New Secure Authentication and Key agreement Scheme for Session Initiation Protocol using Elliptic Curve Cryptography
|
|
- Beverly Williams
- 5 years ago
- Views:
Transcription
1 International Journal of Computer Trends and Technology (IJCTT) - volume 3 Number - December 15 New Authentication and Key agreement Scheme for Session Initiation Protocol using Elliptic Curve Cryptography Vaishali P Bhoge, Dr Sadhna Mishra, Prof Bhagat Raghuwanshi Computer Science and Engineering Dept RGPV Bhopal, Bhopal (India) vaishubhoge@gmailcom bhagatmnit@gmailcom sadhnamanit@yahucom Abstract VoIP is new emerging technology for delivery of voice communication and multimedia session over the Internet In VoIP network voice and signalling are multiplexed and travel as normal data inside the IP network This growing popularity is due to cost saving factor and flexibility of services Session Initiation Protocol (SIP) is an application layer control protocol for establish, maintain and terminates user sessions in VoIP network The SIP authentication is based on HTTP digest authentication scheme which suffer from various security threats and attacks Many Researchers have proposed different SIP authentication schemes to secure the SIP authentication Recently, Tang et al proposed a SIP authentication scheme using Elliptic Curve Cryptography (ECC) but still their scheme suffer from the offline-password guessing attack and registration attack So to overcome such security threat we proposed A new secure authentication and key agreement scheme for SIP using Elliptic Curve Cryptography Keywords Session Initiation Protocol, Elliptic Curve Cryptography, HTTP digest authenticatoin I I NTRODUCTION Session Initiation Protocol (SIP) is Internet Engineering Task Force (IETF) standard for IP-based telephony and new generation Internet Multimedia Subsystem (IMS) network[1] SIP is an application layer control protocol used for creating, maintaining and terminating the session among SIP users The session can include Internet Telephony, multimedia conference, distance learning, multimedia distribution and instance messaging applications It is text based peer-to-peer protocol widely used for controlling multimedia communication sessions SIP authentication mechanism is based on HTTP Digest authentication to support challenge response authentication protocol[] Voice over IP Security Alliance (VOIPSA) [3] introduce VoIP security and privacy threat taxonomy which defines the many potential security threats and attacks that exist in SIP protocol implementation Different SIP protocol attacks are exist in SIP based network because of the weak authentication scheme used for SIP session establishment between SIP end user[] ISSN: SIP is The important signalling protocol used between multiple user consist of requests and responses to initiate the call The most common operation is INVITE operation that uses in the authentication to authenticate each end user before Session establishment Successful session consist of two INVITE message followed by an ACK message The INVITE request ask callee to establish a session with authentication If the callee s response indicate that it accept the call, the caller confirmed it by sending ACK message If one of the user want to hangup the call, it sends a BYE request to terminate the call In SIP based network authentication take place between user agent and SIP server (Proxy server, Registrar, and user agent server), where SIP server requires a user agent to authenticate itself before processing the request this SIP authentication is requires in following cases: Registration: accept the registration request from user to prevent malicious user to register without authorization Session establishment: To create the call session both end user identify each other identity using INVITE request Session modification: to prevent and ensure that an unauthorized third party does not modify existing session Terminating session: Terminate a session via BYE request When user want to use SIP service he or she has to perform SIP authentication mechanism to establish SIP session Thus SIP authentication is The most important issue in VoIP or IMS network So various SIP authentication schemes had been proposed by various researches to prevent SIP from existing security threats and attacks Different SIP authentication scheme based on Elliptic Curve Cryptography have been proposed to secure SIP authentication using cryptographic algorithm with low computation cost [6,7,8,9,1] In 5, Yang et al found that original SIP authentication scheme was vulnerable to off-line password guessing attack Page
2 International Journal of Computer Trends and Technology (IJCTT) - volume 3 Number - December 15 and server spoofing attack he proposed authentication scheme to resist these attacks [5] However Yang et al s scheme was vulnerable to stolen-verifier attack, off-line password guessing attack and Denning-Sacco attack Later in The same year, Durlanik et al proposed an efficient SIP authentication scheme based on Elliptic Curve Diffie-Hellman (ECDH) key exchange algorithm with reduced execution time and memory requirement But still this scheme was vulnerable to off-line dictionary attack and Denning-Sacco attack [6] In 9, Yoon et al proposed improved SIP authentication scheme to overcome the weakness of Durlanik et al s authentication scheme but still was defenceless to off-line password guessing attack and stolen-verifier attack [7] In 11, Arshad et al proposed new SIP authentication scheme based on ECC to secure SIP from password guessing attack and stolen-verifier attack [9] Tang et al proposed new secure SIP authentication to prevent from vulnerabilities of Arshad s scheme [1] This SIP authentication scheme was based on Elliptic Curve Discrete Logarithm Problem (ECDLP) In this paper we demonstrate that Tang et al s SIP authentication scheme is vulnerable to Off-line password guessing attack and Registration attack We also proposed our secure and strong SIP authentication and key agreement scheme to make more secure SIP protocol implementation The remainder of this paper is organised as follow Section reviews the preliminaries on SIP authentication scheme and Elliptic curve Cryptography In Section 3, we give a brief review of Tang et al s SIP authentication scheme and describe the weakness of algorithm We also provide detail review for Off-line password attack and registration attack on this scheme In Section we describe the proposed secure and efficient SIP authentication scheme to establish the SIP session In Section 5 we prove the security of proposed algorithm In Section 6 we evaluate the performance of proposed SIP authentication scheme And Section 7 provide the conclusion II Fig 1 HTTP based SIP authentication procedure Step 3: Client Server RESPONSE(nonce, realm, username, response): Client compute response h(nonce, username,password,realm) where h() is one way MD5 hash function and is used to generate digest authentication message Then client send the response message to server Server will extract the password from database based on username and compute the response to verify against the response send by client If they match it verify the identity of client Otherwise server abort SIP session B Elliptic Curve Cryptography The application of elliptic curves to the field of cryptography has been relatively recent ECC provides the public key cryptosystems that uses the Elliptic Curve Discrete Logarithm Problem (ECDLP) This is more efficient and strong as compare to traditional cryptosystems in term of computation cost and memory requirement ECC operates over a group of points on an elliptic curve which defined by equation: Ea,b : x3 + ax + b P RELIMIRIES A SIP authentication procedure SIP authentication scheme based on challenge response mechanism similar to HTTP Digest authentication scheme [11] This is known as Digest authentication due to use of an MD5 hashing function on usename/password of user as security algorithm This mechanism relies on a shared secrete between client and server So client pre-shares a password with a server before authentication procedure starts Following fig shows the SIP authentication scheme based on HTTP Digest authentication The original SIP authentication procedure is as follow: Step 1 Client Server: REQUEST The client send a REQUEST to a server Step : server Client CHALLANGE(nonce, realm) Then server generate the challange that include the nonce and realm and server send challange back to client in response to client request ISSN: (1) Server select Elliptic Curve domain parameter over Fp are textuple: T (p, a, b, P, n, h) Considering of an integer p specifying finite field Fp, two element a,b belong to Fp A base point P on Fp, a prime n which is order of P, and an integer h which define as cofactorh #E(Fp )/n III R EVIEW OF TANG ET AL S SIP AUTHENTICATION SCHEME In this section we briefly review Tang et al s SIP authentication scheme based on Elliptic Curve Cryptography [1] This scheme consist of four phases: System setup phase, Registrtation phase, Login and Authentication phase, and password change phase A system setup phase In this phase both sever and all communicating parties are agree on the EC parameter The sever will select a secrete key Sk, keep secrete Sk and publish p, a, b, n, h, P Page 1
3 International Journal of Computer Trends and Technology (IJCTT) - volume 3 Number - December 15 B Registration phase Before login to server, client must be registered with server first In this phase client pre-shared his credential using secure channel Client chooses his or her identity IDi and password P Wi, and send through a pre-established secure channel Server computes Vi h(idi Ks ) P Wi, and stores (IDi, Vi ) in its database Client Ui need to go through the above authentication phase and let the server S authenticate his or her identity with the old password P Wi After receiving the successful authentication confirmation from server S, client Ui input the new password P Wi Client Ui compute P W D h(sk Sku ) P Wi and V h(sk SKu P Wi ), and sends password change request (P W D, V ) to server S On receipt of message server S compute P Wi h(sk ) P W D and check whether V is equal to h(sk P Wi ) If they are not equal, the server reject password change request, computes h3 h( SK Denied ) and sends denied message ( Denied, h3) back to user Ui Otherwise server S computes accepted message h h( SK Accepted ) and sends ( Accepted, h) back to user Ui Finally server S computes Vi h(idi Ks ) P Wi and replace Vi with Vi C Login and Authentication phase This login and authentication phase is important phase of SIP authentication scheme where client want to login to remote SIP server to establish SIP session client uses his or her identity IDi and password P W i to authenticate itself to SIP server This mutual authentication scheme is based on Elliptic curve discrete logarithm problem (ECDLP) to establish SIP session between client and server This SIP authentication scheme is as follow: Step 1 Ui S : REQUEST (IDi, R1) User Ui select a random secrete nonce r1 Zn, compute R r1p, R1 H(IDi, P Wi ), and then create message REQUEST(IDi, R1) and send to SIP server S Step S Ui : CHALLANGE (S, R, V 1) On receipt of request message, S compute the P Wi Vi h(idi Ks ) based on existed user IDi, then com putes R R1 H(IDi P Wi ) Server select random secrete nonce r Zn, compute R rp,session key rr r1rp Then server compute V 1 h(s IDi R R ), and send challenge message to client Step 3 Ui S : RESPONSE (IDi, S, V ) On receiving challange message from server client computes its session SKu r1r r1rp, V1 h(s IDi R R SKu ) and check whether equals to V1 If they are equal, client Ui authenticate the server S otherwise terminate the session client Ui authenticates server S and computes V h(idi S SKu P Wi ) to send RESPONSE (IDi, S, V ) to server S After receiving response message from client Ui, server S authenticate to client Ui by verifying the value of V by computing V h(idi S SKu P Wi ) and comparing both V and V If they are not equal, server S failed the authentication of client Ui and terminate the session Otherwise server S authenticate identity of client Ui After authenticating each other both parties make key agreement eventually and establish the session with common session key SK h(idi S r1p rp r1rp P Wi ) for further communication D Password change phase When the user doubts whether his or her password is stolen, he or she can change the password easily in this phase ISSN: IV C RYPTALYSIS OF TANG ET AL S S CHEME Tang et al provides the strong security solution to SIP authentication scheme against many possible threats and attack Still this scheme of authentication based on elliptic curve is vulnerable to Registration attack and off-line password guessing attack A Registration Attack When client send REGISTER request to the SIP server it uses SIP authentication based on HTTP digest authentication using UDP transport for flexible service During authentication client IP address is sent in clear form and not protected by Tang et al s authentication scheme An attacker can easily modified the hostname or IP address to register its own IP address So whenever receive call to valid UA, the call will be forwarded to attackers registered IP address In this way Tang et al s authentication suffer from Registration attack B off-line password guessing attack This off-line password guessing attack works when an attacker tries to find out Password P Wi of client Ui Following are details steps to perform the off-line password guessing attack: An attacker record the SIP message between client Ui and server S and get open parameters like targeted user id details IDi An attacker chooses it s own random secrete nonce r1 Zn, compute R r1p and then impersonate as target user IDi to send request message REQUEST(IDi, R) for SIP authentication Page
4 International Journal of Computer Trends and Technology (IJCTT) - volume 3 Number - December 15 On receiving request message server S compute P Wi Vi h(idi, Ks ) andr R H(IDi P Wi ) The server select its random secrete nonce r Zn to compute R rp, rr and server verifier V 1 h(idi S R R Sks ) to send message CHALLANGE (S, R, V 1) to attacker who impersonate the user IDi After receiving challenge message an attacker perform the following steps to get the user passsword P Wi using off-line password guessing: 1) ) 3) ) An attacker select candidate password P Wi from Dictionary D An attacker record Authentication parameter R, and V 1 An attacker s known parameter are r1 and R are used in breaking the Tang et al s cryptosystem An attacker calculate H(IDi P Wi ) using guess password P Wi and then compute R R H(IDi P Wi ) where H(IDi P Wi ) is elliptic point h(idi P Wi )P An attacker computes parameter based on server side computation of rr which is equal to following computation 5) 6) V To secure the SIP authentication scheme against these two vulnerabilities we proposed new secure and efficient SIP authentication and key agreement scheme based on ECC Our scheme also contain four phases: System setup phase, Registration phase, Login and authentication phase, and password change phase A System setup phase In this phase both User Ui and Server S are agree on the Elliptic Curve parameter The server select the secrete Ks, compute Q Ks P, keep the secrete Ks and publishes P, a, b, n, h, Q B Registration phase When initially client Ui want to login to SIP server S for SIP authentication, he/she must register to the remote server first This phase includes providing the user details and location details along with credential details like username IDi and password P Wi In this phase the user communicate with server using the secure channel This phase include following steps: rr r[r H(IDi P Wi )] rr rh(idi P Wi ) r1rp rh(idi P Wi )P r1r h(idi P Wi )R So an attacker compute r1r h(idi P Wi )R based on known values r1, R and guess P Wi Then an attacker compute V i (IDi S R ) and compare with V 1 If they are equal, an attacker guesses the correct password P Wi of target user Otherwise an attacker go to step 1 for different password P Wi and repeat procedure until get the correct password The algorithm of a off-line password guessing attack is as follows: P ROPOSED SIP AUTHENTICATION SCHEME User chooses his or her identity IDi and password P Wi, send this credential through the pre-established secure channel like ( Socket Layer) SSL or VPN (Virtual Private Network) Then server compute the Vi h(idi Ks ) h(ipi P Wi ) based on password and IP address of client IPi, and stores (IDi, Vi ) in server database Ui S Ui select IDi and P Wi publish P, a, b, n, h, Q Register(IDi, P Wi, IPi ) S compute Vi h(idi Ks ) h(ipi P Wi ) Store Vi in database Figure 1: Registration phase OfflinePassguessAttack(r1, R, R, V 1) { C Login and Authentication scheme for i : to D After successful registration client Ui can login to server S using his or her login credentials for SIP authentication to establish the SIP session over VoIP network When client Ui want to login to SIP server S, using his or her identity IDi and password P Wi perform following steps in SIP authentication to establish SIP session between both parties: { P Wi D i ; R R H(IDi P Wi ); r1r h(idi P Wi )R; V 1 (IDi S R ); Step 1 Ui S : REQUEST (IDi, R1) User Ui select a random secrete r1 Zn, compute R r1p After that user compute Hp h(ipi P Wi )Q h(ipi P Wi )Ks P based on server public Q, and then compute R1 R + Hp User Ui create message REQUEST(IDi, R1) and send to server S Step S Ui : CHALLANGE (S, R, V 1) On receipt of request message, server S compute the h(ipi P Wi ) Vi h(idi Ks ) based on existed if V 1 V 1 then return P Wi } } In this way we can perform the cryptanalysis of Tang et al s SIP authentication which is vulnerable to Registration attack and password guessing attack ISSN: Page 3
5 International Journal of Computer Trends and Technology (IJCTT) - volume 3 Number - December 15 user IDi, then computes Hp h(ipi P Wi )Ks P and R R1 Hp from secrete Ks and P Wi Server select random secrete nonce r Zn, compute R rp, session key rr r1rp Then server compute V 1 h(s IDi R R ), and send challenge message (S, R, V 1) to client Step 3 Ui S : RESPONSE (IDi, S, V ) On receiving challenge message from server client computes its session SKu r1r r1rp, V1 h(s IDi R R SKu ) and check whether equals to V1 If they are equal, client Ui authenticate the server S otherwise terminate the session client Ui authenticates server S and computes V h(idi S R SKu ) to send RESPONSE (IDi, S, V ) to server S After receiving response message from client Ui, server S authenticate to client Ui by verifying the value of V with h(idi S rp ) If they are not equal, server S failed the authentication of client Ui and terminate the session Otherwise server S authenticate identity of client Ui After successful mutual authenticating each other both establish the SIP session with common session key SK h(idi S R1 R ) for further communication Ui S r1 Zn,R r1p Hp h(ipi, P Wi )Q R1 R + Hp REQU EST (IDi, R1) S check IDi exist h(ipi P Wi ) Vi h(idi Ks ) Hp h(ipi, P Wi )Sk P R R1 Hp r Zn, R rp rr r1rp V 1 h(s IDi R R ) CHALLAN GE(S, R, V 1) SKu r1r r1rp check V1? h(s IDi R R SKu ) V h(idi S R SKu ) RESP ON SE(IDi, S, V ) check V? h(idi S R ) SK h(idi S R1 R ) Figure : Login and Authentication phase D Password change phase In this phase user Ui can change the password securely by authenticating to server S with previous credentials and change the existed password P Wi with new password P Wi client Server : changepass(idi, P W D, V ) After successful initial SIP authentication Ui compute P W D h(sk SKu ) h(ipi P Wi ) and V h(idi SKu h(ipi P Wi )), then send the message (IDi, P W D, V ) to server S ISSN: On receipt of message from user Ui server recover new password h(ipi P Wi ) P W D h(sk ) and check whether V is equal to h(idi h(ipi P Wi ))or not If they are not equal, The server reject password change request, computes h3 h( SK Denied ) and sends denied message ( Denied, h3) back to user Ui Otherwise server S computes accepted message h h( SK Accepted ) and sends ( Accepted, h) back to user Ui Finally server S computes Vi h(idi Ks ) h(ipi P Wi ) and replace Vi with Vi Ui S Ui select IDi and P Wi publish P, a, b, n, h, Q Initial SIP authentication select new P Wi P W D h(sk SKu ) h(ipi P Wi ) V h(idi SKu h(ipi P Wi )) changep ass(idi, P W D, V ) h(ipi P Wi ) P W D h(sk ) Check V? h(idi h(ipi P Wi )) h3 or h h3 h( SK Denied ) h h( SK Accepted ) Vi h(idi Ks ) h(ipi P Wi ) replace Vi with Vi Figure : Password change phase VI S ECURITY AND PERFORMANCE ALYSIS We analyse a security of the proposed SIP authentication scheme based on Elliptic Curve Cryptography with following security terms: Definition 1: Password P Wi is low entropy value that can be guess in polynomial time Definition : Secrete key Ks of server S is high entropy value that cannot be guess in polynomial time Definition 3: Elliptic Curve Discrete Logarithm Problem (ECDLP): Given public key point Q rp, it is hard to compute secrete r Definition : Elliptic Curve Computational DiffieHellman Problem (ECCDHP) is as follow: given point element r1p and rp, it is hard to find r1rp Definition 5: Elliptic Curve Decisional Diffie-Hellman Problem (ECDDHP)is as follow: for x, y, z Zq, given any three point elements xp, yp, and zp in G, it is hard to decide whether cp abp in G Definition 6: one way hash function Y f (X), when given X it is easy to compute Y and given Y it is hard to compute X The security properties of previously reported schemes [6, 5, 9, 1, 11, 13] and proposed SIP authentication scheme are summarized in Table below Page
6 International Journal of Computer Trends and Technology (IJCTT) - volume 3 Number - December 15 Table I Comparison of security properties of SIP Attacks Impersonation Attack Password guessing Attack Denning-Sacco Attack Stolen Verifier Attack Registration Attack Mutual Authentication Sessin Key Security Known Key Secrecy perfect Forword Secrecy Durlanic Yang Tsai Not Provide Not We focused on The computation cost of the login and authentication phage in SIP authentication scheme The main computation cost is defined by the Elliptic Curve scale multiplication operation So here we define the notation PM, HM, PA and H as the time complexity for Elliptic Curve scale multiplication, hash-to-point function, point addition and hash function operations, respectively Following table provides the computation cost and communication cost of login and authentication phase in SIP authentication scheme using ECC User Agent User Ui side Server S side Total [] [] Login and Authentication Phase 3M P + 1P A + HP + 3H 3M P + 1P A + HP + H 6M P + P A + HP + 7H [5] [6] The computations cost of proposed scheme and previously schemes [6, 5, 9, 1, 11, 13 ] are shown in Table below Table III Computation cost of proposed Scheme Cost MP A HP H Durlanic 6 Yang 8 VII Yoon 6 3 Arshad 5 8 our C ONCLUSION [9] [1] [11] [1] In this paper we have perform cryptanalysis of Tang et al s SIP authentication scheme based on ECC We have demonstrated the vulnerabilities of this scheme to Registration attack and off-line password guessing attack So to over come these security threats we proposed A new secure Authentication and key agreement scheme for Session Initiation Protocol using ECC cryptosystem Our new SIP authentication scheme based on Elliptic Curve Cryptography provides the reduction in the computation cost which is flexible for the performance of the devices with the memory and computational power constraint This scheme can be easily flexible with the mobile devices with next generation mobile communication over the VoIP and IMS network So new scheme has been proved to be more secure and efficient compared to previous SIP authentication scheme ISSN: [7] [8] Tang 7 1 Arshad Tang our R EFERENCES [1] [3] Table II Communication cost of proposed Scheme Yoon [13] Rosenberg J, Schulzrinne H, Camarillo G, Johnston A, Peterson J, Sparks R, Handley M and Schooler E SIP: Session Initiation Protocol, RFC 361 IETF Network Working Group, June Franks J, Hallam-Baker P, Hostetler J, Lawrence S, Leach P, Luotonen A and Stewart L HTTP Authentication: Basic and Digest Access Authentication,RFC 617, IETF Network Working Group, June 1999 The Voice over IP Security Alliance VOIPSA, VoIP Security and Privacy Threat Taxonomy PublicRelease 1, October 5 Ganesh Sonwane, Mr B R Chandavarkar Security Analysis of Session Initiation Protocol in IPv and IPv6 based VoIP network Second International Conference on Advanced Computing, Networking and Security (ADCONS), Dec 13 Yang CC,Wang RC, Liu WT authentication scheme for session initiation protocol ComputSecur : , 5 Durlanik A, Sogukpinar I, SIP Authentication Scheme using ECDH World EnformatikaSocity 5 Yoon EJ, Yoo KY Cryptanalysis of DS-SIP authentication scheme using ECDH, International Conference on New Trends in Information and Service Science 6 67, 9 Chen TH, Yeh HL, Liu PC, Hsiang HC, Shih WK, A secured authentication protocol for SIP using elliptic curves cryptography CN, CCIS 119:6 55, 1 Arshad R, Ikram N, Elliptic curve cryptography based mutual authentication scheme for session initiation protocol Multimed Tool Appl doi:117/s , 11 David Butcher,Xiangyang Li and Jinhua Guo, Security Challenges and Defense in VOIP Infrastructures IEEE Transaction On SystemManand Cybernetics-Part C, 7 Franks et al HTTP authentication: Basic and Digest authentication, RFC 617, June 1999 Hongbin Tang, Xinsong Liu, Cryoptonalysis of Arshad et al s ECCbased mutual authentication scheme for session initiation protocol Springer+Business Media, LCC 1 HHakan kilinc and Tugrul Yanic A Survey of SIP Authentication and Key Agreement Scheme IEEE Communication Survey and Tutorials vol 16,No, 1 Page 5
Academia Arena 2018;10(6) Campus, Niayesh Blvd., Kish Island, Iran
Cryptanalysis of Tang et al. s ECC-based mutual authentication scheme for SIP 1 Samaneh Sadat Mousavi Nik*, 2 Amir Safdari 1 MSC in department of Engineering, Security in Information Technology, University
More informationA new SIP authentication scheme by incorporation of elliptic curve cryptography with ticket server
A new SIP authentication scheme by incorporation of elliptic curve cryptography with ticket server 1 Farnad Ahangari, 2 Mahsa Hosseinpour Moghaddam, 3 Seyyed Amin Hosseini Seno Department of Computer Engineering
More informationA New Efficient Authenticated and Key Agreement Scheme for SIP Using Digital Signature Algorithm on Elliptic Curves
Paper A New Efficient Authenticated and Key Agreement Scheme for SIP Using Digital Signature Algorithm on Elliptic Curves, Agadir, Morocco Abstract Voice over Internet Protocol (VoIP) has been recently
More informationA New Secure Authentication and Key Exchange Protocol for Session Initiation Protocol Using Smart Card
International Journal of Network Security, Vol.19, No.6, PP.870-879, Nov. 2017 (DOI: 10.6633/IJNS.201711.19(6).02) 870 A New Secure Authentication and Key Exchange Protocol for Session Initiation Protocol
More informationCryptanalysis of a SIP Authentication Scheme
Cryptanalysis of a SIP Authentication Scheme Fuwen Liu, Hartmut Koenig To cite this version: Fuwen Liu, Hartmut Koenig. Cryptanalysis of a SIP Authentication Scheme. Bart Decker; Jorn Lapon; Vincent Naessens;
More informationCryptanalysis and improvement of passwordauthenticated key agreement for session initiation protocol using smart cards
SECURITY AND COMMUNICATION NETWORKS Security Comm. Networks 2014; 7:2405 2411 Published online 17 January 2014 in Wiley Online Library (wileyonlinelibrary.com)..951 RESEARCH ARTICLE Cryptanalysis and improvement
More informationA Simple User Authentication Scheme for Grid Computing
A Simple User Authentication Scheme for Grid Computing Rongxing Lu, Zhenfu Cao, Zhenchuai Chai, Xiaohui Liang Department of Computer Science and Engineering, Shanghai Jiao Tong University 800 Dongchuan
More informationA secure authentication scheme for session initiation protocol by using ECC on the basis of the Tang and Liu scheme
SECURITY AND COMMUNICATION NETWORKS Security Comm. Networks 2014; 7:1210 1218 Published online 10 July 2013 in Wiley Online Library (wileyonlinelibrary.com)..834 RESEARCH ARTICLE A secure authentication
More informationAn Enhanced Dynamic Identity Based Remote User Authentication Scheme Using Smart Card without a Verification Table
An Enhanced Dynamic Identity Based Remote User Authentication Scheme Using Smart Card without a Verification Table B. Sumitra, Research Scholar, Christ University, Bangalore, India (*Corresponding Author)
More informationA Simple User Authentication Scheme for Grid Computing
International Journal of Network Security, Vol.7, No.2, PP.202 206, Sept. 2008 202 A Simple User Authentication Scheme for Grid Computing Rongxing Lu, Zhenfu Cao, Zhenchuan Chai, and Xiaohui Liang (Corresponding
More informationOn the Security of Yoon and Yoo s Biometrics Remote User Authentication Scheme
On the Security of Yoon and Yoo s Biometrics Remote User Authentication Scheme MING LIU * Department of Tourism Management WEN-GONG SHIEH Department of Information Management Chinese Culture University
More informationComputer Communications
Computer Communications 33 (2010) 1674 1681 Contents lists available at ScienceDirect Computer Communications journal homepage: www.elsevier.com/locate/comcom A secure and efficient SIP authentication
More informationA New Approach to Authentication Mechanism in IP Multimedia Subsystem
A New Approach to Authentication Mechanism in IP Multimedia Subsystem Farzad Fekrazad Department of Computer Eng., Islamic Azad University, Tehran Central, Iran E-mail: ffekrazad@gmail;com Abstract. Regarding
More informationRobust EC-PAKA Protocol for Wireless Mobile Networks
International Journal of Mathematical Analysis Vol. 8, 2014, no. 51, 2531-2537 HIKARI Ltd, www.m-hikari.com http://dx.doi.org/10.12988/ijma.2014.410298 Robust EC-PAKA Protocol for Wireless Mobile Networks
More informationAn efficient and practical solution to secure password-authenticated scheme using smart card
An efficient and practical solution to secure password-authenticated scheme using smart card R. Deepa 1, R. Prabhu M.Tech 2, PG Research scholor 1, Head of the Department 2 Dept.of Information Technology,
More informationRemote User Authentication Scheme in Multi-server Environment using Smart Card
Remote User Authentication Scheme in Multi-server Environment using Smart Card Jitendra Kumar Tyagi A.K. Srivastava Pratap Singh Patwal ABSTRACT In a single server environment, one server is responsible
More informationAuthentication Protocol
162 An Authentication Scheme for SIP using Needham Schroeder Authentication Protocol 1 Natalia Chaudhry, 2 Rabia Sirhindi 1 Department of Computer Sciences, Kinnaird College for Women Lahore, 54000, Pakistan
More informationDesign of Secure VoIP using ID-Based Cryptosystem
All rights are reserved and copyright of this manuscript belongs to the authors. This manuscript has been published without reviewing and editing as received from the authors: posting the manuscript to
More informationCryptanalysis and Improvement of a Dynamic ID Based Remote User Authentication Scheme Using Smart Cards
Journal of Computational Information Systems 9: 14 (2013) 5513 5520 Available at http://www.jofcis.com Cryptanalysis and Improvement of a Dynamic ID Based Remote User Authentication Scheme Using Smart
More informationA Smart Card Based Authentication Protocol for Strong Passwords
A Smart Card Based Authentication Protocol for Strong Passwords Chin-Chen Chang 1,2 and Hao-Chuan Tsai 2 1 Department of Computer Science and Information Engineering, Feng Chia University, Taichung, Taiwan,
More informationSmart-card-loss-attack and Improvement of Hsiang et al. s Authentication Scheme
Smart-card-loss-attack and Improvement of Hsiang et al. s Authentication Scheme Y.. Lee Department of Security Technology and Management WuFeng niversity, hiayi, 653, Taiwan yclee@wfu.edu.tw ABSTRAT Due
More informationSecure Smart Card Based Remote User Authentication Scheme for Multi-server Environment
Secure Smart Card Based Remote User Authentication Scheme for Multi-server Environment Archana P.S, Athira Mohanan M-Tech Student [Cyber Security], Sree Narayana Gurukulam College of Engineering Ernakulam,
More informationA SECURE PASSWORD-BASED REMOTE USER AUTHENTICATION SCHEME WITHOUT SMART CARDS
ISSN 1392 124X INFORMATION TECHNOLOGY AND CONTROL, 2012, Vol.41, No.1 A SECURE PASSWORD-BASED REMOTE USER AUTHENTICATION SCHEME WITHOUT SMART CARDS Bae-Ling Chen 1, Wen-Chung Kuo 2*, Lih-Chyau Wuu 3 1
More informationSecurity Flaws of Cheng et al. s Biometric-based Remote User Authentication Scheme Using Quadratic Residues
Contemporary Engineering Sciences, Vol. 7, 2014, no. 26, 1467-1473 HIKARI Ltd, www.m-hikari.com http://dx.doi.org/10.12988/ces.2014.49118 Security Flaws of Cheng et al. s Biometric-based Remote User Authentication
More informationEnhancing Data Security with Certificateless Signature Scheme in Cloud Computing
International Journal of Computer Engineering and Applications, Special Edition www.ijcea.com ISSN 2321-3469 Enhancing Data Security with Certificateless Signature Scheme in Cloud Computing Sonu Kumar
More informationCryptanalysis of a Markov Chain Based User Authentication Scheme
Cryptanalysis of a Markov Chain Based User Authentication Scheme Ruhul Amin, G.P. Biswas Indian School of Mines, Dhanbad Department of Computer Science & Engineering Email: amin ruhul@live.com, gpbiswas@gmail.com
More informationAn Improved Remote User Authentication Scheme with Smart Cards using Bilinear Pairings
An Improved Remote User Authentication Scheme with Smart Cards using Bilinear Pairings Debasis Giri and P. D. Srivastava Department of Mathematics Indian Institute of Technology, Kharagpur 721 302, India
More informationA Secure Simple Authenticated Key Exchange Algorithm based Authentication for Social Network
Journal of Computer Science 7 (8): 1152-1156, 2011 ISSN 1549-3636 2011 Science Publications A Secure Simple Authenticated Key Exchange Algorithm based Authentication for Social Network 1 P. Venkateswari
More informationAn Efficient and Secure Multi-server Smart Card based Authentication Scheme
An Efficient Secure Multi-server Smart Card based Authentication Scheme Toshi Jain Department of r Science Engineering Oriental Institute of Science & Technology Bhopal, India Seep Pratap Singh Department
More informationAn Improved and Secure Smart Card Based Dynamic Identity Authentication Protocol
International Journal of Network Security, Vol.14, No.1, PP.39 46, Jan. 2012 39 An Improved and Secure Smart Card Based Dynamic Identity Authentication Protocol Sandeep Kumar Sood Department of Computer
More informationSecurity Improvements of Dynamic ID-based Remote User Authentication Scheme with Session Key Agreement
Security Improvements of Dynamic ID-based Remote User Authentication Scheme with Session Key Agreement Young-Hwa An* * Division of Computer and Media Information Engineering, Kangnam University 111, Gugal-dong,
More informationBiometrics based authentication scheme for session initiation protocol
DOI 10.1186/s40064-016-2725-0 RESEARCH Open Access Biometrics based authentication scheme for session initiation protocol Qi Xie * and Zhixiong Tang *Correspondence: qixie68@126.com Key Laboratory of Cryptography
More informationA Mutual Authentication Protocol Which Uses Id for Security from Privileged Insider Attacks
International Journal of Research in Engineering and Science (IJRES) ISSN (Online): 2320-9364, ISSN (Print): 2320-9356 Volume 4 Issue 8 ǁ August. 2016 ǁ PP. 68-72 A Mutual Authentication Protocol Which
More informationISSN X INFORMATION TECHNOLOGY AND CONTROL, 2011, Vol.40, No.3. ISSN X INFORMATION TECHNOLOGY AND CONTROL, 2011 Vol.?, No.?, 1?
ISSN 1392 124X INFORMATION TECHNOLOGY AND CONTROL, 2011, Vol.40, No.3 ISSN 1392 124X INFORMATION TECHNOLOGY AND CONTROL, 2011 Vol.?, No.?, 1? A ROBUST A Robust REMOTE RemoteUSER User Authentication AUTHENTICATION
More informationSecurity Weaknesses of a Biometric-Based Remote User Authentication Scheme Using Smart Cards
Security Weaknesses of a Biometric-Based Remote User Authentication Scheme Using Smart Cards Younghwa An Computer Media Information Engineering, Kangnam University, 111, Gugal-dong, Giheung-gu, Yongin-si,
More informationA robust smart card-based anonymous user authentication protocol for wireless communications
University of Wollongong Research Online Faculty of Engineering and Information Sciences - Papers: Part A Faculty of Engineering and Information Sciences 2014 A robust smart card-based anonymous user authentication
More informationA New Secure Mutual Authentication Scheme with Smart Cards Using Bilinear Pairings
International Journal of Mathematical Analysis Vol. 8, 2014, no. 43, 2101-2107 HIKARI Ltd, www.m-hikari.com http://dx.doi.org/10.12988/ijma.2014.48269 A New Secure Mutual Authentication Scheme with Smart
More informationRobust Two-factor Smart Card Authentication
Robust Two-factor Smart Card Authentication Omer Mert Candan Sabanci University Istanbul, Turkey mcandan@sabanciuniv.edu Abstract Being very resilient devices, smart cards have been commonly used for two-factor
More informationAn Enhanced Authenticated Key Agreement for Session Initiation Protocol
ISSN 1392 124X, ISSN 2335 884X (online) INFORMATION TECHNOLOGY AND CONTROL, 2013, Vol.42, No.4 An Enhanced Authenticated Key Agreement for Session Initiation Protocol Mohammad Sabzinejad Farash 1, Mahmoud
More informationNetwork Working Group Request for Comments: 3310 Category: Informational V. Torvinen Ericsson September 2002
Network Working Group Request for Comments: 3310 Category: Informational A. Niemi Nokia J. Arkko V. Torvinen Ericsson September 2002 Hypertext Transfer Protocol (HTTP) Digest Authentication Using Authentication
More informationImproved Remote User Authentication Scheme Preserving User Anonymity
62 IJCSNS International Journal of Computer Science and Network Security, VOL.8 No.3, March 28 Improved Remote User Authentication Scheme Preserving User Anonymity Mrs. C. Shoba Bindu, Dr P. Chandra Sekhar
More informationImprovement of recently proposed Remote User Authentication Schemes
Improvement of recently proposed Remote User Authentication Schemes Guanfei Fang and Genxun Huang Science Institute of Information Engineering University, Zhengzhou, 450002, P.R.China feifgf@163.com Abstract
More informationA ROBUST AND FLEXIBLE BIOMETRICS REMOTE USER AUTHENTICATION SCHEME. Received September 2010; revised January 2011
International Journal of Innovative Computing, Information and Control ICIC International c 2012 ISSN 1349-4198 Volume 8, Number 5(A), May 2012 pp. 3173 3188 A ROBUST AND FLEXIBLE BIOMETRICS REMOTE USER
More informationPassword. authentication through passwords
Password authentication through passwords Human beings Short keys; possibly used to generate longer keys Dictionary attack: adversary tries more common keys (easy with a large set of users) Trojan horse
More informationA SMART CARD BASED AUTHENTICATION SCHEME FOR REMOTE USER LOGIN AND VERIFICATION. Received April 2011; revised September 2011
International Journal of Innovative Computing, Information and Control ICIC International c 2012 ISSN 1349-4198 Volume 8, Number 8, August 2012 pp. 5499 5511 A SMART CARD BASED AUTHENTICATION SCHEME FOR
More informationAn IBE Scheme to Exchange Authenticated Secret Keys
An IBE Scheme to Exchange Authenticated Secret Keys Waldyr Dias Benits Júnior 1, Routo Terada (Advisor) 1 1 Instituto de Matemática e Estatística Universidade de São Paulo R. do Matão, 1010 Cidade Universitária
More informationEfficient password authenticated key agreement using bilinear pairings
Mathematical and Computer Modelling ( ) www.elsevier.com/locate/mcm Efficient password authenticated key agreement using bilinear pairings Wen-Shenq Juang, Wei-Ken Nien Department of Information Management,
More informationDistributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 26. Cryptographic Systems: An Introduction Paul Krzyzanowski Rutgers University Fall 2015 1 Cryptography Security Cryptography may be a component of a secure system Adding cryptography
More informationA Cost-Effective Mechanism for Protecting SIP Based Internet Telephony Services Against Signaling Attacks Dimitris Geneiatakis and Costas Lambrinoudakis Laboratory of Information and Communication Systems
More informationSecure and Efficient Smart Card Based Remote User Password Authentication Scheme
International Journal of Network Security, Vol.18, No.4, PP.782-792, July 2016 782 Secure and Efficient Smart Card Based Remote User Password Authentication Scheme Jianghong Wei, Wenfen Liu and Xuexian
More informationCryptanalysis of Blind Signature Schemes
IJCSNS International Journal of Computer Science and Network Security, VOL.14 No.5, May 2014 73 Cryptanalysis of Blind Signature Schemes Nitu Singh M.Tech Scholar Dept. of Cmputer Science & Engineering
More informationA Multi-function Password Mutual Authentication Key Agreement Scheme with Privacy Preservingg
Journal of Information Hiding and Multimedia Signal Processing 2014 ISSN 2073-4212 Ubiquitous International Volume 5, Number 2, April 2014 A Multi-function Password Mutual Authentication Key Agreement
More informationKey Management and Distribution
CPE 542: CRYPTOGRAPHY & NETWORK SECURITY Chapter 10 Key Management; Other Public Key Cryptosystems Dr. Lo ai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan
More informationComments on four multi-server authentication protocols using smart card
Comments on four multi-server authentication protocols using smart card * Jue-Sam Chou 1, Yalin Chen 2, Chun-Hui Huang 3, Yu-Siang Huang 4 1 Department of Information Management, Nanhua University Chiayi
More informationSIP Authentication using E C-SRP5 Protocol. Fuwen Liu, Minpeng Qi, Min Zuo,
SIP Authentication using E C-SRP5 Protocol Fuwen Liu, liufuwen@chinamobile.com Minpeng Qi, qiminpeng@chinamobile.com Min Zuo, zuomin@chinamobile.com 1 SIP Authentication SIP is a popular standard signaling
More informationThe Modified Scheme is still vulnerable to. the parallel Session Attack
1 The Modified Scheme is still vulnerable to the parallel Session Attack Manoj Kumar Department of Mathematics, Rashtriya Kishan (P.G.) College Shamli- Muzaffarnagar-247776 yamu_balyan@yahoo.co.in Abstract
More informationA Noble Remote User Authentication Protocol Based on Smart Card Using Hash Function
A Noble Remote User Authentication Protocol Based on Smart Card Using Hash Function Deepchand Ahirwal 1, Prof. Sandeep Raghuwanshi 2 1 Scholar M.Tech, Information Technology, Samrat Ashok Technological
More informationOffline dictionary attack on TCG TPM weak authorisation data, and solution
Offline dictionary attack on TCG TPM weak authorisation data, and solution Liqun Chen HP Labs, UK Mark Ryan HP Labs, UK, and University of Birmingham Abstract The Trusted Platform Module (TPM) is a hardware
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationSpring 2010: CS419 Computer Security
Spring 2010: CS419 Computer Security Vinod Ganapathy Lecture 7 Topic: Key exchange protocols Material: Class handout (lecture7_handout.pdf) Chapter 2 in Anderson's book. Today s agenda Key exchange basics
More informationStrong Password Protocols
Strong Password Protocols Strong Password Protocols Password authentication over a network Transmit password in the clear. Open to password sniffing. Open to impersonation of server. Do Diffie-Hellman
More informationInternet Engineering Task Force (IETF) Request for Comments: 8465 September 2018 Category: Informational ISSN:
Internet Engineering Task Force (IETF) R. Atarius, Ed. Request for Comments: 8465 September 2018 Category: Informational ISSN: 2070-1721 Using the Mobile Equipment Identity (MEID) URN as an Instance ID
More informationKey Establishment and Authentication Protocols EECE 412
Key Establishment and Authentication Protocols EECE 412 1 where we are Protection Authorization Accountability Availability Access Control Data Protection Audit Non- Repudiation Authentication Cryptography
More information(a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography
Code No: RR410504 Set No. 1 1. Write short notes on (a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography 3. (a) Illustrate Diffie-hellman Key Exchange scheme for GF(P) [6M] (b) Consider
More informationPerformance Evaluation of a Flooding Detection Mechanism for VoIP Networks
Performance Evaluation of a Flooding Detection Mechanism for VoIP Networks Dimitris Geneiatakis Dept. of Telecommunications Science and Technology, University of Peloponnese End of Karaiskaki St., GR-2200,
More informationInternet Research Task Force (IRTF) Category: Informational April 2017 ISSN:
Internet Research Task Force (IRTF) J. Schmidt Request for Comments: 8125 secunet Security Networks Category: Informational April 2017 ISSN: 2070-1721 Requirements for Password-Authenticated Key Agreement
More informationA strong password-based remote mutual authentication with key agreement scheme on elliptic curve cryptosystem for portable devices
Appl. Math. Inf. Sci. 6, No. 2, 217-222 (2012) 217 Applied Mathematics & Information Sciences An International Journal A strong password-based remote mutual authentication with key agreement scheme on
More informationSecure web proxy resistant to probing attacks
Technical Disclosure Commons Defensive Publications Series December 04, 2017 Secure web proxy resistant to probing attacks Benjamin Schwartz Follow this and additional works at: http://www.tdcommons.org/dpubs_series
More informationNetwork-based Fast Handover for IMS Applications and Services
Network-based Fast Handover for IMS Applications and Services Sang Tae Kim 1, Seok Joo Koh 1, Lee Kyoung-Hee 2 1 Department of Computer Science, Kyungpook National University 2 Electronics and Telecommunications
More informationInternational Journal of Advanced Research in Computer Science and Software Engineering
Volume 3, Issue 1, January 2013 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com The Protection
More informationDEFENSE AGAINST PASSWORD GUESSING ATTACK IN SMART CARD
DEFENSE AGAINST PASSWORD GUESSING ATTACK IN SMART CARD A. Shakeela Joy., Assistant Professor in Computer Science Department Loyola Institute of Technology of Science Dr. R. Ravi., Professor & Research
More informationAn improved proxy blind signature scheme based on ECDLP
Malaya J. Mat. 2(3)(2014) 228 235 An improved proxy blind signature scheme based on ECDLP Manoj Kumar Chande Shri Shankaracharya Institute Of Professional Management & Technology, Raipur, 492015, Chhattisgarh,
More informationA lightweight protection mechanism against signaling attacks in a SIP-based VoIP environment
Telecommun Syst (2007) 36: 153 159 DOI 10.1007/s11235-008-9065-5 A lightweight protection mechanism against signaling attacks in a SIP-based VoIP environment Dimitris Geneiatakis Costas Lambrinoudakis
More informationThe Password Change Phase is Still Insecure
Manoj Kumar: The password change phase change is still insecure 1 The Password Change Phase is Still Insecure Manoj Kumar!"#$ %&''%% E. Mail: yamu_balyan@yahoo.co.in Abstract In 2004, W. C. Ku and S. M.
More informationCryptanalysis on Four Two-Party Authentication Protocols
Cryptanalysis on Four Two-Party Authentication Protocols Yalin Chen Institute of Information Systems and Applications, NTHU, Tawain d949702@oz.nthu.edu.tw Jue-Sam Chou * Dept. of Information Management
More informationCSCI 667: Concepts of Computer Security. Lecture 9. Prof. Adwait Nadkarni
CSCI 667: Concepts of Computer Security Lecture 9 Prof. Adwait Nadkarni 1 Derived from slides by William Enck, Micah Sherr, Patrick McDaniel, Peng Ning, and Vitaly Shmatikov Authentication Alice? Bob?
More informationDeveloping an End-to-End Secure Chat Application
108 IJCSNS International Journal of Computer Science and Network Security, VOL.17 No.11, November 2017 Developing an End-to-End Secure Chat Application Noor Sabah, Jamal M. Kadhim and Ban N. Dhannoon Department
More informationKeywords Session key, asymmetric, digital signature, cryptosystem, encryption.
Volume 3, Issue 7, July 2013 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Review of Diffie
More informationSecure digital certificates with a blockchain protocol
Secure digital certificates with a blockchain protocol Federico Pintore 1 Trento, 10 th February 2017 1 University of Trento Federico Pintore Blockchain and innovative applications Trento, 10 th February
More informationAnEffectiveAuthenticationSchemeforDistributedMobileCloudComputingServicesusingaSinglePrivateKey
Global Journal of Computer Science and Technology: B Cloud and Distributed Volume 16 Issue 2 Version 1.0 Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals Inc.
More informationComparative Analysis of Smart Card Authentication Schemes
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661, p- ISSN: 2278-8727Volume 16, Issue 1, Ver. IV (Jan. 2014), PP 91-97 Comparative Analysis of Smart Card Authentication Schemes Toshi jain
More informationInternational Journal of Advance Research in Engineering, Science & Technology
Impact Factor (SJIF): 4.542 International Journal of Advance Research in Engineering, Science & Technology e-issn: 2393-9877, p-issn: 2394-2444 Volume 4, Issue 4, April-2017 Asymmetric Key Based Encryption
More informationA Hash-based Strong Password Authentication Protocol with User Anonymity
International Journal of Network Security, Vol.2, No.3, PP.205 209, May 2006 (http://isrc.nchu.edu.tw/ijns/) 205 A Hash-based Strong Password Authentication Protocol with User Anonymity Kumar Mangipudi
More informationJournal of Information, Control and Management Systems, Vol. X, (200X), No.X SIP OVER NAT. Pavel Segeč
SIP OVER NAT Pavel Segeč University of Žilina, Faculty of Management Science and Informatics, Slovak Republic e-mail: Pavel.Segec@fri.uniza.sk Abstract Session Initiation Protocol is one of key IP communication
More informationCryptographic Concepts
Outline Identify the different types of cryptography Learn about current cryptographic methods Chapter #23: Cryptography Understand how cryptography is applied for security Given a scenario, utilize general
More informationCryptographic Systems
CPSC 426/526 Cryptographic Systems Ennan Zhai Computer Science Department Yale University Recall: Lec-10 In lec-10, we learned: - Consistency models - Two-phase commit - Consensus - Paxos Lecture Roadmap
More informationMixed Symmetric Key and Elliptic Curve Encryption Scheme Used for Password Authentication and Update Under Unstable Network Environment
Journal of Information Hiding and Multimedia Signal Processing c 2017 ISSN 2073-4212 Ubiquitous International Volume 8, Number 3, May 2017 Mixed Symmetric Key and Elliptic Curve Encryption Scheme Used
More informationUSING CAPTCHAs TO MITIGATE THE VoIP SPAM PROBLEM
Second International Conference on Computer Research and Development USING CAPTCHAs TO MITIGATE THE VoIP SPAM PROBLEM Ismail Ahmedy Department of Computer System and Communication Faculty of Computer Science
More informationAn Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System
sensors Article An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System Chun-Ta Li 1, Tsu-Yang Wu 2,3,, Chin-Ling Chen 4,5,, Cheng-Chi Lee 6,7
More informationNetwork Access Flows APPENDIXB
APPENDIXB This appendix describes the authentication flows in Cisco Identity Services Engine (ISE) by using RADIUS-based Extensible Authentication Protocol (EAP) and non-eap protocols. Authentication verifies
More informationSecure Password-Based Remote User Authentication Scheme with Non-tamper Resistant Smart Cards
Secure Password-Based Remote User Authentication Scheme with Non-tamper Resistant Smart Cards Ding Wang, Chun-Guang Ma, Peng Wu To cite this version: Ding Wang, Chun-Guang Ma, Peng Wu. Secure Password-Based
More informationSankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank
Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology Question Bank Subject: Information Security (160702) Class: BE Sem. VI (CE/IT) Unit-1: Conventional
More informationAn improved pairing-free identity-based authenticated key agreement protocol based on ECC
Available online at www.sciencedirect.com Procedia Engineering 30 (2012) 499 507 International Conference on Communication Technology and System Design 2011 An improved pairing-free identity-based authenticated
More informationAn Improved Timestamp-Based Password Authentication Scheme Using Smart Cards
An Improved Timestamp-Based Password Authentication Scheme Using Smart Cards Al-Sakib Khan Pathan and Choong Seon Hong Department of Computer Engineering, Kyung Hee University, Korea spathan@networking.khu.ac.kr
More informationAuthenticated Key Agreement Without Using One-way Hash Functions Based on The Elliptic Curve Discrete Logarithm Problem
Authenticated Key Agreement Without Using One-way Hash Functions Based on The Elliptic Curve Discrete Logarithm Problem Li-Chin Huang and Min-Shiang Hwang 1 Department of Computer Science and Engineering,
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Public Key Cryptography Modular Arithmetic RSA
More informationSecurity Handshake Pitfalls
Security Handshake Pitfalls Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr 1 Cryptographic Authentication Password authentication is subject to eavesdropping Alternative: Cryptographic challenge-response
More informationEnhanced Authentication Protocol EAP-TTLS using encrypted ECDSA
www.ijcsi.org 173 Enhanced Authentication Protocol EAP-TTLS using encrypted ECDSA Nazanin Bahrami 1, Mohamad Ebrahim Shiri 2, Morteza Salari-Akhgar 3 1 Department of Computer Engineering, Kish Azad University,
More informationAuthentication. Strong Password Protocol. IT352 Network Security Najwa AlGhamdi
Authentication Strong Password Protocol 1 Strong Password Protocol Scenario : Alice uses any workstation to log to the server B, using a password to authenticate her self. Various way to do that? Use Ur
More informationCrypto Background & Concepts SGX Software Attestation
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 4b Slide deck extracted from Kamran s tutorial on SGX, presented during ECE 6095 Spring 2017 on Secure Computation and Storage, a precursor to this course
More information