Encryption with User Authentication Model for Internet of Medical Things Environment

Internet of Medical Things(IoMT)enabled e-healthcare has the potential to greately improve conventional healthcare services significantly.However,security and privacy become major issues of IoMT because of the restricted processing abilities,storage,and energy constraints of the sensors.Therefore,it leads to infeasibility of developing traditional cryptographic solutions to the IoMT sensors.In order to ensure security on sensitive medical data,effective encryption and authentication techniques need to be designed to assure security of the patients and healthcare service providers.In this view,this study designs an effective metaheuristic optimization based encryption with user authentication(EMOE-UA)technique for IoMT environment.This work proposes an EMOE-UA technique aims to accomplish mutual authentication for addressing the security issues and reducing the computational complexity.Moreover,the EMOE-UA technique employs optimal multikey homomorphic encryption(OMKHE)technique to encrypt the IoMT data.Furthermore,the improved social spider optimization algorithm(ISSOA)was employed for the optimal multikey generation of the MKHE technique.The experimental result analysis of the EMOE-UA technique takes place using benchmark data and the results are examined under various aspects.The simulation results reported the considerably better performance of the EMOE-UA technique over the existing techniques.

NEW REMOTE USER AUTHENTICATION SCHEME USING SMART CARD

Because the modified remote user authentication scheme proposed by Shen, Lin and Hwang is insecure, the Shen-Lin-Hwang＇ s scheme is improved and a new secure remote user authentication scheme based on the bi- linear parings is proposed. Moreover, the effectiveness of the new scheme is analyzed, and it is proved that the new scheme can prevent from all kinds of known attack. The one-way hash function is effective in the new scheme. The new scheme is proved that it has high effectiveness and fast convergence speed. Moreover, the ap- plication of the new scheme is easy and operational.

Smartphone User Authentication Based on Holding Position and Touch-Typing Biometrics

In this advanced age,when smart phones are the norm,people utilize social networking,online shopping,and even private information storage through smart phones.As a result,identity authentication has become the most critical security activity in this period of the intelligent craze.By analyzing the shortcomings of the existing authentication methods,this paper proposes an identity authentication method based on the behavior of smartphone users.Firstly,the sensor data and touch-screen data of the smart phone users are collected through android programming.Secondly,the eigenvalues of this data are extracted and sent to the server.Thirdly,the Support Vector Machine(SVM)and Recurrent Neural Network(RNN)are introduced to train the collected data on the server end,and the results are finally yielded by the weighted average.The results show that the method this paper proposes has great FRR(False Reject Rate)and FAR(False Accept Rate).

ID-Based User Authentication Scheme for Cloud Computing

In cloud computing environments, user authentication is an important security mechanism because it provides the fundamentals of authentication, authorization, and accounting （AAA）. In 2009, Wang et al. proposed an identity-based （ID-based） authentication scheme to deal with the user login problem for cloud computing. However, Wang et aL＇s scheme is insecure against message alteration and impersonation attacks. Besides, their scheme has large computation costs for cloud users. Therefore, we propose a novel ID-based user authentication scheme to solve the above mentioned problems. The proposed scheme provides anonymity and security for the user who accesses different cloud servers. Compared with the related schemes, the proposed scheme has less computation cost so it is very efficient for cloud computing in practice.

A Lightweight and Robust User Authentication Protocol with User Anonymity for IoT-Based Healthcare

With the rise of the Internet of Things(IoT),the word“intelligent medical care”has increasingly become a major vision.Intelligent medicine adopts the most advanced IoT technology to realize the interaction between patients and people,medical institutions,andmedical equipment.However,with the openness of network transmission,the security and privacy of information transmission have become a major problem.Recently,Masud et al.proposed a lightweight anonymous user authentication protocol for IoT medical treatment,claiming that their method can resist various attacks.However,through analysis of the protocol,we observed that their protocol cannot effectively resist privileged internal attacks,sensor node capture attacks,and stolen authentication attacks,and their protocol does not have perfect forward security.Therefore,we propose a new protocol to resolve the security vulnerabilities in Masud’s protocol and remove some redundant parameters,so as tomake the protocolmore compact and secure.In addition,we evaluate the security and performance of the new protocol and prove that the overall performance of the new protocol is better than that of other related protocols.

Remote Access Communications Security: Analysis of User Authentication Roles in Organizations

Remote access is a means of accessing resources outside one’s immediate physical location. This has made employee mobility more effective and productive for most organizations. Remote access can be achieved via various channels of remote communication, the most common being Virtual Private Networks (VPNs). The demand for remote access is on the rise, especially during the Covid-19 pandemic, and will continue to increase as most organizations are re-structuring to make telecommuting a permanent part of their mode of operation. Employee mobility, while presenting organizations with some advantages, comes with the associated risk of exposing corporate cyber assets to attackers. The remote user and the remote connectivity technology present some vulnerabilities which can be exploited by any threat agent to violate the confidentiality, integrity and availability (CIA) dimensions of these cyber assets. So, how are users and remote devices authenticated? To what extent is the established connection secured? With employee mobility on the rise, it is necessary to analyze the user authentication role since the mobile employee is not under the monitoring radar of the organization, and the environment from which the mobile employee connects may be vulnerable. In this study, an experiment was setup to ascertain the user authentication roles. The experiment showed the process of 2FA in user authentication and it proved to be an effective means of improving user authentication during remote access. This was depicted via the use of what the user has (mobile phone/soft-token) as a second factor in addition to what the user knows, i.e. password. This authentication method overcomes the security weaknesses inherent in single-factor user authentication via the use of password only. However, the results also showed that though 2FA user authentication ensures security, the remote devices could exhibit further vulnerabilities and pose serious risks to the organization. Thus, a varied implementation was recommended to further enhance the security of remote access communication with regards to the remote user authentication.

A Self-Encryption Remote User Anonymous Authentication Scheme Using Smart Cards

Remote user authentication is essential in distributed network environment to protect unauthorized access of a networked system. However, most of those existing remote user authentication schemes have not provided the user identity anonymity, while user anonymity is particularly important in some practical applications. Therefore, based on self-encryption mechanism, a new remote user authentication scheme was proposed. The scheme not only has no need of maintaining a password table at the remote server, but also can protect the user’s anonymity.

Assessing Secure OpenID-Based EAAA Protocol to Prevent MITM and Phishing Attacks in Web Apps

To secure web applications from Man-In-The-Middle(MITM)and phishing attacks is a challenging task nowadays.For this purpose,authen-tication protocol plays a vital role in web communication which securely transfers data from one party to another.This authentication works via OpenID,Kerberos,password authentication protocols,etc.However,there are still some limitations present in the reported security protocols.In this paper,the presented anticipated strategy secures both Web-based attacks by leveraging encoded emails and a novel password form pattern method.The proposed OpenID-based encrypted Email’s Authentication,Authorization,and Accounting(EAAA)protocol ensure security by relying on the email authenticity and a Special Secret Encrypted Alphanumeric String(SSEAS).This string is deployed on both the relying party and the email server,which is unique and trustworthy.The first authentication,OpenID Uniform Resource Locator(URL)identity,is performed on the identity provider side.A second authentication is carried out by the hidden Email’s server side and receives a third authentication link.This Email’s third SSEAS authentication link manages on the relying party(RP).Compared to existing cryptographic single sign-on protocols,the EAAA protocol ensures that an OpenID URL’s identity is secured from MITM and phishing attacks.This study manages two attacks such as MITM and phishing attacks and gives 339 ms response time which is higher than the already reported methods,such as Single Sign-On(SSO)and OpenID.The experimental sites were examined by 72 information technology(IT)specialists,who found that 88.89%of respondents successfully validated the user authorization provided to them via Email.The proposed EAAA protocol minimizes the higher-level risk of MITM and phishing attacks in an OpenID-based atmosphere.

Lightweight Key Management Scheme Using Fuzzy Extractor for Wireless Mobile Sensor Network

The mature design of wireless mobile sensor network makes it to be used in vast verities of applications including from home used to the security surveillance.All such types of applications based on wireless mobile sensor network are generally using real time data,most of them are interested in real time communication directly from cluster head of cluster instead of a base station in cluster network.This would be possible if an external user allows to directly access real time data from the cluster head in cluster wireless mobile sensor network instead of accessing data from base station.But this leads to a serious security breach and degrades the performance of any security protocol available in this domain.Most existing schemes for authentication and cluster key management for external users,exchange a number of messages between cluster head and base station to allow external to access real time data from the base station instead of cluster head.This increase communication cost and delay in such real time access information.To handle this critical issue in cluster wireless mobile sensor network,we propose a lightweight authentication and key management scheme using a fuzzy extractor.In this scheme,any external user can access data directly from the cluster head of any cluster without the involvement of the base station.The proposed scheme only uses the one-way hash functions and bitwise XOR operations,apart from the fuzzy extractor method for the user biometric verification at the login phase.The presented scheme supports scalability for an increasing number of nodes using polynomials.The proposed scheme increases the life-time of the network by decreasing the key pool size.

An efficient and DoS-resistant user authentication scheme for two-tiered wireless sensor networks

Wireless sensor networks (WSNs) are vulnerable to security attacks due to their deployment and resource constraints.Considering that most large-scale WSNs follow a two-tiered architecture,we propose an efficient and denial-of-service (DoS)-resistant user authentication scheme for two-tiered WSNs.The proposed approach reduces the computational load,since it performs only simple operations,such as exclusive-OR and a one-way hash function.This feature is more suitable for the resource-limited sensor nodes and mobile devices.And it is unnecessary for master nodes to forward login request messages to the base station,or maintain a long user list.In addition,pseudonym identity is introduced to preserve user anonymity.Through clever design,our proposed scheme can prevent smart card breaches.Finally,security and performance analysis demonstrates the effectiveness and robustness of the proposed scheme.

Efficient User Authentication and Key Management for Peer-to-Peer Live Streaming Systems

Recent development of the peer-to-peer （P2P） live streaming technique has brought unprecedented new momentum to the Internet with the characters of effective, scalable, and low cost. However, before these applications can be successfully deployed as commercial applications, efficient access control mechanisms are needed. This work based on earlier research of the secure streaming architecture in Trust- Stream, analyzes how to ensure that only authorized users can access the original media in the P2P live streaming system by adopting a user authentication and key management scheme. The major features of this system include （1） the management server issues each authorized user a unique public key certificate, （2） the one-way hash chain extends the certificate＇s lifetime, （3） the original media is encrypted by the session key and delivered to the communication group, and （4） the session key is periodically updated and distributed with the media. Finally, analyses and test results show that scheme provides a secure, scalable, reliable, and efficient access control solution for P2P live streaming systems.

Robust Password and Smart Card Based Authentication Scheme with Smart Card Revocation

User authentication scheme allows user and server to authenticate each other, and generates a session key for the subsequent communication. How to resist the password guessing attacks and smart card stolen attacks are two key problems for designing smart cart and password based user authentication scheme. In 2011, Li and Lee proposed a new smart cart and password based user authentication scheme with smart card revocation, and claimed that their scheme could be immunity to these attacks. In this paper, we show that Li and Lee's scheme is vulnerable to off-line password guessing attack once the information stored in smart card is extracted, and it does not provide perfect forward secrecy. A robust user authentication scheme with smart card revocation is then proposed. We use a most popular and widely used formal verification tool ProVerif, which is based on applied pi calculus, to prove that the proposed scheme achieves security and authentication.

User Authentication Schemes Based on Smart Cards

Three user authentication schemes are proposed. The security of these new schemes is due to the used secure hash functions and the physically secure smart cards.

TKCA:a timely keystroke-based continuous user authentication with short keystroke sequence in uncontrolled settings

Keystroke-based behavioral biometrics have been proven effective for continuous user authentication.Current state-of-the-art algorithms have achieved outstanding results in long text or short text collected by doing some tasks.It remains a considerable challenge to authenticate users continuously and accurately with short keystroke inputs collected in uncontrolled settings.In this work,we propose a Timely Keystroke-based method for Continuous user Authentication,named TKCA.It integrates the key name and two kinds of timing features through an embedding mechanism.And it captures the relationship between context keystrokes by the Bidirectional Long Short-Term Memory(Bi-LSTM)network.We conduct a series of experiments to validate it on a public dataset-the Clarkson II dataset collected in a completely uncontrolled and natural setting.Experiment results show that the proposed TKCA achieves state-of-the-art performance with 8.28%of EER when using only 30 keystrokes and 2.78%of EER when using 190 keystrokes.

Making a good thing better:enhancing password/PIN-based user authentication with smartwatch

Wearing smartwatches becomes increasingly popular in people’s lives.This paper shows that a smartwatch can help its bearer authenticate to a login system effectively and securely even if the bearer’s password has already been revealed.This idea is motivated by our observation that a sensor-rich smartwatch is capable of tracking the wrist motions of its bearer typing a password or PIN,which can be used as an authentication factor.The major challenge in this research is that a sophisticated attacker may imitate a user’s typing behavior as shown in previous research on keystroke dynamics based user authentication.We address this challenge by applying a set of machine learning and deep learning classifiers on the user’s wrist motion data that are collected from a smartwatch worn by the user when inputting his/her password or PIN.Our solution is user-friendly since it does not require users to perform any additional actions when typing passwords or PINs other than wearing smartwatches.We conduct a user study involving 51 participants so as to evaluate the feasibility and performance of our solution.User study results show that the best classifier is the Bagged Decision Trees,which yields 4.58% FRR and 0.12% FAR on a QWERTY keyboard,and 6.13% FRR and 0.16% FAR on a numeric keypad.

A probabilistic model of quantum states for classical data security

The phenomenal progress of quantum information theory over the last decade has substantially broadened the potential to simulate the superposition of states for exponential speedup of quantum algorithms over their classical peers.Therefore,the conventional and modern cryptographic standards(encryption and authentication)are susceptible to Shor’s and Grover’s algorithms on quantum computers.The significant improvement in technology permits consummate levels of data protection by encoding classical data into small quantum states that can only be utilized once by leveraging the capabilities of quantum-assisted classical computations.Considering the frequent data breaches and increasingly stringent privacy legislation,we introduce a hybrid quantum-classical model to transform classical data into unclonable states,and we experimentally demonstrate perfect state transfer to exemplify the classical data.To alleviate implementation complexity,we propose an arbitrary quantum signature scheme that does not require the establishment of entangled states to authenticate users in order to transmit and receive arbitrated states to retrieve classical data.The consequences of the probabilistic model indicate that the quantum-assisted classical framework substantially enhances the performance and security of digital data,and paves the way toward real-world applications.

Cloud-based data security transactions employing blowfish and spotted hyena optimisation algorithm

Because of its on-demand servicing and scalability features in cloud computing,security and confidentiality have converted to key concerns.Maintaining transaction information on thirdparty servers carries significant dangers so that malicious individuals trying for illegal access to information data security architecture.This research proposes a security-aware information transfer in the cloud-based on the blowfish algorithm(BFA)to address the issue.The user is verified initially with the identification and separate the imported data using pattern matching technique.Further,BFA is utilised to encrypt and save the data in cloud.This can safeguard the data and streamline the proof so that client cannot retrieve the information without identification which makes the environment secure.The suggested approach’s performance is evaluated using several metrics,including encryption time,decryption time,memory utilisation,and runtime.Compared to the existing methodology,the investigational findings clearly show that the method takes the least time to data encryption.