on the securityassumptions of the bilinear Diff ie-Hellman problem and the computational Diffie-Hellman problem.Users can choose their private keys independently. The public keys and identities of users can beverified implicitly when the session key being generating in a logically single step. A trusted KeyGeneration Center is no longer requiredas in the ID-based authenticated key agreement protocolsCompared with existing authenticated key agreement protocols from pairings, the. new proposedprotocol is more efficient and secure.展开更多
This paper proposed two modifications on IKE protocol with pre-shared key authentication. The first modification can improve its immunity against DDoS attack by authenticating the initiator before the responder genera...This paper proposed two modifications on IKE protocol with pre-shared key authentication. The first modification can improve its immunity against DDoS attack by authenticating the initiator before the responder generates the computation-intensive Diffie-Hellman public value. The second modification can improve its efficiency when the attack on messages occurs because it can detect the attack quickly by replacing the centralized authentication in origical IKE protocol with immediate authentication. In addition, the two modifications can be integrated into one protocol compactly.展开更多
Based on elliptic curve Diffie-Hellman algorithm, an Elliptic Curve Authenticated Key Agreement (ECAKA) protocol with pre-shared password is proposed. Its security relies on the Elliptic Curve Discrete Logarithm Probl...Based on elliptic curve Diffie-Hellman algorithm, an Elliptic Curve Authenticated Key Agreement (ECAKA) protocol with pre-shared password is proposed. Its security relies on the Elliptic Curve Discrete Logarithm Problem (ECDLP). It provides identity authentication, key validation and perfect forward secrecy, and it can foil man-in-the-middle attacks.展开更多
The development of wireless sensor network with Internet of Things(IoT)predicts various applications in the field of healthcare and cloud computing.This can give promising results on mobile health care(M-health)and Te...The development of wireless sensor network with Internet of Things(IoT)predicts various applications in the field of healthcare and cloud computing.This can give promising results on mobile health care(M-health)and Telecare medicine information systems.M-health system on cloud Internet of Things(IoT)through wireless sensor network(WSN)becomes the rising research for the need of modern society.Sensor devices attached to the patients’body which is connected to the mobile device can ease the medical services.Security is the key connect for optimal performance of the m-health system that share the data of patients in wireless networks in order to maintain the anonymity of the patients.This paper proposed a secure transmission of M-health data in wireless networks using proposed key agreement based Kerberos protocol.The patients processed data are stored in cloud server and accessed by doctors and caregivers.The data transfer between the patients,server and the doctors are accessed with proposed protocol in order to maintain the confidentiality and integrity of authentication.The efficiency of the proposed algorithm is compared with the existing protocols.For computing 100 devices it consumes only 91milllisecond for computation.展开更多
Wearable body area network(WBAN)aids the communication between the health providers and patients by supporting health monitoring services.It assists the users to maintain their health status records by collecting the ...Wearable body area network(WBAN)aids the communication between the health providers and patients by supporting health monitoring services.It assists the users to maintain their health status records by collecting the body signals and transmitting them for further processing measurements.However,sensor data are publicly transferred through insecure network that facilitates the attacker malicious acts like performing masquerading attack,man in the middle,and snooping.Several authentication techniques were suggested to levitate the security of the communication channels to preserve the user data from exposure.Moreover,authentication schemes aid plenty of security issues related to user and data privacy,anonymity,repudiation,confidentiality,and integrity,but they lack performance efficiency.On the other hand,it is very hard to find the balance between security and efficiency in most of the authentication schemes,especially for the WBAN platform that consists of memory and processing constraint devices.Therefore,this paper surveys and discusses the latest authentication schemes types,techniques,and system features.Also,it highlights their strengths and weaknesses towards common knowingly attacks and provides a comparison between the popular scheme validation proofs and simulation tools.Thence,this paper draws a path for the new direction of the authentication technologies,the authentication schemes open issues,and the potential future evolution in this area.展开更多
Two-party certificateless authenticated key agreement(CL-AKA) protocol is a hot topic in the field of wireless communication security. An improved two-party CL-AKA protocol with enhanced security is proposed,which is ...Two-party certificateless authenticated key agreement(CL-AKA) protocol is a hot topic in the field of wireless communication security. An improved two-party CL-AKA protocol with enhanced security is proposed,which is of provable security and unforgeability in the extended Canetti-Krawczyk(eCK) security model based on the hardness assumption of the computational Diffie Hellman(CDH) problem. Compared with other similar protocols, it is more efficient and can satisfy security properties such as free of the centralized management of certificate and key, free of bilinear pairings, two-party authentication, resistant to unknown key-share attack, key compromise impersonation attacks, the man-in-the-middle-attack(MIMA) of key generation center(KGC), etc. These properties make the proposed protocol have better performance and adaptability for military communication.展开更多
Forward secrecy is an important security property in key agreement protocol. Based on Ham's protocol, in this paper a new authenticated Diffie-Hellman key agreement protocol with half forward secrecy is proposed. Thi...Forward secrecy is an important security property in key agreement protocol. Based on Ham's protocol, in this paper a new authenticated Diffie-Hellman key agreement protocol with half forward secrecy is proposed. This protocol is also based on a single cryptographic assumption, and is user authentication and shared key authentication. More importantly, our protocol provides forward secrecy with respect to one of the parties. For this reason, besides the advantages of Ham's protocol, in practice, our protocol can reduce the damages resulted from the disclosure of the user's secret key and it is very beneficial to today's communication with portable devices.展开更多
This paper analyses security mechanism and authentication, key agreement protocol of 3G system amply, puts forward a amelioration scheme. This scheme assures security communications without credible VLR. This paper an...This paper analyses security mechanism and authentication, key agreement protocol of 3G system amply, puts forward a amelioration scheme. This scheme assures security communications without credible VLR. This paper analyses ameliorative protocol and resolves the security communications problem between MS and HLR.展开更多
This paper analyses security mechanism and authentication, key agreement protocol of 3G system amply, puts forward a amelioration scheme. This scheme assures security communications without credible VLR. This paper an...This paper analyses security mechanism and authentication, key agreement protocol of 3G system amply, puts forward a amelioration scheme. This scheme assures security communications without credible VLR. This paper analyses ameliorative protocol and resolves the security communications problem between MS and HLR.展开更多
文摘Tele-medical information system provides an efficient and convenient way to connect patients at home with medical personnel in clinical centers.In this system,service providers consider user authentication as a critical requirement.To address this crucial requirement,various types of validation and key agreement protocols have been employed.The main problem with the two-way authentication of patients and medical servers is not built with thorough and comprehensive analysis that makes the protocol design yet has flaws.This paper analyzes carefully all aspects of security requirements including the perfect forward secrecy in order to develop an efficient and robust lightweight authentication and key agreement protocol.The secureness of the proposed protocol undergoes an informal analysis,whose findings show that different security features are provided,including perfect forward secrecy and a resistance to DoS attacks.Furthermore,it is simulated and formally analyzed using Scyther tool.Simulation results indicate the protocol’s robustness,both in perfect forward security and against various attacks.In addition,the proposed protocol was compared with those of other related protocols in term of time complexity and communication cost.The time complexity of the proposed protocol only involves time of performing a hash function Th,i.e.,:O(12Th).Average time required for executing the authentication is 0.006 seconds;with number of bit exchange is 704,both values are the lowest among the other protocols.The results of the comparison point to a superior performance by the proposed protocol.
文摘Satellite networks are recognized as the most essential communication infrastructures in the world today,which complement land networks and provide valuable services for their users.Extensive coverage and service stability of these networks have increased their popularity.Since eavesdropping and active intrusion in satellite communications are much easier than in terrestrial networks,securing satellite communications is vital.So far,several protocols have been proposed for authentication and key exchange of satellite communications,but none of them fullymeet the security requirements.In this paper,we examine one of these protocols and identify its security vulnerabilities.Moreover,we propose a robust and secure authentication and session key agreement protocol using the elliptic curve cryptography(ECC).We show that the proposed protocol meets common security requirements and is resistant to known security attacks.Moreover,we prove that the proposed scheme satisfies the security features using the Automated Validation of Internet Security Protocols and Applications(AVISPA)formal verification tool and On-the fly Model-Checker(OFMC)and ATtack SEarcher(ATSE)model checkers.We have also proved the security of the session key exchange of our protocol using theReal orRandom(RoR)model.Finally,the comparison of our scheme with similar methods shows its superiority.
文摘An efficient authenticated key agreement protocol is proposed, which makesuse of bilinear pairings and self-certificd public keys. Its security is based on the securityassumptions of the bilinear Diff ie-Hellman problem and the computational Diffie-Hellman problem.Users can choose their private keys independently. The public keys and identities of users can beverified implicitly when the session key being generating in a logically single step. A trusted KeyGeneration Center is no longer requiredas in the ID-based authenticated key agreement protocolsCompared with existing authenticated key agreement protocols from pairings, the. new proposedprotocol is more efficient and secure.
文摘This paper proposed two modifications on IKE protocol with pre-shared key authentication. The first modification can improve its immunity against DDoS attack by authenticating the initiator before the responder generates the computation-intensive Diffie-Hellman public value. The second modification can improve its efficiency when the attack on messages occurs because it can detect the attack quickly by replacing the centralized authentication in origical IKE protocol with immediate authentication. In addition, the two modifications can be integrated into one protocol compactly.
基金Supported by "973" Program of China (No.G1999035805), "863" Program of China(No.2002AA143041), and RGC Project (No.HKU/7144/03E) of the Hong Kong SpecialAdministrative Region, China.
文摘Based on elliptic curve Diffie-Hellman algorithm, an Elliptic Curve Authenticated Key Agreement (ECAKA) protocol with pre-shared password is proposed. Its security relies on the Elliptic Curve Discrete Logarithm Problem (ECDLP). It provides identity authentication, key validation and perfect forward secrecy, and it can foil man-in-the-middle attacks.
文摘The development of wireless sensor network with Internet of Things(IoT)predicts various applications in the field of healthcare and cloud computing.This can give promising results on mobile health care(M-health)and Telecare medicine information systems.M-health system on cloud Internet of Things(IoT)through wireless sensor network(WSN)becomes the rising research for the need of modern society.Sensor devices attached to the patients’body which is connected to the mobile device can ease the medical services.Security is the key connect for optimal performance of the m-health system that share the data of patients in wireless networks in order to maintain the anonymity of the patients.This paper proposed a secure transmission of M-health data in wireless networks using proposed key agreement based Kerberos protocol.The patients processed data are stored in cloud server and accessed by doctors and caregivers.The data transfer between the patients,server and the doctors are accessed with proposed protocol in order to maintain the confidentiality and integrity of authentication.The efficiency of the proposed algorithm is compared with the existing protocols.For computing 100 devices it consumes only 91milllisecond for computation.
文摘Wearable body area network(WBAN)aids the communication between the health providers and patients by supporting health monitoring services.It assists the users to maintain their health status records by collecting the body signals and transmitting them for further processing measurements.However,sensor data are publicly transferred through insecure network that facilitates the attacker malicious acts like performing masquerading attack,man in the middle,and snooping.Several authentication techniques were suggested to levitate the security of the communication channels to preserve the user data from exposure.Moreover,authentication schemes aid plenty of security issues related to user and data privacy,anonymity,repudiation,confidentiality,and integrity,but they lack performance efficiency.On the other hand,it is very hard to find the balance between security and efficiency in most of the authentication schemes,especially for the WBAN platform that consists of memory and processing constraint devices.Therefore,this paper surveys and discusses the latest authentication schemes types,techniques,and system features.Also,it highlights their strengths and weaknesses towards common knowingly attacks and provides a comparison between the popular scheme validation proofs and simulation tools.Thence,this paper draws a path for the new direction of the authentication technologies,the authentication schemes open issues,and the potential future evolution in this area.
文摘Two-party certificateless authenticated key agreement(CL-AKA) protocol is a hot topic in the field of wireless communication security. An improved two-party CL-AKA protocol with enhanced security is proposed,which is of provable security and unforgeability in the extended Canetti-Krawczyk(eCK) security model based on the hardness assumption of the computational Diffie Hellman(CDH) problem. Compared with other similar protocols, it is more efficient and can satisfy security properties such as free of the centralized management of certificate and key, free of bilinear pairings, two-party authentication, resistant to unknown key-share attack, key compromise impersonation attacks, the man-in-the-middle-attack(MIMA) of key generation center(KGC), etc. These properties make the proposed protocol have better performance and adaptability for military communication.
基金Supported by the National Natural Science Foundation of China (60873233)the Nature Science Foundation of Shaanxi Province, China (2006F19)the Technology Research Program of Xi’an, China (CXY08016)
文摘Forward secrecy is an important security property in key agreement protocol. Based on Ham's protocol, in this paper a new authenticated Diffie-Hellman key agreement protocol with half forward secrecy is proposed. This protocol is also based on a single cryptographic assumption, and is user authentication and shared key authentication. More importantly, our protocol provides forward secrecy with respect to one of the parties. For this reason, besides the advantages of Ham's protocol, in practice, our protocol can reduce the damages resulted from the disclosure of the user's secret key and it is very beneficial to today's communication with portable devices.
文摘This paper analyses security mechanism and authentication, key agreement protocol of 3G system amply, puts forward a amelioration scheme. This scheme assures security communications without credible VLR. This paper analyses ameliorative protocol and resolves the security communications problem between MS and HLR.
文摘This paper analyses security mechanism and authentication, key agreement protocol of 3G system amply, puts forward a amelioration scheme. This scheme assures security communications without credible VLR. This paper analyses ameliorative protocol and resolves the security communications problem between MS and HLR.
