An anonymous and untraceable password-based authentication scheme for session initiation protocol using smart cards
|
|
- Felicity Lane
- 7 years ago
- Views:
Transcription
1 INTERNATIONAL JORNAL OF COMMNICATION SYSTEMS Int. J. Commun. Syst. (2014) Published online in Wiley Online Library (wileyonlinelibrary.com) An anonymous and untraceable password-based authentication scheme for session initiation protocol using smart cards Mohammad Sabzinejad Farash 1, *, and Mahmoud Ahmadian Attari 2 1 Faculty of Mathematical Sciences and Computer, Kharazmi niversity, Tehran, Iran 2 Faculty of Electrical and Computer Engineering, K.N. Toosi niversity of Technology, Tehran, Iran SMMARY Recently, Zhang et al. proposed a password-based authenticated key agreement for session initiation protocol (Int J Commun Syst 2013, doi: /dac.2499). They claimed that their protocol is secure against known security attacks. However, in this paper, we indicate that the protocol by Zhang et al. is vulnerable to impersonation attack whereby an active adversary without knowing the user s password is able to introduce himself/herself as the user. In addition, we show that the protocol by Zhang et al. suffers from password changing attack. To overcome the weaknesses, we propose an improved authentication scheme for session initiation protocol. The rigorous analysis shows that our scheme achieves more security than the scheme by Zhang et al. Copyright 2014 John Wiley & Sons, Ltd. Received 19 September 2013; Revised 11 March 2014; Accepted 29 July 2014 KEY WORDS: password-based protocol; voice over internet protocol; session initiation protocol; smart card 1. INTRODCTION With the widespread application of the voice over IP (VoIP) in Internet [1 4] and mobility management [5 8], the security of VoIP is becoming increasingly important [9]. When a user wants to access a VoIP service, he or she has to perform an authentication process from the remote server. Among many protocols used to handle authentication for VoIP, the session initial protocol (SIP), developed by the Internet Engineering Task Force [10] in 1996, is the widely used one. SIP is an application layer signaling protocol for creating, modifying, and terminating multimedia sessions among one or more participants. Various authentication schemes [11, 12], especially based on elliptic curve cryptography (ECC), have been proposed to provide security for SIP for a decade [13 28] Related works In 2005, Yang et al. [29] indicated that the original SIP authentication scheme is vulnerable to offline password guessing attack and server-spoofing attack. To overcome the attacks, Yang et al. proposed a modified scheme based on Diffie Hellman key exchange protocol. However, Huang et al. [30] pointed out that the scheme by Yang et al. may not be suitable for users with limited computational power and further proposed a new scheme. In [31], Jo et al. demonstrated that the schemes by Yang et al. and Huang et al. are both vulnerable to offline password guessing attack. *Correspondence to: Mohammad Sabzinejad Farash, Faculty of Mathematical Sciences and Computer, Kharazmi niversity, Tehran, Iran. sabzinejad@khu.ac.ir Copyright 2014 John Wiley & Sons, Ltd.
2 M.S. FARASH AND M.A. ATTARI Based on the scheme by Yang et al., Durlanik et al. [32] introduced an efficient authentication scheme for SIP by using elliptic curve Diffie Hellman key exchange protocol. Because of the adoption of elliptic curves, the scheme by Durlanik et al. reduced the total execution time and the requirements for memory in comparison with the scheme by Yang et al. However, Yoon et al. [33] indicated that the scheme by Durlanik et al. still suffered from offline password guessing and Denning-Sacco attacks, and projected an improved scheme to overcome the weaknesses. However, Liu et al. [34] demonstrated that the scheme by Yoon et al. still puts up with offline password guessing and insider attacks. In 2009, Tsai [35] proposed an efficient authentication protocol based on random nonce, in which one-way hash functions and exclusive or operations were only utilized for computing all the communication messages. As a result, the computation cost was very low, and it was suitable for low computation equipments. However, it was still defenseless to offline password guessing, Denning- Sacco, and stolen-verifier attacks. Furthermore, it did not provide any key agreement, known-key secrecy, and perfect forward secrecy [36 38]. To deal with the problems, Arshad et al. proposed an ECC-based authentication scheme [38]. But Tang et al. [39] demonstrated the vulnerability of the scheme by Arshad et al. to offline password guessing attack and introduced an improved scheme to overcome the weakness. In 2010, Yoo et al. [40] also proposed an authentication scheme based on ECC to deal with the problems in the scheme by Tsai et al. In 2012, Xie [41] pointed out that the scheme by Yoo et al. still suffers from stolen-verifier and offline password guessing attacks and proposed an improved scheme. But Farash and Attari [42] fount Xie s scheme insecure against password guessing attacks and proposed an improved scheme. To equip Farash and Attari s scheme with user anonymity, Zhang et al. [43] proposed an anonymous authentication scheme Motivation and countribution To improve the efficiency of the authentication schemes, Zhang et al. [44] also proposed a new password-based authenticated protocol and claimed that their protocol is efficient and secure against known attacks. However, in this paper, we demonstrate that the protocol by Zhang et al. suffers from the crucial attacks including impersonation attack and password changing attack. In order to overcome the weaknesses of Zhang et al., we propose a novel authentication scheme to be more secure and practical for SIP Outline The rest of this paper is organized as follows. Section 2 defines elliptic curves. We review the protocol by Zhang et al. in Section 3. In Section 4, we propose the security weaknesses of the protocol by Zhang et al. The improved scheme and its analysis are proposed in Section 5 and Section 6, respectively. Finally, we conclude our paper in Section PRELIMINARIES 2.1. Elliptic curves An elliptic curve, denoted by E, over a finite field F p is defined by the Weierstrass equation E W y 2 C a 1 xy C a 3 y D x 3 C a 2 x 2 C a 4 x C a 6 (1) where a i 2 F p for i D 1; 2; 3; 4; 6 and 0. is the discriminate of the elliptic curve E. The condition 0 guarantees the smooth property of the elliptic curve. Also, there is a point at infinity on an elliptic curve, which is denoted by O. To add two points on an elliptic curve, the chord and tangent rule is used. By using this addition rule, the set of points denoted by E.F p / forms a group with the identity element O and the generator P.
3 CRYPTANALYSIS OF EFFICIENT AND FLEXIBLE PASSWORD ATHENTICATED 2.2. Security requirements of authentication schemes for SIP To provide efficiency and security, an authentication scheme for SIP should satisfy the following requirements: 1. Known-key security: The disclosure of past session keys will not help the adversary to get future session keys and to derive the password. 2. Forward secrecy: A compromised password does not affect the secrecy of previous session keys. 3. Password guessing attacks resistance: The adversary cannot perform an exhaustive offline/online search for the password by analyzing the captured messages of one or more sessions. 4. Freely change password: A mobile user is allowed to choose and change his/her password freely and does not need to remember a long string; 5. ser anonymity: Any adversary cannot obtain the real identity of a mobile user and also cannot trace the location of the mobile user; 6. Mutual authentication: A user and the server can mutually authenticate each other; 7. Key agreement: After a mutual authentication, the user should share a session key with the server for secure message transfer between them. The session keys used in each session should not be related to former session keys for forward secrecy; 3. REVIEW OF THE PROTOCOL BY ZHANG ET AL. In this Section, we review the password-based authenticated key agreement protocol by Zhang et al. using the same notation (Table I) as [44]. This protocol has four phases: setup, registration, authentication, and password changing phases Setup phase In this phases, the server chooses the following items: The elliptic curve E over the finite field F q, the additive group G generated by the base point P with the prime order p, Table I. The notations. Notation Description Auser username A The unique identity of the user A PW The password of the user.r ;a / The secret information of the user stored in the smart card p; q Two prime numbers E An elliptic curve F q A finite field E.F q / A group contains the points on the elliptic curve E over the finite field F q P An element of E.F q / with the prime order p G A subgroup of E.F q / generated by the base point P Z p The non-zero integers modulus p h The hash function h W¹0; 1º!¹0; 1º k h 1 The hash function h 1 W G ¹0; 1º ¹0; 1º!¹0; 1º k h 2 The hash function h 2 W G G ¹0; 1º ¹0; 1º!¹0; 1º k Enc, Dec Symmetric encryption and decryption algorithms s The private key of the server P pub The public key of the server, that is, P pub D sp
4 M.S. FARASH AND M.A. ATTARI three one-way hash functions h W¹0; 1º!¹0; 1º k, h 1 W G ¹0; 1º ¹0; 1º!¹0; 1º k,and h 2 W G G ¹0; 1º ¹0; 1º!¹0; 1º k,and the random number s 2 Z p as the server s private key and computes the corresponding public key P pub D sp. Finally, the server publishes the public parameters ¹E.F q /; P; p; G;h;h 1 ;h 2 ;P pub º, and maintains the private key s Registration phase In this phase, the user who wants to become a legal user of a remote server performs the following steps over a secure channel: freely chooses the password PW and the random number a 2 Z p, computes h.p W ka /, and sends the messages ¹h.P W ka/, username º to the remote server. After receiving the message ¹h.P W ka/; username º, the server computes ¹R D h.h.p W ka /kusername /s 1 P;a º, stores R in a smart card, and finally delivers the smart card to. pon receiving the smart card, inserts the random numbers a in the memory of the smart card and memorizes the password PW in his/her mind Authentication phase When the user wants to login to the remote server, he/she inserts his/her smart card to a card reader and inputs his/her username and password PW. Then, the smart card and the remote server perform as follows: Step A1. The smart card randomly chooses b 2 Z p, computes V D br C h.username /P and W D bh.h.p W ka /kusername /P pub, and sends ¹username ;V;Wº to the remote server. Step A2. pon receiving ¹username ;V;Wº, the remote server firstly computes X D h.username /P and W 0 D s 2.V X/, then he/she checks if W D W 0. If it holds, the remote server selects the random numbers c;r 2 Z p, and computes S D cp; K D cs.v X/ D cbp;sk D h 1.Kkrkusername / and Auth s D h 2.KkW 0 krksk/. Finally, the remote server sends the message ¹realm;Auth s ;S;rº to the smart card. Step A3. pon receiving the message ¹realm;Auth s ;S;rº; computes K D bs D bcp and SK D h 1.Kkrkusername /. Then, he/she verifies Auth s D h 2.KkW krksk/. If it holds, the smart card computes Auth u D h 2.KkW kr C 1kSK/ and sends the message ¹realm;Auth u º to the remote server. Step A4. pon receiving the message ¹realm;Auth u º, the remote server checks if Auth u D h 2.KkW 0 kr C 1kSK/. If it holds, the remote server confirms that the claimant is a legal user Password changing phase The user can change his/her password freely in this phase. To do so, he/she firstly executes the login and authentication phase with his/her username and the old password PW. After receiving the successful authentication and sharing the session key SK, the user does as follows: Step C1. freely selects the new password PW, and the random number N; a 2 Z p. then computes C 1 D Enc SK username kn kh PW ka kh.username kn kh PW ka.next, sends ¹username ;C 1 ;Nº to the server. Step C2. pon receiving the message ¹username ;C 1 ;Nº, the server decrypts C 1 and verifies the integrity of h username kn kh PW ka. If it is valid, the server computes R D h
5 CRYPTANALYSIS OF EFFICIENT AND FLEXIBLE PASSWORD ATHENTICATED h PW ka kusername s 1 P, encrypt it as C 2 D Enc SK R kh.username kn C 1kR, and sends C2 to. Step C3. pon receiving the message, decrypts the message and checks the integrity of it. If it is valid, stores PW ka in the smart card. 4. SECRITY WEAKNESSES OF THE PROTOCOL BY ZHANG ET AL. In this section, we propose three attacks on the protocol by Zhang et al. [44] Extraction of the sensitive information The basis of the proposed attacks on the protocol by Zhang et al. is that each legal user can calculate the value of s 1 P from his/her sensitive information R. Therefore, before the description of the proposed attacks, we show that how each user can calculate the critical data s 1 P. Assume the legal user owns a smart card containing the sensitive information R D h.h.p W ka /kusername /s 1 P;a. To obtain the sensitive data R, he/she can apply a side channel attack [45] and analyze the power consumption of his/her smart card. However, applying side channel attacks on a smart card is costly and time-consuming. Alternatively, each legal user can employ the password change protocol (Section 3.4) to obtain the sensitive information. In this procedure, the user performs the password chaining phase and selects the new parameters PW and a. At the end of this execution, the user receives the new sensitive data R. Then, he/she can easily calculate s 1 P D h h PW 1 ka kusername R. In the following subsections, we will show the malicious user A can make use of s 1 P to apply some attacks on the protocol by Zhang et al Attack 1: Stolen smart card attack By this attack, an attacker who obtained the secret information stored in the smart card be able to extract the user s password. Assume the malicious user A who obtained s 1 P from his/her smart card, finds or steals the smart card of the other user. A can guess the s password as follows: Step 1. A extracts the secret information ¹R ;a º from s smart card using side channel attack technics. Step 2. Guesses the password PW 0 and computes R0 D h h PW 0 ka kusername s 1 P. Step 3. Checks if R 0 D R. If it holds, the guessed password PW 0 is correct. Otherwise, backs to Step 3 and follows the process Attack 2: Impersonation attack By this attack, a malicious user can easily impersonate other legal users. To apply this attack, the malicious user A who obtains s 1 P, described in Section 4.1, performs the following steps with the legal as shown in Figure 1: Step I1. A randomly chooses b O 2 Z p, computes ± OV D bs O 1 P C h.username /P and OW D ObP pub, and sends username ; OV; OW to the remote server. ± Step I2. pon receiving username ; OV; OW, the remote server firstly computes X D h.username /P and W 0 D s 2. OV X/, then he/she checks if OW D W 0. It is clear that the equation holds, because W 0 D s 2. OV X/ D sbp O D bp O pub D OW. Thus, the remote server selects the random numbers c;r 2 Z p and computes S D cp, K D cs. OV X/ D cbp, O SK D h 1.Kkrkusername / and Auth s D h 2.KkW 0 krksk/. Finally, the remote server sends the message ¹realm;Auth s ;S;rº to the malicious user A.
6 M.S. FARASH AND M.A. ATTARI Figure 1. The impersonation attack on the protocol by Zhang et al. Step I3. pon receiving the message ¹realm;Auth s ;S;rº; A computes K D bs O D bcp O and SK D h 1.Kkrkusername /. Then, he/she verifies Auth s D h 2.Kk OW krksk/. It is clear that the equation holds, because OW D W 0 and the amount of K and SK computed by the remote server and A are equal. Thus, A computes Auth u D h 2.Kk OW krc1ksk/ and sends the message ¹realm;Auth u º to the remote server. Step I4. pon receiving the message ¹realm;Auth u º, the remote server checks if Auth u D h 2.KkW 0 kr C 1kSK/. It is clear that the equation holds, because OW D W 0 and the amount of K and SK computed by the remote server and A are equal. Therefore, the remote server ensures that he/she communicated with the legal user whereas the protocol indeed carried out by the malicious user A. So, the malicious user A succeeds to impersonate the legal user for the remote server satisfactorily Attack 3: Password changing attack In this attack, the malicious user A first impersonates the legal user and shares the secret key SK with the remote server (Section 4.3). Then, she/she performs the password changing phase instead of and changes s password. To do so, the malicious user A performs as follows: Step 1. A freely selects the new password PW and the random number N; a 2 Z p., then computes C 1 D Enc SK username kn kh PW ka kh username kn kh PW ka. Next, A sends ¹username ;C 1 ;Nº to the server. Step 2. pon receiving the message ¹username ;C 1 ;Nº, the server decrypts C 1 and verifies the integrity of h username kn kh PW ka. If it is valid, the server computes R D h h PW ka kusername s 1 P, encrypt it as C 2 D Enc SK R kh username kn C 1kR, and sends C2 to A.
7 CRYPTANALYSIS OF EFFICIENT AND FLEXIBLE PASSWORD ATHENTICATED Step 3. pon receiving the message, A decrypts the message and checks the integrity of it. If it is valid, stores PW ka in the smart card. Hereafter, the real user cannot login to the remote server by his/her password, because the password was changed by the malicious user A and accepted by the remote server. 5. THE IMPROVED SCHEME We propose an improved remote user authentication scheme to overcome the security weaknesses inherent in the scheme by Zhang et al. [44]. The proposed scheme consists of four phases: initial phase, registration phase, login and authentication phase, and password change phase Initial phase In this phase, the server S selects the generator P of G with order p and the master secret key s 2 Z p. Then, S computes the corresponding master public key P pub D sp, and chooses a cryptographic one-way hash function h.:/ W¹0; 1º! Z p Registration phase can register or re-register at the remote server S and perform the following steps through a secure channel as shown in Figure 2: Step 1. chooses the identity ID u, the password PW u, and the random number R u, and calculates PRW u D h.r u kpw u kbi u /,wherebi u is the unique biometric identity of. Then, he/she sends the message ¹ID u ;PRW u º to S. Step 2. pon receiving the message ¹ID u ;PRW u º;S checks if ID u is valid. If it is invalid, S rejects it. Then, S checks the account records in database. If is a new user, S adds.id u ;N D 0/ into the database. Otherwise, S sets N D N C 1 and stores it. Then, S calculates J u D h.sjjid u kn/ and L u D J u C h.prw u kid u / mod p. Finally, S stores ¹J u ;L u ; h.:/; Enc key.:/; Dec key.:/; P; p; P pubº into the smart card SC and issues it to. Step 3. pon receiving the smart card SC, computes inserts R u into SC. Finally, SC D ¹J u ;L u ;R u ; h.:/; Enc key.:/; Dec key.:/; P; p; P pub º Login and authentication phase When p wants to login the server S, he/she inserts his/her smart card into the card reader and inputs ID u ;PW u, and the biometric identity BI u. The details of this phase, shown in Figure 3, is as follows: Figure 2. Registration phase of the proposed scheme.
8 M.S. FARASH AND M.A. ATTARI Figure 3. Login and authentication phase of the proposed protocol. Step 1. The smart card SC retrieves J u ;L up,andr up ; computes PRWup 0 D h.r ujjpw u kbi u /; and checks if J u D L u h.prw u kid u / mod p. If it does not hold, S terminates the login process. Otherwise, SC selects the random number 2 Z p, computes M 1 D P; k D P pub D sp; M 2 D h.id u kj u km 1 / and M 3 D Enc k.id u km 2 /, and sends the login message ¹M 1 ;M 3 º to S. Step 2. pon receiving the message ¹M 1 ;M 3 º;S computes k 0 D sm 1 D sp, and decrypts M 3 as Dec k 0.M 2 / to obtain ID u and M 2. Then, S extracts N from his database and computes J u D h.skid u kn/,andverifiesh.id u kj u km 1 / D M 2. If it does not hold, S terminates the session. Otherwise, S selects the random number 2 Z p, computes M 3 D P; M 4 D M 1 D P and M 5 D h.id u km 3 kh.sjjid u kn/km 4 /, and sends the response message ¹M 3 ;M 5 º to SC. Step 3. pon receiving the message ¹M 3 ;M 5 º;SC computes M4 0 D M 3 D P and verifies M 5 D h ID u km 3 kj u km4 0. If it does not hold, SC terminates the session. Otherwise, it computes M 6 D h ID u km 3 km4 0 and sends it to SH. Finally, it computes the session key SK D h ID u km 3 km4 0kM 5kM 6. Step 4. pon receiving the message ¹M 7 º;S verifies M 7 D h.id u km 4 km 5 /. If it holds, S computes the session key SK D h.id u km 1 km 4 km 5 / Password change phase In the scheme by Zhang et al., the client changes the password after the verification by the server and the smart card. In our scheme, the user changes the password after the verification by the smart card only. Step 1. To change password, inserts his/her smart card SC into the card reader. inserts his/her identity ID u and old password PW u and inputs his biometrics information BI u. Step 2. SC retrieves J u ;L u,andr u, computes PRWup 0 D h.r ujjpw u kbi u /, and checks if J u D L u h.prw u kid u / mod p. If it does not hold, SC terminates the login process. Otherwise, SC allows the client to enter the new password PWu new.
9 CRYPTANALYSIS OF EFFICIENT AND FLEXIBLE PASSWORD ATHENTICATED Step 3. SC computes PRWu new modp. Step 4. SC replaces J u with Ju new D h R u kpwu new k BI u,andj new u and Fu new, respectively. 6. SECRITY ANALYSIS AND COMPARISON D L u h PRWu new kid u 6.1. No verification table The server only stores the client s identity ID u and the registered number N in the database. ID u and N are not the client s secrets and can be published in public. If the attacker compromises the server, he can only obtain the public information ID u and N, and not password verification information. Thus, the server does not need to maintain the verification table Stolen-verifier attack There is no verification table such as hashed passwords or any information containing PW u.the server SH authenticates the client s session by its secret number s and uses no number relating to PW u. So our scheme is secure against stolen-verifier attack Man-in-middle attack Assume that the attacker A intercepts the messages between and S and replaces part or the whole message with his own faked information to impersonate the user or the server. However, it is impossible for A to fabricate legal messages due to lack of PW p and s. Therefore, our scheme withstands client impersonation attack, server impersonation attack, and modification attack Mutual authentication It is important for an authentication scheme to let the client and the server verify the identity of each other. In fact, once the scheme can withstand user and server impersonation attack, it satisfies the character of mutual authentication. According to the analysis of Man-in-middle attack, we can see this point Privileged administrator resilience The privileged administrator can control the server absolutely. Once the administrator obtains a client s password, he may login the client s other applications using this password because many people use the same password in different servers. Our scheme provides password confidentiality even for the privileged administrator. In registration phase, sends ¹ID u ;PRW u º to the server S, whereprw u D h.r u jjpw u kbi u /. The submitted PRW u blinded by R u and BI u is secure from leaking confidential information about the password PW u. Here, PW u is protected by a hash function with the keys R u and BI u. Without the knowledge of R u and BI u, the administrator cannot mount offline password guessing attack to obtain client s password Freely chosen password The password is selected by the user himself and can be updated anytime if the user wants. It is more flexible and convenient compared with password chosen by the server. In password change phase, the user can update the current password with a new one Known-key security The random key materials and are fresh values for each session. One session key is independent with another session key. Thus, compromise some session keys could not affect the other session keys.
10 M.S. FARASH AND M.A. ATTARI 6.8. ser anonymity and untraceability It is obvious that any third party cannot know the real identity of, because ID u is encrypted by the key k, andk is protected by s, so the attacker A faces the problem to get k. Furthermore, k varies in each session because it is generated by the random number, which is different for each session. It is difficult for A to tell apart from others in communication channel. So our scheme satisfies user anonymity and untraceability Resistance of password guessing attacks We assume that the attacker have the ability of stealing a client s smart card. Once the attacker gets a smart card, he can derive the confidential data ¹K u ;E u ;F u ; h.:/; Enc key.:/; Dec key.:/; P; p; P pub º stored in the smart card by physical attack. We show that our scheme can resist offline password guessing attacks on a stolen smart card. In our scheme, the password PW u is blinded by the server s secret s and the user s secret R u and BI u. Although the attacker obtains confidential data stored in the smart card, he cannot verify the correctness of a guessed password because he does not know the secret parameters s; R u,andbi u Forward security Forward security is the property that the scheme is also secure even if the attacker compromises some long-term keys. Perfect forward security means that the scheme will not be compromised if all the long-term keys is compromised. Because our scheme uses Diffie Hellman key exchange, our scheme provides perfect forward security Security comparison The security properties comparisons between our proposed scheme and the scheme by Zhang et al. [44] are summarized in Table II. From Table II, we can see that the proposed scheme not only provides some new security properties, but also prevents the attacks, which are applicable to the scheme by Zhang et al. As a result, the proposed scheme is more secure and has many functionality compare with the scheme by Zhang et al Performance comparison We evaluate the performance of the proposed scheme in terms of the computation cost. To estimate the computation cost of our scheme, we define the following notations: PM is the time complexity of elliptic curve scalar point multiplication, PA is the time complexity of elliptic curve point Table II. Security comparison. Security properties Proposed scheme The scheme by Zhang et al. [44] No verification table Yes Yes Prevention of guessing attack Yes No Prevention of replay attack Yes Yes Prevention of stolen-verifier attack Yes Yes Prevention of stolen smart card attack Yes No Prevention of privileged server attack Yes Yes Prevention of impersonation attack Yes No Prevention of modification attack Yes No Mutual authentication Yes Yes Known-key security Yes Yes Providing of perfect forward secrecy Yes Yes Providing of biometrics authentication Yes No ser anonymity and untraceability Yes No Secure password chosen and update Yes No
11 CRYPTANALYSIS OF EFFICIENT AND FLEXIBLE PASSWORD ATHENTICATED Table III. Performance comparison. s computational costs S s computational costs The scheme by Zhang et al. [44] 4PM C 1PA C 4H 4PM C 1PA C 4H Our scheme 3PM C 1SE C 6H 3PM C 1SE C 5H addition, H is time complexity of one-way hash function or message authentication code, I is time complexity of modular inversion, and SE is time complexity of symmetric encryption/decryption. It is to be noted that the other operations such as random number generation and modular addition and multiplication need very few computations; it is usually neglected considering its computational cost. We summarize the computation cost of our scheme and carried out a comparison with the scheme by Zhang et al. [44] in Table III. 7. CONCLSIONS In this paper, we analyzed the password-based authenticated key agreement protocol by Zhang et al. We pointed out the main weakness of the protocol by Zhang et al. is due to the ability of each legal user to calculate s 1 P using his/her secret information. Based on this idea, we pointed out that the protocol by Zhang et al. suffers from three crucial flaws by which an insider attacker can impersonate each legal user, find the user s password, and even change the user s password without his/her awareness. As a remedy, we proposed an improved authenticated scheme using elliptic curves. Our analysis showed that the improved scheme could overcome the weaknesses in the scheme by Zhang et al. REFERENCES 1. Li JS, Kao CK, Tzeng JJ. VoIP secure session assistance and call monitoring via building security gateway. International Journal of Communication Systems, posted on , (to appear in print). 2. Chen WE, Huang YL, Lin YB. An effective IPv4-IPv6 translation mechanism for SIP applications in next generation networks. International Journal of Communication Systems, posted on , (to appear in print). 3. Chen WE, Lin PJ. A performance study for IPv4-IPv6 translation in IP multimedia core network subsystem. International Journal of Communication Systems, posted on , (to appear in print). 4. Lloret J, Garcia M, Atenas M, Canovas A. A QoE management system to improve the IPTV network. International Journal of Communication Systems 2011; 24(1): Chiu KL, Chen YS, Hwang RH. Seamless session mobility scheme in heterogeneous wireless networks. International Journal of Communication Systems, posted on , (to appear in print). 6. Cho K, Pack S, Kwon TT, Choi Y. An extensible and ubiquitous RFID management framework over next-generation networks. International Journal of Communication Systems, posted on , (to appear in print). 7. Chiang WK, Chang WY. Mobile-initiated network-executed SIP-based handover in IMS over heterogeneous accesses. International Journal of Communication Systems, posted on , (to appear in print). 8. Chen MX, Wang FJ. Session integration service over multiple devices. International Journal of Communication Systems, posted on , (to appear in print). 9. Geneiatakis D, Dagiuklas T, Kambourakis G, Lambrinoudakis C, Gritzalis S, Ehlert S. Survey of security vulnerabilities in session initiation protocol. IEEE Communications Surveys and Tutorials 2006; 8(3): Rosenberg J, Schulzrinne H, Camarillo G, Johnston A, Peterson J, Sparks R, Handley M, Schooler E. SIP: Session Initiation Protocol. The Internet Engineering Task Force, The Internet Society, RFC Farash MS, Attari MA. Cryptanalysis and improvement of a chaotic maps-based key agreement protocol using Chebyshev sequence membership testing. Nonlinear Dynamics 2014; 76(2): Farash MS, Attari MA. An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps. Nonlinear Dynamics 2014; 77(1-2): Jiang Q, Ma J, Tian Y. Cryptanalysis of smartcardbased password authenticated key agreement protocol for session initiation protocol of Zhanget al. International Journal of Communication Systems, posted on DOI: doi: /dac.2767, (to appear in print). 14. Sadat Mousavi-nik S, Yaghmaee-moghaddam MH, Ghaznavi-ghoushchi MB. Proposed secure SIP authentication scheme based on elliptic curve cryptography. International Journal of Computer Applications 2012; 58(8): Yoon E, Yoo K, Kim C, Hong Y, Jo M, Chen H. A Secure and efficient SIP authentication scheme for converged VoIP networks. Computer Communications 2010; 33(14):
12 M.S. FARASH AND M.A. ATTARI 16. Wang F, Zhang Y. A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography. Computer Communications 2008; 31: Dimitris G, Costas L. A lightweight protection mechanism against signaling attacks in a SIP-Based VoIP environment. Telecommunication Systems 2007; 36(4): Wu L, Zhang Y, Wang F. A new provably secure authentication and key agreement protocol for SIP using ECC. Computer Standards & Interfaces 2009; 31(2): Liao Y, Wang S. A new secure password authenticated key agreement scheme for SIP using self-certified public keys on elliptic curves. Computer Communications 2010; 33(3): Wu S, Pu Q, Kang F. Practical authentication scheme for SIP. Peer-to-Peer Networking and Applications 2013; 6(1): He D, Chen J, Chen Y. A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Security Communication Networks 2012; 5: Farash MS, Bayat M, Attari MA. Vulnerability of two multiple-key agreement protocols. Computers & Electrical Engineering 2011; 37(2): Farash MS, Attari MA. An id-based key agreement protocol based on ECC among users of separate networks. 9th International ISC Conference on Information Security and Cryptology (ISCISC 12), Tabriz, Iran, 2012; Farash MS, Attari MA. A Pairing-free ID-based key agreement protocol with different PKGs. International journal of Network Security 2014; 16(2): Bayat M, Farash MS, Movahed A. A novel secure bilinear pairing based remote user authentication scheme with smart card. IEEE/IFIP International Conference on Embedded and biquitous Computing (EC), Hong Kong, China, 2010; Farash MS, Attari MA, Atani RE, Jami M. A new efficient authenticated multiple-key exchange protocol from bilinear pairings. Computers & Electrical Engineering 2013; 39(2): Farash MS, Attari MA. Provably secure and efficient identity-based key agreement protocol for independent PKGs using ECC. The ISC International Journal of Information Security 2013; 5(1): Farash MS, Attari MA, Bayat M. A certificateless multiple-key agreement protocol without hash functions based on bilinear pairings. International Journal of Engineering and Technology 2012; 4(3): Yang CC, Wang RC, Liu WT. Secure authentication scheme for session initiation protocol. Computers & Security 2005; 24: Huang HF, Wei WC, Brown GE. A new efficient authentication scheme for session initiation protocol. 9th Joint Conference on Information Sciences, Kaohsiung, Taiwan, DOI: /jcis Jo H, Lee Y, Kim M, Kim S, Won D. Off-line password-guessing attack to Yang s and Huang s authentication schemes for session initiation protocol. Fifth International Joint Conference on INC, IMS and IDC, Seoul, Korea, 2009; Durlanik A, Sogukpinar I. SIP authentication scheme using ECDH. World Enformatika Socity Transations on Engineering Computing and Technology 2005; 8: Yoon EJ, Yoo KY. Cryptanalysis of DS-SIP authentication scheme using ECDH. International Conference on New Trends in Information and Service Science, Beijing, China, 2009; Liu FW, Koenig H. Cryptanalysis of a SIP authentication scheme. Communications and Multimedia Security, Ghent, Belgium, 2011; Tsai JL. Efficient nonce-based authentication scheme for session initiation protocol. International Journal of Network Security 2009; 8(3): Yoon EJ, Yoo KY. A new authentication scheme for session initiation protocol. International Conference on Complex, Intelligent and Software Intensive Systems (CISIS), Fukuoka, Japan, 2009; Chen TH, Yeh HL, Liu PC, Hsiang HC, Shih WK. A secured authentication protocol for SIP using elliptic curves cryptography. Communication and Networking, CCIS, Vol. 119, Jeju Island, Korea, 2010; Arshad R, Ikram N. Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimedia Tools and Applications, posted on DOI: /s , (to appear in print). 39. Tang H, Liu X. Cryptanalysis of Arshad et al.šs ECC-based mutual authentication scheme for session initiation protocol. Multimedia Tools and Applications, posted on DOI: /s , (to appear in print). 40. Yoon E, Shin Y, Jeon I, Yoo K. Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Technical Review 2010; 27(3): Xie Q. A new authenticated key agreement for session initiation protocol. International Journal of Communication Systems, posted on , (to appear in print). 42. Farash MS, Attari MA. An enhanced authenticated key agreement for session initiation protocol. Information Technology And Control 2013; 42(4): Zhang Z, Qi Q, Kumar N, Chilamkurti N, Jeong HY. A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography. Multimedia Tools and Applications DOI: /s Zhang L, Tang S, Cai Z. Efficient and flexible password authenticated key agreement for voice over internet protocol session initiation protocol using smart card. International Journal of Communication Systems, posted on DOI: /dac.2499, (to appear in print). 45. Messerges TS, Dabbish EA, Sloan RH. Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers 2002; 51(5):
An Improved Authentication Protocol for Session Initiation Protocol Using Smart Card and Elliptic Curve Cryptography
ROMANIAN JOURNAL OF INFORMATION SCIENCE AND TECHNOLOGY Volume 16, Number 4, 2013, 324 335 An Improved Authentication Protocol for Session Initiation Protocol Using Smart Card and Elliptic Curve Cryptography
More informationCryptography. Debiao He. School of Mathematics and Statistics, Wuhan University, Wuhan, People s Republic of China. hedebiao@163.
Weakness in a Mutual Authentication cheme for ession Initiation Protocol using Elliptic Curve Cryptography Debiao He chool of Mathematics and tatistics, Wuhan University, Wuhan, People s Republic of China
More informationEfficient Nonce-based Authentication Scheme for. session initiation protocol
International Journal of Network Security, Vol.9, No.1, PP.12 16, July 2009 12 Efficient Nonce-based Authentication for Session Initiation Protocol Jia Lun Tsai Degree Program for E-learning, Department
More informationSession Initiation Protocol Attacks and Challenges
2012 IACSIT Hong Kong Conferences IPCSIT vol. 29 (2012) (2012) IACSIT Press, Singapore Session Initiation Protocol Attacks and Challenges Hassan Keshavarz +, Mohammad Reza Jabbarpour Sattari and Rafidah
More informationA Multifactor Hash Digest Challenge-Response
A Multifactor Hash Digest Challenge-Response Authentication for Session Initiation Protocol S. Santhosh Baboo Reader in Computer Science, D.G. Vaishnav College Arumbakkam, Chennai-600 106, Tamilnadu. India.
More informationEfficient nonce-based authentication scheme for Session Initiation Protocol
Efficient nonce-based authentication scheme for Session Initiation Protocol Jia Lun Tsai National Chiao Tung University, Taiwan, R.O.C. crousekimo@yahoo.com.tw Abstract: In recent years, Session Initiation
More informationA Stubborn Security Model Based on Three-factor Authentication and Modified Public Key
International Journal of Network Security, Vol.18, No.6, PP.1060-1070, Nov. 2016 1060 A Stubborn Security Model Based on Three-factor Authentication and Modified Public Key Trung Thanh Ngo and Tae-Young
More informationA More Robust Authentication Scheme for Roaming Service in Global Mobility Networks Using ECC
International Journal of Network Security, Vol.18, No.2, PP.217-223, Mar. 2016 217 A More Robust Authentication Scheme for Roaming Service in Global Mobility Networks Using ECC Dianli Guo and Fengtong
More informationDetection and Prevention Mechanism on Call Hijacking in VoIP System
Detection and Prevention Mechanism on Call Hijacking in VoIP System Amruta Ambre Department of Computer Engineering D.J.Sanghavi College of engineering Mumbai, India Narendra Shekokar, Ph.D Department
More informationSecurity Enhanced Anonymous Multi-Server Authenticated Key Agreement Scheme using Smart Card and Biometrics
Security Enhanced Anonymous Multi-Server Authenticated Key Agreement Scheme using Smart Card and Biometrics Younsung Choi College of Information and Communication Engineering, Sungkyunkwan University,
More informationProposed SecureSIP Authentication Scheme based on Elliptic Curve Cryptography
Proposed SecureSIP Authentication Scheme based on Elliptic Curve Cryptography Samaneh Sadat Mousavi-Nik MSc. of IT Information Security Tehran University Tehran, Iran M.H. Yaghmaee- Moghaddam School of
More informationOn the Security Vulnerabilities of a Hash Based Strong Password Authentication Scheme
On the Security Vulnerabilities of a Hash Based Strong Password Authentication Scheme Manoj Kumar Department of Mathematics R. K. College Shamli-Muzaffarnagar,.P.-India - 247776 E-mail: yamu balyan@yahoo.co.in
More informationSECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER
SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER Mrs. P.Venkateswari Assistant Professor / CSE Erode Sengunthar Engineering College, Thudupathi ABSTRACT Nowadays Communication
More informationCRYPTANALYSIS OF A MORE EFFICIENT AND SECURE DYNAMIC ID-BASED REMOTE USER AUTHENTICATION SCHEME
CRYPTANALYSIS OF A MORE EFFICIENT AND SECURE DYNAMIC ID-BASED REMOTE USER AUTHENTICATION SCHEME Mohammed Aijaz Ahmed 1, D. Rajya Lakshmi 2 and Sayed Abdul Sattar 3 1 Department of Computer Science and
More informationROBUST AND PRIVACY PROTECTION AUTHENTICATION IN CLOUD COMPUTING
International Journal of Innovative Computing, Information and Control ICIC International c 2013 ISSN 1349-4198 Volume 9, Number 11, November 2013 pp. 4247 4261 ROBUST AND PRIVACY PROTECTION AUTHENTICATION
More informationA SMART CARD-BASED MOBILE SECURE TRANSACTION SYSTEM FOR MEDICAL TREATMENT EXAMINATION REPORTS. Received January 2010; revised May 2010
International Journal of Innovative Computing, Information and Control ICIC International c 2011 ISSN 1349-4198 Volume 7, Number 5(A), May 2011 pp. 2257 2267 A SMART CARD-BASED MOBILE SECURE TRANSACTION
More informationAuthentication Protocols Using Hoover-Kausik s Software Token *
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING 22, 691-699 (2006) Short Paper Authentication Protocols Using Hoover-Kausik s Software Token * WEI-CHI KU AND HUI-LUNG LEE + Department of Computer Science
More informationSecurity and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags
Security and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags Seyed Mohammad Alavi 1, Karim Baghery 2 and Behzad Abdolmaleki 3 1 Imam Hossein Comprehensive University Tehran, Iran
More information86 Int. J. Engineering Systems Modelling and Simulation, Vol. 6, Nos. 1/2, 2014
86 Int. J. Engineering Systems Modelling and Simulation, Vol. 6, Nos. 1/2, 2014 Dual server-based secure data-storage system for cloud storage Woong Go ISAA Lab, Department of Information Security Engineering,
More informationA Distributed Session Initiation Protocol Solution for Mobile Ad Hoc Networks Using Elliptic Curve Cryptography
21st International Congress on Modelling and Simulation, Gold Coast, Australia, 29 Nov to 4 Dec 2015 www.mssanz.org.au/modsim2015 A Distributed Session Initiation Protocol Solution for Mobile Ad Hoc Networks
More informationAuthentication and Authorization Applications in 4G Networks
Authentication and Authorization Applications in 4G Networks Abstract Libor Dostálek dostalek@prf.jcu.cz Faculty of Science University of South Bohemia Ceske Budejovice, Czech Republic The principle of
More informationOn the Security Enhancement of Integrated Electronic Patient Records Information Systems
Computer Science and Information Systems 12(2):857 872 DOI: 10.2298/CSIS141029030K On the Security Enhancement of Integrated Electronic Patient Records Information Systems Muhammad Khurram Khan 1, Ankita
More informationSINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTING SECURITY ENVIRONMENT
SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTING SECURITY ENVIRONMENT K.karthika 1, M. Daya kanimozhi Rani 2 1 K.karthika, Assistant professor, Department of IT, Adhiyamaan College of Engineering, Hosur
More informationSecure File Transfer Using USB
International Journal of Scientific and Research Publications, Volume 2, Issue 4, April 2012 1 Secure File Transfer Using USB Prof. R. M. Goudar, Tushar Jagdale, Ketan Kakade, Amol Kargal, Darshan Marode
More informationSingle Sign-On Secure Authentication Password Mechanism
Single Sign-On Secure Authentication Password Mechanism Deepali M. Devkate, N.D.Kale ME Student, Department of CE, PVPIT, Bavdhan, SavitribaiPhule University Pune, Maharashtra,India. Assistant Professor,
More informationAnonymous Two-Factor Authentication: Certain Goals Are Beyond Attainment
Anonymous Two-Factor Authentication: Certain Goals Are Beyond Attainment Ding Wang 1,3, Ping Wang 1,3, and Debiao He 2 1 School of EECS, Peking University, Beijing 100871, China 2 National Engineering
More informationCapture Resilient ElGamal Signature Protocols
Capture Resilient ElGamal Signature Protocols Hüseyin Acan 1, Kamer Kaya 2,, and Ali Aydın Selçuk 2 1 Bilkent University, Department of Mathematics acan@fen.bilkent.edu.tr 2 Bilkent University, Department
More informationImproving Security on Smart-Based Password Key Agreement
Improving Security on Smart-Based Password Key Agreement Raja Iyappan P, Krishnaveni V, Karthika M P.G student, Dept of CSE, Dhanalakshmi Srinivasan Engineering College, Tamilnadu, India P.G student, Dept
More informationA Call Conference Room Interception Attack and its Detection
A Call Conference Room Interception Attack and its Detection Nikos Vrakas 1, Dimitris Geneiatakis 2 and Costas Lambrinoudakis 1 1 Department of Digital Systems, University of Piraeus 150 Androutsou St,
More informationA Road Map on Security Deliverables for Mobile Cloud Application
A Road Map on Security Deliverables for Mobile Cloud Application D.Pratiba 1, Manjunath A.E 2, Dr.N.K.Srinath 3, Dr.G.Shobha 4, Dr.Siddaraja 5 Asst. Professor, Department of Computer Science and Engineering,
More informationSecure Authentication of Distributed Networks by Single Sign-On Mechanism
Secure Authentication of Distributed Networks by Single Sign-On Mechanism Swati Sinha 1, Prof. Sheerin Zadoo 2 P.G.Student, Department of Computer Application, TOCE, Bangalore, Karnataka, India 1 Asst.Professor,
More information2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries
Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application
More informationSECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS
SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS Abstract: The Single sign-on (SSO) is a new authentication mechanism that enables a legal user with a single credential
More informationAuthentication Types. Password-based Authentication. Off-Line Password Guessing
Authentication Types Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4:
More informationCryptanalysis and security enhancement on the generation of Mu-Varadharajan electronic voting protocol. Vahid Jahandideh and Amir S.
72 Int. J. Electronic Governance, Vol. 3, No. 1, 2010 Cryptanalysis and security enhancement on the generation of Mu-Varadharajan electronic voting protocol Vahid Jahandideh and Amir S. Mortazavi Department
More informationResearch Article. Research of network payment system based on multi-factor authentication
Available online www.jocpr.com Journal of Chemical and Pharmaceutical Research, 2014, 6(7):437-441 Research Article ISSN : 0975-7384 CODEN(USA) : JCPRC5 Research of network payment system based on multi-factor
More informationA Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags
A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags Sarah Abughazalah, Konstantinos Markantonakis, and Keith Mayes Smart Card Centre-Information Security Group (SCC-ISG) Royal Holloway,
More informationApplication of Automatic Variable Password Technique in Das s Remote System Authentication Scheme Using Smart Card
Application of Automatic Variable Password Technique in Das s Remote System Authentication Scheme Using Smart Card C. Koner, Member, IACSIT, C. T. Bhunia, Sr. Member, IEEE and U. Maulik, Sr. Member, IEEE
More informationA Strong RSA-based and Certificateless-based Signature Scheme
International Journal of Network Security, Vol.18, No.2, PP.201-208, Mar. 2016 201 A Strong RSA-based and Certificateless-based Signature Scheme Chin-Chen Chang 1,2, Chin-Yu Sun 3, and Shih-Chang Chang
More informationRobust and Simple N-Party Entangled Authentication Cloud Storage Protocol Based on Secret Sharing Scheme
Journal of Information Hiding and Multimedia Signal Processing 2013 ISSN 2073-4212 Ubiquitous International Volume 4, Number 2, April 2013 Robust and Simple N-Party Entangled Authentication Cloud Storage
More informationAnonymous ID-based Group Key Agreement for Wireless Networks
Anonymous ID-based Group Key Agreement for Wireless Networks Zhiguo Wan,KuiRen, Wenjing Lou and Bart Preneel K.U.Leuven, ESAT/SCD, Kasteelpark Arenberg 10, B-3001 Leuven-Heverlee, Belgium Email: {zhiguo.wan,bart.preneel}@esat.kuleuven.be
More informationResearch Article Cloud-Based RFID Mutual Authentication Protocol without Leaking Location Privacy to the Cloud
International Journal of Distributed Sensor Networks Article ID 937198 Research Article Cloud-Based RFID Mutual Authentication Protocol without Leaking Location Privacy to the Cloud Qingkuan Dong, Jiaqing
More informationA secure email login system using virtual password
A secure email login system using virtual password Bhavin Tanti 1,Nishant Doshi 2 1 9seriesSoftwares, Ahmedabad,Gujarat,India 1 {bhavintanti@gmail.com} 2 SVNIT, Surat,Gujarat,India 2 {doshinikki2004@gmail.com}
More informationChapter 16: Authentication in Distributed System
Chapter 16: Authentication in Distributed System Ajay Kshemkalyani and Mukesh Singhal Distributed Computing: Principles, Algorithms, and Systems Cambridge University Press A. Kshemkalyani and M. Singhal
More informationSecure Data Management Scheme using One-Time Trapdoor on Cloud Storage Environment
, pp.257-272 http://dx.doi.org/10.14257/ijsia.2014.8.1.24 Secure Data Management Scheme using One-Time Trapdoor on Cloud Storage Environment Sun-Ho Lee and Im-Yeong Lee 1 Department of Computer Software
More informationFormal Analysis of A Novel Mutual Authentication and Key Agreement Protocol
Formal Analysis of A Novel Mutual Authentication and ey Agreement Protocol Ja'afer M. AL-Saraireh Applied Science University Amman 11961, Jordan Saleh S. Saraireh Philadelphia University Amman 11961, Jordan
More informationA Generic Framework to Enhance Two- Factor Authentication in Cryptographic Smart-card Applications
A Generic Framework to Enhance Two- Factor Authentication in Cryptographic Smart-card Applications G.Prakash #1, M.Kannan *2 # Research Scholar, Information and Communication Engineering, Anna University
More informationDesign an efficient three-party authenticated key exchange protocol in the cloud environment
Design an efficient three-party authenticated key exchange protocol in the cloud environment Chung-Yi Lin a, *, Yuh-Min Chen a, Shu-Yi Liaw b, Chen-Hua Fu c a Institute of Manufacturing Information Systems,
More informationAuthentication protocol for fingerprint feature extraction and IBC in monitoring systems
Authentication protocol for fingerprint feature extraction and IBC in monitoring systems Changgeng Yu; Liping Lai School of Mechanical and Electronic Engineering, Hezhou University, No.8, xihuan Road,
More informationFinal Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket
IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles
More informationDATA SECURITY IN CLOUD USING ADVANCED SECURE DE-DUPLICATION
DATA SECURITY IN CLOUD USING ADVANCED SECURE DE-DUPLICATION Hasna.R 1, S.Sangeetha 2 1 PG Scholar, Dhanalakshmi Srinivasan College of Engineering, Coimbatore. 2 Assistant Professor, Dhanalakshmi Srinivasan
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 20 Public-Key Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Public-Key Cryptography
More informationSecurity and Efficiency Analysis on a Simple Keyword Search Scheme over Encrypted Data in Cloud Storage Services
Security and Efficiency Analysis on a Simple Keyword Search Scheme over Encrypted Data in Cloud Storage Services Chun-Ta Li 1, Jau-Ji Shen 2,, and Chin-Wen Lee 2 1 Department of Information Management,
More informationEfficient Unlinkable Secret Handshakes for Anonymous Communications
보안공학연구논문지 (Journal of Security Engineering), 제 7권 제 6호 2010년 12월 Efficient Unlinkable Secret Handshakes for Anonymous Communications Eun-Kyung Ryu 1), Kee-Young Yoo 2), Keum-Sook Ha 3) Abstract The technique
More informationA Study on Secure Electronic Medical DB System in Hospital Environment
A Study on Secure Electronic Medical DB System in Hospital Environment Yvette E. Gelogo 1 and Sungwon Park 2 * 1 Catholic University of Daegu, Daegu, Korea 2 Department of Nursing, Hannam University, 133
More informationBlinding Self-Certified Key Issuing Protocols Using Elliptic Curves
Blinding Self-Certified Key Issuing Protocols Using Elliptic Curves Billy Bob Brumley Helsinki University of Technology Laboratory for Theoretical Computer Science billy.brumley@hut.fi Abstract Self-Certified
More informationSignature Amortization Technique for Authenticating Delay Sensitive Stream
Signature Amortization Technique for Authenticating Delay Sensitive Stream M Bruntha 1, Dr J. Premalatha Ph.D. 2 1 M.E., 2 Professor, Department of Information Technology, Kongu Engineering College, Perundurai,
More informationE-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption
Journal of Computer Science 6 (7): 723-727, 2010 ISSN 1549-3636 2010 Science Publications E-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption Najlaa A. Abuadhmah,
More informationSECURITY FLOWS AND IMPROVEMENT OF A RECENT ULTRA LIGHT-WEIGHT RFID PROTOCOL
SECURITY FLOWS AND IMPROVEMENT OF A RECENT ULTRA LIGHT-WEIGHT RFID PROTOCOL Mehrdad Kianersi and Mahmoud Gardeshi 1 Department of Information Technology and Communication, I.H.University, Tehran, Iran
More informationCPA SECURITY CHARACTERISTIC SECURE VOIP CLIENT
26579500 CPA SECURITY CHARACTERISTIC SECURE VOIP CLIENT Version 2.0 Crown Copyright 2013 All Rights Reserved UNCLASSIFIED Page 1 About this document This document describes the features, testing and deployment
More informationAuthentication in WLAN
Authentication in WLAN Flaws in WEP (Wired Equivalent Privacy) Wi-Fi Protected Access (WPA) Based on draft 3 of the IEEE 802.11i. Provides stronger data encryption and user authentication (largely missing
More informationWhite Paper: Multi-Factor Authentication Platform
White Paper: Multi-Factor Authentication Platform Version: 1.4 Updated: 29/10/13 Contents: About zero knowledge proof authentication protocols: 3 About Pairing-Based Cryptography (PBC) 4 Putting it all
More informationBit Chat: A Peer-to-Peer Instant Messenger
Bit Chat: A Peer-to-Peer Instant Messenger Shreyas Zare shreyas@technitium.com https://technitium.com December 20, 2015 Abstract. Bit Chat is a peer-to-peer instant messaging concept, allowing one-to-one
More informationA SECURE DATA TRANSMISSION FOR CLUSTER- BASED WIRELESS SENSOR NETWORKS IS INTRODUCED
A SECURE DATA TRANSMISSION FOR CLUSTER- BASED WIRELESS SENSOR NETWORKS IS INTRODUCED J Karunamayi 1, Annapurna V K 2 1 Student, Computer Network and Engineering,The National Institute of Engineering, Mysuru,
More informationAuthenticated Key Agreement Based on NFC for Mobile Payment
Authenticated Key Agreement Based on NFC for Mobile Payment Bomi Seo 1, Sung Woon Lee 2 *, Hyunsung Kim 1 1 The Department of Cyber Security, Kyungil University, Korea. 2 The Department of Information
More informationOverview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationUser authentication in SIP
User authentication in SIP Pauli Vesterinen Helsinki University of Technology pjvester@cc.hut.fi Abstract Today Voice over Internet Protocol (VoIP) is used in large scale to deliver voice and multimedia
More informationCity Research Online. Permanent City Research Online URL: http://openaccess.city.ac.uk/2499/
Komninos, N., Tselikis, C. & Douligeris, C. (2013). SAnoVs: Secure Anonymous Voting Scheme for clustered ad hoc networks. Paper presented at the 18th IEEE Symposium on Computers and Communication (ISCC
More informationA secure user authentication protocol for sensor network in data capturing
Quan et al. Journal of Cloud Computing: Advances, Systems and Applications (2015) 4:6 DOI 10.1186/s13677-015-0030-z RESEARCH Open Access A secure user authentication protocol for sensor network in data
More informationStrengthen RFID Tags Security Using New Data Structure
International Journal of Control and Automation 51 Strengthen RFID Tags Security Using New Data Structure Yan Liang and Chunming Rong Department of Electrical Engineering and Computer Science, University
More informationSECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES
www.arpapress.com/volumes/vol8issue1/ijrras_8_1_10.pdf SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES Malek Jakob Kakish Amman Arab University, Department of Computer Information Systems, P.O.Box 2234,
More informationAnonymous Network Information Acquirement Protocol for Mobile Users in Heterogeneous Wireless Networks
International Journal of Network Security, Vol.18, No.1, PP.193-200, Jan. 2016 193 Anonymous Network Information Acquirement Protocol for Mobile Users in Heterogeneous Wireless Networks Guangsong Li 1,
More informationModeling and verification of security protocols
Modeling and verification of security protocols Part I: Basics of cryptography and introduction to security protocols Dresden University of Technology Martin Pitt martin@piware.de Paper and slides available
More informationAn Efficient and Light weight Secure Framework for Applications of Cloud Environment using Identity Encryption Method
An Efficient and Light weight Secure Framework for Applications of Cloud Environment using Identity Encryption Method E.Sathiyamoorthy 1, S.S.Manivannan 2 1&2 School of Information Technology and Engineering
More informationSingle Password, Multiple Accounts
Single Password, Multiple Accounts Mohamed G. Gouda Alex X. Liu 1 Lok M. Leung 2 Mohamed A. Alam 2 Department of Computer Sciences, The University of Texas at Austin, Austin, Texas 78712-0233, U.S.A. {gouda,
More information1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies
1720 - Forward Secrecy: How to Secure SSL from Attacks by Government Agencies Dave Corbett Technical Product Manager Implementing Forward Secrecy 1 Agenda Part 1: Introduction Why is Forward Secrecy important?
More informationA novel deniable authentication protocol using generalized ElGamal signature scheme
Information Sciences 177 (2007) 1376 1381 www.elsevier.com/locate/ins A novel deniable authentication protocol using generalized ElGamal signature scheme Wei-Bin Lee a, Chia-Chun Wu a, Woei-Jiunn Tsaur
More informationTELE 301 Network Management. Lecture 18: Network Security
TELE 301 Network Management Lecture 18: Network Security Haibo Zhang Computer Science, University of Otago TELE301 Lecture 18: Network Security 1 Security of Networks Security is something that is not
More informationRfid Authentication Protocol for security and privacy Maintenance in Cloud Based Employee Management System
Rfid Authentication Protocol for security and privacy Maintenance in Cloud Based Employee Management System ArchanaThange Post Graduate Student, DKGOI s COE, Swami Chincholi, Maharashtra, India archanathange7575@gmail.com,
More informationComprehensive Study on Data Security in Cloud Data Store
Int. J. Open Problems Compt. Math., Vol. 7, No. 4, December 2014 ISSN 1998-6262; Copyright ICSRS Publication, 2014 www.i-csrs.org Comprehensive Study on Data Security in Cloud Data Store Hisham A. Shehadeh,
More informationIdentity-based Encryption with Post-Challenge Auxiliary Inputs for Secure Cloud Applications and Sensor Networks
Identity-based Encryption with Post-Challenge Auxiliary Inputs for Secure Cloud Applications and Sensor Networks Tsz Hon Yuen - Huawei, Singapore Ye Zhang - Pennsylvania State University, USA Siu Ming
More informationReview of methods for secret sharing in cloud computing
Review of methods for secret sharing in cloud computing Dnyaneshwar Supe Amit Srivastav Dr. Rajesh S. Prasad Abstract:- Cloud computing provides various IT services. Many companies especially those who
More informationDYNAMIC SESSION KEY EXCHANGE METHOD USING TWO S-BOXES
DYNAMIC SESSION KEY EXCHANGE METHOD USING TWO S-BOXES Sohail Abid 1 and Shahid Abid 2 1 Department of Computing and Technology IQRA University, Islamabad, Pakistan. rsohailabid@yahoo.com 2 Foundation University
More informationAn Efficient and Secure Key Management Scheme for Hierarchical Access Control Based on ECC
An Efficient and Secure Key Management Scheme for Hierarchical Access Control Based on ECC Laxminath Tripathy 1 Nayan Ranjan Paul 2 1Department of Information technology, Eastern Academy of Science and
More informationImproved Privacy-Preserving Authentication Scheme for Roaming Service in Mobile Networks
This paper was peer reviewed at the direction of IEEE Communications Society subject matter experts for publication in the IEEE WCNC 2014 proceedings This paper is to be presented as part of the 2014 IEEE
More informationMulti-Factor User Authentication in Wireless Sensor Networks
International Journal of Computer Science and Telecommunications [Volume 2, Issue 6, September 2011] 59 ISSN 2047-3338 Multi-Factor User Authentication in Wireless Sensor Networks T. Sarika 1 and Shaik
More informationImprovement of digital signature with message recovery using self-certified public keys and its variants
Applied Mathematics and Computation 159 (2004) 391 399 www.elsevier.com/locate/amc Improvement of digital signature with message recovery using self-certified public keys and its variants Zuhua Shao Department
More informationSecurity vulnerabilities in the Internet and possible solutions
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
More informationChapter 3. Network Domain Security
Communication System Security, Chapter 3, Draft, L.D. Chen and G. Gong, 2008 1 Chapter 3. Network Domain Security A network can be considered as the physical resource for a communication system. This chapter
More informationVictor Shoup Avi Rubin. fshoup,rubing@bellcore.com. Abstract
Session Key Distribution Using Smart Cards Victor Shoup Avi Rubin Bellcore, 445 South St., Morristown, NJ 07960 fshoup,rubing@bellcore.com Abstract In this paper, we investigate a method by which smart
More informationA Novel Pathway for Portability of Networks and Handing-on between Networks
A Novel Pathway for Portability of Networks and Handing-on between Networks D. S. Dayana #1, S. R. Surya #2 Department of Computer Applications, SRM University, Chennai, India 1 dayanads@rediffmail.com
More informationAn Innovative Two Factor Authentication Method: The QRLogin System
An Innovative Two Factor Authentication Method: The QRLogin System Soonduck Yoo*, Seung-jung Shin and Dae-hyun Ryu Dept. of IT, University of Hansei, 604-5 Dangjung-dong Gunpo city, Gyeonggi do, Korea,
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationOn the Limits of Anonymous Password Authentication
On the Limits of Anonymous Password Authentication Yan-Jiang Yang a Jian Weng b Feng Bao a a Institute for Infocomm Research, Singapore, Email: {yyang,baofeng}@i2r.a-star.edu.sg. b School of Computer Science,
More informationJournal of Electronic Banking Systems
Journal of Electronic Banking Systems Vol. 2015 (2015), Article ID 614386, 44 minipages. DOI:10.5171/2015.614386 www.ibimapublishing.com Copyright 2015. Khaled Ahmed Nagaty. Distributed under Creative
More informationSecuring MANET Using Diffie Hellman Digital Signature Scheme
Securing MANET Using Diffie Hellman Digital Signature Scheme Karamvir Singh 1, Harmanjot Singh 2 1 Research Scholar, ECE Department, Punjabi University, Patiala, Punjab, India 1 Karanvirk09@gmail.com 2
More informationThe Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems
The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems Becky Cutler Rebecca.cutler@tufts.edu Mentor: Professor Chris Gregg Abstract Modern day authentication systems
More informationModule 8. Network Security. Version 2 CSE IIT, Kharagpur
Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication
More informationIndex-Terms - S-Box Key Exchange, DSKE Method, And Three Layer Security, Modified Diffie-Hellman Key Exchange.
Secured and Authenticated Communication in Cloud Using Dynamic Key Exchange Protocol Abstract -Cloud computing is a new type of service which provides large scale computing resources to each customer.
More information