Authenticated key agreement for blockchain-based WBAN

Telecommunication Systems - Certificateless authenticated key agreement (CLAKA) is important to prevent the escrow problem. It also mitigates the certificate management burden in storage and during...     

Authenticated key agreement without using one-way hash functions

The MQV key agreement protocol has been adopted by the IEEE P1363 Committee to become a standard. The MQV protocol used a digital signature to sign the Diffie-Hellman public keys without using any one-way function. Here, the MQV protocol is generalised in three respects. First, signature variants for Diffie-Hellman public keys developed previously are employed in the new protocol. Secondly, two communication entities are allowed to establish multiple secret keys in a single round of message exchange. Thirdly, the key computations are simplified     

Smart integrated IoT healthcare system for cancer care

The emergence of the internet of things (IoT) has drastically influenced and shaped the world of technology in the contexts of connectivity, interconnectivity, and interoperability with smart connected sensors, objects, devices, data, and applications. In fact, IoT has brought notable impacts on the global economy and human experience that span from industry to industry in a variety of application domains, including healthcare. With IoT, it is expected to facilitate a seamless interaction and communication of objects (devices) with humans in the environment. Therefore, it is imperative to embrace the potentials and benefits of IoT technology in healthcare delivery to ensure saving lives and to improve the quality of life using smart connected devices. In this paper, we focus on the IoT based healthcare system for cancer care services and business analytics/cloud services and also propose the adoption and implementation of IoT/WSN technology to augment the existing treatment options to deliver healthcare solution. Here, the business analytics/cloud services constitute the enablers for actionable insights, decision making, data transmission and reporting for enhancing cancer treatments. Furthermore, we propose a variety of frameworks and architectures to illustrate and support the functional IoT-based solution that is being considered or utilized in our proposed smart healthcare solution for cancer care services. Finally, it will be important to understand and discuss some security issues and operational challenges that have characterized the IoT-enabled healthcare system.

     

An identity-based key agreement scheme for large scale sensor networks

To solve the problems of high memory occupation, low connectivity and poor resiliency against node capture, which existing in the random key pre-distribution techniques while applying to the large scale Wireless Sensor Networks （WSNs）, an Identity-Based Key Agreement Scheme （IBKAS） is proposed based on identity-based encryption and Elliptic Curve Diffie-Hellman （ECDH）. IBKAS can resist man-in-the-middle attacks and node-capture attacks through encrypting the key agreement parameters using identity-based encryption. Theoretical analysis indicates that comparing to the random key pre-distribution techniques, IBKAS achieves significant improvement in key connectivity, communication overhead, memory occupation, and security strength, and also enables efficient secure rekcying and network expansion. Furthermore, we implement IBKAS for TinyOS-2.1.2 based on the MICA2 motes, and the experiment results demonstrate that IBKAS is feasible for infrequent key distribution and rekeying for large scale sensor networks.     

RAKS: robust authentication and key agreement scheme for satellite infrastructure

Telecommunication Systems - One of the network communication systems in our surroundings that has a significant influence on our day-to-day lives is the satellite network. Many authentications and...     

An enhanced authentication with key agreement scheme for satellite communication systems

To ensure secure communication in satellite communication systems, recently, Zhang et al presented an authentication with key agreement scheme and claimed that their scheme satisfies various security requirements. However, this paper demonstrates that Zhang et al's scheme is insecure against the stolen‐verifier attack and the denial of service attack. Furthermore, to authenticate a user, Zhang et al's scheme requires large computational load to exhaustively retrieve the user's identity and password from the account database according to a temporary identity and then update the temporary identity in the database. To overcome the weaknesses existing in Zhang et al's scheme, we proposed an enhanced authentication with key agreement scheme for satellite communication systems. The analyses of our proposed scheme show that the proposed scheme possesses perfect security properties and eliminates the weaknesses of Zhang et al's scheme well. Therefore, from the authors' viewpoints, the proposed scheme is more suitable for the authentication scheme of mobile satellite communication systems.     

An efficient hash-based authenticated key agreement scheme for multi-server architecture resilient to key compromise impersonation

During the past decade, rapid advances in wireless communication technologies have made it possible for users to access desired services using hand-held devices. Service providers have hosted multiple servers to ensure seamless online services to end-users. To ensure the security of this online communication, researchers have proposed several multi-server authentication schemes incorporating various cryptographic primitives. Due to the low power and computational capacities of mobile devices, the hash-based multi-server authenticated key agreement schemes with offline Registration Server (RS) are the most efficient choice. Recently, Kumar-Om presented such a scheme and proved its security against all renowned attacks. However, we find that their scheme bears an incorrect login phase, and is unsafe to the trace attack, the Session-Specific Temporary Information Attack (SSTIA), and the Key Compromise Impersonation Attack (KCIA). In fact, all of the existing multi-server authentication schemes (hash-based with offline RS) do not withstand KCIA. To deal with this situation, we propose an improved hash-based multi-server authentication scheme (with offline RS). We analyze the security of the proposed scheme under the random oracle model and use the ‘‘Automated Validation of Internet Security Protocols and Applications’’ (AVISPA) tool. The comparative analysis of communication overhead and computational complexity metrics shows the efficiency of the proposed scheme.     

Privacy-preserving authenticated key agreement scheme based on biometrics for session initiation protocol

A secure key agreement scheme plays a major role in protecting communications between the users using voice over internet protocol over a public network like the internet. In this paper we present a strong security authenticated key agreement scheme for session initiation protocol (SIP) by using biometrics, passwords and smart cards. The proposed scheme realizes biometric data protection through key agreement process meanwhile achieving the verification of the biometric value on the SIP server side which is very important in designing a practical authenticated key agreement for SIP. The main merits of our proposed scheme are: (1) the SIP server does not need to maintain any password or verification table; (2) the scheme can provide user identity protection—the user’s real identity is protected by a secure symmetric encryption algorithm and the elliptic curve discrete logarithm problem, and it is transmitted in code; (3) the scheme can preserve the privacy of the user’s biometric data while the biometric matching algorithm is performed at the SIP server side, even if the server does not know the biometric data in the authentication process. Performance and security analysis shows that our proposed scheme increases efficiency significantly in comparison with other related schemes.     

An efficient authentication and key agreement scheme for secure smart grid communication services

The smart grid is a new and promising technology integrating new information and communication technologies to improve the distribution and consumption of electricity between energy suppliers and their end customers. However, this advanced solution is facing a serious security problem as regards the interception and falsification of power consumption data, hence generating falsified electricity consumption bills. This issue of security needs to be promptly and efficiently handled. Clearly, it is of paramount importance to have a security mechanism to avoid such losses. Our work focuses on this issue. It particularly concerns the development of a security mechanism to ensure a completely secure communication between energy suppliers and their consumers while preserving the privacy of end customers in terms of protection of their personal information including their identities. The experimental results underscore that our solution outperforms those of the literature in terms of computation cost and robustness against various types of attacks.     

A simple key agreement scheme based on chaotic maps for VSAT satellite communications

Security is an essential requirement in any data communication system because a cyber criminal might try to break into it at any point by any means possible. A key agreement procedure is a necessary technique to ensure the security of data communication by way of encryption and mutual authentication. This article proposes a simple key agreement scheme on the basis of chaotic maps for VSAT satellite communications. The new scheme keeps the advantages of all chaotic maps‐based public key cryptosystems, providing a secure function of session key agreement. Based on the intractability of chaotic map discrete logarithm problem and chaotic map Diffie–Hellman problem, the security of this new scheme has been proven to be robust enough against all the well‐known cryptographical attacks with perfect forward secrecy provided. In addition, compared with similar schemes that serve the same purposes, the proposed scheme demands a lower computation cost. With all the previous features put together, the proposed scheme is extremely suitable for the use in very small aperture terminal satellite communication environments. Copyright © 2013 John Wiley & Sons, Ltd.     

A secure authentication with key agreement scheme using ECC for satellite communication systems

Recently, Liu et al came up with an authentication with key agreement scheme for securing communication over the low‐earth‐orbit satellite communication systems. However, this paper demonstrates that this scheme cannot provide perfect forward secrecy or defend against the smart card stolen attack, and has some very bad design defects, making it unpractical. Thus, to design a truly secure authentication scheme for satellite communication systems, this paper presents a new scheme, making use of the advantages of elliptic curve cryptography and symmetric cryptography. The security analyses by the widely used BAN logic and heuristic discussions demonstrate that our new scheme possesses perfect security properties and can defend against various well‐known malicious attacks. Moreover, our new scheme allows users to update passwords locally in accordance with their wishes, achieving a good user experience.     

An efficient and provably secure authenticated key agreement scheme for mobile edge computing

Wireless Networks - Though Mobile Cloud Computing (MCC) and Mobile Edge Computing (MEC) technologies have brought more convenience to mobile services over past few years, but security concerns like...     

EKAES: An efficient key agreement and encryption scheme for wireless sensor networks

Wireless sensor networks are being deployed for some practical applications and their security has received considerable attention.It is an important challenge to find out suitable key agreement and encryption scheme for wireless sensor networks due to limitations of the power,computation capability and storage resources.In this paper,an efficient key agreement and encryption scheme for wireless sensor networks is presented.Results of analysis and simulations among the proposed scheme and other schemes show that the proposed scheme has some advantages in terms of energy consumption,computation requirement,storage requirement and security.     

ZAO-AKA : a zero knowledge proof chaotic authentication and key agreement scheme for securing smart city cyber physical system

Wireless Networks - A cyber physical system (CPS) integrates and combines physical, computational and communication functionalities to map physical processes to the cyber world. Indeed, a CPS can...     

Network statistics-based routing and path orient data encryption scheme for efficient healthcare monitoring with IoT in WSN

Wireless communication has been adapted for a variety of difficulties as a result of recent developments in sensor networks. The sensors are meant to communicate with network nodes located at a distance and to adapt to various conditions. In addition, Internet of Things (IoT) devices are becoming a part of WSN and are being tailored to various healthcare systems. Nonetheless, the presence of massive nodes and rogue nodes makes transmitting data packets difficult. The procedure, however, confronts a number of obstacles, including data security, continuous monitoring, and routing issues. A variety of ideas are explored to help with the situation, but they all have flaws. A network statistics-based routing and path orient data encryption system has been developed to address this problem (NSR-PDE). The strategy focuses on keeping track on patients and providing strong, decisive support systems. The model is created to access data stored on cloud servers and allows for the monitoring of multiple patients in different locations. The model begins by monitoring the whole bodily states of patients in real time using dedicated equipment. Such monitored characteristics are provided over a variety of channels, with route selection based on the patient's class and the type of information being transmitted. The approach calculates the network constraint secure route measure (NCSRM), which is calculated using route information, node behavior, and physical attributes. Similarly, data transmission is protected by path orient data encryption (PDE), which ensures data security according on the route's type and conditions.     

Efficient mobile dynamic ID authentication and key agreement scheme without trusted servers

Remote user authentication schemes allow an authorized user to access the resources of remote servers. A dynamic ID authentication scheme further provides the property of user anonymity, that is, information of user identification will not be compromised even if communicated messages are intercepted. When it comes to the mobile user authentication, the client‐side processing capability is usually concerned the most. In this paper, the author proposes an efficient mobile dynamic ID authentication and key agreement scheme without trusted servers. For facilitating the application of mobile devices with limited processing capability, our scheme is optimized for the client‐side computation. Moreover, compared with related works, the proposed scheme is also more secure. Copyright © 2014 John Wiley & Sons, Ltd.     

An improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks

In this paper, we cryptanalyze Rhee et al.'s ‘Remote user authentication scheme without using smart cards’, and prove that their scheme is not completely secure against user impersonation attack. The security flaw is caused by mathematical homomorphism of the registration information. In addition, their scheme lacks key agreement procedures for generating the session key to encrypt the communication messages after mutual authentication. Furthermore, a modification is proposed to improve the security, practicability and robustness of such scheme. Firstly, we introduce elliptic curve cryptosystem to enhance the security. Secondly, in order to improve the practicability, our improvement is much more easily implemented using portable devices in global mobility networks; moreover, a synchronized clock system, traditional password table or ancillary equipment are not required in our improvement. Finally, the proposed scheme not only achieves mutual authentication, but also provides the procedure for key agreement and update of secrets for users and servers to increase the robustness. Copyright © 2013 John Wiley & Sons, Ltd.     

Secure key agreement for group communications

A secure key agreement protocol for group communications is proposed in this paper, which ensures the authenticity of group members and the privacy of group messages, and provides the properties of perfect forward and backward privacy. In a group session, the common key is collaboratively established by all participants, hence the overhead of key agreement is balanced among group members. Copyright © 2001 John Wiley & Sons, Ltd.     

On the security of two password authenticated key agreement scheme using smart cards

After a password authenticated key agreement scheme using smart cards was proposed by Juang et al in 2008. Sun et al and Li et al respectively demonstrated some weaknesses in Juang's scheme and proposed improved schemes. However, although the later two schemes overcome the weaknesses in earlier scheme, we find several weaknesses in them. In Sun's scheme, there are two defects, insecurity under card-compromise attack and weaknesses of password-changing operation. And in Li's scheme we find following defects: vulnerability to denial of server (DoS) attack, server-compromise forward insecurity, complex key setup and session key problems. This paper discussed these problems in detail and our analysis will be helpful to avoid similar mistakes in future works.     

A privacy‐preserving biometrics based authenticated key agreement scheme using ECC

To ensure secure communication over the insecure public network, this work presents a privacy‐preserving biometrics‐based authenticated key agreement scheme using elliptic curve cryptography, making full use of the advantages that the biometrics can be used to uniquely identify a particular human, and the elliptic curve cryptography can provide the same level security with far less key size compared with other public key cryptography. The proposed scheme realizes the mutual authentication of participants, session key agreement, and various security properties and also can resist kinds of known attacks. Moreover, the proposed scheme has perfect user experience in the aspect of changing password by not interacting with the server. In addition, the security features of our new designed scheme are formally proved under the widely used BPR adversary model. Therefore, from the viewpoint of the authors, the proposed scheme can be considered as the authenticated key agreement scheme for mobile users.