As an indispensable part of the Intelli-gent Transportation System(ITS),the vehicular ad-hoc network(VANET)has attracted widespread atten-tion from academia and industry.In order to ensure the security of VANET,vehicl...As an indispensable part of the Intelli-gent Transportation System(ITS),the vehicular ad-hoc network(VANET)has attracted widespread atten-tion from academia and industry.In order to ensure the security of VANET,vehicles need to be authen-ticated before accessing the network.Most existing authentication protocols in VANET adopt the Trusted Authority(TA)with centralized structure which is re-sponsible for the authentication tasks of all vehicles.However,the large-scale network consume a lot of computing resources,which leads to unacceptable de-lay in message transmission in VANET.For reducing the computational cost of TA,an efficient three-factor privacy-preserving authentication and key agreement protocol was proposed in our paper.Different from before,the RoadSide Unit(RSU)no longer acts as an intermediate node but is responsible for assisting user authentication,which lead to the computational cost of TA is very low.Through formal and informal analysis,our protocol demonstrates excellent security.Com-pared with previous studies,our work emerges advan-tages and superiorities in the following aspects:com-putational cost,communication cost,security proper-ties and functions,message loss ratio,and message de-lay.These data and evidence indicate that our protocol is an ideal choice for large-scale VANET.展开更多
Wireless sensor networks (WSNs) are used to monitor various environmental conditions including movement, pollution level, temperature, humidity, and etc. Secure authentication is very important for the success of WSNs...Wireless sensor networks (WSNs) are used to monitor various environmental conditions including movement, pollution level, temperature, humidity, and etc. Secure authentication is very important for the success of WSNs. Li <i>et al</i>. proposed a three-factor anonymous authentication scheme in WSNs over Internet of things (IoT). They argued that their authentication scheme achieves more security and functional features, which are required for WSNs over IoT. Especially, they insisted that their user authentication scheme provides security against sensor node impersonation attack, and resists session-specific temporary information attack and various other attacks. However, this paper shows some security weaknesses in Li <i>et al</i>.’s scheme, especially focused on sensor node masquerading attack, known session-specific temporary information attack and deficiency of perfect forward secrecy. Especially, security considerations are very important to the modern IoT based applications. Thereby, the result of this paper could be very helpful for the IoT security researches.展开更多
Multi-server authenticated key agreement schemes have attracted great attention to both academia and industry in recent years.However,traditional authenticated key agreement schemes in the single-server environment ar...Multi-server authenticated key agreement schemes have attracted great attention to both academia and industry in recent years.However,traditional authenticated key agreement schemes in the single-server environment are not suitable for the multi-server environment because the user has to register on each server when he/she wishes to log in various servers for different service.Moreover,it is unreasonable to consider all servers are trusted since the server in a multi-server environment may be a semi-trusted party.In order to overcome these difficulties,we designed a secure three-factor multi-server authenticated key agreement protocol based on elliptic curve cryptography,which needs the user to register only once at the registration center in order to access all semi-trusted servers.The proposed scheme can not only against various known attacks but also provides high computational efficiency.Besides,we have proved our scheme fulfills mutual authentication by using the authentication test method.展开更多
基金the National Natural Sci-ence Foundation of China under Grant No.61772185.
文摘As an indispensable part of the Intelli-gent Transportation System(ITS),the vehicular ad-hoc network(VANET)has attracted widespread atten-tion from academia and industry.In order to ensure the security of VANET,vehicles need to be authen-ticated before accessing the network.Most existing authentication protocols in VANET adopt the Trusted Authority(TA)with centralized structure which is re-sponsible for the authentication tasks of all vehicles.However,the large-scale network consume a lot of computing resources,which leads to unacceptable de-lay in message transmission in VANET.For reducing the computational cost of TA,an efficient three-factor privacy-preserving authentication and key agreement protocol was proposed in our paper.Different from before,the RoadSide Unit(RSU)no longer acts as an intermediate node but is responsible for assisting user authentication,which lead to the computational cost of TA is very low.Through formal and informal analysis,our protocol demonstrates excellent security.Com-pared with previous studies,our work emerges advan-tages and superiorities in the following aspects:com-putational cost,communication cost,security proper-ties and functions,message loss ratio,and message de-lay.These data and evidence indicate that our protocol is an ideal choice for large-scale VANET.
文摘Wireless sensor networks (WSNs) are used to monitor various environmental conditions including movement, pollution level, temperature, humidity, and etc. Secure authentication is very important for the success of WSNs. Li <i>et al</i>. proposed a three-factor anonymous authentication scheme in WSNs over Internet of things (IoT). They argued that their authentication scheme achieves more security and functional features, which are required for WSNs over IoT. Especially, they insisted that their user authentication scheme provides security against sensor node impersonation attack, and resists session-specific temporary information attack and various other attacks. However, this paper shows some security weaknesses in Li <i>et al</i>.’s scheme, especially focused on sensor node masquerading attack, known session-specific temporary information attack and deficiency of perfect forward secrecy. Especially, security considerations are very important to the modern IoT based applications. Thereby, the result of this paper could be very helpful for the IoT security researches.
基金This work is supported by the Sichuan education department research project(No.16226483)Sichuan Science and Technology Program(No.2018GZDZX0008)+1 种基金Chengdu Science and Technology Program(No.2018-YF08-00007-GX)the National Natural Science Foundation of China(No.61872087).
文摘Multi-server authenticated key agreement schemes have attracted great attention to both academia and industry in recent years.However,traditional authenticated key agreement schemes in the single-server environment are not suitable for the multi-server environment because the user has to register on each server when he/she wishes to log in various servers for different service.Moreover,it is unreasonable to consider all servers are trusted since the server in a multi-server environment may be a semi-trusted party.In order to overcome these difficulties,we designed a secure three-factor multi-server authenticated key agreement protocol based on elliptic curve cryptography,which needs the user to register only once at the registration center in order to access all semi-trusted servers.The proposed scheme can not only against various known attacks but also provides high computational efficiency.Besides,we have proved our scheme fulfills mutual authentication by using the authentication test method.