On Security Analysis of Recent Password Authentication and Key Agreement Schemes Based on Elliptic Curve Cryptography

Secure and efficient mutual authentication and key agreement schemes form the basis for any robust network communication system. Elliptic Curve Cryptography (ECC) has emerged as one of the most successful Public Key Cryptosystem that efficiently meets all the security challenges. Comparison of ECC with other Public Key Cryptosystems (RSA, Rabin, ElGamal) shows that it provides equal level of security for a far smaller bit size, thereby substantially reducing the processing overhead. This makes it suitable for constrained environments like wireless networks and mobile devices as well as for security sensitive applications like electronic banking, financial transactions and smart grids. With the successful implementation of ECC in security applications (e-passports, e-IDs, embedded systems), it is getting widely commercialized. ECC is simple and faster and is therefore emerging as an attractive alternative for providing security in lightweight device, which contributes to its popularity in the present scenario. In this paper, we have analyzed some of the recent password based authentication and key agreement schemes using ECC for various environments. Furthermore, we have carried out security, functionality and performance comparisons of these schemes and found that they are unable to satisfy their claimed security goals

A secure lightweight authentication mechanism for IoT devices in generic domain

The Internet of Things prompt deployment enhances the security concerns of these systems in recent years. The enormous exchange of sensory information between devices raises the necessity for a secure authentication scheme for Internet of Things devices. Despite many proposed schemes, providing authenticated and secure communication for Internet of Things devices is still an open issue. This research addresses challenges pertaining to the Internet of Things authentication, verification, and communication, and proposes a new secure lightweight mechanism for Internet of Things devices in the generic domain. The proposed authentication method utilizes environmental variables obtained by sensors to allow the system to identify genuine devices and reject anomalous connections

ViotSOC: Controlling Access to Dynamically Virtualized IoT Services using Service Object Capability

Virtualization of Internet of Things(IoT) is a concept of dynamically building customized high-level IoT services which rely on the real time data streams from low-level physical IoT sensors. Security in IoT virtualization is challenging, because with the growing number of available (building block) services, the number of personalizable virtual services grows exponentially. This paper proposes Service Object Capability(SOC) ticket system, a decentralized access control mechanism between servers and clients to effi- ciently authenticate and authorize each other without using public key cryptography. SOC supports decentralized partial delegation of capabilities specified in each server/- client ticket. Unlike PKI certificates, SOC’s authentication time and handshake packet overhead stays constant regardless of each capability’s delegation hop distance from the root delegator. The paper compares SOC’s security bene- fits with Kerberos and the experimental results show SOC’s authentication incurs significantly less time packet overhead compared against those from other mechanisms based on RSA-PKI and ECC-PKI algorithms. SOC is as secure as, and more efficient and suitable for IoT environments, than existing PKIs and Kerberos

Security Investigation on Remote Access Methods of Virtual Private Network

Remote access is one of the prevalent business trends in today2019;s computing pervasive business environments. The ease of access to internal private networks over the internet by telecommuter devices has given birth too many security threats to the endpoint devices. The application client software and data at rest on the endpoint of remote access methods such as: Tunneling, Portal, Desktop Applications and Direct Access do not offer protection for the communication between the VPN gateway and internal resources. This paper, therefore investigate the security pitfalls of remote access for establishing virtual private network methods. To address these challenges, a remote access method to secure endpoint communication is proposed. The study adopted investigative research design by use of empirical review on the security aspect of the current state VPN Remote Access methods. This necessitates the review of the research article on the current state and related works which leads to critiques and offer proposed solution to remote access endpoint VPN. The scope of this study is limited to secure virtual private network endpoint data communication. In this paper, an investigation of these access technologies given