The authentication scheme is an important cryptographic mechanism, through which two communication parties could authenticate each other in the open network environment. To satisfy the requirement of ...practical applications, many authentication schemes using passwords and smart cards have been proposed. However, passwords might be divulged or forgotten, and smart cards might be shared, lost, or stolen. In contrast, biometric methods, such as fingerprints or iris scans, have no such drawbacks. Therefore, biometrics-based authentication schemes gain wide attention. In this paper, we propose a biometrics-based authentication scheme for multiserver environment using elliptic curve cryptography. To the best of our knowledge, the proposed scheme is the first truly three-factor authenticated scheme for multiserver environment. We also demonstrate the completeness of the proposed scheme using the Burrows-Abadi-Needham logic.
By broadcasting messages about traffic status to vehicles wirelessly, a vehicular ad hoc network (VANET) can improve traffic safety and efficiency. To guarantee secure communication in VANETs, ...security and privacy issues must be addressed before their deployment. The conditional privacy-preserving authentication (CPPA) scheme is suitable for solving security and privacy-preserving problems in VANETs, because it supports both mutual authentication and privacy protection simultaneously. Many identity-based CPPA schemes for VANETs using bilinear pairings have been proposed over the last few years to enhance security or to improve performance. However, it is well known that the bilinear pairing operation is one of the most complex operations in modern cryptography. To achieve better performance and reduce computational complexity of information processing in VANET, the design of a CPPA scheme for the VANET environment that does not use bilinear paring becomes a challenge. To address this challenge, we propose a CPPA scheme for VANETs that does not use bilinear paring and we demonstrate that it could supports both the mutual authentication and the privacy protection simultaneously. Our proposed CPPA scheme retains most of the benefits obtained with the previously proposed CPPA schemes. Moreover, the proposed CPPA scheme yields a better performance in terms of computation cost and communication cost making it be suitable for use by the VANET safety-related applications.
If all vehicles are connected together through a wireless communication channel, vehicular ad hoc networks (VANETs) can support a wide range of real-time traffic information services, such as ...intelligent routing, weather monitoring, emergency call, etc. However, the accuracy and credibility of the transmitted messages among the VANETs are of paramount importance as life may depend on it. In this article we introduce a novel framework called blockchain-assisted privacy-preserving authentication system (BPAS) that provides authentication automatically in VANETs and preserves vehicle privacy at the same time. This design is highly efficient and scalable. It does not require any online registration centre (except for system initialization and vehicle registration), and allows conditional tracing and dynamic revocation of misbehaving vehicles. In this article, we conduct an in-depth security analysis and a comprehensive performance evaluation (which is based on the Hyperledger Fabric platform) for our proposed framework. The results demonstrate that our framework is an efficient solution for the development of a decentralized authentication system in VANETs.
Drones in Internet of Drones (IoD) can be able to reconnoiter environment, transport the commodity with the help of embedded various sensors. They have been widely used in various fields and brought ...a great convenience to the production and life. But data collected by sensors embedded in drones are facing new security challenges and privacy issues with the technology update over time. For the sake of ensuring the security of transmitted data, many authentication and key agreement (AKA) schemes have been proposed in the past. Nevertheless, most of schemes are subjected to serious security risks and have high communication and computation cost. To address these issues in IoD, we propose a lightweight AKA scheme in which there are only secure one-way hash function and bitewise XOR operations when drones and users mutually authenticate each other. The proposed scheme can achieve AKA-security under the random oracle model and withstand various known attacks. Meanwhile, the security comparison demonstrates our proposed scheme provides better security. In terms of communication and computation cost, our proposed scheme has better functionality features than the other two schemes.
Blockchain has a range of built-in features, such as distributed ledger, decentralized storage, authentication, security, and immutability, and has moved beyond hype to practical applications in ...industry sectors such as Healthcare. Blockchain applications in the healthcare sector generally require more stringent authentication, interoperability, and record sharing requirements, due to exacting legal requirements, such as Health Insurance Portability and Accountability Act of 1996 (HIPAA). Building on existing blockchain technologies, researchers in both academia and industry have started to explore applications that are geared toward healthcare use. These applications include smart contracts, fraud detection, and identity verification. Even with these improvements, there are still concerns as blockchain technology has its own specific vulnerabilities and issues that need to be addressed, such as mining incentives, mining attacks, and key management. Additionally, many of the healthcare applications have unique requirements that are not addressed by many of the blockchain experiments being explored, as highlighted in this survey paper. A number of potential research opportunities are also discussed in this paper.
Rapid advances in wireless communication technologies have paved the way for a wide range of mobile devices to become increasingly ubiquitous and popular. Mobile devices enable anytime, anywhere ...access to the Internet. The fast growth of many types of mobile services used by various users has made the traditional single-server architecture inefficient in terms of its functional requirements. To ensure the availability of various mobile services, there is a need to deploy multi-server architectures. To ensure the security of various mobile service applications, the anonymous mobile user authentication (AMUA) protocol without online registration using the self-certified public key cryptography (SCPKC) for multi-server architectures was proposed in the past. However, most of the past AMUA solutions suffer from malicious attacks or have unacceptable computation and communication costs. To address these drawbacks, we propose a new AMUA protocol that uses the SCPKC for multi-server architectures. In contrast to the existing AMUA protocols, our proposed AMUA protocol incurs lower computation and communication costs. By comparing with two of the latest AMUA protocols, the computation and the communication costs of our protocol are at least 74.93% and 37.43% lower than them, respectively. Moreover, the security analysis of our AMUA protocol demonstrates that it satisfies the security requirements in practical applications and is provably secure in the novel security model. By maintaining security at various levels, our AMUA protocol is more practical for various mobile applications.
Advances in information and communication technologies have led to the emergence of Internet of Things (IoT). In the healthcare environment, the use of IoT technologies brings convenience to ...physicians and patients as they can be applied to various medical areas (such as constant real-time monitoring, patient information management, medical emergency management, blood information management, and health management). The radio-frequency identification (RFID) technology is one of the core technologies of IoT deployments in the healthcare environment. To satisfy the various security requirements of RFID technology in IoT, many RFID authentication schemes have been proposed in the past decade. Recently, elliptic curve cryptography (ECC)-based RFID authentication schemes have attracted a lot of attention and have been used in the healthcare environment. In this paper, we discuss the security requirements of RFID authentication schemes, and in particular, we present a review of ECC-based RFID authentication schemes in terms of performance and security. Although most of them cannot satisfy all security requirements and have satisfactory performance, we found that there are three recently proposed ECC-based authentication schemes suitable for the healthcare environment in terms of their performance and security.
Wireless sensor networks (WSNs) will be integrated into the future Internet as one of the components of the Internet of Things, and will become globally addressable by any entity connected to the ...Internet. Despite the great potential of this integration, it also brings new threats, such as the exposure of sensor nodes to attacks originating from the Internet. In this context, lightweight authentication and key agreement protocols must be in place to enable end-to-end secure communication. Recently, Amin et al. proposed a three-factor mutual authentication protocol for WSNs. However, we identified several flaws in their protocol. We found that their protocol suffers from smart card loss attack where the user identity and password can be guessed using offline brute force techniques. Moreover, the protocol suffers from known session-specific temporary information attack, which leads to the disclosure of session keys in other sessions. Furthermore, the protocol is vulnerable to tracking attack and fails to fulfill user untraceability. To address these deficiencies, we present a lightweight and secure user authentication protocol based on the Rabin cryptosystem, which has the characteristic of computational asymmetry. We conduct a formal verification of our proposed protocol using ProVerif in order to demonstrate that our scheme fulfills the required security properties. We also present a comprehensive heuristic security analysis to show that our protocol is secure against all the possible attacks and provides the desired security features. The results we obtained show that our new protocol is a secure and lightweight solution for authentication and key agreement for Internet-integrated WSNs.
More and more clients would like to store their data to public cloud servers (PCSs) along with the rapid development of cloud computing. New security problems have to be solved in order to help more ...clients process their data in public cloud. When the client is restricted to access PCS, he will delegate its proxy to process his data and upload them. On the other hand, remote data integrity checking is also an important security problem in public cloud storage. It makes the clients check whether their outsourced data are kept intact without downloading the whole data. From the security problems, we propose a novel proxy-oriented data uploading and remote data integrity checking model in identity-based public key cryptography: identity-based proxy-oriented data uploading and remote data integrity checking in public cloud (ID-PUIC). We give the formal definition, system model, and security model. Then, a concrete ID-PUIC protocol is designed using the bilinear pairings. The proposed ID-PUIC protocol is provably secure based on the hardness of computational Diffie-Hellman problem. Our ID-PUIC protocol is also efficient and flexible. Based on the original client's authorization, the proposed ID-PUIC protocol can realize private remote data integrity checking, delegated remote data integrity checking, and public remote data integrity checking.
The Internet of Things (IoT) devices possessed by individuals produce massive amounts of data. The private data onto specific IoT devices can be combined with intelligent platform to provide help for ...future research and prediction. As an important digital asset, individuals can sell private data to get rewards. Problems, such as privacy, security, and access control prevent individuals from sharing their private data. The blockchain technology is widely used to build an anonymous trading system. In this article, we construct a blockchain-based privacy-preserving and rewarding private data-sharing scheme (BPRPDS) for IoT. A privacy issue worth considering is that the malicious cloud server may establish a behavior profile database of data users (DUs). In the case of anonymity, the transactions of private data sharing are easy to cause disputes. When anonymous DUs are framed, it is hard to protect their rights. With the help of the deniable ring signature and Monero, we realize the behavior profile building prevention and nonframeability of BPRPDS. At the same time, we utilize the licensing technology executed by smart contracts to ensure flexible access control of multisharing. The proposed BPRPDS is provably secure. Performance analysis and experimental results show that BPRPDS is efficient and practical.