共查询到20条相似文献,搜索用时 15 毫秒
1.
Wireless Personal Communications - For providing strong mutual authentication in a multi-server environment many algorithms have been proposed. Most of the algorithms provide mutual authentication... 相似文献
2.
3.
An aggregate signature scheme is a digital signature scheme that allows aggregation of n distinct signatures by n distinct users on n distinct messages. In this paper, we present an aggregate signcryption scheme (ASC) that is useful for reducing the size of certification chains (by aggregating all signatures in the chain) and for reducing message size in secure routing protocols. The new ASC scheme combines identity‐based encryption and the aggregation of signatures in a practical way that can simultaneously satisfy the security requirements for confidentiality and authentication. We formally prove the security of the new scheme in a random oracle model with respect to security properties IND‐CCA2, AUTH‐CMA2, and EUF‐CMA. 相似文献
4.
门限签名能够分散签名权力,比普通单人签名具有更高的安全性。目前大多数门限签名方案都存在密钥托管的问题。针对一种新的基于身份的门限签名方案存在的安全性问题,利用椭圆曲线上的双线性对,文中提出了一个改进的方案。新方案由私钥生成中心和签名成员合作生成密钥,由此防止了PKG伪造签名,较好地解决了密钥托管的问题。在标准模型下对该方案进行了安全性证明,表明该方案是不可伪造的和健壮的。与已有的门限签名方案相比,安全性有较大的提高,效率没有明显的降低。 相似文献
5.
SK Hafizul Islam 《Wireless Personal Communications》2014,79(3):1975-1991
In mobile multi-server authentication, a client can access different servers over an insecure channel like Internet and wireless networks for numerous online applications. In the literature, several multi-server authentication schemes for mobile clients have been devised. However, most of them are insecure against ephemeral secret leakage (ESL) attack and other vulnerabilities. For mutual authentication and key agreement, mobile client and server used ephemeral secrets (random numbers) and leakage of these secrets may be possible in practice. Since these are generated by an external source that may be controlled by an adversary. Also they are generally pre-computed and stored in insecure devices. Thus, if the secrets are leaked then the session key would turn out to be known and the private keys of client and server may be compromised from the eavesdropped messages. This phenomenon is called ESL attack. To defeat the weaknesses, in this paper, we design an ESL attack-free identity-based mutual authentication and key agreement scheme for mobile multi-server environment. The proposed scheme is analyzed and proven to be provably secure in the random oracle model under the Computational Diffie–Hellman assumption. 相似文献
6.
7.
Recently, Wang and Ma (Wireless Pers Commun, 2012. doi:10.1007/s11277-011-0456-7) proposed a smart card based authentication scheme for multi-server environment. They also demonstrated that their scheme could overcome various attacks. In this paper, the security of Wang et al.’s scheme is evaluated. Our analysis shows their scheme is vulnerable to the server spoofing attack, the impersonation attack, the privileged insider attack and the off-line password guessing attack. 相似文献
8.
The Universal Mobile Telecommunication Standard (UMTS) is continuously evolving to meet the increasing demand of modern mobile and Internet applications for high capacity and advanced features in security and quality of service. Although admittedly enhanced in terms of security as compared to GSM (2G) systems, UMTS still has some weaknesses that may often lead to several security incidents. In this article, we come up with a novel authentication mechanism based on the one-time-secret security capabilities, which can assure an expeditious mobile communication environment and simultaneously be able to deal with the several issues related to security vulnerabilities (Redirection Attack, Man-in-the-Middle-Attack) and others like the excessive bandwidth consumption, storage overhead in VLR etc. existing in the current mobile communication (UMTS). In addition, here we also introduce a new concept called “Neighborhood Policy”, where several VLRs can form groups among themselves and carry out significant responsibilities in order to authenticate a User without interfering HLRs even though the User moves to a new VLR (belongs to the same group). We argue that the proposed solution not only achieves the mutual authentication in a secure manner, but at the same time, it also greatly reduces the computation and communication cost of the mobile User as compared to the existing state of the art authentication schemes. 相似文献
9.
A multi-server authentication scheme is a useful authentication mechanism in which a remote user can access the services of multiple servers after registering with the registration center (RC). This study shows that the password-based multi-server authentication scheme proposed by Yeh and Lo is vulnerable to undetectable password-guessing attack and offline password-guessing attack. This study proposes a new password-based multi-server authentication scheme to overcome these vulnerabilities. The proposed protocol introduces a new mechanism for protecting user password. The RC sends an alternative key to help the server verify the legitimacy of user instead of the user’s password. The values of these keys are changed with a random large nonce in each session. Therefore, the password-guessing attack cannot work successfully on the proposed scheme. 相似文献
10.
Alzahrani Bander A. Irshad Azeem Albeshri Aiiad Alsubhi Khalid 《Wireless Personal Communications》2021,117(1):47-69
Wireless Personal Communications - Burgeoning wireless technology developments have positively affected nearly every aspect of human life, and remote patient-healthcare monitoring through the... 相似文献
11.
彭国华 《信息安全与通信保密》2005,(7):112-115
This paper introduces a public-key cryptosystem based on elliptic curves which is proved to be semantically secure under CCA-2 (Adaptive Chosen Ciphertext Attack) attacks. This system is an analogue of Cramer-Shoup system over elliptic curves. Its security relies only on the hardness of the Elliptic Curve Decision Diffie-Hellman (ECDDH) problem. We want to use this protocol to show how 'provably security' is carried out. 相似文献
12.
Authentication per frame is an implicit necessity for security in wireless local area networks (WLANs). We propose a novel per frame secure authentication scheme which provides authentication to data f... 相似文献
13.
Through the explosive growth of network technologies, electronic commercial businesses have made our lives easier and more convenient. The application of e-coupons is quite a novel issue but is becoming increasingly popular among electronic commercial businesses because the extensive use of e-coupons can help consumers to save money; however, the e-coupon has also brought security issues as attackers can obtain illegitimate benefits from imperfections of the design. Hence, the security of the e-coupon system has become important as well. In this paper, we propose a novel and complete chaotic maps-based authentication scheme for e-coupon systems. Security analysis shows that our scheme satisfies essential security and functionality requirements. Furthermore, performance analysis shows that the execution time of our scheme is efficient and suitable for practical implementation in real life. In other words, users such as shops and customers can use our e-coupon system conveniently and securely. 相似文献
14.
Wireless Personal Communications - Privacy and security concerns are significant barrier for RFID deployment in many applications in modern day world. The implementation of authentication schemes... 相似文献
15.
《Communications Letters, IEEE》2008,12(10):722-723
Recently, a new authentication scheme with anonymity for wireless communications has been proposed, and then some security problems have been demonstrated. In this paper, we will discuss a few problems found in the enhanced scheme and then propose how to overcome them, regarding the properties of anonymity and backward secrecy. 相似文献
16.
客户端-服务器认证协议的匿名性指服务器能够认证客户端的真实性,但无法获知客户端的身份。针对认证协议提出了新的安全性需求—不可链接性,该性质是对匿名性的有益补充。对已有文献中的认证协议进行修正,使其在不降低认证效率的前提下满足不可链接性。修正后的方案同时提供身份保护性、不可链接性、双向认证、密钥协商、密钥更新、会话密钥的后向保密性以及客户端的口令修改功能。 相似文献
17.
一种基于相互认证的安全RFID系统 总被引:4,自引:0,他引:4
论文分析了现在RFID面临的各种安全问题,然后在XingxinGao等给出的RFID系统的基础上,提出了一种基于相互认证的安全RFID系统。通过结合相互认证机制与随机读取访问控制,本系统可有效地抵御传统攻击,特别是解决了Gao系统的重放攻击漏洞,也保证了个人隐私安全。此外,通过数字证书加密,标签与读头之间的信息交互过程变得更加安全。 相似文献
18.
Provably Secure Message Recovery Proxy Signature Scheme for Wireless Sensor Networks in e-Healthcare
Wireless Personal Communications - Recently, the communication of healthcare monitoring data through wireless sensor networks has become a common practice. However, the authenticity, integrity and... 相似文献
19.
A multi-server authentication scheme enables a remote user to access the services provided by multiple servers after registering with the registration center. Recently, Pippal et al. (Wirel Pers Commun 2013, doi:10.1007/s11277-013-1039-6) introduced a robust smart card authentication scheme for multi-server architecture. They also illustrated that their scheme could be free from potential network attacks, and validated the scheme by using BAN logic. In this paper, by presenting concrete attacks, we demonstrate that Pippal et al.’s scheme can not withstand off-line password guessing attacks, impersonation attacks and privileged insider attacks. Furthermore, to overcome these attacks, we propose an improved authentication scheme for multi-server architecture using smart card and password. Security and efficiency analysis indicates that our scheme not only actually achieves intended security goals (e.g., two-factor authentication, perfect forward secrecy etc.), but also is efficient enough to be implemented for practical applications. 相似文献
20.
传感器网络中,基于分簇的拓扑结构可以均衡网络中的能量消耗、延长网络的寿命、提高管理效能、增强可量测性,适合于大规模部署应用。CPK(Combined Public Key)算法密钥后台脱线产生、不需要第三方的验证、存储要求低、通信开销小。通过将CPK算法引入分簇过程,安全技术前移,实现安全分簇可以有效增强网络安全性并且减少不必要的能量消耗,对于传感器网络的实际应用有着重要意义。 相似文献