DECENTRALIZED SOCIAL NETWORK SERVICE USING THE WEB HOSTING SERVER FOR PRIVACY PRESERVATION

In recent years, the number of subscribers of the social network services such as Facebook and Twitter has increased rapidly. In accordance with the increasing popularity of social network services, concerns about user privacy are also growing. Existing social network services have a centralized structure that a service provider collects all the user’s profile and logs until the end of the connection. The information collected typically useful for commercial purposes, but may lead to a serious user privacy violation. The user’s profile can be compromised for malicious purposes, and even may be a tool of surveillance extremely. In this paper, we remove a centralized structure to prevent the service provider from collecting all users’ information indiscriminately, and present a decentralized structure using the web hosting server. The service provider provides only the service applications to web hosting companies, and the user should select a web hosting company that he trusts. Thus, the user’s information is distributed, and the user’s privacy is guaranteed from the service provider

Cryptanalysis and improvement of a biometrics-based multi-server authentication with key agreement scheme

In 2010, Yoon et al. proposed a robust biometrics- based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. In this letter, however, we show that Yoon et al.’s scheme is vulnerable to off-line password guessing attack and propose an improved scheme to prevent the attack

Security Analysis and Improvements of Two-Factor Mutual Authentication with Key Agreement in Wireless Sensor Networks

User authentication and key management are two important security issues in WSNs (Wireless Sensor Networks). In WSNs, for some applications, the user needs to obtain real-time data directly from sensors and several user authentication schemes have been recently proposed for this case. We found that a two-factor mutual authentication scheme with key agreement in WSNs is vulnerable to gateway node bypassing attacks and user impersonation attacks using secret data stored in sensor nodes or an attacker’s own smart card. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in unique ciphertext form in each node. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in a WSN operate with resource constraints such as limited power, computation, and storage space. Therefore, we also analyze the performance of the proposed scheme by comparing its computation and communication costs with those of other schemes