Certificate-Based Parallel Key-Insulated Aggregate Signature Against Fully Chosen-Key Attacks for Industrial Internet of Things

With the emergence of the Industrial Internet of Things (IIoT), numerous operations based on smart devices contribute to producing convenience and comfortable applications for individuals and organizations. Considering the untrusted feature of the communication channels in IIoT, it is essential to ensure the authentication and incontestableness of the messages transmitted in the IIoT. In this paper, we firstly proposed a certificate-based parallel key-insulated aggregate signature (CB-PKIAS), which can resist the fully chosen-key attacks. Concretely, the adversary who can obtain the private keys of all signers in the system is able to forge a valid aggregate signature by using the invalid single signature. Furthermore, our scheme inherits the merits of certificate-based and key-insulated to avoid the certificate management problem, key escrow problems as well as the key exposures simultaneously. In addition, the rigorous analysis and the concrete simulation experiment demonstrated that our proposed scheme is secure under the random oracle and more suitable for the IIoT environment

An Improved User Authentication Protocol for Healthcare Services via Wireless Medical Sensor Networks

Healthcare service sector is one of the major applications of Wireless Sensor Networks (WSNs) acknowledged as Wireless Medical Sensor Network (WMSNs). It deploys tiny medical sensor-nodes ( MS -nodes) on the body of the patient to sense crucial physiological signs which can be accessed and analyzed by registered medical professionals. Recently, Khan et al. analyzed Kumar et al.'s scheme proposed for healthcare applications using WMSNs and observed that the scheme is susceptible to many security weaknesses if an adversary extracts the information from the lost smart card of some user. The adversary can access patient's physiological data without knowing actual password, can deceive medical professionals by sending fake information about patients, can guess the password of a user from the corresponding smart card, and so forth. Besides, the scheme fails to resist insider attack, lacks user anonymity and the session key shared between the user and the MS -node is insecure. To overcome these problems, we propose an improved user authentication scheme for healthcare applications using WMSNs. We show that the scheme is free from the identified weaknesses and excels in performance and efficiency scheme

An Improved Biometrics-Based Remote User Authentication Scheme with User Anonymity

The authors review the biometrics-based user authentication scheme proposed by An in 2012. The authors show that there exist loopholes in the scheme which are detrimental for its security. Therefore the authors propose an improved scheme eradicating the flaws of An’s scheme. Then a detailed security analysis of the proposed scheme is presented followed by its efficiency comparison. The proposed scheme not only withstands security problems found in An’s scheme but also provides some extra features with mere addition of only two hash operations. The proposed scheme allows user to freely change his password and also provides user anonymity with untraceability

An improved efficient remote password authentication scheme with smart card over insecure networks,”

's scheme and both of them pointed out, more or less, same vulnerabilities: like offline password guessing attack, impersonating the server by replay attack, denial of service attack on password changing and insider attack on it. But none of them suggested any solution to the pointed out attacks. This paper proposes an improved scheme with enhanced security, maintaining advantages of the original scheme and free from the attacks pointed out by Yoon-Yoo and Xiang et al.

Cryptanalysis and improvement of a robust smart card secured authentication scheme on SIP using elliptic curve cryptography

The session initiation protocol (SIP) has been receiving a lot of attention to provide security in the Voice over IP (VoIP) in Internet and mobility management. Recently, Yeh et al. proposed a smart card-based authentication scheme for SIP using elliptic curve cryptography (ECC). They claimed that their scheme is secure against known security attacks. However, in this paper, we indicate that Yeh et al.’s scheme is vulnerable to off-line password guessing attack, user impersonation attack and server impersonation attack, in the case that the smart card is stolen and the information stored in the smart card is disclosed. As a remedy, we also propose an improved smart card-based authentication scheme which not only conquers the security weaknesses of the related schemes but also provides a reduction in computational cost. The proposed scheme also provides the user anonymity and untraceability, and allows a user to change his/her password without informing the remote server. To show the security of our protocol, we prove its security the random oracle model

An authentication and key agreement scheme for smart grid

The Internet of Things (IoT) plays a crucial role in the new generation of smart cities, in which developing Internet of Energy (IoE) in the energy sector is a necessity also. Several schemes have been proposed so far and in this paper we analyze the security of a recently proposed authentication and key agreement framework for smart grid named PALK. Our security analysis demonstrates that an attacker can extract the user permanent identifier and password, which are enough to do any other attacks. To remedy the weaknesses and amend PALK, we propose an improved protocol based on Physical Unclonable Function(PUF) to provide desired security at a reasonable cost. We also prove the semantic security of constructed scheme by using the widely-accepted real and synthetic model, under the computationally hard Diffie-Hellman assumption. Computational and communication cost analysis of the improved protocol versus PALK, based on identical parameter sets on our experimental results on an Arduino UNO R3 board having microcontroller ATmega328P, shows 46% and 23% enhancements, respectively. We also provide, the energy consumption of the proposed protocol and each session of the protocol consumes almost 24 mJ energy. It shows that it is an appropriate choice for constrained environments, such as IoE