The Experts below are selected from a list of 2154 Experts worldwide ranked by ideXlab platform
Muhammad Khurram Khan - One of the best experts on this subject based on the ideXlab platform.
-
a two factor rsa based robust authentication system for multiserver environments
Security and Communication Networks, 2017Co-Authors: Ruhul Amin, Muhammad Khurram Khan, S Hafizul K Islam, Arijit Karati, Debasis Giri, Saru KumariAbstract:The concept of two-factor multiserver authentication protocol was developed to avoid multiple number of registrations using multiple smart-cards and Passwords. Recently, a variety of two-factor multiserver authentication protocols have been developed. It is observed that the existing RSA-based multiserver authentication protocols are not suitable in terms of computation complexities and security attacks. To provide lower complexities and security resilience against known attacks, this article proposes a two-factor (Password and smart-card) user authentication protocol with the RSA cryptosystem for multiserver environments. The comprehensive security discussion proved that the known security attacks are eliminated in our protocol. Besides, our protocol supports session key agreement and mutual authentication between the application server and the user. We analyze the proof of correctness of the mutual authentication and freshness of session key using the BAN logic model. The experimental outcomes obtained through simulation of the Automated Validation of Internet Security Protocols and Applications (AVISPA) S/W show that our protocol is secured. We consider the computation, communication, and storage costs and the comparative explanations show that our protocol is flexible and efficient compared with protocols. In addition, our protocol offers security resilience against known attacks and provides lower computation complexities than existing protocols. Additionally, the protocol offers Password Change facility to the authorized user.
-
An enhanced mutual authentication and key agreement scheme for mobile user roaming service in global mobility networks
Annals of Telecommunications, 2017Co-Authors: Fan Wu, Lili Xu, Muhammad Khurram Khan, Saru Kumari, Xiong Li, Ashok Kumar DasAbstract:Roaming service is required in the ubiquitous access used in the global mobility networks (GLOMONETs) and the security is one of the most important issues. Many researchers focus their interests on authentication schemes for GLOMONETs. In 2015, Gope and Hwang, Zhang et al. and Farash et al. proposed their key agreement authentication schemes for GLOMONETs, respectively. However, we find weaknesses in them. Gope and Hwang’s scheme is under the off-line guessing attack and the de-synchronization attack. Moreover, it does not keep strong forward security and the session key is known by the home agent. Zhang et al.’s scheme has several weaknesses including vulnerability to the off-line guessing attack, destitution of Password Change phase, and the leakage of updated session key. Farash et al.’s scheme lacks user anonymity and strong forward secrecy and is vulnerable to the off-line Password guessing attack. The session key is known to the home agent, too. Furthermore, neither Gope and Hwang’s scheme nor Farash et al.’s scheme has the session key update phase. To eliminate the problems, we present an improved authentication and key agreement scheme for GLOMONETs. According to the formal proof and the informal analysis, our scheme is well-performed and applicable.
-
A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks
Wireless Personal Communications, 2017Co-Authors: Marimuthu Karuppiah, Rajagopal Saravanan, Muhammad Khurram Khan, Saru Kumari, Ashok Kumar Das, Fan Wu, Xiong Li, Sayantani BasuAbstract:User authentication scheme is an essential issue for offering roaming service to mobile users in global mobile network (GLOMONET). However, designing an anonymous user authentication scheme in GLOMONET is a challenging task since wireless communication networks are susceptible to a variety of attacks and mobile devices are of limited storage, processing and communication capabilities. Recently, Miyoung and Rhee examined the schemes proposed by Wei et al. and Wu et al., and came up with an improved authentication scheme offering user anonymity in GLOMONET. We point out that Miyoung and Rhee scheme is exposed to off-line Password guessing and user impersonation attacks. Also, their scheme cannot offer user anonymity, Password Change or updating option and quick detection of wrong Password. In order to overcome the flaws present in Miyoung and Rhee scheme, we propose a dynamic ID-based generic framework for anonymous authentication scheme for roaming service in GLOMONET, which is invincible to various prying attacks of intruders. Furthermore, the performance analysis proves that our scheme is versatile, simple and secure when compared to the existing authentication schemes.
-
a user friendly mutual authentication and key agreement scheme for wireless sensor networks using chaotic maps
Future Generation Computer Systems, 2016Co-Authors: Saru Kumari, Ashok Kumar Das, Hamed Arshad, Muhammad Khurram KhanAbstract:Spread of wireless network technology has opened new doors to utilize sensor technology in various areas via Wireless Sensor Networks (WSNs). Many authentication protocols for among the service seeker users, sensing component sensor nodes (SNs) and the service provider base-station or gateway node (GWN) are available to realize services from WSNs efficiently and without any fear of deceit. Recently, Li et al. and He et al. independently proposed mutual authentication and key agreement schemes for WSNs. We find that both the schemes achieve mutual authentication, establish session key and resist many known attacks but still have security weaknesses. We show the applicability of stolen verifier, user impersonation, Password guessing and smart card loss attacks on Li et al.'s scheme. Although their scheme employs the feature of dynamic identity, an attacker can reveal and guess the identity of a registered user. We demonstrate the susceptibility of He et al.'s scheme to Password guessing attack. In both the schemes, the security of the session key established between user and SNs is imperfect due to lack of forward secrecy and session-specific temporary information leakage attack. In addition both the schemes impose extra computational load on resource scanty sensor-nodes and are not user friendly due to absence of user anonymity and lack of Password Change facility. To handle these drawbacks, we design a mutual authentication and key agreement scheme for WSN using chaotic maps. To the best of our knowledge, we are the first to propose an authentication scheme for WSN based on chaotic maps. We show the superiority of the proposed scheme over its predecessor schemes by means of detailed security analysis and comparative evaluation. We also formally analyze our scheme using BAN logic. We examine recently proposed Li et al.'s and He et al.'s schemes for WSN.We show security weaknesses in both schemes.We propose an improved scheme for WSN using Chebyshev chaotic maps.Formal security proof using BAN logic and conventional analysis assure the security of our scheme.Comparative evaluation shows the superiority of our scheme over related schemes.
-
A Novel Chaotic Maps-Based User Authentication and Key Agreement Protocol for Multi-server Environments with Provable Security
Wireless Personal Communications, 2016Co-Authors: Jianwei Niu, Sk Hafizul Islam, Muhammad Khurram Khan, Saru Kumari, Ashok Kumar Das, Xiong Li, Fan WuAbstract:The widespread popularity of the computer networks has triggered concerns about information security. Password-based user authentication with key agreement protocols have drawn attentions since it provides proper authentication of a user before granting access right to services, and then ensure secure communication over insecure channels. Recently, Lee et al. pointed out different security flaws on Tsaur et al.’s multi-server user authentication protocol, and they further proposed an extended chaotic maps-based user authentication with key agreement protocol for multi-server environments. However, we observed that Lee et al.’s protocol has some functionality and security flaws, i.e., it is inefficient in detection of unauthorized login and it does not support Password Change mechanism. Besides, their protocol is vulnerable to registration center spoofing attack and server spoofing attack. In order to remedy the aforementioned flaws, we proposed a novel chaotic maps-based user authentication with key agreement protocol for multi-server environments. The proposed protocol is provably secure in the random oracle model under the chaotic-maps based computational Diffie-Hellman assumption. In addition, we analyzed our protocol using BAN logic model. We also compared our protocol with Lee et al.’s protocol in aspects of computation cost, functionalities and securities.
Ashok Kumar Das - One of the best experts on this subject based on the ideXlab platform.
-
A Secure Smartcard-Based Anonymous User Authentication Scheme for Healthcare Applications Using Wireless Medical Sensor Networks
Wireless Personal Communications, 2017Co-Authors: Ashok Kumar Das, Anil Kumar Sutrala, Vanga Odelu, Adrijit GoswamiAbstract:A wireless medical sensor network (WMSN ) is a professional application of the traditional wireless body area sensor networks in medicine. Using WMSNs, the parameters of patients’ vital signs can be gathered from the sensor nodes deployed on the body of the patients and accessed by the healthcare professionals by using a mobile device. Due to wireless communication, securing communication becomes a vital issue in WMSNs. Since the vital signs parameters are sensitive to the patients’ health status and these information must not be revealed to the others except the healthcare professionals, the protection of patients’ privacy becomes another key issue for WMSNs applications. Thus, user authentication with anonymity property is the most basic and commonly used method in order to resolve the security and privacy issues of WMSNs. He et al. presented a user authentication protocol for healthcare applications using WMSNs to protect the security and privacy problems. However, Li et al. showed that their scheme is incorrect in authentication and session key agreement phase, has no wrong Password detection mechanism and is vulnerable to denial of service caused by Password Change with wrong Password. In this paper, we review Li et al.’s scheme and show that their scheme is still vulnerable to privileged-insider attack, sensor node capture attack and fails to provide user anonymity property. Moreover, we find that He et al.’s scheme is still vulnerable to the same attacks as we find out in Li et al.’s scheme. In order to remedy the security weaknesses found in both He et al.’s scheme and Li et al.’s scheme, we present a secure biometrics-based user authentication scheme in WMSNs using smart card. Through the rigorous formal and informal security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications tool and the simulation results reveal that our scheme is secure. Our scheme is also efficient in computation and communication as compared to He et al.’s scheme, Li et al.’s scheme and other related schemes.
-
on the design of fine grained access control with user authentication scheme for telecare medicine information systems
IEEE Access, 2017Co-Authors: Santanu Chatterjee, Sandip Roy, Samiran Chattopadhyay, Ashok Kumar Das, Neeraj Kumar, Alavalapati Goutham Reddy, Kisung Park, Youngho ParkAbstract:A telecare medicine information system (TMIS) for health-care delivery service requires information exChange among multiple IT systems, where different types of users with different access privileges are involved. In TMIS, users generally communicate via public channels. Hence, authentication is essential to provide access to the genuine users. However, access rights for the correct information and resources for different services to the genuine users can be provided with the help of efficient user access control mechanism. The existing user authentication protocols designed for TMIS only provide authentication, but for this kind of application, it is required that the authorized users should also have unique access privilege to access specific data. This paper puts forwards a new fine grained access control with user authentication scheme for TMIS. We present the formal security analysis using both the widely accepted real-or-random model and Burrows-Abadi–Needham logic. The proposed scheme supports user anonymity, forward secrecy, and efficient Password Change without contacting the remote server. In addition, the proposed scheme is comparable with respect to communication and computation costs as compared with other related schemes proposed in TMIS. Moreover, better tradeoff among security and functionality features, and communication and computation costs makes the proposed scheme suitable and practical for telecare medicine environments as compared with other existing related schemes.
-
An enhanced mutual authentication and key agreement scheme for mobile user roaming service in global mobility networks
Annals of Telecommunications, 2017Co-Authors: Fan Wu, Lili Xu, Muhammad Khurram Khan, Saru Kumari, Xiong Li, Ashok Kumar DasAbstract:Roaming service is required in the ubiquitous access used in the global mobility networks (GLOMONETs) and the security is one of the most important issues. Many researchers focus their interests on authentication schemes for GLOMONETs. In 2015, Gope and Hwang, Zhang et al. and Farash et al. proposed their key agreement authentication schemes for GLOMONETs, respectively. However, we find weaknesses in them. Gope and Hwang’s scheme is under the off-line guessing attack and the de-synchronization attack. Moreover, it does not keep strong forward security and the session key is known by the home agent. Zhang et al.’s scheme has several weaknesses including vulnerability to the off-line guessing attack, destitution of Password Change phase, and the leakage of updated session key. Farash et al.’s scheme lacks user anonymity and strong forward secrecy and is vulnerable to the off-line Password guessing attack. The session key is known to the home agent, too. Furthermore, neither Gope and Hwang’s scheme nor Farash et al.’s scheme has the session key update phase. To eliminate the problems, we present an improved authentication and key agreement scheme for GLOMONETs. According to the formal proof and the informal analysis, our scheme is well-performed and applicable.
-
A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks
Wireless Personal Communications, 2017Co-Authors: Marimuthu Karuppiah, Rajagopal Saravanan, Muhammad Khurram Khan, Saru Kumari, Ashok Kumar Das, Fan Wu, Xiong Li, Sayantani BasuAbstract:User authentication scheme is an essential issue for offering roaming service to mobile users in global mobile network (GLOMONET). However, designing an anonymous user authentication scheme in GLOMONET is a challenging task since wireless communication networks are susceptible to a variety of attacks and mobile devices are of limited storage, processing and communication capabilities. Recently, Miyoung and Rhee examined the schemes proposed by Wei et al. and Wu et al., and came up with an improved authentication scheme offering user anonymity in GLOMONET. We point out that Miyoung and Rhee scheme is exposed to off-line Password guessing and user impersonation attacks. Also, their scheme cannot offer user anonymity, Password Change or updating option and quick detection of wrong Password. In order to overcome the flaws present in Miyoung and Rhee scheme, we propose a dynamic ID-based generic framework for anonymous authentication scheme for roaming service in GLOMONET, which is invincible to various prying attacks of intruders. Furthermore, the performance analysis proves that our scheme is versatile, simple and secure when compared to the existing authentication schemes.
-
provably secure user authentication and key agreement scheme for wireless sensor networks
Security and Communication Networks, 2016Co-Authors: Ashok Kumar Das, Saru Kumari, Vanga Odelu, Xinyi HuangAbstract:In recent years, user authentication has emerged as an interesting field of research in wireless sensor networks. Most recently, in 2016, Chang and Le presented a scheme to authenticate the users in wireless sensor network using a Password and smart card. They proposed two protocols P1 and P2. P1 is based on exclusive or XOR and hash functions, while P2 deploys elliptic curve cryptography in addition to the two functions used in P1. Although their protocols are efficient, we point out that both P1 and P2 are vulnerable to session specific temporary information attack and offline Password guessing attack, while P1 is also vulnerable to session key breach attack. In addition, we show that both the protocols P1 and P2 are inefficient in authentication and Password Change phases. To withstand these weaknesses found in their protocols, we aim to design a new authentication and key agreement scheme using elliptic curve cryptography. Rigorous formal security proofs using the broadly accepted, the random oracle models, and the Burrows-Abadi-Needham logic and verification using the well-known Automated Validation of Internet Security Protocols and Applications tool are preformed on our scheme. The analysis shows that our designed scheme has the ability to resist a number of known attacks comprising those found in both Chang-Le's protocols. Copyright © 2016 John Wiley & Sons, Ltd.
Dheerendra Mishra - One of the best experts on this subject based on the ideXlab platform.
-
Secure and efficient user authentication scheme for multi-gateway wireless sensor networks
Ad Hoc Networks, 2017Co-Authors: Jangirala Srinivas, Sourav Mukhopadhyay, Dheerendra MishraAbstract:By utilizing Internet of Things (IoT), the collected information from the sensor nodes in wireless sensor networks (WSNs) could be provided to the users who are permitted to get access of sensor nodes. As the information from the sensors are transmitted via public network and sensor nodes have limited battery, shift the focus on security and efficiency in WSNs. User authentication is the security task for limiting the access. It is achieved by equipping authorized users with Passwords, tokens or biometrics. However, Password and token are easy being stolen and forgotten; even biometrics inherit some limitation. More suitable approach is to combine both Password and biometric authenticator to harvest benefits in security. This paper proposes a novel authentication and key agreement scheme for WSNs using biohashing. Biohashing facilitates elimination of false accept rates without increasing occurrence of false rejection rate. Additionally, biohashing has highly clear separation of imposter populations and genuine, and zero equal error rate level. The proposed scheme also supports dynamic node addition and user friendly Password Change mechanism. Using the BAN-logic, we prove that the proposed scheme provides mutual authentication. In addition, we simulate proposed scheme for the security against man-in-the middle attack and replay attack using the AVISPA tool, and the simulation results show that our scheme is safe. Through the informal security analysis, we show that the proposed scheme is secure against the known attacks for authentication protocols.
-
Cryptanalysis and Improvement of Jiang et al.’s Smart Card Based Remote User Authentication Scheme
2016Co-Authors: Dheerendra Mishra, Ankita Chaturvedi, Sourav MukhopadhyayAbstract:Smart card based remote user Password authentication schemes are one of the user-friendly and scalable mechanism to establish secure communication between remote entities. These schemes try to ensure secure and authorized communication between remote entities over the insecure public network. Although, most of the existing schemes do not satisfy desirable attributes, such that resistance against attacks, user anonymity and efficiency. In 2012, Chen et al. proposed a robust smart cased based remote user authentication scheme to erase the weaknesses of Sood et al.’s scheme. Recently, Jiang et al. showed that Chen et al.’s scheme is vulnerable to Password guessing attack. Furthermore, Jiang et al. presented a solution to overcome the shortcoming of Chen et al.’s scheme. In the paper, we show that Jiang et al.’s scheme is still vulnerable to insider attack, on-line and off-line Password guessing attack and user impersonation attack. Their scheme also fails to ensure perfect forward secrecy and user’s anonymity. Moreover, It does not provide efficient login and user-friendly Password Change phase. Further, to overcome these drawbacks, we present a modify scheme which reduces the computation overhead and satisfies all desirable security attributes where Jiang et al.’s scheme failed
-
on the security flaws in id based Password authentication schemes for telecare medical information systems
Journal of Medical Systems, 2015Co-Authors: Dheerendra MishraAbstract:Telecare medical information systems (TMIS) enable healthcare delivery services. However, access of these services via public channel raises security and privacy issues. In recent years, several smart card based authentication schemes have been introduced to ensure secure and authorized communication between remote entities over the public channel for the (TMIS). We analyze the security of some of the recently proposed authentication schemes of Lin, Xie et al., Cao and Zhai, and Wu and Xu's for TMIS. Unfortunately, we identify that these schemes failed to satisfy desirable security attributes. In this article we briefly discuss four dynamic ID-based authentication schemes and demonstrate their failure to satisfy desirable security attributes. The study is aimed to demonstrate how inefficient Password Change phase can lead to denial of server scenario for an authorized user, and how an inefficient login phase causes the communication and computational overhead and decrease the performance of the system. Moreover, we show the vulnerability of Cao and Zhai's scheme to known session specific temporary information attack, vulnerability of Wu and Xu's scheme to off-line Password guessing attack, and vulnerability of Xie et al.'s scheme to untraceable on-line Password guessing attack.
-
A Secure and Efficient Chaotic Map-Based Authenticated Key Agreement Scheme for Telecare Medicine Information Systems
Journal of Medical Systems, 2014Co-Authors: Dheerendra Mishra, Jangirala Srinivas, Sourav MukhopadhyayAbstract:Advancement in network technology provides new ways to utilize telecare medicine information systems (TMIS) for patient care. Although TMIS usually faces various attacks as the services are provided over the public network. Recently, Jiang et al. proposed a chaotic map-based remote user authentication scheme for TMIS. Their scheme has the merits of low cost and session key agreement using Chaos theory. It enhances the security of the system by resisting various attacks. In this paper, we analyze the security of Jiang et al.’s scheme and demonstrate that their scheme is vulnerable to denial of service attack. Moreover, we demonstrate flaws in Password Change phase of their scheme. Further, our aim is to propose a new chaos map-based anonymous user authentication scheme for TMIS to overcome the weaknesses of Jiang et al.’s scheme, while also retaining the original merits of their scheme. We also show that our scheme is secure against various known attacks including the attacks found in Jiang et al.’s scheme. The proposed scheme is comparable in terms of the communication and computational overheads with Jiang et al.’s scheme and other related existing schemes. Moreover, we demonstrate the validity of the proposed scheme through the BAN (Burrows, Abadi, and Needham) logic.
-
Cryptanalysis and Improvement of Yan et al.’s Biometric-Based Authentication Scheme for Telecare Medicine Information Systems
Journal of Medical Systems, 2014Co-Authors: Dheerendra Mishra, Ashish Chaturvedi, Sourav Mukhopadhyay, Saru Kumari, Muhammad Khurram KhanAbstract:Remote user authentication is desirable for a Telecare Medicine Information System (TMIS) for the safety, security and integrity of transmitted data over the public channel. In 2013, Tan presented a biometric based remote user authentication scheme and claimed that his scheme is secure. Recently, Yan et al. demonstrated some drawbacks in Tan’s scheme and proposed an improved scheme to erase the drawbacks of Tan’s scheme. We analyze Yan et al.’s scheme and identify that their scheme is vulnerable to off-line Password guessing attack, and does not protect anonymity. Moreover, in their scheme, login and Password Change phases are inefficient to identify the correctness of input where inefficiency in Password Change phase can cause denial of service attack. Further, we design an improved scheme for TMIS with the aim to eliminate the drawbacks of Yan et al.’s scheme.
Saru Kumari - One of the best experts on this subject based on the ideXlab platform.
-
a two factor rsa based robust authentication system for multiserver environments
Security and Communication Networks, 2017Co-Authors: Ruhul Amin, Muhammad Khurram Khan, S Hafizul K Islam, Arijit Karati, Debasis Giri, Saru KumariAbstract:The concept of two-factor multiserver authentication protocol was developed to avoid multiple number of registrations using multiple smart-cards and Passwords. Recently, a variety of two-factor multiserver authentication protocols have been developed. It is observed that the existing RSA-based multiserver authentication protocols are not suitable in terms of computation complexities and security attacks. To provide lower complexities and security resilience against known attacks, this article proposes a two-factor (Password and smart-card) user authentication protocol with the RSA cryptosystem for multiserver environments. The comprehensive security discussion proved that the known security attacks are eliminated in our protocol. Besides, our protocol supports session key agreement and mutual authentication between the application server and the user. We analyze the proof of correctness of the mutual authentication and freshness of session key using the BAN logic model. The experimental outcomes obtained through simulation of the Automated Validation of Internet Security Protocols and Applications (AVISPA) S/W show that our protocol is secured. We consider the computation, communication, and storage costs and the comparative explanations show that our protocol is flexible and efficient compared with protocols. In addition, our protocol offers security resilience against known attacks and provides lower computation complexities than existing protocols. Additionally, the protocol offers Password Change facility to the authorized user.
-
An enhanced mutual authentication and key agreement scheme for mobile user roaming service in global mobility networks
Annals of Telecommunications, 2017Co-Authors: Fan Wu, Lili Xu, Muhammad Khurram Khan, Saru Kumari, Xiong Li, Ashok Kumar DasAbstract:Roaming service is required in the ubiquitous access used in the global mobility networks (GLOMONETs) and the security is one of the most important issues. Many researchers focus their interests on authentication schemes for GLOMONETs. In 2015, Gope and Hwang, Zhang et al. and Farash et al. proposed their key agreement authentication schemes for GLOMONETs, respectively. However, we find weaknesses in them. Gope and Hwang’s scheme is under the off-line guessing attack and the de-synchronization attack. Moreover, it does not keep strong forward security and the session key is known by the home agent. Zhang et al.’s scheme has several weaknesses including vulnerability to the off-line guessing attack, destitution of Password Change phase, and the leakage of updated session key. Farash et al.’s scheme lacks user anonymity and strong forward secrecy and is vulnerable to the off-line Password guessing attack. The session key is known to the home agent, too. Furthermore, neither Gope and Hwang’s scheme nor Farash et al.’s scheme has the session key update phase. To eliminate the problems, we present an improved authentication and key agreement scheme for GLOMONETs. According to the formal proof and the informal analysis, our scheme is well-performed and applicable.
-
A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks
Wireless Personal Communications, 2017Co-Authors: Marimuthu Karuppiah, Rajagopal Saravanan, Muhammad Khurram Khan, Saru Kumari, Ashok Kumar Das, Fan Wu, Xiong Li, Sayantani BasuAbstract:User authentication scheme is an essential issue for offering roaming service to mobile users in global mobile network (GLOMONET). However, designing an anonymous user authentication scheme in GLOMONET is a challenging task since wireless communication networks are susceptible to a variety of attacks and mobile devices are of limited storage, processing and communication capabilities. Recently, Miyoung and Rhee examined the schemes proposed by Wei et al. and Wu et al., and came up with an improved authentication scheme offering user anonymity in GLOMONET. We point out that Miyoung and Rhee scheme is exposed to off-line Password guessing and user impersonation attacks. Also, their scheme cannot offer user anonymity, Password Change or updating option and quick detection of wrong Password. In order to overcome the flaws present in Miyoung and Rhee scheme, we propose a dynamic ID-based generic framework for anonymous authentication scheme for roaming service in GLOMONET, which is invincible to various prying attacks of intruders. Furthermore, the performance analysis proves that our scheme is versatile, simple and secure when compared to the existing authentication schemes.
-
provably secure user authentication and key agreement scheme for wireless sensor networks
Security and Communication Networks, 2016Co-Authors: Ashok Kumar Das, Saru Kumari, Vanga Odelu, Xinyi HuangAbstract:In recent years, user authentication has emerged as an interesting field of research in wireless sensor networks. Most recently, in 2016, Chang and Le presented a scheme to authenticate the users in wireless sensor network using a Password and smart card. They proposed two protocols P1 and P2. P1 is based on exclusive or XOR and hash functions, while P2 deploys elliptic curve cryptography in addition to the two functions used in P1. Although their protocols are efficient, we point out that both P1 and P2 are vulnerable to session specific temporary information attack and offline Password guessing attack, while P1 is also vulnerable to session key breach attack. In addition, we show that both the protocols P1 and P2 are inefficient in authentication and Password Change phases. To withstand these weaknesses found in their protocols, we aim to design a new authentication and key agreement scheme using elliptic curve cryptography. Rigorous formal security proofs using the broadly accepted, the random oracle models, and the Burrows-Abadi-Needham logic and verification using the well-known Automated Validation of Internet Security Protocols and Applications tool are preformed on our scheme. The analysis shows that our designed scheme has the ability to resist a number of known attacks comprising those found in both Chang-Le's protocols. Copyright © 2016 John Wiley & Sons, Ltd.
-
a user friendly mutual authentication and key agreement scheme for wireless sensor networks using chaotic maps
Future Generation Computer Systems, 2016Co-Authors: Saru Kumari, Ashok Kumar Das, Hamed Arshad, Muhammad Khurram KhanAbstract:Spread of wireless network technology has opened new doors to utilize sensor technology in various areas via Wireless Sensor Networks (WSNs). Many authentication protocols for among the service seeker users, sensing component sensor nodes (SNs) and the service provider base-station or gateway node (GWN) are available to realize services from WSNs efficiently and without any fear of deceit. Recently, Li et al. and He et al. independently proposed mutual authentication and key agreement schemes for WSNs. We find that both the schemes achieve mutual authentication, establish session key and resist many known attacks but still have security weaknesses. We show the applicability of stolen verifier, user impersonation, Password guessing and smart card loss attacks on Li et al.'s scheme. Although their scheme employs the feature of dynamic identity, an attacker can reveal and guess the identity of a registered user. We demonstrate the susceptibility of He et al.'s scheme to Password guessing attack. In both the schemes, the security of the session key established between user and SNs is imperfect due to lack of forward secrecy and session-specific temporary information leakage attack. In addition both the schemes impose extra computational load on resource scanty sensor-nodes and are not user friendly due to absence of user anonymity and lack of Password Change facility. To handle these drawbacks, we design a mutual authentication and key agreement scheme for WSN using chaotic maps. To the best of our knowledge, we are the first to propose an authentication scheme for WSN based on chaotic maps. We show the superiority of the proposed scheme over its predecessor schemes by means of detailed security analysis and comparative evaluation. We also formally analyze our scheme using BAN logic. We examine recently proposed Li et al.'s and He et al.'s schemes for WSN.We show security weaknesses in both schemes.We propose an improved scheme for WSN using Chebyshev chaotic maps.Formal security proof using BAN logic and conventional analysis assure the security of our scheme.Comparative evaluation shows the superiority of our scheme over related schemes.
G. P. Biswas - One of the best experts on this subject based on the ideXlab platform.
-
A robust and anonymous patient monitoring system using wireless medical sensor networks
Future Generation Computer Systems, 2018Co-Authors: Ruhul Amin, Sk Hafizul Islam, G. P. BiswasAbstract:In wireless medical sensor network (WMSN), bio-sensors are implanted within the patient body to sense the sensitive information of a patient which later on can be transmitted to the remote medical centers for further processing. The patients data can be accessed using WMSN by medical professionals from anywhere across the globe with the help of Internet. As the patient sensitive information is transmitted over an insecure WMSN, so providing a secure access and privacy of the patients data are challenging issues in WMSN environments. However, in literature, to provide secure data access, few user authentication protocols exist. Most of these existing protocols may not be applicable to WMSNs for providing users anonymity. To fill these gaps, in this article, we propose an architecture for patient monitoring health-care system in WMSN and then design an anonymity-preserving mutual authentication protocol for mobile users. We used the AVISPA tool to simulate the proposed protocol. The results obtained indicate that the proposed authentication protocol resists the existing well known attacks. In addition, the BAN logic model confirms mutual authentication feature of the proposed protocol. Moreover, an informal cryptanalysis is also given, which ensures that the proposed protocol withstands all known attacks. We perform a comparative discussion of the proposed protocol against the existing protocols and the comparative results demonstrate that the proposed protocol is efficient and robust. Specifically, the proposed protocol is not only effective in providing robustness against common security threats, but it also offers an efficient login, robust mutual authentication, and user-friendly Password Change. A robust and anonymous user authentication protocol is designed to monitor patient health using wireless medical sensor networks.The security validation and authentication proof of the proposed protocol is done using AVISPA tool and BAN logic.The proposed protocol has superior performance than the existing protocols.
-
A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks
Ad Hoc Networks, 2016Co-Authors: Ruhul Amin, G. P. BiswasAbstract:Wireless sensor networks can be deployed in any attended or unattended environments like environmental monitoring, agriculture, military, health care etc., where the sensor nodes forward the sensing data to the gateway node. As the sensor node has very limited battery power and cannot be recharged after deployment, it is very important to design a secure, effective and light weight user authentication and key agreement protocol for accessing the sensed data through the gateway node over insecure networks. Most recently, Turkanovic et al. proposed a light weight user authentication and key agreement protocol for accessing the services of the WSNs environment and claimed that the same protocol is efficient in terms of security and complexities than related existing protocols. In this paper, we have demonstrated several security weaknesses of the Turkanovic et al. protocol. Additionally, we have also illustrated that the authentication phase of the Turkanovic et al. is not efficient in terms of security parameters. In order to fix the above mentioned security pitfalls, we have primarily designed a novel architecture for the WSNs environment and basing upon which a proposed scheme has been presented for user authentication and key agreement scheme. The security validation of the proposed protocol has done by using BAN logic, which ensures that the protocol achieves mutual authentication and session key agreement property securely between the entities involved. Moreover, the proposed scheme has simulated using well popular AVISPA security tool, whose simulation results show that the protocol is SAFE under OFMC and CL-AtSe models. Besides, several security issues informally confirm that the proposed protocol is well protected in terms of relevant security attacks including the above mentioned security pitfalls. The proposed protocol not only resists the above mentioned security weaknesses, but also achieves complete security requirements including specially energy efficiency, user anonymity, mutual authentication and user-friendly Password Change phase. Performance comparison section ensures that the protocol is relatively efficient in terms of complexities. The security and performance analysis makes the system so efficient that the proposed protocol can be implemented in real-life application.
-
secure remote login scheme with Password and smart card update facilities
FICTA, 2016Co-Authors: Rajeev Kumar, Ruhul Amin, Arijit Karati, G. P. BiswasAbstract:Smart card and Password-based user authentication scheme is popular for accessing remote services from the remote server over insecure communication. In this regard, numerous user authentication protocols have been proposed in the literature. However, we have observed that still none of the protocols provide complete facilities such as Password Change process, Password recover process, and smart card revocation process to the registered user. The main aim of this paper is to design a secure user authentication protocol which provides complete facilities to the registered user. The security analysis of the protocol is presented which confirms that the same protocol is secure against various common attacks. Our protocol is not only provide complete facilities to the registered user, but also provides session key agreement as well as mutual authentication between the \(U_i\) and RS. The performance of the proposed scheme is relatively better than existing related schemes.
-
Design and Analysis of Bilinear Pairing Based Mutual Authentication and Key Agreement Protocol Usable in Multi-server Environment
Wireless Personal Communications, 2015Co-Authors: Ruhul Amin, G. P. BiswasAbstract:With the increasing popularity and demand for various applications, the internet user accesses remote server by performing remote user authentication protocol using smart card over the insecure channel. In order to resist insider attack, most of the users remember a set of identity and Password for accessing different application servers. Therefore, remembering set of identity and Password is an extra overhead to the user. To avoid the mentioned shortcoming, many remote user authentication and key agreement protocols for multi-server architecture have been proposed in the literature. Recently, Hsieh–Leu proposed an improve protocol of Liao et al. scheme and claimed that the improve protocol is applicable for practical implementation. However, through careful analysis, we found that Hsieh–Leu scheme is still vulnerable to user anonymity, Password guessing attack, server masquerading attack and the Password Change phase is inefficient. Therefore, the main aim of this paper was to design a bilinear pairing based three factors remote user authentication scheme using smart card for providing security weaknesses free protocol. In order to validate security proof of the proposed protocol, this paper uses BAN logic which ensures that the same protocol achieves mutual authentication and session key agreement property securely. Furthermore, this paper also informally illustrates that the proposed protocol is well protected against all the relevant security attacks. The performance analysis and comparison with other schemes are also made, and it has been found that the proposed protocol achieves complete security requirements with comparatively lesser complexities.
-
A Secure Three-Factor User Authentication and Key Agreement Protocol for TMIS With User Anonymity
Journal of Medical Systems, 2015Co-Authors: Ruhul Amin, G. P. BiswasAbstract:Telecare medical information system (TMIS) makes an efficient and convenient connection between patient(s)/user(s) and doctor(s) over the insecure internet. Therefore, data security, privacy and user authentication are enormously important for accessing important medical data over insecure communication. Recently, many user authentication protocols for TMIS have been proposed in the literature and it has been observed that most of the protocols cannot achieve complete security requirements. In this paper, we have scrutinized two (Mishra et al., Xu et al.) remote user authentication protocols using smart card and explained that both the protocols are suffering against several security weaknesses. We have then presented three-factor user authentication and key agreement protocol usable for TMIS , which fix the security pitfalls of the above mentioned schemes. The informal cryptanalysis makes certain that the proposed protocol provides well security protection on the relevant security attacks. Furthermore, the simulator AVISPA tool confirms that the protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. The security functionalities and performance comparison analysis confirm that our protocol not only provide strong protection on security attacks, but it also achieves better complexities along with efficient login and Password Change phase as well as session key verification property.
