339 research outputs found
Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services
An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.âs anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.âs scheme can be addressed without degrading the efficiency of the scheme
On the security of an anonymous roaming protocol in UMTS mobile networks
In this communication, we first show that the privacy-preserving roaming protocol recently proposed for mobile networks cannot achieve the claimed security level. Then we suggest an improved protocol to remedy its security problems
Privacy Preserving Cryptographic Protocols for Secure Heterogeneous Networks
DisertaÄnĂ prĂĄce se zabĂœvĂĄ kryptografickĂœmi protokoly poskytujĂcĂ ochranu soukromĂ, kterĂ© jsou urÄeny pro zabezpeÄenĂ komunikaÄnĂch a informaÄnĂch systĂ©mĆŻ tvoĆĂcĂch heterogennĂ sĂtÄ. PrĂĄce se zamÄĆuje pĆedevĆĄĂm na moĆŸnosti vyuĆŸitĂ nekonvenÄnĂch kryptografickĂœch prostĆedkĆŻ, kterĂ© poskytujĂ rozĆĄĂĆenĂ© bezpeÄnostnĂ poĆŸadavky, jako je napĆĂklad ochrana soukromĂ uĆŸivatelĆŻ komunikaÄnĂho systĂ©mu. V prĂĄci je stanovena vĂœpoÄetnĂ nĂĄroÄnost kryptografickĂœch a matematickĂœch primitiv na rĆŻznĂœch zaĆĂzenĂch, kterĂ© se podĂlĂ na zabezpeÄenĂ heterogennĂ sĂtÄ. HlavnĂ cĂle prĂĄce se zamÄĆujĂ na nĂĄvrh pokroÄilĂœch kryptografickĂœch protokolĆŻ poskytujĂcĂch ochranu soukromĂ. V prĂĄci jsou navrĆŸeny celkovÄ tĆi protokoly, kterĂ© vyuĆŸĂvajĂ skupinovĂœch podpisĆŻ zaloĆŸenĂœch na bilineĂĄrnĂm pĂĄrovĂĄnĂ pro zajiĆĄtÄnĂ ochrany soukromĂ uĆŸivatelĆŻ. Tyto navrĆŸenĂ© protokoly zajiĆĄĆ„ujĂ ochranu soukromĂ a nepopiratelnost po celou dobu datovĂ© komunikace spolu s autentizacĂ a integritou pĆenĂĄĆĄenĂœch zprĂĄv. Pro navĂœĆĄenĂ vĂœkonnosti navrĆŸenĂœch protokolĆŻ je vyuĆŸito optimalizaÄnĂch technik, napĆ. dĂĄvkovĂ©ho ovÄĆovĂĄnĂ, tak aby protokoly byly praktickĂ© i pro heterogennĂ sĂtÄ.The dissertation thesis deals with privacy-preserving cryptographic protocols for secure communication and information systems forming heterogeneous networks. The thesis focuses on the possibilities of using non-conventional cryptographic primitives that provide enhanced security features, such as the protection of user privacy in communication systems. In the dissertation, the performance of cryptographic and mathematic primitives on various devices that participate in the security of heterogeneous networks is evaluated. The main objectives of the thesis focus on the design of advanced privacy-preserving cryptographic protocols. There are three designed protocols which use pairing-based group signatures to ensure user privacy. These proposals ensure the protection of user privacy together with the authentication, integrity and non-repudiation of transmitted messages during communication. The protocols employ the optimization techniques such as batch verification to increase their performance and become more practical in heterogeneous networks.
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
Shadow Phone and Ghost SIM: A Step Toward Geolocation Anonymous Calling
abstract: Mobile telephony is a critical aspect of our modern society: through telephone calls,
it is possible to reach almost anyone around the globe. However, every mobile telephone
call placed implicitly leaks the user's location to the telephony service provider (TSP).
This privacy leakage is due to the fundamental nature of mobile telephony calls that
must connect to a local base station to receive service and place calls. Thus, the TSP
can track the physical location of the user for every call that they place. While the
The Internet is similar in this regard, privacy-preserving technologies such as Tor allow
users to connect to websites anonymously (without revealing to their ISP the site
that they are visiting). In this thesis, the scheme presented, called shadow calling,
to allow geolocation anonymous calling from legacy mobile devices. In this way,
the call is placed from the same number, however, the TSP will not know the user's
physical location. The scheme does not require any change on the network side and
can be used on current mobile networks. The scheme implemented is for the GSM
(commonly referred to as 2G) network, as it is the most widely used mode of mobile
telephony communication. The feasibility of our scheme is demonstrated through the
prototype. Shadow calling, which renders the users geolocation anonymous, will be
beneficial for users such as journalists, human rights activists in hostile nations, or
other privacy-demanding users.Dissertation/ThesisMasters Thesis Computer Science 201
On the Usability of Two-Factor Authentication
Smart-card-based password authentication, known as two-factor authentication, is one of the most widely used security mechanisms
to validate the legitimacy of a remote client, who must hold a valid smart card and the correct password in order to successfully login the server. So far the research on this domain has mainly focused on developing more secure, privacy-preserving and efficient protocols, which has led to numerous efficient proposals with a diversity of security provisions, yet little attention has been directed towards another important aspect, i.e. the usability of a scheme. This paper focuses on the study of two specific security threats on usability in two-factor authentication. Using two representative protocols as case studies, we demonstrate two types of security threats on usability: (1) Password change attack, which may easily render the smart card completely unusable by changing the password to a random value; and (2) De-synchronization attack, which breaks the consistence of the pseudo-identities between the user and the server. These threats, though realistic in practice, have been paid little attention in the literature. In addition to revealing the vulnerabilities, we discuss how to thwart these security threats and secure the protocols
- âŠ