During the past decade,rapid advances in wireless communication technologies have made it possible for users to access desired services using hand-held devices.Service providers have hosted multiple servers to ensure ...During the past decade,rapid advances in wireless communication technologies have made it possible for users to access desired services using hand-held devices.Service providers have hosted multiple servers to ensure seamless online services to end-users.To ensure the security of this online communication,researchers have proposed several multi-server authentication schemes incorporating various cryptographic primitives.Due to the low power and computational capacities of mobile devices,the hash-based multi-server authenticated key agreement schemes with offline Registration Server(RS)are the most efficient choice.Recently,Kumar-Om presented such a scheme and proved its security against all renowned attacks.However,we find that their scheme bears an incorrect login phase,and is unsafe to the trace attack,the Session-Specific Temporary Information Attack(SSTIA),and the Key Compromise Impersonation Attack(KCIA).In fact,all of the existing multi-server authentication schemes(hash-based with offline RS)do not withstand KCLA.To deal with this situation,we propose an improved hash-based multi-server authentication scheme(with offline RS).We analyze the security of the proposed scheme under the random oracle model and use the t4Automated Validation of Internet Security Protocols and Applications''(AVISPA)tool.The comparative analysis of communication overhead and computational complexity metrics shows the efficiency of the proposed scheme.展开更多
Multi-server authenticated key agreement schemes have attracted great attention to both academia and industry in recent years.However,traditional authenticated key agreement schemes in the single-server environment ar...Multi-server authenticated key agreement schemes have attracted great attention to both academia and industry in recent years.However,traditional authenticated key agreement schemes in the single-server environment are not suitable for the multi-server environment because the user has to register on each server when he/she wishes to log in various servers for different service.Moreover,it is unreasonable to consider all servers are trusted since the server in a multi-server environment may be a semi-trusted party.In order to overcome these difficulties,we designed a secure three-factor multi-server authenticated key agreement protocol based on elliptic curve cryptography,which needs the user to register only once at the registration center in order to access all semi-trusted servers.The proposed scheme can not only against various known attacks but also provides high computational efficiency.Besides,we have proved our scheme fulfills mutual authentication by using the authentication test method.展开更多
With the development of communication technologies,various mobile devices and different types of mobile services became available.The emergence of these services has brought great convenience to our lives.The multi-se...With the development of communication technologies,various mobile devices and different types of mobile services became available.The emergence of these services has brought great convenience to our lives.The multi-server architecture authentication protocols for mobile cloud computing were proposed to ensure the security and availability between mobile devices and mobile services.However,most of the protocols did not consider the case of hierarchical authentication.In the existing protocol,when a mobile user once registered at the registration center,he/she can successfully authenticate with all mobile service providers that are registered at the registration center,but real application scenarios are not like this.For some specific scenarios,some mobile service providers want to provide service only for particular users.For this reason,we propose a new hierarchical multi-server authentication protocol for mobile cloud computing.The proposed protocol ensures only particular types of users can successfully authenticate with certain types of mobile service providers.The proposed protocol reduces computing and communication costs by up to 42.6%and 54.2%compared to two superior protocols.The proposed protocol can also resist the attacks known so far.展开更多
Currently, smart card based remote user authentication schemes have been widely adopted due to their low cost and convenient portability. With the purpose of using various different internet services with single regis...Currently, smart card based remote user authentication schemes have been widely adopted due to their low cost and convenient portability. With the purpose of using various different internet services with single registration and to protect the users from being tracked, various dynamic ID based multi-server authentication protocols have been proposed. Recently, Li et al. proposed an efficient and secure dynamic ID based authentication protocol using smart cards. They claimed that their protocol provides strong security. In this paper, we have demonstrated that Li et al.’s protocol is vulnerable to replay attack, denial of service attack, smart card lost attack, eavesdropping attack and server spoofing attacks.展开更多
Since network services are provided cooperatively by multiple servers in the Internet,the authentication protocols for multiserver architecture are required by Internetbased services,such as online game,online trade a...Since network services are provided cooperatively by multiple servers in the Internet,the authentication protocols for multiserver architecture are required by Internetbased services,such as online game,online trade and so on.Recently,Li et al.analyzed Lee et al.'s protocol and proposed an improved dynamic identity based authentication protocol for multi-server architecture.They claimed that their protocol provides user's anonymity,mutual authentication and the session key agreement against several kinds of attacks.In this paper,a cryptanalysis on Lee et al.'s scheme shows that Lee et al.'s protocol is also vulnerable to malicious server attack,stolen smart card attack and leak-of-verifier attack.Moreover,Li et al.'s improved protocol is also vulnerable to all these attacks.Further cryptanalysis reveals that Li et al.'s improved protocol is susceptible to collusion attack.展开更多
In order to meet people’s demand for various types of network services,researchers have conducted extensive research on authentication schemes for multi-server architecture.Although various schemes have been proposed...In order to meet people’s demand for various types of network services,researchers have conducted extensive research on authentication schemes for multi-server architecture.Although various schemes have been proposed,most of them still have safety defects and fail to meet safety requirements.Recently,Haq et al presented an efficient Hash-based authenticated key agreement scheme for multi-server scheme and claimed that their scheme can withstand all well-known attacks.However,we find that their scheme is vulnerable to replay attack,tracking attack and malicious server impersonation user attack.Then we propose an improved scheme.We also analyze the security of the improved scheme and compare with Haq et al’s scheme in security and computational efficiency.Furthermore,we use the AVISPA(Automated Validation of Internet Security Protocols and Applications)tool to verify the security of the improved scheme.展开更多
为了满足运行速度快、时延低、性能好、公平性好等特点,提出了多服务器门限服务系统,并利用BiLSTM(Bi-direc-tional Long Short-Term Memory)神经网络对其进行预测分析,使用多服务器接入方式来降低网络时延,改善系统性能。多个服务器调...为了满足运行速度快、时延低、性能好、公平性好等特点,提出了多服务器门限服务系统,并利用BiLSTM(Bi-direc-tional Long Short-Term Memory)神经网络对其进行预测分析,使用多服务器接入方式来降低网络时延,改善系统性能。多个服务器调度时,可以采用同步和异步两种方式。首先,研究多服务器门限服务的系统模型。其次,在单服务器的基础上,利用嵌入马尔可夫链和概率母函数的分析方法对多服务器门限服务的平均排队队长、平均循环周期和平均时延进行求解;同时,利用Matlab进行仿真实验,分别将单服务器系统与多服务器系统的理论值与仿真值进行系统分析,对比多服务器同步和异步两种方式。最后,构建BiLSTM神经网络来预测多服务器系统的性能。实验结果表明,该多服务器系统异步方式优于同步和单服务器系统,多服务器异步系统的性能更好,时延更低,效率更高。综合对比多服务器的3种基本服务系统,在保证公平性的情况下,门限服务系统更加稳定。并且使用BiLSTM神经网络预测算法能够准确预测系统的性能,提高计算效率,对轮询系统的性能评价具有指导意义。展开更多
文摘During the past decade,rapid advances in wireless communication technologies have made it possible for users to access desired services using hand-held devices.Service providers have hosted multiple servers to ensure seamless online services to end-users.To ensure the security of this online communication,researchers have proposed several multi-server authentication schemes incorporating various cryptographic primitives.Due to the low power and computational capacities of mobile devices,the hash-based multi-server authenticated key agreement schemes with offline Registration Server(RS)are the most efficient choice.Recently,Kumar-Om presented such a scheme and proved its security against all renowned attacks.However,we find that their scheme bears an incorrect login phase,and is unsafe to the trace attack,the Session-Specific Temporary Information Attack(SSTIA),and the Key Compromise Impersonation Attack(KCIA).In fact,all of the existing multi-server authentication schemes(hash-based with offline RS)do not withstand KCLA.To deal with this situation,we propose an improved hash-based multi-server authentication scheme(with offline RS).We analyze the security of the proposed scheme under the random oracle model and use the t4Automated Validation of Internet Security Protocols and Applications''(AVISPA)tool.The comparative analysis of communication overhead and computational complexity metrics shows the efficiency of the proposed scheme.
基金This work is supported by the Sichuan education department research project(No.16226483)Sichuan Science and Technology Program(No.2018GZDZX0008)+1 种基金Chengdu Science and Technology Program(No.2018-YF08-00007-GX)the National Natural Science Foundation of China(No.61872087).
文摘Multi-server authenticated key agreement schemes have attracted great attention to both academia and industry in recent years.However,traditional authenticated key agreement schemes in the single-server environment are not suitable for the multi-server environment because the user has to register on each server when he/she wishes to log in various servers for different service.Moreover,it is unreasonable to consider all servers are trusted since the server in a multi-server environment may be a semi-trusted party.In order to overcome these difficulties,we designed a secure three-factor multi-server authenticated key agreement protocol based on elliptic curve cryptography,which needs the user to register only once at the registration center in order to access all semi-trusted servers.The proposed scheme can not only against various known attacks but also provides high computational efficiency.Besides,we have proved our scheme fulfills mutual authentication by using the authentication test method.
基金This work is funded by the Chengdu Science and Technology Bureau No.2016-XT00-00015-GXthe Civil Aviation Administration of China No.PSDSA201802.
文摘With the development of communication technologies,various mobile devices and different types of mobile services became available.The emergence of these services has brought great convenience to our lives.The multi-server architecture authentication protocols for mobile cloud computing were proposed to ensure the security and availability between mobile devices and mobile services.However,most of the protocols did not consider the case of hierarchical authentication.In the existing protocol,when a mobile user once registered at the registration center,he/she can successfully authenticate with all mobile service providers that are registered at the registration center,but real application scenarios are not like this.For some specific scenarios,some mobile service providers want to provide service only for particular users.For this reason,we propose a new hierarchical multi-server authentication protocol for mobile cloud computing.The proposed protocol ensures only particular types of users can successfully authenticate with certain types of mobile service providers.The proposed protocol reduces computing and communication costs by up to 42.6%and 54.2%compared to two superior protocols.The proposed protocol can also resist the attacks known so far.
文摘Currently, smart card based remote user authentication schemes have been widely adopted due to their low cost and convenient portability. With the purpose of using various different internet services with single registration and to protect the users from being tracked, various dynamic ID based multi-server authentication protocols have been proposed. Recently, Li et al. proposed an efficient and secure dynamic ID based authentication protocol using smart cards. They claimed that their protocol provides strong security. In this paper, we have demonstrated that Li et al.’s protocol is vulnerable to replay attack, denial of service attack, smart card lost attack, eavesdropping attack and server spoofing attacks.
基金supported by the Key Program of NSFC-Guangdong Union Foundation under Grant No.U1135002Young Foundation of Humanities and Social Sciences of MOE (Ministry of Education in China) of under Grant No.11YJCZH160Foundation for Young Scientists of Jiangxi Province of China under Grant No.20133BCB23016
文摘Since network services are provided cooperatively by multiple servers in the Internet,the authentication protocols for multiserver architecture are required by Internetbased services,such as online game,online trade and so on.Recently,Li et al.analyzed Lee et al.'s protocol and proposed an improved dynamic identity based authentication protocol for multi-server architecture.They claimed that their protocol provides user's anonymity,mutual authentication and the session key agreement against several kinds of attacks.In this paper,a cryptanalysis on Lee et al.'s scheme shows that Lee et al.'s protocol is also vulnerable to malicious server attack,stolen smart card attack and leak-of-verifier attack.Moreover,Li et al.'s improved protocol is also vulnerable to all these attacks.Further cryptanalysis reveals that Li et al.'s improved protocol is susceptible to collusion attack.
基金Supported by the Applied Basic and Advanced Technology Research Programs of Tianjin(15JCYBJC15900)。
文摘In order to meet people’s demand for various types of network services,researchers have conducted extensive research on authentication schemes for multi-server architecture.Although various schemes have been proposed,most of them still have safety defects and fail to meet safety requirements.Recently,Haq et al presented an efficient Hash-based authenticated key agreement scheme for multi-server scheme and claimed that their scheme can withstand all well-known attacks.However,we find that their scheme is vulnerable to replay attack,tracking attack and malicious server impersonation user attack.Then we propose an improved scheme.We also analyze the security of the improved scheme and compare with Haq et al’s scheme in security and computational efficiency.Furthermore,we use the AVISPA(Automated Validation of Internet Security Protocols and Applications)tool to verify the security of the improved scheme.
文摘为了满足运行速度快、时延低、性能好、公平性好等特点,提出了多服务器门限服务系统,并利用BiLSTM(Bi-direc-tional Long Short-Term Memory)神经网络对其进行预测分析,使用多服务器接入方式来降低网络时延,改善系统性能。多个服务器调度时,可以采用同步和异步两种方式。首先,研究多服务器门限服务的系统模型。其次,在单服务器的基础上,利用嵌入马尔可夫链和概率母函数的分析方法对多服务器门限服务的平均排队队长、平均循环周期和平均时延进行求解;同时,利用Matlab进行仿真实验,分别将单服务器系统与多服务器系统的理论值与仿真值进行系统分析,对比多服务器同步和异步两种方式。最后,构建BiLSTM神经网络来预测多服务器系统的性能。实验结果表明,该多服务器系统异步方式优于同步和单服务器系统,多服务器异步系统的性能更好,时延更低,效率更高。综合对比多服务器的3种基本服务系统,在保证公平性的情况下,门限服务系统更加稳定。并且使用BiLSTM神经网络预测算法能够准确预测系统的性能,提高计算效率,对轮询系统的性能评价具有指导意义。