This paper analyzes the security performance of a latest proposed remote two-factor user authentication scheme and proposes an improved scheme based on the dynamic ID to avoid the attacks it suffers. Besides this, in ...This paper analyzes the security performance of a latest proposed remote two-factor user authentication scheme and proposes an improved scheme based on the dynamic ID to avoid the attacks it suffers. Besides this, in our proposed scheme the password is no longer involved in the calculation of verification phase which makes our scheme more secure and costs less than the old one. At last we analyze the performance of our proposed scheme to prove it provides mutual authentication between the user and the server. Moreover, it also resists password guessing attack, server and user masquerade attack and replay attack effectively.展开更多
Remote user authentication is essential in distributed network environment to protect unauthorized access of a networked system. However, most of those existing remote user authentication schemes have not provided the...Remote user authentication is essential in distributed network environment to protect unauthorized access of a networked system. However, most of those existing remote user authentication schemes have not provided the user identity anonymity, while user anonymity is particularly important in some practical applications. Therefore, based on self-encryption mechanism, a new remote user authentication scheme was proposed. The scheme not only has no need of maintaining a password table at the remote server, but also can protect the user’s anonymity.展开更多
In 2000, a remote user authentication scheme using smart cards was proposed and the masquerade attacks were proved successful on this scheme. Recently, Kumar has suggested the idea of check digits to overcome the abov...In 2000, a remote user authentication scheme using smart cards was proposed and the masquerade attacks were proved successful on this scheme. Recently, Kumar has suggested the idea of check digits to overcome the above attacks with a new scheme that removes these threats well. In this paper it is pointed out that the weakness still exists in Kumar's scheme, and the intruder can login to the remote system through having some information. A new scheme which can overcome these attacks and appears more secure and efficient than Kumar's is presented.展开更多
A new authentication scheme based on a one-way hash function and Diffie-Hellman key exchange using smart card was propused by Yoon et al. in 2005. They claimed that the proposed protocol is against password guessing a...A new authentication scheme based on a one-way hash function and Diffie-Hellman key exchange using smart card was propused by Yoon et al. in 2005. They claimed that the proposed protocol is against password guessing attack. In this paper, the author demonstrate that Yoon's scheme is vulnerable to the off-line password guessing attack by using a stolen smart card and the DoS attack by computational load at the re, note system. An improvement of Yoon's scheme to resist the above attacks is also proposed.展开更多
Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recent...Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recently, Liu et al. proposed an efficient and secure smart card based password authentication scheme. However, we find that Liu et al.’s scheme is vulnerable to the off-line password guessing attack and user impersonation attack. Furthermore, it also cannot provide user anonymity. In this paper, we cryptanalyze Liu et al.’s scheme and propose a security enhanced user authentication scheme to overcome the aforementioned problems. Especially, in order to preserve the user anonymity and prevent the guessing attack, we use the dynamic identity technique. The analysis shows that the proposed scheme is more secure and efficient than other related authentication schemes.展开更多
User authentication scheme allows user and server to authenticate each other, and generates a session key for the subsequent communication. How to resist the password guessing attacks and smart card stolen attacks are...User authentication scheme allows user and server to authenticate each other, and generates a session key for the subsequent communication. How to resist the password guessing attacks and smart card stolen attacks are two key problems for designing smart cart and password based user authentication scheme. In 2011, Li and Lee proposed a new smart cart and password based user authentication scheme with smart card revocation, and claimed that their scheme could be immunity to these attacks. In this paper, we show that Li and Lee's scheme is vulnerable to off-line password guessing attack once the information stored in smart card is extracted, and it does not provide perfect forward secrecy. A robust user authentication scheme with smart card revocation is then proposed. We use a most popular and widely used formal verification tool ProVerif, which is based on applied pi calculus, to prove that the proposed scheme achieves security and authentication.展开更多
Thirteen security requirements for an ideal password authentication scheme using smart cards are listed and a new smart card based password authentication scheme with identity anonymity is proposed. The new scheme can...Thirteen security requirements for an ideal password authentication scheme using smart cards are listed and a new smart card based password authentication scheme with identity anonymity is proposed. The new scheme can satisfy all the listed ideal security requirements and has the following merits: (1) it can resist all the attacks listed in introduction; (2) less storage memory requirement due to no verification table stored in server; (3) low computational cost due to hash functions based operations; (4) even if the smart card is lost, the new system is still secure; (5) As user identity is anonymous, this scheme is more practical. The new proposed scheme can be applied in source constraint networks.展开更多
Three user authentication schemes are proposed. The security of these new schemes is due to the used secure hash functions and the physically secure smart cards.
With the development of the Internet of Things(IoT)technique,sensitive information collected by sensors may be leaked.In recent years,many authentication schemes have been proposed.Banerjee et al proposed a biometric ...With the development of the Internet of Things(IoT)technique,sensitive information collected by sensors may be leaked.In recent years,many authentication schemes have been proposed.Banerjee et al proposed a biometric based user authentication scheme in wireless sensor networks using smart cards in 2019.But we found that Banerjee et al's authentication scheme is vulnerable to impersonation attacks.In order to overcome the weaknesses of Banerjee et al's scheme,we propose a new authentication scheme.In our proposed scheme,we only use the exclusive-or operation and one-way Hash function for the efficiency,which can reduce the computation burden for the IoT devices.In the authentication and session key agreement phase,the secret registration parameter is not used for the authentication,and the session key is given for the all entities.In the Devol-Yao threat model,the security analysis demonstrates that our proposed authentication scheme can resist well-known attacks.展开更多
With the broad implementations of the electronic business and government applications, robust system security and strong privacy protection have become essential requirements for remote user authentication schemes. Re...With the broad implementations of the electronic business and government applications, robust system security and strong privacy protection have become essential requirements for remote user authentication schemes. Recently, Chen et al. pointed out that Wang et al.'s scheme is vulnerable to the user impersonation attack and parallel session attack, and proposed an enhanced version to overcome the identified security flaws. In this paper, however, we show that Chen et al.'s scheme still cannot achieve the claimed security goals and report its following problems: (1) It suffers from the offline password guessing attack, key compromise impersonation attack and known key attack; (2) It fails to provide forward secrecy; (3) It is not easily repairable. As our main contribution, a robust dynamic ID-based scheme based on non-tamper resistance assumption of the smart cards is presented to cope with the aforementioned defects, while preserving the merits of different related schemes. The analysis demonstrates that our scheme meets all the proposed criteria and eliminates several grave security threats that are difficult to be tackled at the same time in previous scholarship.展开更多
In 2005, Liu et al. proposed an improvement to Chien et al.'s remote user authentication scheme, using smart cards, to prevent parallel session attack. This article, however, will demonstrate that Liu et al.'s schem...In 2005, Liu et al. proposed an improvement to Chien et al.'s remote user authentication scheme, using smart cards, to prevent parallel session attack. This article, however, will demonstrate that Liu et al.'s scheme is vulnerable to masquerading server attack and has the system's secret key forward secrecy problem. Therefore, an improved scheme with better security strength, by using counters instead of timestamps, is proposed. The proposed scheme does not only achieve their scheme's advantages, but also enhances its security by withstanding the weaknesses just mentioned.展开更多
Numerous smart card based authentication protocols have been proposed to provide strong system security and robust individual privacy for communication between parties these days. Nevertheless, most of them do not pro...Numerous smart card based authentication protocols have been proposed to provide strong system security and robust individual privacy for communication between parties these days. Nevertheless, most of them do not provide formal analysis proof, and the security robustness is doubtful. Chang and Cheng(2011) proposed an efficient remote authentication protocol with smart cards and claimed that their proposed protocol could support secure communication in a multi-server environment. Unfortunately, there are opportunities for security enhancement in current schemes. In this paper, we identify the major weakness, i.e., session key disclosure, of a recently published protocol. We consequently propose a novel authentication scheme for a multi-server environment and give formal analysis proofs for security guarantees.展开更多
With the existing anonymous authentication schemes based on biometrics, the user and the server can create the same session key after mutual authentication. If the anonymous authentication scheme is applied in the ele...With the existing anonymous authentication schemes based on biometrics, the user and the server can create the same session key after mutual authentication. If the anonymous authentication scheme is applied in the electronic medical environment, it is also necessary to consider that the patient may access multiple hospital servers. Based on three factors of smart card, random number and biometrics, an anonymous authentication scheme in the electronic medical environment is proposed. In order to reduce the burden of the medical registration and certification center(HC), in the proposed anonymous authentication scheme, the patient only needs to register with HC once, then he/she can apply for visiting each hospital that has joined the medical servers. Security analysis shows that the proposed scheme has anonymity and dual authentication, and can resist various types of attacks, such as insider attack, modification attack, replay attack and smart card loss attack. Efficiency analysis shows that the calculation cost of the proposed scheme in the registration and login phase is lower, and it is slightly higher than Lei's scheme and Khan et al's scheme in the authentication phase. The proposed scheme can not only resist various types of attacks, but also support dual authentication and multi-server environment. With a little modification, the proposed scheme can also be used to other application scenarios requiring anonymous authentication.展开更多
This paper discusses an approach to share a smart card in one machine with other machines accessible on the local network or the Internet. This allows a user at a browser to use the shared card remotely and access web...This paper discusses an approach to share a smart card in one machine with other machines accessible on the local network or the Internet. This allows a user at a browser to use the shared card remotely and access web applications that requiresmart card authentication. This also enables users to access these applications from browsers and machines that do not have the capability to use a smart card. The approach uses proxies and card reader code to provide this capability to the requesting device.Previous work with remote or shared smart card use either requires continuous access to the smart card machine or specific client software. The approach in this paper works for any device and browser that has proxy settings, creates minimal network traffic and computation on the smart card machine, and allows the client to transfer from one network to another while maintaining connectivity to a server. This paper describes the smart card sharing approach, implementation and validation of the approach using real systems, and security implications for an enterprise using smart cards.展开更多
In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the pos...In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the possession of both a password and a snort card, and provides more security guarantees in two aspects: 1) it addresses the untmceability property so that any third party accessing the communication channel cannot link two authentication sessions originated from the same user, and 2) the use of a smart card prevents offiine attacks to guess passwords. The security and efficiency analyses indicate that our enhanced scheme provides the highest level of security at reasonable computational costs. Therefore, it is a practical authentication scheme with attractive security features for wireless sensor networks.展开更多
With the development of computer hardware technology and network technology,the Internet of Things as the extension and expansion of traditional computing network has played an increasingly important role in all profe...With the development of computer hardware technology and network technology,the Internet of Things as the extension and expansion of traditional computing network has played an increasingly important role in all professions and trades and has had a tremendous impact on people lifestyle.The information perception of the Internet of Things plays a key role as a link between the computer world and the real world.However,there are potential security threats in the Perceptual Layer Network applied for information perception because Perceptual Layer Network consists of a large number of sensor nodes with weak computing power,limited power supply,and open communication links.We proposed a novel lightweight authentication protocol based on password,smart card and biometric identification that achieves mutual authentication among User,GWN and sensor node.Biometric identification can increase the nonrepudiation feature that increases security.After security analysis and logical proof,the proposed protocol is proven to have a higher reliability and practicality.展开更多
When accessing remote services over public networks, a user authentication mechanism is required because these activities are executed in an insecure communication environment. Recently, Wang et al. proposed an authen...When accessing remote services over public networks, a user authentication mechanism is required because these activities are executed in an insecure communication environment. Recently, Wang et al. proposed an authentication and key agreement scheme preserving the privacy of secret keys and providing user anonymity. Later, Chang et al. indicated that their scheme suffers from two security flaws. First, it cannot resist DoS (denial-of-service) attack because the indicators for the next session are not consistent. Second, the user password may be modified by a malicious attacker because no authentication mechanism is applied before the user password is updated. To eliminate the security flaws and preserve the advantages of Wang et aL's scheme, we propose an improvement in this paper.展开更多
Since network services are provided cooperatively by multiple servers in the lnternet, the authentication protocols for multiserver architecture are required by Internetbased services, such as online game, online trad...Since network services are provided cooperatively by multiple servers in the lnternet, the authentication protocols for multiserver architecture are required by Internetbased services, such as online game, online trade and so on. Recently, Li et al. analyzed Lee et al.'s protocol and proposed an improved dynamic identity based authentication protocol for multi-server architecture. They claimed that their protocol provides user's anonymity, mutual authentication and the session key agreement against several kinds of attacks. In this paper, a cryptanalysis on Lee et al.'s scheme shows that Lee et al's protocol is also vulnerable to malicious server attack, stolen smart card attack and leak-of-verifier attack. Moreover, Li e/ al.'s improved protocol is also vulnerable to all these attacks. Further cryptanalysis reveals that Li et al.'s improved protocol is susceptible to collusion attack.展开更多
Telecare Medicine Information Systems (TMIS) provides flexible and convenient healthcare for patients. However, the medical data transmitted between patients and doctors are exposed to unsecure public networks. To pro...Telecare Medicine Information Systems (TMIS) provides flexible and convenient healthcare for patients. However, the medical data transmitted between patients and doctors are exposed to unsecure public networks. To protect the patient’s personal information, many authentication schemes are designed. Recently, Kang et al. proposed a hash based authentication schemes for TMIS and claimed that it could resist various attacks. However, we find that their proposed scheme is unsecure to traceability attack and user impersonation attack. In order to enhance the security and preserve the efficiency of Kang et al.’s, we proposed a new anonymous and lightweight scheme. The analysis demonstrates that our proposed scheme is superior to Kang et al.’s and the related schemes in security.展开更多
基金Supported by Natural Science Funds of Shanxi Province(No. 2010021016-3)
文摘This paper analyzes the security performance of a latest proposed remote two-factor user authentication scheme and proposes an improved scheme based on the dynamic ID to avoid the attacks it suffers. Besides this, in our proposed scheme the password is no longer involved in the calculation of verification phase which makes our scheme more secure and costs less than the old one. At last we analyze the performance of our proposed scheme to prove it provides mutual authentication between the user and the server. Moreover, it also resists password guessing attack, server and user masquerade attack and replay attack effectively.
文摘Remote user authentication is essential in distributed network environment to protect unauthorized access of a networked system. However, most of those existing remote user authentication schemes have not provided the user identity anonymity, while user anonymity is particularly important in some practical applications. Therefore, based on self-encryption mechanism, a new remote user authentication scheme was proposed. The scheme not only has no need of maintaining a password table at the remote server, but also can protect the user’s anonymity.
基金the National Natural Science Foundation of China (10671051)the Natural Science Foundation of Zhejiang Province (103060)
文摘In 2000, a remote user authentication scheme using smart cards was proposed and the masquerade attacks were proved successful on this scheme. Recently, Kumar has suggested the idea of check digits to overcome the above attacks with a new scheme that removes these threats well. In this paper it is pointed out that the weakness still exists in Kumar's scheme, and the intruder can login to the remote system through having some information. A new scheme which can overcome these attacks and appears more secure and efficient than Kumar's is presented.
文摘A new authentication scheme based on a one-way hash function and Diffie-Hellman key exchange using smart card was propused by Yoon et al. in 2005. They claimed that the proposed protocol is against password guessing attack. In this paper, the author demonstrate that Yoon's scheme is vulnerable to the off-line password guessing attack by using a stolen smart card and the DoS attack by computational load at the re, note system. An improvement of Yoon's scheme to resist the above attacks is also proposed.
基金supported by the Basic Science ResearchProgram through the National Research Foundation of Korea funded by the Ministry of Education under Grant No.NRF-2010-0020210
文摘Nowadays, the password-based remote user authentication mechanism using smart card is one of the simplest and convenient authentication ways to ensure secure communications over the public network environments. Recently, Liu et al. proposed an efficient and secure smart card based password authentication scheme. However, we find that Liu et al.’s scheme is vulnerable to the off-line password guessing attack and user impersonation attack. Furthermore, it also cannot provide user anonymity. In this paper, we cryptanalyze Liu et al.’s scheme and propose a security enhanced user authentication scheme to overcome the aforementioned problems. Especially, in order to preserve the user anonymity and prevent the guessing attack, we use the dynamic identity technique. The analysis shows that the proposed scheme is more secure and efficient than other related authentication schemes.
基金the National Basic Research Development(973) Program of China(No.2013CB834205)the National Natural Science Foundation of China(Nos.61070153 and 61103209)+1 种基金the Natural Science Foundation of Zhejiang Province(Nos.LZ12F02005 and LY12F02006)the Education Department Foundation of Zhejiang Province(No.Y201222977)
文摘User authentication scheme allows user and server to authenticate each other, and generates a session key for the subsequent communication. How to resist the password guessing attacks and smart card stolen attacks are two key problems for designing smart cart and password based user authentication scheme. In 2011, Li and Lee proposed a new smart cart and password based user authentication scheme with smart card revocation, and claimed that their scheme could be immunity to these attacks. In this paper, we show that Li and Lee's scheme is vulnerable to off-line password guessing attack once the information stored in smart card is extracted, and it does not provide perfect forward secrecy. A robust user authentication scheme with smart card revocation is then proposed. We use a most popular and widely used formal verification tool ProVerif, which is based on applied pi calculus, to prove that the proposed scheme achieves security and authentication.
基金Supported by the National Natural Science Foundation of China (60373087, 60473023).
文摘Thirteen security requirements for an ideal password authentication scheme using smart cards are listed and a new smart card based password authentication scheme with identity anonymity is proposed. The new scheme can satisfy all the listed ideal security requirements and has the following merits: (1) it can resist all the attacks listed in introduction; (2) less storage memory requirement due to no verification table stored in server; (3) low computational cost due to hash functions based operations; (4) even if the smart card is lost, the new system is still secure; (5) As user identity is anonymous, this scheme is more practical. The new proposed scheme can be applied in source constraint networks.
文摘Three user authentication schemes are proposed. The security of these new schemes is due to the used secure hash functions and the physically secure smart cards.
基金Supported by the Applied Basic and Advanced Technology Research Programs of Tianjin(15JCYBJC15900)。
文摘With the development of the Internet of Things(IoT)technique,sensitive information collected by sensors may be leaked.In recent years,many authentication schemes have been proposed.Banerjee et al proposed a biometric based user authentication scheme in wireless sensor networks using smart cards in 2019.But we found that Banerjee et al's authentication scheme is vulnerable to impersonation attacks.In order to overcome the weaknesses of Banerjee et al's scheme,we propose a new authentication scheme.In our proposed scheme,we only use the exclusive-or operation and one-way Hash function for the efficiency,which can reduce the computation burden for the IoT devices.In the authentication and session key agreement phase,the secret registration parameter is not used for the authentication,and the session key is given for the all entities.In the Devol-Yao threat model,the security analysis demonstrates that our proposed authentication scheme can resist well-known attacks.
基金supported by the National Natural Science Foundation of China(61170241,61073042)
文摘With the broad implementations of the electronic business and government applications, robust system security and strong privacy protection have become essential requirements for remote user authentication schemes. Recently, Chen et al. pointed out that Wang et al.'s scheme is vulnerable to the user impersonation attack and parallel session attack, and proposed an enhanced version to overcome the identified security flaws. In this paper, however, we show that Chen et al.'s scheme still cannot achieve the claimed security goals and report its following problems: (1) It suffers from the offline password guessing attack, key compromise impersonation attack and known key attack; (2) It fails to provide forward secrecy; (3) It is not easily repairable. As our main contribution, a robust dynamic ID-based scheme based on non-tamper resistance assumption of the smart cards is presented to cope with the aforementioned defects, while preserving the merits of different related schemes. The analysis demonstrates that our scheme meets all the proposed criteria and eliminates several grave security threats that are difficult to be tackled at the same time in previous scholarship.
基金This work is supported by the National Natural Science Foundation of China (90604022);Natural Science Foundation of Beijing (4062025).
文摘In 2005, Liu et al. proposed an improvement to Chien et al.'s remote user authentication scheme, using smart cards, to prevent parallel session attack. This article, however, will demonstrate that Liu et al.'s scheme is vulnerable to masquerading server attack and has the system's secret key forward secrecy problem. Therefore, an improved scheme with better security strength, by using counters instead of timestamps, is proposed. The proposed scheme does not only achieve their scheme's advantages, but also enhances its security by withstanding the weaknesses just mentioned.
基金Project(Nos.102-2218-E-259-004,102-2218-E-146-002,and 1022218-E-011-012)supported by Taiwan Information Security Center (TWISC) and National Science Council,Taiwan
文摘Numerous smart card based authentication protocols have been proposed to provide strong system security and robust individual privacy for communication between parties these days. Nevertheless, most of them do not provide formal analysis proof, and the security robustness is doubtful. Chang and Cheng(2011) proposed an efficient remote authentication protocol with smart cards and claimed that their proposed protocol could support secure communication in a multi-server environment. Unfortunately, there are opportunities for security enhancement in current schemes. In this paper, we identify the major weakness, i.e., session key disclosure, of a recently published protocol. We consequently propose a novel authentication scheme for a multi-server environment and give formal analysis proofs for security guarantees.
基金Supported by the Key Natural Science Foundation of Anhui Higher Education Institutions (KJ2017A857, KJ2019A0727)。
文摘With the existing anonymous authentication schemes based on biometrics, the user and the server can create the same session key after mutual authentication. If the anonymous authentication scheme is applied in the electronic medical environment, it is also necessary to consider that the patient may access multiple hospital servers. Based on three factors of smart card, random number and biometrics, an anonymous authentication scheme in the electronic medical environment is proposed. In order to reduce the burden of the medical registration and certification center(HC), in the proposed anonymous authentication scheme, the patient only needs to register with HC once, then he/she can apply for visiting each hospital that has joined the medical servers. Security analysis shows that the proposed scheme has anonymity and dual authentication, and can resist various types of attacks, such as insider attack, modification attack, replay attack and smart card loss attack. Efficiency analysis shows that the calculation cost of the proposed scheme in the registration and login phase is lower, and it is slightly higher than Lei's scheme and Khan et al's scheme in the authentication phase. The proposed scheme can not only resist various types of attacks, but also support dual authentication and multi-server environment. With a little modification, the proposed scheme can also be used to other application scenarios requiring anonymous authentication.
文摘This paper discusses an approach to share a smart card in one machine with other machines accessible on the local network or the Internet. This allows a user at a browser to use the shared card remotely and access web applications that requiresmart card authentication. This also enables users to access these applications from browsers and machines that do not have the capability to use a smart card. The approach uses proxies and card reader code to provide this capability to the requesting device.Previous work with remote or shared smart card use either requires continuous access to the smart card machine or specific client software. The approach in this paper works for any device and browser that has proxy settings, creates minimal network traffic and computation on the smart card machine, and allows the client to transfer from one network to another while maintaining connectivity to a server. This paper describes the smart card sharing approach, implementation and validation of the approach using real systems, and security implications for an enterprise using smart cards.
基金This work was supported by the Program for Changjiang Scholars and Innovative Research Team in University under Grant No. IRT1078 the Key Program of NSFC-Guangdong Union Foundation under Grant No.U1135002+3 种基金 the Major National S&T Program under Grant No.2011ZX03005-002 the National Natural Science Foundation of China under Grants No. 61072066, No.61173135, No.61100230, No.61100233, No.61202389, No.61202390 the Natural Science Basic Research Plan in Shaanxi Province of China under Grants No.2012JQ8043, No. 2012JM8030, No. 2012JM8025, No2011JQ8003 the Fundamental Research Funds for the Central Universities under Cxants No. JY10000903001, No. K50511030004. The authors would like to thank the anonymous reviewers and the editor for their constructive comments that have helped us to improve this paper.
文摘In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the possession of both a password and a snort card, and provides more security guarantees in two aspects: 1) it addresses the untmceability property so that any third party accessing the communication channel cannot link two authentication sessions originated from the same user, and 2) the use of a smart card prevents offiine attacks to guess passwords. The security and efficiency analyses indicate that our enhanced scheme provides the highest level of security at reasonable computational costs. Therefore, it is a practical authentication scheme with attractive security features for wireless sensor networks.
基金This work is supported by the National Science Foundation of China(Grant No.61501132,Grant Nos.61771154,61301095,61370084)the China Postdoctoral Science Foundation No.2016M591515+1 种基金the Heilongjiang Postdoctoral Sustentation Fund with No.LBH-Z14055Harbin Application Technology Research and Development Project(Grant Nos.2016RAQXJ063,2016RAXXJ013).
文摘With the development of computer hardware technology and network technology,the Internet of Things as the extension and expansion of traditional computing network has played an increasingly important role in all professions and trades and has had a tremendous impact on people lifestyle.The information perception of the Internet of Things plays a key role as a link between the computer world and the real world.However,there are potential security threats in the Perceptual Layer Network applied for information perception because Perceptual Layer Network consists of a large number of sensor nodes with weak computing power,limited power supply,and open communication links.We proposed a novel lightweight authentication protocol based on password,smart card and biometric identification that achieves mutual authentication among User,GWN and sensor node.Biometric identification can increase the nonrepudiation feature that increases security.After security analysis and logical proof,the proposed protocol is proven to have a higher reliability and practicality.
基金supported by National Science Council under Grant No. 98-2221-E-025-007- and 99-2410-H-025-010-MY2
文摘When accessing remote services over public networks, a user authentication mechanism is required because these activities are executed in an insecure communication environment. Recently, Wang et al. proposed an authentication and key agreement scheme preserving the privacy of secret keys and providing user anonymity. Later, Chang et al. indicated that their scheme suffers from two security flaws. First, it cannot resist DoS (denial-of-service) attack because the indicators for the next session are not consistent. Second, the user password may be modified by a malicious attacker because no authentication mechanism is applied before the user password is updated. To eliminate the security flaws and preserve the advantages of Wang et aL's scheme, we propose an improvement in this paper.
基金supported by the Key Program of NSFC-Guangdong Union Foundation under Grant No.U1135002Young Foundation of Humanities and Social Sciences of MOE (Ministry of Education in China) of under Grant No.11YJCZH160Foundation for Young Scientists of Jiangxi Province of China under Grant No.20133BCB23016
文摘Since network services are provided cooperatively by multiple servers in the lnternet, the authentication protocols for multiserver architecture are required by Internetbased services, such as online game, online trade and so on. Recently, Li et al. analyzed Lee et al.'s protocol and proposed an improved dynamic identity based authentication protocol for multi-server architecture. They claimed that their protocol provides user's anonymity, mutual authentication and the session key agreement against several kinds of attacks. In this paper, a cryptanalysis on Lee et al.'s scheme shows that Lee et al's protocol is also vulnerable to malicious server attack, stolen smart card attack and leak-of-verifier attack. Moreover, Li e/ al.'s improved protocol is also vulnerable to all these attacks. Further cryptanalysis reveals that Li et al.'s improved protocol is susceptible to collusion attack.
文摘Telecare Medicine Information Systems (TMIS) provides flexible and convenient healthcare for patients. However, the medical data transmitted between patients and doctors are exposed to unsecure public networks. To protect the patient’s personal information, many authentication schemes are designed. Recently, Kang et al. proposed a hash based authentication schemes for TMIS and claimed that it could resist various attacks. However, we find that their proposed scheme is unsecure to traceability attack and user impersonation attack. In order to enhance the security and preserve the efficiency of Kang et al.’s, we proposed a new anonymous and lightweight scheme. The analysis demonstrates that our proposed scheme is superior to Kang et al.’s and the related schemes in security.
