10 research outputs found
Cryptanalysis and improvement of chen-hsiang-shih's remote user authentication scheme using smart cards
Recently, Chen-Hsiang-Shih proposed a new dynamic ID-based remote user authentication scheme. The authors claimed that their scheme was more secure than previous works. However, this paper demonstrates that theirscheme is still unsecured against different kinds of attacks. In order to enhance the security of the scheme proposed by Chen-Hsiang-Shih, a new scheme is proposed. The scheme achieves the following security goals: without verification table, each user chooses and changes the password freely, each user keeps the password secret, mutual authentication, the scheme establishes a session key after successful authentication, and the scheme maintains the user's anonymity. Security analysis and comparison demonstrate that the proposed scheme is more secure than Das-Saxena-Gulati's scheme, Wang et al.'s scheme and Chen-Hsiang-Shih.Peer ReviewedPostprint (published version
Security improvement of two dynamic ID-based authentication schemes by Sood-Sarje-Singh
In 2010, Sood-Sarje-Singh proposed two dynamic ID-based remote user authentication schemes. The first scheme
is a security improvement of Liao et al.’s scheme and the second scheme is a security improvement of Wang et
al.’s scheme. In both cases, the authors claimed that their schemes can resist many attacks. However, we find that
both schemes have security flaws. In addition, their schemes require a verification table and time-synchronization,
making the schemes unfeasible and unsecured for electronic services. In order to remedy the security flaws of
Sood et al.’s schemes, we propose a robust scheme which resists the well-known attacks and achieves all the
desirable security goals.Peer ReviewedPostprint (published version
Protocol design for high speed networks
SIGLEAvailable from British Library Document Supply Centre- DSC:D59737 / BLDSC - British Library Document Supply CentreGBUnited Kingdo
Security enhancement on Li-Lee’s remote user authentication scheme using smart card
Recently, Li and Lee proposed a new remote user authentication scheme using smart card. However, their scheme requires a verification table and the user’s identity is not protected. Moreover, users cannot change their password off-line. In order to overcome the security flaws, we propose a new scheme which provides more security without affecting the merits of the original schemePeer Reviewe
Cryptanalysis and improvement of chen-hsiang-shih's remote user authentication scheme using smart cards
Recently, Chen-Hsiang-Shih proposed a new dynamic ID-based remote user authentication scheme. The authors claimed that their scheme was more secure than previous works. However, this paper demonstrates that theirscheme is still unsecured against different kinds of attacks. In order to enhance the security of the scheme proposed by Chen-Hsiang-Shih, a new scheme is proposed. The scheme achieves the following security goals: without verification table, each user chooses and changes the password freely, each user keeps the password secret, mutual authentication, the scheme establishes a session key after successful authentication, and the scheme maintains the user's anonymity. Security analysis and comparison demonstrate that the proposed scheme is more secure than Das-Saxena-Gulati's scheme, Wang et al.'s scheme and Chen-Hsiang-Shih.Peer Reviewe
An Architecture for Intrusion Detection Based on an Extension of the Method of Remaining Elements
This paper introduces an Anomaly-based Intrusion Detection architecture based on behavioral traffic profiles created by using our enhanced version of the Method of Remaining Elements (MRE). This enhanced version includes: a redefinition of the exposure threshold through the entropy and cardinality of residual sequences, a dual characterization for two types of traffic slots, the introduction of the Anomaly Level Exposure (ALE) that gives a better quantification of anomalies for a given traffic slot and r-feature, an alternative support that extends its detection capabilities, and a new procedure to obtain the exposure threshold through an analysis of outliers on the training dataset. Regarding the original MRE, we incorporate the refinements outlined resulting in a reliable method, which gives an improved sensitivity to the detection of a broader range of attacks. The experiments were conducted on the MIT-DARPA dataset and also on an academic LAN by implementing real attacks. The results show that the proposed architecture is effective in early detection of intrusions, as well as some kind of attacks designed to bypass detection measures.Este artĂculo presenta una arquitectura para la detecciĂłn de intrusiones basado en anomalĂas cuya base referencial son perfiles de comportamiento del tráfico creados con nuestra versiĂłn mejorada del MĂ©todo de los Elementos Remanentes (MRE). Esta versiĂłn de MRE incluye lo siguiente: una redefiniciĂłn del umbral de exposiciĂłn a travĂ©s de la entropĂa y remanencia de las secuencias residuales, una caracterizaciĂłn simultanea para dos tipos de ranura de tráfico, la introducciĂłn del nivel de exposiciĂłn de anomalĂas (ALE) brinda una mejor cuantificaciĂłn de las anomalĂas para un rasgo y ranura de tráfico determinado, un soporte alternativo que extiende las capacidades de detecciĂłn, y un nuevo procedimiento para obtener el umbral de exposiciĂłn a travĂ©s de un análisis de valores atĂpicos del conjunto de datos de entrenamiento. La incorporaciĂłn de las mejoras señaladas proporciona un mĂ©todo confiable con mayor sensibilidad en la detecciĂłn de un rango más amplio de ataques. Los experimentos se realizaron empleando la traza de red MIT-DARPA y en una LAN acadĂ©mica usando ataques reales. Los resultados muestran que la arquitectura propuesta es efectiva en la detecciĂłn temprana de intrusiones, asĂ como de algunos ataques diseñados para evadir la detecciĂłn
Security improvement of two dynamic ID-based authentication schemes by Sood-Sarje-Singh
In 2010, Sood-Sarje-Singh proposed two dynamic ID-based remote user authentication schemes. The first scheme
is a security improvement of Liao et al.’s scheme and the second scheme is a security improvement of Wang et
al.’s scheme. In both cases, the authors claimed that their schemes can resist many attacks. However, we find that
both schemes have security flaws. In addition, their schemes require a verification table and time-synchronization,
making the schemes unfeasible and unsecured for electronic services. In order to remedy the security flaws of
Sood et al.’s schemes, we propose a robust scheme which resists the well-known attacks and achieves all the
desirable security goals.Peer Reviewe