Certificate-Based Parallel Key-Insulated Aggregate Signature Against Fully Chosen-Key Attacks for Industrial Internet of Things

With the emergence of the Industrial Internet of Things (IIoT), numerous operations based on smart devices contribute to producing convenience and comfortable applications for individuals and organizations. Considering the untrusted feature of the communication channels in IIoT, it is essential to ensure the authentication and incontestableness of the messages transmitted in the IIoT. In this paper, we firstly proposed a certificate-based parallel key-insulated aggregate signature (CB-PKIAS), which can resist the fully chosen-key attacks. Concretely, the adversary who can obtain the private keys of all signers in the system is able to forge a valid aggregate signature by using the invalid single signature. Furthermore, our scheme inherits the merits of certificate-based and key-insulated to avoid the certificate management problem, key escrow problems as well as the key exposures simultaneously. In addition, the rigorous analysis and the concrete simulation experiment demonstrated that our proposed scheme is secure under the random oracle and more suitable for the IIoT environment

An Improved User Authentication Protocol for Healthcare Services via Wireless Medical Sensor Networks

Healthcare service sector is one of the major applications of Wireless Sensor Networks (WSNs) acknowledged as Wireless Medical Sensor Network (WMSNs). It deploys tiny medical sensor-nodes ( MS -nodes) on the body of the patient to sense crucial physiological signs which can be accessed and analyzed by registered medical professionals. Recently, Khan et al. analyzed Kumar et al.'s scheme proposed for healthcare applications using WMSNs and observed that the scheme is susceptible to many security weaknesses if an adversary extracts the information from the lost smart card of some user. The adversary can access patient's physiological data without knowing actual password, can deceive medical professionals by sending fake information about patients, can guess the password of a user from the corresponding smart card, and so forth. Besides, the scheme fails to resist insider attack, lacks user anonymity and the session key shared between the user and the MS -node is insecure. To overcome these problems, we propose an improved user authentication scheme for healthcare applications using WMSNs. We show that the scheme is free from the identified weaknesses and excels in performance and efficiency scheme

An Improved Biometrics-Based Remote User Authentication Scheme with User Anonymity

The authors review the biometrics-based user authentication scheme proposed by An in 2012. The authors show that there exist loopholes in the scheme which are detrimental for its security. Therefore the authors propose an improved scheme eradicating the flaws of An’s scheme. Then a detailed security analysis of the proposed scheme is presented followed by its efficiency comparison. The proposed scheme not only withstands security problems found in An’s scheme but also provides some extra features with mere addition of only two hash operations. The proposed scheme allows user to freely change his password and also provides user anonymity with untraceability

An improved efficient remote password authentication scheme with smart card over insecure networks,”

's scheme and both of them pointed out, more or less, same vulnerabilities: like offline password guessing attack, impersonating the server by replay attack, denial of service attack on password changing and insider attack on it. But none of them suggested any solution to the pointed out attacks. This paper proposes an improved scheme with enhanced security, maintaining advantages of the original scheme and free from the attacks pointed out by Yoon-Yoo and Xiang et al.

Cryptanalysis and improvement of a robust smart card secured authentication scheme on SIP using elliptic curve cryptography

The session initiation protocol (SIP) has been receiving a lot of attention to provide security in the Voice over IP (VoIP) in Internet and mobility management. Recently, Yeh et al. proposed a smart card-based authentication scheme for SIP using elliptic curve cryptography (ECC). They claimed that their scheme is secure against known security attacks. However, in this paper, we indicate that Yeh et al.’s scheme is vulnerable to off-line password guessing attack, user impersonation attack and server impersonation attack, in the case that the smart card is stolen and the information stored in the smart card is disclosed. As a remedy, we also propose an improved smart card-based authentication scheme which not only conquers the security weaknesses of the related schemes but also provides a reduction in computational cost. The proposed scheme also provides the user anonymity and untraceability, and allows a user to change his/her password without informing the remote server. To show the security of our protocol, we prove its security the random oracle model

χ\chiperbp: a Cloud-based Lightweight Mutual Authentication Protocol

Alongside the development of cloud computing and Internet of Things(IoT), cloud-based RFID is receiving more attention nowadays. Cloud-based RFID system is specifically developed to providing real-time data that can be fed to the cloud for easy access and instant data interpretation. Security and privacy of constrained devices in these systems is a challenging issue for many applications. To deal with this problem, we propose $\chi$perbp, a lightweight authentication protocol based on $\chi$per component. $\chi$per is a hardware/software friendly component that can be implemented using bit-wise operations. To evaluate the performance efficiency of our proposed scheme, we implement the $\chi$perbp scheme on a FPGA module Xilinx Kintex-7 using the hardware description language VHDL. Our security and cost analysis of the proposed protocol shows that the proposed protocol provides desired security against various attacks, in a reasonable cost. Also, formal security evaluation using BAN logic and Scyther tool indicates its security correctness. Besides, we analyse the security of a related protocol which has been recently proposed by Fan \textit{et al.} It is a cloud-based lightweight mutual authentication protocol for RFID devices in an IoT system. Although they have claimed security against active and passive adversaries, however, our detailed security analysis in this paper demonstrates major drawbacks of this protocol. More precisely, the proposed attack disclose the tag\u27s secrets efficiently. Given the tag\u27s secrets, any other attack will be trivial