Robust and Reusable Fuzzy Extractors from Non-Uniform Learning with Errors Problem

Afuzzy extractor can extract an almost uniformrandom string from a noisy source with enough entropy such as biometric data.To reproduce an identical key from repeated readings of biometric data,the fuzzy extractor generates a helper data and a random string from biometric data and uses the helper data to reproduce the random string from the second reading.In 2013,Fuller et al.proposed a computational fuzzy extractor based on the learning with errors problem.Their construction,however,can tolerate a sub-linear fraction of errors and has an inefficient decoding algorithm,which causes the reproducing time to increase significantly.In 2016,Canetti et al.proposed a fuzzy extractor with inputs from low-entropy distributions based on a strong primitive,which is called digital locker.However,their construction necessitates an excessive amount of storage space for the helper data,which is stored in authentication server.Based on these observations,we propose a new efficient computational fuzzy extractorwith small size of helper data.Our scheme supports reusability and robustness,which are security notions that must be satisfied in order to use a fuzzy extractor as a secure authentication method in real life.Also,it conceals no information about the biometric data and thanks to the new decoding algorithm can tolerate linear errors.Based on the non-uniform learning with errors problem,we present a formal security proof for the proposed fuzzy extractor.Furthermore,we analyze the performance of our fuzzy extractor scheme and provide parameter sets that meet the security requirements.As a result of our implementation and analysis,we show that our scheme outperforms previous fuzzy extractor schemes in terms of the efficiency of the generation and reproduction algorithms,as well as the size of helper data.

Lightweight Key Management Scheme Using Fuzzy Extractor for Wireless Mobile Sensor Network

The mature design of wireless mobile sensor network makes it to be used in vast verities of applications including from home used to the security surveillance.All such types of applications based on wireless mobile sensor network are generally using real time data,most of them are interested in real time communication directly from cluster head of cluster instead of a base station in cluster network.This would be possible if an external user allows to directly access real time data from the cluster head in cluster wireless mobile sensor network instead of accessing data from base station.But this leads to a serious security breach and degrades the performance of any security protocol available in this domain.Most existing schemes for authentication and cluster key management for external users,exchange a number of messages between cluster head and base station to allow external to access real time data from the base station instead of cluster head.This increase communication cost and delay in such real time access information.To handle this critical issue in cluster wireless mobile sensor network,we propose a lightweight authentication and key management scheme using a fuzzy extractor.In this scheme,any external user can access data directly from the cluster head of any cluster without the involvement of the base station.The proposed scheme only uses the one-way hash functions and bitwise XOR operations,apart from the fuzzy extractor method for the user biometric verification at the login phase.The presented scheme supports scalability for an increasing number of nodes using polynomials.The proposed scheme increases the life-time of the network by decreasing the key pool size.

Cogent and Energy Efficient Authentication Protocol for WSN in IoT

Given the accelerating development of Internet of things(IoT),a secure and robust authentication mechanism is urgently required as a critical architectural component.The IoT has improved the quality of everyday life for numerous people in many ways.Owing to the predominantly wireless nature of the IoT,connected devices are more vulnerable to security threats compared to wired networks.User authentication is thus of utmost importance in terms of security on the IoT.Several authentication protocols have been proposed in recent years,but most prior schemes do not provide sufficient security for these wireless networks.To overcome the limitations of previous schemes,we propose an efficient and lightweight authentication scheme called the Cogent Biometric-Based Authentication Scheme(COBBAS).The proposed scheme is based on biometric data,and uses lightweight operations to enhance the efficiency of the network in terms of time,storage,and battery consumption.A formal security analysis of COBBAS using Burrows–Abadi–Needham logic proves that the proposed protocol provides secure mutual authentication.Formal security verification using the Automated Validation of Internet Security Protocols and Applications tool shows that the proposed protocol is safe against man-in-the-middle and replay attacks.Informal security analysis further shows that COBBAS protects wireless sensor networks against several security attacks such as password guessing,impersonation,stolen verifier attacks,denial-of-service attacks,and errors in biometric recognition.This protocol also provides user anonymity,confidentiality,integrity,and biometric recovery in acceptable time with reasonable computational cost.

Efective Error-Tolerant Keyword Search for Secure Cloud Computing

The existing solutions to keyword search in the cloud can be divided into two categories： searching on exact keywords and searching on error-tolerant keywords. An error-tolerant keyword search scheme permits to make searches on encrypted data with only an approximation of some keyword. The scheme is suitable to the case where users＇ searching input might not exactly match those pre-set keywords. In this paper, we first present a general framework for searching on error-tolerant keywords. Then we propose a concrete scheme, based on a fuzzy extractor, which is proved secure against an adaptive adversary under well-defined security definition. The scheme is suitable for all similarity metrics including Hamming distance, edit distance, and set difference. It does not require the user to construct or store anything in advance, other than the key used to calculate the trapdoor of keywords and the key to encrypt data documents. Thus, our scheme tremendously eases the users＇ burden. What is more, our scheme is able to transform the servers＇ searching for error-tolerant keywords on ciphertexts to the searching for exact keywords on plaintexts. The server can use any existing approaches of exact keywords search to search plaintexts on an index table.