Cryptanalysis on Privacy-Aware Two-factor Authentication Protocol for Wireless Sensor Networks

Das first proposed two-factor authentication combining the smart card and password to resolve the security problems of wireless sensor networks (WSNs). After that, various researchers studied two-factor authentication suitable for WSNs. In user authentication protocols based on the symmetric key approach, a number of elliptic curve cryptography (ECC)-based authentication protocols have been proposed. To resolve the security and efficiency problems of ECC-based two-factor authentication protocols, Jiang et al. proposed a privacy-aware two-factor authentication protocol based on ECC for WSNs. However, this paper performs a vulnerability analysis on Jiang et al.’s authentication protocol and shows that it has security problems, such as a lack of mutual authentication, a risk of SID modification and DoS attacks, a lack of sensor anonymity, and weak ID anonymity

EEoP: A Lightweight Security Scheme over PKI in D2D Cellular Networks

Device-to-Device (D2D) communication is a promising technology that facilitates the deployment of devices to provide extended coverage where devices can act as user or relays. However, introducing such technology where the user can act as semi-intelligent relays, open a wide range of security threats, specifically, in terms of confidentiality and integrity. Another key issue of these devices is the limited computational and storage capabilities. Thus, to address the above challenges, this paper proposed a computationally lightweight crypto system based on Elliptic curve and ElGamal over public-key infrastructure (EEoP). It uses ECC for creation of keys while uses ElGamal for encryption and decryption over public-key infrastructure. Mathematical analysis shows that EEoP ensures the confidentiality and integrity of the communication. Performance analysis shows that proposed scheme outperformed the baseline protocols. The proposed crypto system can be used in relay-based communication

Strategies to Secure a Voice Over Internet Protocol Telephone System

Voice over internet protocol (VoIP) provides cost-effective phone service over a broadband internet connection rather than analog telephone services. While VoIP is a fast-growing technology, there are issues with intercepting and misusing transmissions, which are security concerns within telecommunication organizations and for customers. Grounded in the routine activity theory, the purpose of this multiple case study was to explore strategies information technology (IT) security managers used to secure VoIP telephone systems in telecommunication organizations. The participants consisted of nine IT security managers from three telecommunication organizations in New York who possessed the knowledge and expertise to secure a VoIP telephone system. The data were collected using semi structured interviews, note taking, and one document from one organization. Four themes emerged from the thematic analysis: best practices for VoIP security, using a secure VoIP provider, VoIP security recommendations, and awareness of future security concerns. A key recommendation for IT security professionals is to ensure encryption to secure a VoIP telephone system. The implications for positive social change include the potential for IT security managers and telecommunication organizations to reduce data breaches and the theft of their customers’ identities and credit card information

Wearable Wireless Devices

No abstract available

Wearable Wireless Devices

No abstract available