In 2000, a remote user authentication scheme using smart cards was proposed and the masquerade attacks were proved successful on this scheme. Recently, Kumar has suggested the idea of check digits to overcome the abov...In 2000, a remote user authentication scheme using smart cards was proposed and the masquerade attacks were proved successful on this scheme. Recently, Kumar has suggested the idea of check digits to overcome the above attacks with a new scheme that removes these threats well. In this paper it is pointed out that the weakness still exists in Kumar's scheme, and the intruder can login to the remote system through having some information. A new scheme which can overcome these attacks and appears more secure and efficient than Kumar's is presented.展开更多
Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recent...Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recently, Liu et al. proposed an efficient and secure smart card based password authentication scheme. However, we find that Liu et al.’s scheme is vulnerable to the off-line password guessing attack and user impersonation attack. Furthermore, it also cannot provide user anonymity. In this paper, we cryptanalyze Liu et al.’s scheme and propose a security enhanced user authentication scheme to overcome the aforementioned problems. Especially, in order to preserve the user anonymity and prevent the guessing attack, we use the dynamic identity technique. The analysis shows that the proposed scheme is more secure and efficient than other related authentication schemes.展开更多
Design aspects of CMOS compatible on-chip antenna for applications of contact-less smart card are discussed.An on-chip antenna model is established and a design method is demonstrated.Experimental results show that sy...Design aspects of CMOS compatible on-chip antenna for applications of contact-less smart card are discussed.An on-chip antenna model is established and a design method is demonstrated.Experimental results show that system-on-chip integrating power reception together with other electronic functions of smart card applications is feasible.In a 6×10 -4T magnetic field of 22.5MHz,an on-chip power of 1.225mW for a 10kΩ load is obtained using a 4mm2 on-chip antenna.展开更多
A new authentication scheme based on a one-way hash function and Diffie-Hellman key exchange using smart card was propused by Yoon et al. in 2005. They claimed that the proposed protocol is against password guessing a...A new authentication scheme based on a one-way hash function and Diffie-Hellman key exchange using smart card was propused by Yoon et al. in 2005. They claimed that the proposed protocol is against password guessing attack. In this paper, the author demonstrate that Yoon's scheme is vulnerable to the off-line password guessing attack by using a stolen smart card and the DoS attack by computational load at the re, note system. An improvement of Yoon's scheme to resist the above attacks is also proposed.展开更多
This paper analyzes the security performance of a latest proposed remote two-factor user authentication scheme and proposes an improved scheme based on the dynamic ID to avoid the attacks it suffers. Besides this, in ...This paper analyzes the security performance of a latest proposed remote two-factor user authentication scheme and proposes an improved scheme based on the dynamic ID to avoid the attacks it suffers. Besides this, in our proposed scheme the password is no longer involved in the calculation of verification phase which makes our scheme more secure and costs less than the old one. At last we analyze the performance of our proposed scheme to prove it provides mutual authentication between the user and the server. Moreover, it also resists password guessing attack, server and user masquerade attack and replay attack effectively.展开更多
Remote user authentication is essential in distributed network environment to protect unauthorized access of a networked system. However, most of those existing remote user authentication schemes have not provided the...Remote user authentication is essential in distributed network environment to protect unauthorized access of a networked system. However, most of those existing remote user authentication schemes have not provided the user identity anonymity, while user anonymity is particularly important in some practical applications. Therefore, based on self-encryption mechanism, a new remote user authentication scheme was proposed. The scheme not only has no need of maintaining a password table at the remote server, but also can protect the user’s anonymity.展开更多
This paper discusses an approach to share a smart card in one machine with other machines accessible on the local network or the Internet. This allows a user at a browser to use the shared card remotely and access web...This paper discusses an approach to share a smart card in one machine with other machines accessible on the local network or the Internet. This allows a user at a browser to use the shared card remotely and access web applications that requiresmart card authentication. This also enables users to access these applications from browsers and machines that do not have the capability to use a smart card. The approach uses proxies and card reader code to provide this capability to the requesting device.Previous work with remote or shared smart card use either requires continuous access to the smart card machine or specific client software. The approach in this paper works for any device and browser that has proxy settings, creates minimal network traffic and computation on the smart card machine, and allows the client to transfer from one network to another while maintaining connectivity to a server. This paper describes the smart card sharing approach, implementation and validation of the approach using real systems, and security implications for an enterprise using smart cards.展开更多
The fund budget of multipurpose transit smart card systems is studied by stochastic programming to assign limited funds to different applications reasonably. Under the constraints of a gross fund, models of chance-con...The fund budget of multipurpose transit smart card systems is studied by stochastic programming to assign limited funds to different applications reasonably. Under the constraints of a gross fund, models of chance-constrained and dependentchance for the fund budget of multipurpose transit smart card systems are established with application scale and social demand as random variables, respectively aiming to maximize earnings and satisfy the service requirements the furthest; and the genetic algorithm based on stochastic simulation is adopted for model solution. The calculation results show that the fund budget differs greatly with different system objectives which can cause the systems to have distinct expansibilities, and the application scales of some applications may not satisfy user demands with limited funds. The analysis results indicate that the forecast of application scales and application future demands should be done first, and then the system objective is determined according to the system mission, which can help reduce the risks of fund budgets.展开更多
Two signature systems based on smart cards and fingerprint features are proposed. In one signature system, the cryptographic key is stored in the smart card and is only accessible when the signer's extracted fingerpr...Two signature systems based on smart cards and fingerprint features are proposed. In one signature system, the cryptographic key is stored in the smart card and is only accessible when the signer's extracted fingerprint features match his stored template. To resist being tampered on public channel, the user's message and the signed message are encrypted by the signer's public key and the user's public key, respectively. In the other signature system, the keys are generated by combining the signer's fingerprint features, check bits, and a rememberable key, and there are no matching process and keys stored on the smart card. Additionally, there is generally more than one public key in this system, that is, there exist some pseudo public keys except a real one.展开更多
Metro system has experienced the global rapid rise over the past decades. However,few studies have paid attention to the evolution in system usage with the network expanding. The paper's main objectives are to ana...Metro system has experienced the global rapid rise over the past decades. However,few studies have paid attention to the evolution in system usage with the network expanding. The paper's main objectives are to analyze passenger flow characteristics and evaluate travel time reliability for the Nanjing Metro network by visualizing the smart card data of April 2014,April 2015 and April 2016. We performed visualization techniques and comparative analyses to examine the changes in system usage between before and after the system expansion. Specifically,workdays,holidays and weekends were specially segmented for analysis.Results showed that workdays had obvious morning and evening peak hours due to daily commuting,while no obvious peak hours existed in weekends and holidays and the daily traffic was evenly distributed. Besides,some metro stations had a serious directional imbalance,especially during the morning and evening peak hours of workdays. Serious unreliability occurred in morning peaks on workdays and the reliability of new lines was relatively low,meanwhile,new stations had negative effects on exiting stations in terms of reliability. Monitoring the evolution of system usage over years enables the identification of system performance and can serve as an input for improving the metro system quality.展开更多
The main objective of software testing is to have the highest likelihood of finding the most faults with a minimum amount of time and effort. Genetic Algorithm (GA) has been successfully used by researchers in softwar...The main objective of software testing is to have the highest likelihood of finding the most faults with a minimum amount of time and effort. Genetic Algorithm (GA) has been successfully used by researchers in software testing to automatically generate test data. In this paper, a GA is applied using branch coverage criterion to generate the least possible set of test data to test JSC applications. Results show that applying GA achieves better performance in terms of average number of test data?generations, execution time, and percentage of branch coverage.展开更多
The smart card-based automated fare collection (AFC) system has become the main method for collecting urban bus and rail transit fares in many cities worldwide. Such smart card technologies provide new opportunities...The smart card-based automated fare collection (AFC) system has become the main method for collecting urban bus and rail transit fares in many cities worldwide. Such smart card technologies provide new opportunities for transportation data collection since the transaction data obtained through AFC system contains a significant amount of archived information which can be gathered and leveraged to help estimate public transit origin–destination matrices. Boarding location detection is an important step particularly when there is no automatic vehicle location (AVL) system or GPS information in the database in some cases. With the analysis of raw data without AVL information in this paper, an algorithm for trip direction detection is built and the directions for any bus in operation can be confirmed. The transaction interval between each adjacent record will also be analyzed to detect the boarding clusters for all trips in sequence. Boarding stops will then be distributed with the help of route information and operation schedules. Finally, the feasibility and practicality of the methodology are tested using the bus transit smart card data collected in Guangzhou, China.展开更多
Biometric authentication systems are believed to be effective compared to traditional authentication systems. The introduction of biometrics into smart cards is said to result into biometric-based smart ID card with e...Biometric authentication systems are believed to be effective compared to traditional authentication systems. The introduction of biometrics into smart cards is said to result into biometric-based smart ID card with enhanced security. This paper discusses the biometric-based smart ID card with a particular emphasis on security and privacy implications in Rwanda universities environment. It highlights the security and implementation issues. The analysis shows that despite the necessity to implement biometric technology, absence of legal and regulatory requirements becomes a challenge to implementation of the proposed biometric solution. The paper is intended to engage a broad audience from Rwanda universities planning to introduce the biometric-based smart ID cards to verify students and staff for authentication purpose.展开更多
The widespread and growing interest in the Internet of Things(IoT)may be attributed to its usefulness in many different fields.Physical settings are probed for data,which is then transferred via linked networks.There ...The widespread and growing interest in the Internet of Things(IoT)may be attributed to its usefulness in many different fields.Physical settings are probed for data,which is then transferred via linked networks.There are several hurdles to overcome when putting IoT into practice,from managing server infrastructure to coordinating the use of tiny sensors.When it comes to deploying IoT,everyone agrees that security is the biggest issue.This is due to the fact that a large number of IoT devices exist in the physicalworld and thatmany of themhave constrained resources such as electricity,memory,processing power,and square footage.This research intends to analyse resource-constrained IoT devices,including RFID tags,sensors,and smart cards,and the issues involved with protecting them in such restricted circumstances.Using lightweight cryptography,the information sent between these gadgets may be secured.In order to provide a holistic picture,this research evaluates and contrasts well-known algorithms based on their implementation cost,hardware/software efficiency,and attack resistance features.We also emphasised how essential lightweight encryption is for striking a good cost-to-performance-to-security ratio.展开更多
基金the National Natural Science Foundation of China (10671051)the Natural Science Foundation of Zhejiang Province (103060)
文摘In 2000, a remote user authentication scheme using smart cards was proposed and the masquerade attacks were proved successful on this scheme. Recently, Kumar has suggested the idea of check digits to overcome the above attacks with a new scheme that removes these threats well. In this paper it is pointed out that the weakness still exists in Kumar's scheme, and the intruder can login to the remote system through having some information. A new scheme which can overcome these attacks and appears more secure and efficient than Kumar's is presented.
基金supported by the Basic Science ResearchProgram through the National Research Foundation of Korea funded by the Ministry of Education under Grant No.NRF-2010-0020210
文摘Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recently, Liu et al. proposed an efficient and secure smart card based password authentication scheme. However, we find that Liu et al.’s scheme is vulnerable to the off-line password guessing attack and user impersonation attack. Furthermore, it also cannot provide user anonymity. In this paper, we cryptanalyze Liu et al.’s scheme and propose a security enhanced user authentication scheme to overcome the aforementioned problems. Especially, in order to preserve the user anonymity and prevent the guessing attack, we use the dynamic identity technique. The analysis shows that the proposed scheme is more secure and efficient than other related authentication schemes.
文摘Design aspects of CMOS compatible on-chip antenna for applications of contact-less smart card are discussed.An on-chip antenna model is established and a design method is demonstrated.Experimental results show that system-on-chip integrating power reception together with other electronic functions of smart card applications is feasible.In a 6×10 -4T magnetic field of 22.5MHz,an on-chip power of 1.225mW for a 10kΩ load is obtained using a 4mm2 on-chip antenna.
文摘A new authentication scheme based on a one-way hash function and Diffie-Hellman key exchange using smart card was propused by Yoon et al. in 2005. They claimed that the proposed protocol is against password guessing attack. In this paper, the author demonstrate that Yoon's scheme is vulnerable to the off-line password guessing attack by using a stolen smart card and the DoS attack by computational load at the re, note system. An improvement of Yoon's scheme to resist the above attacks is also proposed.
基金Supported by Natural Science Funds of Shanxi Province(No. 2010021016-3)
文摘This paper analyzes the security performance of a latest proposed remote two-factor user authentication scheme and proposes an improved scheme based on the dynamic ID to avoid the attacks it suffers. Besides this, in our proposed scheme the password is no longer involved in the calculation of verification phase which makes our scheme more secure and costs less than the old one. At last we analyze the performance of our proposed scheme to prove it provides mutual authentication between the user and the server. Moreover, it also resists password guessing attack, server and user masquerade attack and replay attack effectively.
文摘Remote user authentication is essential in distributed network environment to protect unauthorized access of a networked system. However, most of those existing remote user authentication schemes have not provided the user identity anonymity, while user anonymity is particularly important in some practical applications. Therefore, based on self-encryption mechanism, a new remote user authentication scheme was proposed. The scheme not only has no need of maintaining a password table at the remote server, but also can protect the user’s anonymity.
文摘This paper discusses an approach to share a smart card in one machine with other machines accessible on the local network or the Internet. This allows a user at a browser to use the shared card remotely and access web applications that requiresmart card authentication. This also enables users to access these applications from browsers and machines that do not have the capability to use a smart card. The approach uses proxies and card reader code to provide this capability to the requesting device.Previous work with remote or shared smart card use either requires continuous access to the smart card machine or specific client software. The approach in this paper works for any device and browser that has proxy settings, creates minimal network traffic and computation on the smart card machine, and allows the client to transfer from one network to another while maintaining connectivity to a server. This paper describes the smart card sharing approach, implementation and validation of the approach using real systems, and security implications for an enterprise using smart cards.
基金The Key Technology R& D Program of Jiangsu Scienceand Technology Department(No.BE2006010)the Key Technology R& DProgram of Nanjing Science and Technology Bureau(No.200601001)Sci-ence and Technology Research Projects of Nanjing Metro Headquarters(No.8550143007).
文摘The fund budget of multipurpose transit smart card systems is studied by stochastic programming to assign limited funds to different applications reasonably. Under the constraints of a gross fund, models of chance-constrained and dependentchance for the fund budget of multipurpose transit smart card systems are established with application scale and social demand as random variables, respectively aiming to maximize earnings and satisfy the service requirements the furthest; and the genetic algorithm based on stochastic simulation is adopted for model solution. The calculation results show that the fund budget differs greatly with different system objectives which can cause the systems to have distinct expansibilities, and the application scales of some applications may not satisfy user demands with limited funds. The analysis results indicate that the forecast of application scales and application future demands should be done first, and then the system objective is determined according to the system mission, which can help reduce the risks of fund budgets.
基金This project was supported by the National Science Foundation of China (60763009)China Postdoctoral Science Foundation (2005038041)Hainan Natural Science Foundation (80528).
文摘Two signature systems based on smart cards and fingerprint features are proposed. In one signature system, the cryptographic key is stored in the smart card and is only accessible when the signer's extracted fingerprint features match his stored template. To resist being tampered on public channel, the user's message and the signed message are encrypted by the signer's public key and the user's public key, respectively. In the other signature system, the keys are generated by combining the signer's fingerprint features, check bits, and a rememberable key, and there are no matching process and keys stored on the smart card. Additionally, there is generally more than one public key in this system, that is, there exist some pseudo public keys except a real one.
基金Sponsored by Projects of International Cooperation and Exchange of the National Natural Science Foundation of China(Grant No.51561135003)Key Project of National Natural Science Foundation of China(Grant No.51338003)
文摘Metro system has experienced the global rapid rise over the past decades. However,few studies have paid attention to the evolution in system usage with the network expanding. The paper's main objectives are to analyze passenger flow characteristics and evaluate travel time reliability for the Nanjing Metro network by visualizing the smart card data of April 2014,April 2015 and April 2016. We performed visualization techniques and comparative analyses to examine the changes in system usage between before and after the system expansion. Specifically,workdays,holidays and weekends were specially segmented for analysis.Results showed that workdays had obvious morning and evening peak hours due to daily commuting,while no obvious peak hours existed in weekends and holidays and the daily traffic was evenly distributed. Besides,some metro stations had a serious directional imbalance,especially during the morning and evening peak hours of workdays. Serious unreliability occurred in morning peaks on workdays and the reliability of new lines was relatively low,meanwhile,new stations had negative effects on exiting stations in terms of reliability. Monitoring the evolution of system usage over years enables the identification of system performance and can serve as an input for improving the metro system quality.
文摘The main objective of software testing is to have the highest likelihood of finding the most faults with a minimum amount of time and effort. Genetic Algorithm (GA) has been successfully used by researchers in software testing to automatically generate test data. In this paper, a GA is applied using branch coverage criterion to generate the least possible set of test data to test JSC applications. Results show that applying GA achieves better performance in terms of average number of test data?generations, execution time, and percentage of branch coverage.
基金The United States Department of Transportation, University Transportation Center through the Center for Advanced Multimodal Mobility Solutions and Education (CAMMSE) at The University of North Carolina at Charlotte (Grant Number: 69A3551747133) for sponsoring this research project entitled ‘estimation of origin–destination matrix and identification of user activities using public transit smart card data’
文摘The smart card-based automated fare collection (AFC) system has become the main method for collecting urban bus and rail transit fares in many cities worldwide. Such smart card technologies provide new opportunities for transportation data collection since the transaction data obtained through AFC system contains a significant amount of archived information which can be gathered and leveraged to help estimate public transit origin–destination matrices. Boarding location detection is an important step particularly when there is no automatic vehicle location (AVL) system or GPS information in the database in some cases. With the analysis of raw data without AVL information in this paper, an algorithm for trip direction detection is built and the directions for any bus in operation can be confirmed. The transaction interval between each adjacent record will also be analyzed to detect the boarding clusters for all trips in sequence. Boarding stops will then be distributed with the help of route information and operation schedules. Finally, the feasibility and practicality of the methodology are tested using the bus transit smart card data collected in Guangzhou, China.
文摘Biometric authentication systems are believed to be effective compared to traditional authentication systems. The introduction of biometrics into smart cards is said to result into biometric-based smart ID card with enhanced security. This paper discusses the biometric-based smart ID card with a particular emphasis on security and privacy implications in Rwanda universities environment. It highlights the security and implementation issues. The analysis shows that despite the necessity to implement biometric technology, absence of legal and regulatory requirements becomes a challenge to implementation of the proposed biometric solution. The paper is intended to engage a broad audience from Rwanda universities planning to introduce the biometric-based smart ID cards to verify students and staff for authentication purpose.
基金supported by project TRANSACT funded under H2020-EU.2.1.1.-INDUSTRIAL LEADERSHIP-Leadership in Enabling and Industrial Technologies-Information and Communication Technologies(Grant Agreement ID:101007260).
文摘The widespread and growing interest in the Internet of Things(IoT)may be attributed to its usefulness in many different fields.Physical settings are probed for data,which is then transferred via linked networks.There are several hurdles to overcome when putting IoT into practice,from managing server infrastructure to coordinating the use of tiny sensors.When it comes to deploying IoT,everyone agrees that security is the biggest issue.This is due to the fact that a large number of IoT devices exist in the physicalworld and thatmany of themhave constrained resources such as electricity,memory,processing power,and square footage.This research intends to analyse resource-constrained IoT devices,including RFID tags,sensors,and smart cards,and the issues involved with protecting them in such restricted circumstances.Using lightweight cryptography,the information sent between these gadgets may be secured.In order to provide a holistic picture,this research evaluates and contrasts well-known algorithms based on their implementation cost,hardware/software efficiency,and attack resistance features.We also emphasised how essential lightweight encryption is for striking a good cost-to-performance-to-security ratio.
