An improved and secure multiserver authentication scheme based on biometrics and smartcard

With the advancement in internet technologies, the number of servers has increased remarkably to provide more services to the end users. These services are provided over the public channels, which are insecure and susceptible to interception, modification, and deletion. To provide security, registered entities are authenticated and then a session key is established between them to communicate securely. The conventional schemes anow a user to access services only after their independent registration with each desired server in a multiserver system. Therefore, a user must possess multiple smartcards and memorize various identities and passwords for obtaining services from multiple servers. This has led to the adoption of multiserver authentication in which a user accesses services of multiple servers after registering himself at only one central authority. Recently, Kumar and Om discussed a scheme for multiserver environment by using smartcard. Since the user-memorized passwords are of low entropy, it is possible for an attacker to guess them. This paper uses biometric information of user to enhance the security of the scheme by Kumar and Ore. Moreover, we conducted rigorous security analyses （informal and formal） in this study to prove the security of the proposed scheme against all known attacks. We also simulated our scheme by using the automated tool, ProVerif, to prove its secrecy and authentication properties. A comparative study of the proposed scheme with the existing related schemes shows its effectiveness.

A Proposed Biometric Authentication Model to Improve Cloud Systems Security

Most user authentication mechanisms of cloud systems depend on the credentials approach in which a user submits his/her identity through a username and password.Unfortunately,this approach has many security problems because personal data can be stolen or recognized by hackers.This paper aims to present a cloud-based biometric authentication model(CBioAM)for improving and securing cloud services.The research study presents the verification and identification processes of the proposed cloud-based biometric authentication system(CBioAS),where the biometric samples of users are saved in database servers and the authentication process is implemented without loss of the users’information.The paper presents the performance evaluation of the proposed model in terms of three main characteristics including accuracy,sensitivity,and specificity.The research study introduces a novel algorithm called“Bio_Authen_as_a_Service”for implementing and evaluating the proposed model.The proposed system performs the biometric authentication process securely and preserves the privacy of user information.The experimental result was highly promising for securing cloud services using the proposed model.The experiments showed encouraging results with a performance average of 93.94%,an accuracy average of 96.15%,a sensitivity average of 87.69%,and a specificity average of 97.99%.

Use of AI Voice Authentication Technology Instead of Traditional Keypads in Security Devices

Traditional keypads and text-based passwords are vulnerable to scams and hacks, leading to enormous levels of embezzlement and frauds apart from various other threats to data security. AI based voice authentication holds unparalleled value for data protection, security, and privacy, by providing an effective alternative to traditional password-based protection. This paper reports the findings of a limited literature review that forms the basis for further research towards enhancing the reliability and security of AI voice authentication. Based on the findings of the review of existing literature, this paper proposes that integration of the blockchain technology with the AI voice authentication can significantly enhance the data security, starting from mobile devices to the security of big agencies and banks. The key processes in implementing an AI voice authentication system are proposed as a conceptual model, to facilitate further research for implementation.

A Provably Secure and Efficient Remote Password Authentication Scheme Using Smart Cards

Communication technology has advanced dramatically amid the 21st century,increasing the security risk in safeguarding sensitive information.The remote password authentication(RPA)scheme is the simplest cryptosystem that serves as the first line of defence against unauthorised entity attacks.Although the literature contains numerous RPA schemes,to the best of the authors’knowledge,only few schemes based on the integer factorisation problem(IFP)and the discrete logarithm problem(DLP)that provided a provision for session key agreement to ensure proper mutual authentication.Furthermore,none of the previous schemes provided formal security proof using the random oracle model.Therefore,this study proposed an improved RPA scheme with session key establishment between user and server.The design of the proposed RPA scheme is based on the widely established Dolev-Yao adversary model.Moreover,as the main contribution,a novel formal security analysis based on formal definitions of IFP and DLP under the random oracle model was presented.The proposed scheme’s performance was compared to that of other similar competitive schemes in terms of the transmission/computational cost and time complexity.The findings revealed that the proposed scheme required higher memory storage costs in smart cards.Nonetheless,the proposed scheme is more efficient regarding the transmission cost of login and response messages and the total time complexity compared to other scheme of similar security attributes.Overall,the proposed scheme outperformed the other RPA schemes based on IFP and DLP.Finally,the potential application of converting the RPA scheme to a user identification(UI)scheme is considered for future work.Since RPA and UI schemes are similar,the proposed approach can be expanded to develop a provably secure and efficientUI scheme based on IFP and DLP.

Design and Implementation of USB Key System Based on Dual-Factor Identity Authentication Protocol

With the increasing demand for information security,traditional single-factor authentication technology can no longer meet security requirements.To this end,this paper proposes a Universal Serial Bus(USB)Key hardware and software system based on a two-factor authentication protocol,aiming to improve the security and reliability of authentication.This paper first analyzes the current status and technical principles of USB Key-related research domestically and internationally and designs a two-factor authentication protocol that combines impact/response authentication and static password authentication.The system consists of a host computer and a USB Key device.The host computer interacts with the USB Key through a graphical user interface.The Secure Hash Algorithm 1(SHA-1)and MySQL database are used to implement the authentication function.Experimental results show that the designed two-factor authentication protocol can effectively prevent replay attacks and information tampering,and improve the security of authentication.If the corresponding USB Key is not inserted,the system will prompt that the device is not found.Once the USB Key is inserted,user identity is confirmed through two-factor verification,which includes impact/response authentication and static password authentication.

Artificial Intelligence Techniques Based Learner Authentication in Cybersecurity Higher Education Institutions

Education 4.0 is being authorized more and more by the design of artificial intelligence(AI)techniques.Higher education institutions(HEI)have started to utilize Internet technologies to improve the quality of the service and boost knowledge.Due to the unavailability of information technology(IT)infrastructures,HEI is vulnerable to cyberattacks.Biometric authentication can be used to authenticate a person based on biological features such as face,fingerprint,iris,and so on.This study designs a novel search and rescue optimization with deep learning based learning authentication technique for cybersecurity in higher education institutions,named SRODLLAC technique.The proposed SRODL-LAC technique aims to authenticate the learner/student in HEI using fingerprint biometrics.Besides,the SRODLLACtechnique designs a median filtering(MF)based preprocessing approach to improving the quality of the image.In addition,the Densely Connected Networks(DenseNet-77)model is applied for the extraction of features.Moreover,search and rescue optimization(SRO)algorithm with deep neural network(DNN)model is utilized for the classification process.Lastly,template matching process is done for fingerprint identification.A wide range of simulation analyses is carried out and the results are inspected under several aspects.The experimental results reported the effective performance of the SRODL-LAC technique over the other methodologies.

Research and Implementation of Time Synchronous Dynamic Password Based on SM3 Hash Algorithm

With the rapid development of information technology, demand of network & information security has increased. People enjoy many benefits by virtue of information technology. At the same time network security has become the important challenge, but network information security has become a top priority. In the field of authentication, dynamic password technology has gained users’ trust and favor because of its safety and ease of operation. Dynamic password, SHA (Secure Hash Algorithm) is widely used globally and acts as information security mechanism against potential threat. The cryptographic algorithm is an open research area, and development of these state-owned technology products helps secure encryption product and provides safeguard against threats. Dynamic password authentication technology is based on time synchronization, using the state-owned password algorithm. SM3 hash algorithm can meet the security needs of a variety of cryptographic applications for commercial cryptographic applications and verification of digital signatures, generation and verification of message authentication code. Dynamic password basically generates an unpredictable random numbers based on a combination of specialized algorithms. Each password can only be used once, and help provide high safety. Therefore, the dynamic password technology for network information security issues is of great significance. In our proposed algorithm, dynamic password is generated by SM3 Hash Algorithm using current time and the identity ID and it varies with time and changes randomly. Coupled with the SM3 hash algorithm security, dynamic password security properties can be further improved, thus it effectively improves network authentication security.

Securing User Authentication with Server-Side Voice Verification

User authentication is critical to the security of any information system. The traditional text-based passwords and even biometric systems based on face and fingerprint validation suffer from various drawbacks. Voice-based authentication systems have emerged as an effective alternative method. Within the user authentication systems, the server-side voice authentication systems added advantages. The purpose of this paper is to present an innovative approach to the use of voice verification for user authentication. This paper describes a new framework for the implementation of server-side voice authentication, ensuring that only the users who are authenticated and validated can access the system. In addition to providing enhanced security and a more pleasant user experience, this technology has potential applications in a wide range of fields.

An Identity-Based Secure and Optimal Authentication Scheme for the Cloud Computing Environment

Security is a critical issue in cloud computing(CC)because attackers can fabricate data by creating,copying,or deleting data with no user authorization.Most of the existing techniques make use of password-based authentication for encrypting data.Password-based schemes suffer from several issues and can be easily compromised.This paper presents a new concept of hybrid metaheuristic optimization as an identity-based secure and optimal authentication(HMO-ISOA)scheme for CC environments.The HMOISOA technique makes use of iris and fingerprint biometrics.Initially,the HMO-ISOA technique involves a directional local ternary quantized extrema pattern–based feature extraction process to extract features from the iris and fingerprint.Next,the features are fed into the hybrid social spider using the dragon fly algorithm to determine the optimal solution.This optimal solution acts as a key for an advanced encryption standard to encrypt and decrypt the data.A central benefit of determining the optimal value in this way is that the intruder cannot determine this value.The attacker also cannot work out which specific part of the fingerprint and iris feature values are acted upon as a key for the AES technique.Finally,the encrypted data can be saved in the cloud using a cloud simulator.Experimental analysis was performed on five fingerprint and iris images for a man-in-the-middle attack.The simulation outcome validated that the presented HMO-ISOA model achieved better results compared with other existing methods.

Proposed Biometric Security System Based on Deep Learning and Chaos Algorithms

Nowadays,there is tremendous growth in biometric authentication and cybersecurity applications.Thus,the efficient way of storing and securing personal biometric patterns is mandatory in most governmental and private sectors.Therefore,designing and implementing robust security algorithms for users’biometrics is still a hot research area to be investigated.This work presents a powerful biometric security system(BSS)to protect different biometric modalities such as faces,iris,and fingerprints.The proposed BSSmodel is based on hybridizing auto-encoder(AE)network and a chaos-based ciphering algorithm to cipher the details of the stored biometric patterns and ensures their secrecy.The employed AE network is unsupervised deep learning(DL)structure used in the proposed BSS model to extract main biometric features.These obtained features are utilized to generate two random chaos matrices.The first random chaos matrix is used to permute the pixels of biometric images.In contrast,the second random matrix is used to further cipher and confuse the resulting permuted biometric pixels using a two-dimensional(2D)chaotic logisticmap(CLM)algorithm.To assess the efficiency of the proposed BSS,(1)different standardized color and grayscale images of the examined fingerprint,faces,and iris biometrics were used(2)comprehensive security and recognition evaluation metrics were measured.The assessment results have proven the authentication and robustness superiority of the proposed BSSmodel compared to other existing BSSmodels.For example,the proposed BSS succeeds in getting a high area under the receiver operating characteristic(AROC)value that reached 99.97%and low rates of 0.00137,0.00148,and 3516 CMC,2023,vol.74,no.20.00157 for equal error rate(EER),false reject rate(FRR),and a false accept rate(FAR),respectively.

Vibration-Based Pattern Password Approach for Visually Impaired People

The pattern password method is amongst the most attractive authentication methods and involves drawing a pattern;this is seen as easier than typing a password.However,since people with visual impairments have been increasing their usage of smart devices,this method is inaccessible for them as it requires them to select points on the touch screen.Therefore,this paper exploits the haptic technology by introducing a vibration-based pattern password approach in which the vibration feedback plays an important role.This approach allows visually impaired people to use a pattern password through two developed vibration feedback:pulses,which are counted by the user,and duration,which has to be estimated by the user.In order to make the proposed approach capable to prevent shoulder-surfing attacks,a camouflage pattern approach is applied.An experimental study is conducted to evaluate the proposed approach,the results of which show that the vibration pulses feedback is usable and resistant to shoulder-surfing attacks.

Robust Password and Smart Card Based Authentication Scheme with Smart Card Revocation

User authentication scheme allows user and server to authenticate each other, and generates a session key for the subsequent communication. How to resist the password guessing attacks and smart card stolen attacks are two key problems for designing smart cart and password based user authentication scheme. In 2011, Li and Lee proposed a new smart cart and password based user authentication scheme with smart card revocation, and claimed that their scheme could be immunity to these attacks. In this paper, we show that Li and Lee's scheme is vulnerable to off-line password guessing attack once the information stored in smart card is extracted, and it does not provide perfect forward secrecy. A robust user authentication scheme with smart card revocation is then proposed. We use a most popular and widely used formal verification tool ProVerif, which is based on applied pi calculus, to prove that the proposed scheme achieves security and authentication.

Profile Generation Methods for Reinforcing Robustness of Keystroke Authentication in Free Text Typing

We have investigated several characteristics of the keystroke authentication in Japanese free text typing, and our methods have provided high recognition accuracy for high typing skill users who can type 700 or more letters per 5 minutes. There are, however, some situations decreasing the accuracy such as long period passage after registering each user’s profile documents and existence of lower typing skill users who can type only about 500 - 600 letters per 5 minutes. In this paper, we propose new profile generation methods, profile-updating and profile-combining methods, to reinforce the robustness of keystroke authentication and show the effectiveness of them through three examinations with experimental data.

Conceivable Security Risks and Authentication Techniques for Smart Devices: A Comparative Evaluation of Security Practices

With the rapidly escalating use of smart devices and fraudulent transaction of users＇ data from their devices, efficient and reliable techniques for authentication of the smart devices have become an obligatory issue. This paper reviews the security risks for mobile devices and studies several authentication techniques available for smart devices. The results from field studies enable a comparative evaluation of user-preferred authentication mechanisms and their opinions about reliability, biometric authentication and visual authentication techniques.

Biometric-based personal identity-authentication system and security analysis

The traditional authentication system is based on the secret key, and is mainly based on public key infrastructure （PKI）. Unfortunately, a key has many disadvantages, for example, the key can be forgotten or stolen, and can be easily cracked. Nowadays, authentication systems using biometric technology have become more prevalent because of the advantages over password-based authentication systems. In this article, several biometfic authentication models are presented, upon which most biometric authentication systems are based. Biometric authentication systems based-on these models provide high security for access control in non-face-to-face environment such as e-commerce, over open network.

Graphical password： prevent shoulder-surfing attack using digraph substitution rules

In this paper, a new scheme that uses digraph substitution rules to conceal the mechanism or activity re- quired to derive password-images is proposed. In the pro- posed method, a user is only required to click on one of the pass-image instead of both pass-images shown in each chal- lenge set for three consecutive sets. While this activity is sim- ple enough to reduce login time, the images clicked appear to be random and can only be obtained with complete knowl- edge of the registered password along with the activity rules. Thus, it becomes impossible for shoulder-surfing attackers to obtain the information about which password images and pass-images are used by the user. Although the attackers may know about the digraph substitution rules used in the pro- posed method, the scenario information used in each chal- lenge set remains. User study results reveal an average login process of less than half a minute. In addition, the proposed method is resistant to shoulder-surfing attacks.

Simple and Efficient Password-Based Authenticated Key Exchange Protocol

Password-based authenticated key exchange(PAKE) protocols are cryptographic primitives which enable two entities,who only share a memorable password,to identify each other and to communicate over a public unreliable network with a secure session key.In this paper,we propose a simple,efficient and provably secure PAKE protocol based on Diffie-Hellman key exchange and cryptographic hash function.Our protocol is secure against dictionary attacks.Its security is proved based on the hardness of the computational Diffie-Hellman problem in the random oracle model.

A Generic Framework for Anonymous Authentication in Mobile Networks

Designing an anonymous user authentication scheme in global mobility networks is a non-trivial task because wireless networks are susceptible to attacks and mobile devices powered by batteries have limited communication, processing and storage capabilities. In this paper, we present ~ generic construction that converts any existing secure password authen- tication scheme based on a smart card into an anonymous authentication scheme for roaming services. The security proof of our construction can be derived from the underlying password authentication scheme employing the same assumptions. Compared with the original password authentication scheme, the transformed scheme does not sacrifice the authentication efficiency, and additionally, an agreed session key can be securely established between an anonymous mobile user and the foreign agent in charge of the network being visited. Furthermore, we present an instantiation of the proposed generic construction. The performance analysis shows that compared with other related anonymous authentication schemes, our instantiation is more efficient.

A Biometric-Based User Authentication for Wireless Sensor Networks

This paper proposes a biometric-based user authentication protocol for wireless sensor networks （WSN） when a user wants to access data from sensor nodes, since WSN are often deployed in an unattended environment. The protocol employs biometric keys and resists the threats of stolen verifier, of which many are logged-in users with the same login identity, guessing, replay, and impersonation. The protocol uses only Hash function and saves the computational cost, the communication cost, and the energy cost. In addition, the user＇s password can be changed freely using the proposed protocol.

Simple Three-Party Password Authenticated Key Exchange Protocol

Three-party password authenticated key exchange (3PAKE) protocol plays a significant role in the history of secure communication area in which two clients agree a robust session key in an authentic manner based on passwords. In recent years, researchers focused on developing simple 3PAKE (S-3PAKE) protocol to gain system e?ciency while preserving security robustness for the system. In this study, we first demonstrate how an undetectable on-line dictionary attack can be successfully applied over three existing S-3PAKE schemes. An error correction code (ECC) based S-3PAKE protocol is then introduced to eliminate the identified authentication weakness.