9,895 research outputs found
Flexible Authentication in Vehicular Ad hoc Networks
A Vehicular Ad-Hoc Network (VANET) is a form of Mobile ad-hoc network, to
provide communications among nearby vehicles and between vehicles and nearby
fixed roadside equipment. The key operation in VANETs is the broadcast of
messages. Consequently, the vehicles need to make sure that the information has
been sent by an authentic node in the network. VANETs present unique challenges
such as high node mobility, real-time constraints, scalability, gradual
deployment and privacy. No existent technique addresses all these requirements.
In particular, both inter-vehicle and vehicle-to-roadside wireless
communications present different characteristics that should be taken into
account when defining node authentication services. That is exactly what is
done in this paper, where the features of inter-vehicle and vehicle-to-roadside
communications are analyzed to propose differentiated services for node
authentication, according to privacy and efficiency needs
A-MAKE: an efficient, anonymous and accountable authentication framework for WMNs
In this paper, we propose a framework, named as A-MAKE, which efficiently provides security, privacy, and accountability for communications in wireless mesh networks. More specifically, the framework provides an anonymous mutual authentication protocol whereby legitimate users can connect to network from anywhere without being identified or tracked. No single party (e.g., network operator) can violate the privacy of a user, which is provided in our framework in the strongest sense. Our framework utilizes group signatures, where the private key and the credentials of the users are generated through a secure three-party protocol. User accountability is implemented via user revocation protocol that can be executed by two semitrusted authorities, one of which is the network operator. The assumptions about the trust level of the network operator are relaxed. Our framework makes use of much more efficient signature generation and verification algorithms in terms of computation complexity than their counterparts in literature, where signature size is comparable to the shortest signatures proposed for similar purposes so far
Anonymous Single-Sign-On for n designated services with traceability
Anonymous Single-Sign-On authentication schemes have been proposed to allow
users to access a service protected by a verifier without revealing their
identity which has become more important due to the introduction of strong
privacy regulations. In this paper we describe a new approach whereby anonymous
authentication to different verifiers is achieved via authorisation tags and
pseudonyms. The particular innovation of our scheme is authentication can only
occur between a user and its designated verifier for a service, and the
verification cannot be performed by any other verifier. The benefit of this
authentication approach is that it prevents information leakage of a user's
service access information, even if the verifiers for these services collude
which each other. Our scheme also supports a trusted third party who is
authorised to de-anonymise the user and reveal her whole services access
information if required. Furthermore, our scheme is lightweight because it does
not rely on attribute or policy-based signature schemes to enable access to
multiple services. The scheme's security model is given together with a
security proof, an implementation and a performance evaluation.Comment: 3
MobiBits: Multimodal Mobile Biometric Database
This paper presents a novel database comprising representations of five
different biometric characteristics, collected in a mobile, unconstrained or
semi-constrained setting with three different mobile devices, including
characteristics previously unavailable in existing datasets, namely hand
images, thermal hand images, and thermal face images, all acquired with a
mobile, off-the-shelf device. In addition to this collection of data we perform
an extensive set of experiments providing insight on benchmark recognition
performance that can be achieved with these data, carried out with existing
commercial and academic biometric solutions. This is the first known to us
mobile biometric database introducing samples of biometric traits such as
thermal hand images and thermal face images. We hope that this contribution
will make a valuable addition to the already existing databases and enable new
experiments and studies in the field of mobile authentication. The MobiBits
database is made publicly available to the research community at no cost for
non-commercial purposes.Comment: Submitted for the BIOSIG2018 conference on June 18, 2018. Accepted
for publication on July 20, 201
Building Secure and Anonymous Communication Channel: Formal Model and its Prototype Implementation
Various techniques need to be combined to realize anonymously authenticated
communication. Cryptographic tools enable anonymous user authentication while
anonymous communication protocols hide users' IP addresses from service
providers. One simple approach for realizing anonymously authenticated
communication is their simple combination, but this gives rise to another
issue; how to build a secure channel. The current public key infrastructure
cannot be used since the user's public key identifies the user. To cope with
this issue, we propose a protocol that uses identity-based encryption for
packet encryption without sacrificing anonymity, and group signature for
anonymous user authentication. Communications in the protocol take place
through proxy entities that conceal users' IP addresses from service providers.
The underlying group signature is customized to meet our objective and improve
its efficiency. We also introduce a proof-of-concept implementation to
demonstrate the protocol's feasibility. We compare its performance to SSL
communication and demonstrate its practicality, and conclude that the protocol
realizes secure, anonymous, and authenticated communication between users and
service providers with practical performance.Comment: This is a preprint version of our paper presented in SAC'14, March
24-28, 2014, Gyeongju, Korea. ACMSAC 201
Keystroke dynamics in the pre-touchscreen era
Biometric authentication seeks to measure an individualās unique physiological attributes for the purpose of identity verification. Conventionally, this task has been realized via analyses of fingerprints or signature iris patterns. However, whilst such methods effectively offer a superior security protocol compared with password-based approaches for example, their substantial infrastructure costs, and intrusive nature, make them undesirable and indeed impractical for many scenarios. An alternative approach seeks to develop similarly robust screening protocols through analysis of typing patterns, formally known as keystroke dynamics. Here, keystroke analysis methodologies can utilize multiple variables, and a range of mathematical techniques, in order to extract individualsā typing signatures. Such variables may include measurement of the period between key presses, and/or releases, or even key-strike pressures. Statistical methods, neural networks, and fuzzy logic have often formed the basis for quantitative analysis on the data gathered, typically from conventional computer keyboards. Extension to more recent technologies such as numerical keypads and touch-screen devices is in its infancy, but obviously important as such devices grow in popularity. Here, we review the state of knowledge pertaining to authentication via conventional keyboards with a view toward indicating how this platform of knowledge can be exploited and extended into the newly emergent type-based technological contexts
Cloud Data Auditing Using Proofs of Retrievability
Cloud servers offer data outsourcing facility to their clients. A client
outsources her data without having any copy at her end. Therefore, she needs a
guarantee that her data are not modified by the server which may be malicious.
Data auditing is performed on the outsourced data to resolve this issue.
Moreover, the client may want all her data to be stored untampered. In this
chapter, we describe proofs of retrievability (POR) that convince the client
about the integrity of all her data.Comment: A version has been published as a book chapter in Guide to Security
Assurance for Cloud Computing (Springer International Publishing Switzerland
2015
Integrating identity-based cryptography in IMS service authentication
Nowadays, the IP Multimedia Subsystem (IMS) is a promising research field.
Many ongoing works related to the security and the performances of its
employment are presented to the research community. Although, the security and
data privacy aspects are very important in the IMS global objectives, they
observe little attention so far. Secure access to multimedia services is based
on SIP and HTTP digest on top of IMS architecture. The standard deploys AKA-MD5
for the terminal authentication. The third Generation Partnership Project
(3GPP) provided Generic Bootstrapping Architecture (GBA) to authenticate the
subscriber before accessing multimedia services over HTTP. In this paper, we
propose a new IMS Service Authentication scheme using Identity Based
cryptography (IBC). This new scheme will lead to better performances when there
are simultaneous authentication requests using Identity-based Batch
Verification. We analyzed the security of our new protocol and we presented a
performance evaluation of its cryptographic operationsComment: 13Page
- ā¦