A Lightweight and Privacy-Preserving Authentication Protocol for Mobile Edge Computing

With the advent of the Internet-of-Things (IoT), vehicular networks and cyber-physical systems, the need for real-time data processing and analysis has emerged as an essential pre-requite for customers' satisfaction. In this direction, Mobile Edge Computing (MEC) provides seamless services with reduced latency, enhanced mobility, and improved location awareness. Since MEC has evolved from Cloud Computing, it inherited numerous security and privacy issues from the latter. Further, decentralized architectures and diversified deployment environments used in MEC platforms also aggravate the problem; causing great concerns for the research fraternity. Thus, in this paper, we propose an efficient and lightweight mutual authentication protocol for MEC environments; based on Elliptic Curve Cryptography (ECC), one-way hash functions and concatenation operations. The designed protocol also leverages the advantages of discrete logarithm problems, computational Diffie-Hellman, random numbers and time-stamps to resist various attacks namely-impersonation attacks, replay attacks, man-in-the-middle attacks, etc. The paper also presents a comparative assessment of the proposed scheme relative to the current state-of-the-art schemes. The obtained results demonstrate that the proposed scheme incurs relatively less communication and computational overheads, and is appropriate to be adopted in resource constraint MEC environments.Comment: To appear in IEEE GLOBECOM 201

A Protected Single Sign-On Technique Using 2D Password in Distributed Computer Networks

Single Sign-On (SSO) is a new authentication mechanism that enables a legal user with a single credential to be authenticated by multiple service providers in a distributed computer network. Recently, a new SSO scheme providing well-organized security argument failed to meet credential privacy and soundness of authentication. The main goal of this project is to provide security using Single Sign-On scheme meeting at least three basic security requirements, i.e., unforgetability, credential privacy, and soundness. User identification is an important access control mechanism for client–server networking architectures. The concept of Single Sign-On can allow legal users to use the unitary token to access different service providers in distributed computer networks. To overcome few drawbacks like not preserving user anonymity when possible attacks occur and extensive overhead costs of time-synchronized mechanisms, we propose a secure Single Sign-On mechanism that is efficient, secure, and suitable for mobile devices in distributed computer networks. In a real-life application, the mobile user can use the mobile device, e.g., a cell phone, with the unitary token to access multiservice, such as downloading music; receive/reply electronic mails etc. Our scheme is based on one-way hash functions and random nonce to solve the weaknesses described above and to decrease the overhead of the system. The proposed scheme is more secure with two types of password scheme namely, Text password and Graphical Password referred as 2D password in distributed computer networks that yields a more efficient system that consumes lower energy. The proposed system has less communication overhead. It eliminates the need for time synchronization and there is no need of holding multiple passwords for different services

An efficient and provably secure authenticated key agreement scheme for mobile edge computing

Though Mobile Cloud Computing (MCC) and Mobile Edge Computing (MEC) technologies have brought more convenience to mobile services over past few years, but security concerns like mutual authentication, user anonymity, user untraceability, etc., have yet remained unresolved. In recent years, many efforts have been made to design security protocols in the context of MCC and MEC, but most of them are prone to security threats. In this paper, we analyze Jia et al.’s scheme, one of the latest authentication protocols for MEC environment and we show this scheme is vulnerable to user impersonation and ephemeral secret leakage attacks. Further, we demonstrate that the aforementioned attacks can be similarly applied to Li et al.’s scheme which recently derived from Jia et al.’s protocol. In this paper, we propose a provably secure authenticated key agreement protocol on the basis of Jia et al.’s scheme that not only withstands security weaknesses of it, but also offers low computational and communicational costs compared to the other related schemes. As a formal security proof, we simulate our scheme with widely used AVISPA tool. Moreover, we show the scalability and practicality of our scheme in a MEC environment through NS-3 simulation

Review of Prevention Schemes for Man-In-The-Middle (MITM) Attack in Vehicular Ad hoc Networks

Vehicular Ad-Hoc Network (VANET) is an indispensable part of the Intelligent Transportation System (ITS) due to its abilities to enhance traffic management and safety. Many researchers have been focused on specific areas involving management and storage data, protocols standardization, network fragmentation, monitoring, and quality of service.  The benchmarks of security of VANET are studied and figured out in this paper. VANET provides the driver and passenger with the safety application as well as entertainment service. However, the communication between nodes in VANET is susceptible to security threats in both communication modes, which indicates the main hazard. In this paper, we identified different Man-In-The-Middle (MITM) attacks with various behaviors such as message tampering, message delaying, and message dropping, according to the literature. In this study, the essential background of VANET from architectural point of view and communication types are discussed. Then, the overview of MITM attack in VANET is presented. In addition, this paper thoroughly reviews the existing prevention schemes for MITM attack in VANET. This review paper reveals that there is still a need for a better and more efficient preventive scheme to address the MITM attack in VANET. This review paper could serve as evidence and reference in the development of any new security schemes for VANETs

Security Authentication and Privacy-Preserving in Vehicular Communication

The critical considerations of security, authentication, and privacy preservation are essential to maintaining the credibility and efficacy of these networks in the quickly changing field of vehicular communication systems. The difficulties and developments in tackling these important areas are examined in this abstract. In order to prevent hostile activity that could jeopardies the security and operation of vehicular communication, security measures are crucial. Ensuring that only authorized vehicles and infrastructure engage in the sharing of sensitive information requires robust authentication techniques to validate the identity of communication organizations. Simultaneously, the need to preserve privacy is becoming more and more important, requiring creative solutions that strike a balance between the necessity of data interchange and the security of personal user information. VANETs (vehicular ad hoc networks) face two crucial security issues: message authentication and conditional privacy preservation. Numerous security technologies have been proposed thus far to accomplish the related security goals. Two of the key technologies in the recently released literature are identity-based pseudonyms and group signature-based schemes. But with the identity-based method, pseudonym identities can expose the actual location of the car, and the key escrow is hard to attain. With the ability to counterfeit signatures under the vehicle's key, the global manager TA of VANETs is aware of all the keys that have been supplied to the cars. Thus, the group signature system is unable to satisfy the excludability

InShopnito: an advanced yet privacy-friendly mobile shopping application

Mobile Shopping Applications (MSAs) are rapidly gaining popularity. They enhance the shopping experience, by offering customized recommendations or incorporating customer loyalty programs. Although MSAs are quite effective at attracting new customers and binding existing ones to a retailer's services, existing MSAs have several shortcomings. The data collection practices involved in MSAs and the lack of transparency thereof are important concerns for many customers. This paper presents inShopnito, a privacy-preserving mobile shopping application. All transactions made in inShopnito are unlinkable and anonymous. However, the system still offers the expected features from a modern MSA. Customers can take part in loyalty programs and earn or spend loyalty points and electronic vouchers. Furthermore, the MSA can suggest personalized recommendations even though the retailer cannot construct rich customer profiles. These profiles are managed on the smartphone and can be partially disclosed in order to get better, customized recommendations. Finally, we present an implementation called inShopnito, of which the security and performance is analyzed. In doing so, we show that it is possible to have a privacy-preserving MSA without having to sacrifice practicality

A COMPREHENSIVE STUDY OF CRYPTOGRAPHY AND KEY MANAGEMENT BASED SECURITY IN CLOUD COMPUTING

Cloud computing is a cost effective flexible and proven delivery platform for providing consumer IT services or business services over internet. It has an ability to provide many services over internet. It not only provides computing services but additional computing resources. To interact with various services in the cloud and to store retrieve data from cloud several security mechanism is required. Cryptography and key management mechanism are one of the import services in the cloud to secure data. In this context, this paper investigates the basic problem of cloud computing with cryptography and key management system for enabling support of interoperability between cloud cryptography client and key management services

Certificateless Algorithm for Body Sensor Network and Remote Medical Server Units Authentication over Public Wireless Channels

Wireless sensor networks process and exchange mission-critical data relating to patients’ health status. Obviously, any leakages of the sensed data can have serious consequences which can endanger the lives of patients. As such, there is need for strong security and privacy protection of the data in storage as well as the data in transit. Over the recent past, researchers have developed numerous security protocols based on digital signatures, advanced encryption standard, digital certificates and elliptic curve cryptography among other approaches. However, previous studies have shown the existence of many security and privacy gaps that can be exploited by attackers to cause some harm in these networks. In addition, some techniques such as digital certificates have high storage and computation complexities occasioned by certificate and public key management issues. In this paper, a certificateless algorithm is developed for authenticating the body sensors and remote medical server units. Security analysis has shown that it offers data privacy, secure session key agreement, untraceability and anonymity. It can also withstand typical wireless sensor networks attacks such as impersonation, packet replay and man-in-the-middle. On the other hand, it is demonstrated to have the least execution time and bandwidth requirements

Improved Framework for Blockchain Application Using Lattice Based Key Agreement Protocol

One of the most recent challenges in communicationsystem and network system is the privacy and security ofinformation and communication session. Blockchain is one oftechnologies that use in sensing application in different importantenvironments such as healthcare. In healthcare the patient privacyshould be protected use high security system. Key agreementprotocol based on lattice ensure the authentication and highprotection against different types of attack especiallyimpersonation and man in the middle attack where the latticebased protocol is quantum-withstand protocol. Proposed improvedframework using lattice based key agreement protocol forapplication of block chain, with security analysis of manyliteratures that proposed different protocols has been presentedwith comparative study. The resultant new framework based onlattice overcome the latency limitation of block chain in the oldframework and lowered the computation cost that depend onElliptic curve Diffie-Hellman. Also, it ensures high privacy andprotection of patient’s informatio