Biometric identity-based cryptography for e-Government environment

Government information is a vital asset that must be kept in a trusted environment and efficiently managed by authorised parties. Even though e-Government provides a number of advantages, it also introduces a range of new security risks. Sharing confidential and top-secret information in a secure manner among government sectors tend to be the main element that government agencies look for. Thus, developing an effective methodology is essential and it is a key factor for e-Government success. The proposed e-Government scheme in this paper is a combination of identity-based encryption and biometric technology. This new scheme can effectively improve the security in authentication systems, which provides a reliable identity with a high degree of assurance. In addition, this paper demonstrates the feasibility of using Finite-state machines as a formal method to analyse the proposed protocols

Security Weaknesses of Song's Advanced Smart Card Based Password Authentication Protocol

[[abstract]]Password based authentication with smart cards has been adopted as a more secure means in insecure networks to validate the legitimacy of users. Traditional authentication schemes are based on the tamper-resistant smart card; that is, the data stored in the smart card cannot be revealed. However, it is a challenging problem for considering non-tamper-resistant smart cards used in user authentication. Very recently, in 2010, Song proposed an efficient authentication scheme with such non-tamper resistant smart cards based on symmetric key cryptosystems as well as modular exponentiations. In this paper, we will show that Song's scheme is vulnerable to the offline password guessing attack and the insider attack. Besides, this scheme does not provide perfect forward secrecy and does not preserve user anonymity.[[conferencetype]]國際[[conferencelocation]]Shanghai, Chin

Modelling and simulation of a biometric identity-based cryptography

Government information is a vital asset that must be kept in a trusted environment and efficiently managed by authorised parties. Even though e-Government provides a number of advantages, it also introduces a range of new security risks. Sharing confidential and top-secret information in a secure manner among government sectors tend to be the main element that government agencies look for. Thus, developing an effective methodology is essential and it is a key factor for e-Government success. The proposed e-Government scheme in this paper is a combination of identity-based encryption and biometric technology. This new scheme can effectively improve the security in authentication systems, which provides a reliable identity with a high degree of assurance. In addition, this paper demonstrates the feasibility of using Finite-state machines as a formal method to analyse the proposed protocols

Cryptanalysis and Further Improvement of a Dynamic ID and Smart Card based Remote user Authentication Scheme

Computer systems and their interconnections using networks have im-proved the dependence of both the organizations as well as the individuals on the stored information. This interconnection, in turn, has led to a heightened awareness of the need for data security and the protection of data and re- sources from electronic frauds, electronic eavesdropping, and networkbased attacks. Consequently, cryptography and network security have evolved, leading to the development of smart cards to enforce network security. Re-cently, Rafael Martinez-Pelez and Rico- Novella Francisco [1] pointed out vul-nerabilities in Wang et al. [2] scheme. In this paper, we cryptanalyze Wanget al. scheme and demonstrated that our proposed scheme withstands thevulnerabilities pointed out by Francisco et al. and it completes all the re-cent security requirements of [3]. We implemented the proposed scheme in MATLAB and demonstrated that our proposed scheme is not vulnerable to the shortcomings pointed out by Francisco et al. in their scheme

Cryptanalysis of and Improvement on Biometric-based User Authentication Scheme for C/S System

Password-based authentication schemes are convenient, but vulnerable to simple dictionary attacks. Cryptographic secret keys are safe, but difficult to memorize. More recently, biometric information has been used for authentication schemes. Das proposed a biometric-based authentication scheme, but it has various vulnerabilities. Jiping et al. improved Das’s scheme, but some vulnerabilities remain. In this paper, we analyze the cryptanalysis of Jiping et al.’s authentication scheme and propose the security enhanced biometric-based user authentication scheme for the C/S System

Cryptanalysis and Further Improvement of a Dynamic ID and Smart Card based Remote user Authentication Scheme

Computer systems and their interconnections using networks have im-proved the dependence of both the organizations as well as the individuals on the stored information. This interconnection, in turn, has led to a heightened awareness of the need for data security and the protection of data and re- sources from electronic frauds, electronic eavesdropping, and networkbased attacks. Consequently, cryptography and network security have evolved, leading to the development of smart cards to enforce network security. Re-cently, Rafael Martinez-Pelez and Rico- Novella Francisco [1] pointed out vul-nerabilities in Wang et al. [2] scheme. In this paper, we cryptanalyze Wanget al. scheme and demonstrated that our proposed scheme withstands thevulnerabilities pointed out by Francisco et al. and it completes all the re-cent security requirements of [3]. We implemented the proposed scheme in MATLAB and demonstrated that our proposed scheme is not vulnerable to the shortcomings pointed out by Francisco et al. in their scheme

Lightweight ECC Based Multifactor Authentication Protocol (LEMAP) for Device to Device Cellular Network

Device to Device (D2D) communication is a type of technology where two devices can communicate directly with each other without the need to contact Base Station or any central infrastructure. With emerging of Long Term Evaluation (LTE) and Fifth Generation (5G) technology, D2D has gained a lot of attention for communication between closely located mobile devices for offering high speed, energy efficiency, throughput, less delay, and efficient spectrum usage. D2D has changed recent wireless networks with new trends as D2D can play a vital role in sharing resources by load off the network in local areas by direct communication between devices and useful in natural disasters where BS is destroyed. D2D has revolutionized the direct communication as it is a basis for 5G network. D2D allows miniature devices like cell phone, tablets and radio devices to work as Non-Transparent Relays (NTR) where they can provide services as well as forward traffic, request services by direct communication without the need of Base Station (BS) or central network infrastructure. Multi-hop D2D can be used for peer-to-peer communication or even access to cellular networks. This concept of multihop D2D communication has introduced a number of issues and challenges that were not prevalent in traditional current cellular communication. One of the major issues in D2D is security that is required in D2D communication to transmit information securely over non secure channel. The major challenge when considering security is that current established security techniques cannot be modified as security-requiring devices are miniature with restricted processing and storage or are constrained by power and bandwidth issues. Another issue is that how devices can get secure mutual authentication for secure communication. To tackle these issues, a lightweight multifactor authentication scheme that allows multihop secure communication over open channel is designed called as Lightweight ECC based Multifactor Authentication Protocol (LEMAP) in multihop D2D communication. Formal analysis of scheme is performed using well known BAN Logic method which is used to check correctness of protocol. The formal analysis of LEMAP proves that it can mitigate replay attack, Man-in-the-Middle (MITM) attack, Rogue device attack, Denial of Service (DoS) attack, timestamp exploitation attack, impersonation attack and masquerading attack. LEMAP also achieves security requirements confidentiality, integrity, privacy, non-repudiation, secure mutual authentication and anonymity. The communication cost and computational overhead of benchmark protocols and the proposed scheme LEMAP are also calculated. The results show that LEMAP is 6%-28% percent stronger than the selected benchmark algorithms such as 2PAKEP, Chaotic based authentication and TwoFactor authentication protocol. Additionally, LEMAP provides additional security by using trust validation, double hashing, and reduced authentication overhead. Discrete logarithm analysis shows that LEMAP is more secure compared to current security algorithms or current security algos are used as attacks against LEMAP. LEMAP is a lightweight and flexible scheme which can be used in 5G as well as multihop D2D communication to provide secure communication environment. Keywords: D2D security, multihop D2D security, multi factor, light-weight security, EC

A novel authentication protocol based on biometric and identity-based cryptography

Recently, considerable attention has been devoted to distributed systems. It has become obvious that a high security level should be a fundamental prerequisite for organisations' processes, both in the commercial and public sectors. A crucial foundation for securing a network is the ability to reliably authenticate ommunication parties. However, these systems face some critical security risks and challenges when they attempt to stabilise between security, efficiency and functionality. Developing a secure authentication protocol can be challenging; this thesis proposes an authentication scheme that employs two authentication factors involving something you know (password) and something you are (biometric) based on Identity-Based Cryptography and Elliptic Curve Cryptography. Two protocols have been chosen that provide mutual authentication and secure key exchange, which are the equivalent to the Diffie-Hellman key exchange. Due to a potential flaw in the protocols, guarding against attacks can be challenging. In order to alleviate some of the issues encountered with the new protocol, this thesis uses the encrypt-then-authenticate method. Formal verification methods are used to evaluate the new protocol. First, finite-state machines are used to examine and predict the behaviour of the protocol. Modelling with this method shows that the new protocol can function correctly and behave correctly within the protocol description, even with invalid input or time delay. Second, Petri nets are used to model, simulate and analyse the new protocol. This thesis formulates several attack models via Petri nets in which the security of the proposed protocols is discussed precisely. Ultimately, this novel work ensures that the new protocol provides a coherent security concept and can be implemented over insecure channels while offering secure mutual authentication

an improved smart card based password authentication scheme with provable security

Password authentication has been adopted as one of the most commonly used solutions in network environment to protect resources from unauthorized access. Recently, Lee–Kim–Yoo [S.W. Lee, H.S. Kim, K.Y. Yoo, Improvement of Chien et al.'s remote user authentication scheme using smart cards, Computer Standards & Interfaces 27 (2) (2005) 181–183] and Lee-Chiu [N.Y. Lee, Y.C. Chiu, Improved remote authentication scheme with smart card, Computer Standards & Interfaces 27 (2) (2005) 177–180] respectively proposed a smart card based password authentication scheme. We show that these two schemes are both subject to forgery attacks provided that the information stored in the smart card is disclosed by the adversary. We also propose an improved scheme with formal security proof.国科