A Novel Authentication and Key Agreement Scheme for Countering MITM and Impersonation Attack in Medical Facilities

Authentication is used to enfold the privacy of the patient to implement security onto the communication between patients and service providers. Several types of research have proposed support for anonymity for contextual privacy in medical systems that are still vulnerable to impersonation attack and Man-in-the-middle attack. By using powerful technology that is used in medical facilities, it can help in building an advanced system. However, the same powerful tools can also be used by the attackers to gain personal profits and to cause chaos. The proposed countermeasure that is to be taken to prevent this kind of attacks is by implementing mutual authentication between users, their devices/mobile devices, and the system’s cloud server, and also a key agreement scheme together with the help of Elliptic Curve Cryptography (ECC). A novel authentication scheme which consists of two phases, a signature generation, and authentication process. The ECC implementation is to ensure that the keys are thoroughly secured and is not copy- able, together with a Key generation scheme that shields the system against impersonation attacks. The usage of Elliptic Curve Digital Signature Algorithm (ECDSA), in a signature generation, on the other hand, provides users more secure way to hide the user private key and bring additional security layer before proceeding to authentication phase due to the existence of extra elements of domain parameters. Authentication is still considered as a crucial component in maintaining the security of any critical facilities that require the CIA tried and non- repudiation as a need to maintain their data. It does not only apply to medical centers, but any organizations that possess valuable data that is needed to be protected also requires strong authentication protocols. Thus, the trend for the need of novel authentication protocols will keep on rising as technology gets fancier and fancier

An Authentication Protocol for Future Sensor Networks

Authentication is one of the essential security services in Wireless Sensor Networks (WSNs) for ensuring secure data sessions. Sensor node authentication ensures the confidentiality and validity of data collected by the sensor node, whereas user authentication guarantees that only legitimate users can access the sensor data. In a mobile WSN, sensor and user nodes move across the network and exchange data with multiple nodes, thus experiencing the authentication process multiple times. The integration of WSNs with Internet of Things (IoT) brings forth a new kind of WSN architecture along with stricter security requirements; for instance, a sensor node or a user node may need to establish multiple concurrent secure data sessions. With concurrent data sessions, the frequency of the re-authentication process increases in proportion to the number of concurrent connections, which makes the security issue even more challenging. The currently available authentication protocols were designed for the autonomous WSN and do not account for the above requirements. In this paper, we present a novel, lightweight and efficient key exchange and authentication protocol suite called the Secure Mobile Sensor Network (SMSN) Authentication Protocol. In the SMSN a mobile node goes through an initial authentication procedure and receives a re-authentication ticket from the base station. Later a mobile node can use this re-authentication ticket when establishing multiple data exchange sessions and/or when moving across the network. This scheme reduces the communication and computational complexity of the authentication process. We proved the strength of our protocol with rigorous security analysis and simulated the SMSN and previously proposed schemes in an automated protocol verifier tool. Finally, we compared the computational complexity and communication cost against well-known authentication protocols.Comment: This article is accepted for the publication in "Sensors" journal. 29 pages, 15 figure

Towards a metric for recognition-based graphical password security

Recognition-based graphical password (RBGP) schemes are not easily compared in terms of security. Current research uses many different measures which results in confusion as to whether RBGP schemes are secure against guessing and capture attacks. If it were possible to measure all RBGP schemes in a common way it would provide an easy comparison between them, allowing selection of the most secure design. This paper presents a discussion of potential attacks against recognition-based graphical password (RBGP) authentication schemes. As a result of this examination a preliminary measure of the security of a recognition-based scheme is presented. The security measure is a 4-tuple based on distractor selection, shoulder surfing, intersection and replay attacks. It is aimed to be an initial proposal and is designed in a way which is extensible and adjustable as further research in the area develops. Finally, an example is provided by application to the PassFaces scheme