Weaknesses of a dynamic ID-based remote user authentication. He Debiao*, Chen Jianhua, Hu Jin
|
|
- Charleen Walsh
- 6 years ago
- Views:
Transcription
1 Weaknesses of a dynamc -based remote user authentcaton scheme He Debao, Chen anhua, Hu n School of Mathematcs Statstcs, Wuhan nversty, Wuhan, Hube , Chna Abstract: he securty of a password authentcaton scheme usng smart cards proposed by Khan et al s analyzed Four knds of attacks are presented n dfferent scenaros he analyses show that the scheme s nsecure for practcal applcaton Key words: Authentcaton; Securty; Cryptanalyss; Smart card; Attacks Introducton ser authentcaton s the essental securty mechansm for remote logn systems n whch a password-based authentcaton scheme s the most commonly used technque to provde authentcaton between the legal users the remote server In 98, Lamport [] proposed a password-based authentcaton scheme usng password tables to authentcate remote users over nsecure network In Lamport's scheme, password table s used to verfy the legtmacy of users In 2000, Hwang et al ponted out that once the password table was stolen or modfed n ths scheme, the whole authentcaton system wll be affected [2] herefore, they proposed a remote user authentcaton scheme usng smartcard wthout mantanng a password table Afterwards, many schemes have been proposed to enhance the securty practcablty [3-] A common feature among most of the publshed schemes s that the user s dentty s statc n Correspondng author E-mal: hedebao@63com, el: , Fax:
2 all the transacton sessons, whch may leak some nformaton about that user can create rsk of -theft durng the message transmsson over an nsecure channel o overcome ths rsk, Das et al proposed a dynamc -based remote user authentcaton scheme [2] Compared wth other authentcaton schemes, ths scheme has many advantages In the scheme, the server does not mantan any verfer table, moreover, the scheme s based on the one-way secure hash functon, so ts realzaton s smple relable However, Das et al s scheme s completely nsecure [3] It faled to protect the anonymty of a user [4] s susceptble to the mpersonaton attack [5], the guessng attack [6] o overcome the securty ptfalls of Das et al s scheme, Lao et al proposed an mproved scheme Msbahuddn et al [7] demonstrated that Lao et al s scheme cannot wthst mpersonaton attack, reflecton attack s completely nsecure as a user can successfully log on to a remote system wth a rom password In 2009, Wang et al [8] proposed a dynamc -based remote user authentcaton scheme clamed that ther scheme s more effcent secure than Das et al s scheme However, Khan et al [9] dentfy that Wang et al s scheme has the followng flaws: no provson of user s anonymty durng authentcaton, nablty to offer user free choce n choosng hs password, vulnerablty to nsder attack, no provson for revocaton of lost or stolen smart card, does provde sesson key agreement o remedy these securty flaws, they proposed an enhanced authentcaton scheme hey clamed ther scheme covers all the dentfed weaknesses of Wang et al s scheme s more secure effcent for practcal applcaton envronment However, n ths paper, we show Khan et al s scheme suffers from three weaknesses: ) nablty to protect the user s anonymty; 2) the sesson-key problem; 3) neffcency of the double 2
3 secret keys; 4) other drawbacks hat s, t fals to fully meet the securty requrements that ths type of scheme should acheve he rest of the paper s organzed as follows: Secton 2 brefly revews Khan et al's scheme, Secton 3 elaborates on the weakness of ther scheme, Secton 4 concludes ths paper 2 Revew of Khan et al s scheme he notatons used throughout ths paper are descrbed as n the followng : a user, PW : s dentfer, password respectvely S : a remote server x, y : S s secret keys, : s current tmestamp, S s current tmestamp, respectvely S h() : a hash functon : btwse XOR operaton : concatenaton operaton Khan et al's scheme nvolves fve phases, the regstraton phase, the logn phase, the authentcaton phase, the password change phase, the lost smart card revocaton phase We ust gve the frst four phases here, snce the last phase has nothng about our analyss Regstraton phase In ths phase, the user ) chooses hs ntally regsters wth the server S PW, generates a rom number r, computes RPW h( r PW ) At last, sends {, RPW } to the server S 2) pon recevng{, RPW }, S checks the valdty of If s not vald, S 3
4 reects the regstraton Otherwse, S computes N, h( x ) L RPW, where N equals 0 f s a new user, otherwse N equals At last, S delvers the smart card contanng L y to 3) pon recevng the smart card, stores r n the smart card completes the regstraton whenever Logn phase In ths phase, the user wants to access some resources upon S sends a logn request message to the server S ) nserts hs smart card nto a smart card reader then nputs hs PW 2) s smart card generates a rom number d computes RPW h( r PW ), L RPW, c h( ), A h( y d) where s the current tme stamp 3) s smart card sends the message M { A,, d, c} to the server S Verfcaton phase In ths phase, the server S verfes the authentcty of the logn message requested by the user ) pon recevng the message M, S checks the freshness of he freshness of s checked by performng, where s the tme when S receves the above message s a vald tme nterval If s not fresh, S aborts the current sesson 2) S computes A h( y d) checks the valdty of If s not vald, S stops the sesson 3) S computes N, h( x ) c h( ) S checks f c equals c If c does not equal c, S stops the sesson Otherwse s authentcated S computes c 2 h( c S) the sesson key SK h( c2 ) At last, S sends 4
5 the message M 2 { c2, S } to s smart card 4) pon recevng the message, s smart card checks the freshness of S he freshness of S s checked by performng S, where s the tme when s smart card receves the above message s a vald tme nterval 5) s smart card computes c 2 h( c S ) checks f c equals c If c does not equal c, s smart card stops the sesson Otherwse, S s authentcated smart card computes the sesson key SK h( c2 ) Password change phase In ths phase, the user he/she wants s changes hs/her password any tme ) nserts hs/her smart card nto a smart card reader then nputs hs/her, PW the new password PW 2) s smart card computes RPW h( r PW ), L RPW checks f equals If does not equal, s smart card reect the phase 3) s smart card computes L RPW h( r PW ) replaces the value L 3 Weaknesses of Khan et al s scheme 3 Inablty to anonymty Khan et al clamed that ther scheme can protect the anonymty of the user However, we show that the dentty of the target user may be guessed by another user who s an nsder wth hs or her own password smart card Our attack s based on the observaton that A s the XOR-ed value of a dgest of other secret components he problem s that the secret components are commonly shared among all the users o be more precse, the attack can 5
6 be mplemented as follows: ) he attacker (say, user ) eavesdrops the vctm s (say, user s) authentcaton sesson from whch A, d can be extracted 2) he attacker computes hs own A wth are the captured sesson, PW, d, where d 3) A h( y d) can be prepared because PW are the attacker s password, respectvely 4) Now the attacker can get by computng A A In the followng, why ths attack works s demonstrated can control hs smart card completely, certanly he can also control the value of the rom number d, then he lets ther value be d separately, computes A h( y d ) A A ( h( y d )) ( h( y d )) In fact, f the adversary can get any legal user s smart card, then he can carry out the attack he adversary can obtan the secret nformaton y stored n the stolen smart card by montorng the power consumpton [20] or by analyzng the leaked nformaton [2], then he can compute A h( y d ) h( y d ) h( y d ) 6
7 32 he sesson-key problem As noted by Blake-Wlson et al [22], a number of securty propertes of key agreement have been proposed the propertes have been used to analyze the securty of key agreement he propertes nclude known-key secrecy, unknown key-share reslence, no key control, key-compromse mpersonaton reslence perfect forward secrecy Forward secrecy requres that, f long-term prvate keys of one or more enttes are compromsed, the secrecy of prevous sesson keys establshed by honest enttes can be unaffected When analyzng the forward secrecy, Khan et al clamed even f the server s secret keys x y happens to be compromsed, an adversary cannot mpersonate legtmate users by usng the revealed keys, concluded ther scheme can preserve the forward secrecy of secret keys x y hey made a mstake n understng the mean of forward secrecy In fact, ther scheme can t provde the forward secrecy Once the adversary get the value x, y some cphertext translated c between the user the server, he can compute the sesson key through the followng method ) he attacker gets the value usng the method descrbed above let 2) he attacker computes h( x ), where equals N 3) he attacker computes the sesson key SK h( c2 ) N be zero 4) he attacker gets the plantext m by decryptng c usng the sesson key S K If m s meanngful, the attacker get the correct sesson key Otherwse, he lets N ncrement by one repeats steps 2), 3) 4) untl get the correct sesson key From the above descrpton, we can conclude the attacker can get the correct sesson by testng the possble value N hen the search space s N, where N s the set of possble N 7
8 represents the cardnalty of a set In fact, even though the attacker can t get the value, he can guess the value to carry out the attack, the search space s N, where s the set of possble s, Note that generally N are not very bg, unlke a space for cryptographc key 33 Ineffcency of the double secret keys We can see that the scheme of Khan et al requres S to keep two keys secret, e, the secret key x y In common sense, t s possble to acheve the user authentcaton key agreement servce by usng only one secret key herefore, two secret keys mean more overheads wthout the securty enhancement for the whole authentcaton system 34 Other drawbacks In the step 2) of password change phase n Khan et al s scheme, the smart card checks f equals But, n the regstraton phase, s not stored n the smart card We thnk Khan et al s may make a mstake when desgn the regstraton phase the password change phase We demonstrate the drawbacks as follows s not stored n the smart card If s not stored n the smart card, then the step 2) of password change phase n Khan et al s scheme must be canceled, then Khan et al s scheme s vulnerable to the Denal-of-servce (DoS) attack In password authentcaton, DoS attack can cause permanent error on authentcaton by ntroducng unexpected data durng the procedures of authentcaton he most vulnerable procedure s the password changng phase snce t usually refreshes the data n storage If an 8
9 attacker can modfy the password, or tamper the message contanng password wth vald data format, the updated password or ts related verfcaton data wll then be dfferent from what the user expects he user can never pass the subsequent authentcaton thereby In Khan et al s scheme, the password changng phase s performed on the user termnal wth smart cards, e, the user can change hs password wthout communcatng wth the server [9] hs enhances the securty of password changng as no senstve message needs to be transmtted over the nsecure network Meanwhle, t releves the overhead of the/a server However, due to the drawbacks of desgn, t s stll possble to load a DoS attack on password changng n ther scheme Suppose an attacker temporarly gets access to the user s smart card, he then nserts the card n a termnal devce performs the followng operatons He romly selects two dfferent passwords PW PW as the old the new password, respectvely hen he sends a changng password request to the smart card Snce s not stored n the smart card, then the smart card wll not check f equals, t ust computes RPW h( r PW ), L RPW h( r PW ) replaces the value L From then on, the logn phase, can never pass the server s password authentcaton hs s because n cannot verfy the legal server n the second step Moreover, he cannot be verfed by the server n the last step of authentcaton phase s stored n the smart card If s not stored n the smart card, then the step 2) of password change phase n Khan et al s scheme must be canceled, then Khan et al s scheme s vulnerable to the password guessng attack In Khan et al s scheme r,, L are stored n the smart card after regstraton It s easy 9
10 to say that there s the followng relaton between r,, L about PW L h( r PW)) hen the adversary can carry out the off-lne password guessng attack usng the relaton he detaled descrpton of the attack s as follows he adversary can obtan the secret nformaton r,, L stored n the stolen smart card by montorng the power consumpton [20] or by analyzng the leaked nformaton [2] hen he can carry out the password guess attack usng r,, L ) he adversary selects a password PW s from a unformly dstrbuted dctonary 2) he adversary computes L h( r PW )) 3) A then verfes the correctness of PW s by checkng f s equal to 4) A repeats steps, 2, 3 of ths phase untl the correct password s found 4 Concluson Smart card-based user authentcaton technology has been wdely deployed n varous knds of applcatons, such as remote host logn, wthdrawals from automated cash dspensers, physcal entry to restrcted areas In [9], Khan et al proposed a password authentcaton scheme usng smart cards demonstrated ts mmunty aganst varous attacks However, by revewng of ther scheme analyzng ts securty, four knds of weakness, e, ) nablty to protect the user s anonymty; 2) the sesson-key problem; 3) neffcency of the double secret keys; 4) other drawbacks are presented n dfferent scenaros he analyses show that the scheme s nsecure for practcal applcaton 0
11 Reference [] L Lamport, Password authentcaton wth nsecure communcaton, Communcatons of the ACM 24 () (98) [2] MS Hwang, LH L, A new remote user authentcaton scheme usng smart cards, IEEE ransactons on Consumer Electroncs 46 () (2000) [3] WH Yang, SP Sheh, password authentcaton schemes wth smart cards, Computers & Securty 8 (8) (999) [4] HM Sun, An effcent remote user authentcaton scheme usng smart cards, IEEE ransactons on Consumer Electroncs 46 (4) (2000) [5] CC Lee, MS Hwang, WP Yang, A flexble remote user authentcaton scheme usng smart cards, ACM Operatng Systems Revew 36 (3) (2002) [6] Shen, CW Ln, MS Hwang, A modfed remote user authentcaton scheme usng smart cards, IEEE ransactons on Consumer Electroncs 49 (2) (2003) [7] M Kumar, New remote user authentcaton scheme usng smart cards, IEEE ransactons on Consumer Electroncs 50 (2) (2004) [8] WC Ku, S Chang, MH Chang, Further cryptanalyss of fngerprnt-based remote user authentcaton scheme usng smartcards, IEE Electroncs Letters 4 (5) (2005) [9] MK Khan, Zhang, Improvng the securty of a flexble bometrcs remote user authentcaton scheme, Computer Stards & Interfaces 29 (2007) [0] SK Km, MG Chung, More secure remote user authentcaton scheme, Computer Communcatons 32 (2009) [] H Yang, CC Chang, An -based remote mutual authentcaton wth key agreement
12 scheme for moble devces on ellptc curve cryptosystem, Computers & Securty 28 (2009) [2] ML Das, A Saxena, VP Gulat, A dynamc -based remote user authentcaton scheme, IEEE ransactons on Consumer Electroncs 50 (2) (2004) [3] AK Awasht, Comment on a dynamc -based remote user authentcaton scheme, ransactons on Cryptology l (2) (2004) 5 6 [4] HY Chen, CH Chen, A remote authentcaton scheme preservng user anonymty, n: Internatonal Conference on AINA 05, vol 2, 2005, p 2005 [5] WC Ku, S Chang, Impersonaton attack on a dynamc -based remote user uthentcaton scheme usng smart cards, IEICE ransactons on Communcaton E88-B (5) (2005) [6] I Lao, CC Lee, MS Hwang, Securty enhancement for a dynamc -based remote user authentcaton scheme, n: Proceedngs of the Natonal Conference on Next Generaton Web Servces Practces, 2005, p 4 [7] M Msbahuddn, CS Bndu, Cryptanalyss of Lao Lee Hwang s dynamc scheme, Internatonal ournal of Network Securty 6 (2008) 2 23 [8] YY Wang, Y Ku, FX Xao, Dan, A more effcent secure dynamc -based remote user authentcaton scheme, Computer Communcatons 32 (2009) [9] MK Khan et al, Cryptanalyss securty enhancement of a more effcent & secure dynamc -based remote user authentcaton scheme, Computer Communcatons (200), do:006/comcom [20] P Kocher, affe, B un, Dfferental power analyss, Proc Advances n Cryptology 2
13 (CRYPO'99), 999, pp [2] S Messerges, EA Dabbsh, RH Sloan, Examnng smart-card securty under the threat of power analyss attacks, IEEE ransactons on Computers 5 (5) (2002) [22] Blake-Wlson S, ohnson D, Menezes A Key agreement protocols ther securty analyss In Proc the Sxth IMA Internatonal Conference on Cryptography Codng, Crencester, K, LNCS 355, Sprnger-Verlag, 997, pp
Security Enhanced Dynamic ID based Remote User Authentication Scheme for Multi-Server Environments
Internatonal Journal of u- and e- ervce, cence and Technology Vol8, o 7 0), pp7-6 http://dxdoorg/07/unesst087 ecurty Enhanced Dynamc ID based Remote ser Authentcaton cheme for ult-erver Envronments Jun-ub
More informationTwo-Factor User Authentication in Multi-Server Networks
Internatonal Journal of ecurty and Its Applcatons Vol. 6, No., Aprl, 0 Two-Factor ser Authentcaton n Mult-erver Networks Chun-Ta L, Ch-Yao Weng,* and Chun-I Fan Department of Informaton Management, Tanan
More informationSecurity Vulnerabilities of an Enhanced Remote User Authentication Scheme
Contemporary Engneerng Scences, Vol. 7, 2014, no. 26, 1475-1482 HIKARI Ltd, www.m-hkar.com http://dx.do.org/10.12988/ces.2014.49186 Securty Vulnerabltes of an Enhanced Remote User Authentcaton Scheme Hae-Soon
More informationAn enhanced dynamic-id-based remote user authentication protocol with smart card
Internatonal Journal of Engneerng Advanced Research Technology (IJEART) ISSN: 2454-9290 Volume-2 Issue-4 Aprl 206 An enhanced dynamc-id-based remote user authentcaton protocol wth smart card aoran Chen
More informationAn Improved User Authentication and Key Agreement Scheme Providing User Anonymity
35 JOURNAL OF ELECTRONIC SCIENCE AND TECHNOLOGY, VOL. 9, NO. 4, DECEMBER 0 An Improved User Authentcaton and Key Agreement Scheme Provdng User Anonymty Ya-Fen Chang and Pe-Yu Chang Abstract When accessng
More informationNew Remote Mutual Authentication Scheme using Smart Cards
141 152 New Remote Mutual Authentcaton Scheme usng Smart Cards Rajaram Ramasamy*, Amutha Prabakar Munyand** * Thagarajar College of Engneerng, Madura, Taml Nadu 625 015, Inda E mal: rrajaram@tce.edu **
More informationA Secure Dynamic Identity Based Authentication Protocol with Smart Cards for Multi-Server Architecture
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING 31, 1975-1992 (2015) A Secure Dynamc Identty Based Authentcaton Protocol wth Smart Cards for Mult-Server Archtecture CHUN-TA LI 1, CHENG-CHI LEE 2;3,*, CHI-YAO
More informationImprovement ofmanik et al. s remote user authentication scheme
Improvement ofmank et al. s remote user authentcaton scheme Abstract Jue-Sam Chou, a,yaln Chen b Jyun-Yu Ln c a Department of Informaton Management, Nanhua Unversty Chay, 622, Tawan schou@mal.nhu.edu.tw
More informationA new remote user authentication scheme for multi-server architecture
Future Generaton Computer Systems 19 (2003) 13 22 A new remote user authentcaton scheme for mult-server archtecture Iuon-Chang Ln a, Mn-Shang Hwang b,, L-Hua L b a Department of Computer Scence and Informaton
More informationAn efficient biometrics-based authentication scheme for telecare medicine information systems
Zuowen Tan Jangx Unversty of Fnance & Economcs An effcent bometrcs-based authentcaton scheme for telecare medcne nformaton systems Abstract. The telecare medcal nformaton system enables the patents gan
More informationarxiv: v1 [cs.cr] 28 May 2013
arxv:1305.6350v1 [cs.cr] 28 May 2013 An effcent dynamc ID based remote user authentcaton scheme usng self-certfed publc keys for mult-server envronment Dawe Zhao ab Hapeng Peng ab Shudong L c Yxan Yang
More informationarxiv: v1 [cs.cr] 20 Jun 2013
arxv:306.4726v [cs.cr] 20 Jun 203 A secure and effectve anonymous authentcaton scheme for roamng servce n global moblty networks Dawe Zhao a,b Hapeng Peng a,b Lxang L a,b Yxan Yang a,b a Informaton Securty
More informationRelated-Mode Attacks on CTR Encryption Mode
Internatonal Journal of Network Securty, Vol.4, No.3, PP.282 287, May 2007 282 Related-Mode Attacks on CTR Encrypton Mode Dayn Wang, Dongda Ln, and Wenlng Wu (Correspondng author: Dayn Wang) Key Laboratory
More informationInternational Conference on Materials Engineering and Information Technology Applications (MEITA 2015)
Internatonal Conference on Materals Engneerng and Informaton Technology Applcatons (MEITA 2015) Cryptanalyss of Vadya et al s User Authentcaton Scheme wth Key Agreement n Wreless Sensor Networks L Jpng
More informationA Time-Bound Ticket-Based Mutual Authentication Scheme for Cloud Computing
Int. J. of Computers, Communcatons & Control, ISSN 1841-9836, E-ISSN 1841-9844 Vol. VI (2011), No. 2 (June), pp. 227-235 A Tme-Bound Tcket-Based Mutual Authentcaton Scheme for Cloud Computng Z. Hao, S.
More informationA lightweight password-based authentication protocol using smart card
Receved: 12 February 2017 Revsed: 26 March 2017 Accepted: 17 Aprl 2017 DOI: 10.1002/dac.3336 RESEARCH ARTICLE A lghtweght password-based authentcaton protocol usng smart card Chenyu Wang 1 Dng Wang 2 Guoa
More informationSecurity analysis and design of an efficient ECC-based two-factor password authentication scheme
SECURITY ND COMMUNICTION NETWORKS Securty Comm. Networks 2016; 9:4166 4181 Publshed onlne 24 ugust 2016 n Wley Onlne Lbrary (wleyonlnelbrary.com)..1596 RESERCH RTICLE Securty analyss and desgn of an effcent
More informationA software agent enabled biometric security algorithm for secure file access in consumer storage devices
A software agent enabled bometrc securty algorthm for secure fle access n consumer storage devces Artcle Accepted Verson Amn, R., Sherratt, R. S., Gr, D., Islam, S. K. H. and Khan, M. K. (2017) A software
More informationSecurity Improvements of Dynamic ID-based Remote User Authentication Scheme with Session Key Agreement
Security Improvements of Dynamic ID-based Remote User Authentication Scheme with Session Key Agreement Young-Hwa An* * Division of Computer and Media Information Engineering, Kangnam University 111, Gugal-dong,
More informationInternational Journal of Computer Science Trends and Technology (IJCST) Volume 4 Issue 5, Sep - Oct 2016
Internatonal Journal of Computer Scence Trends and Technology (IJCST) Volume 4 Issue 5, Sep - Oct 2016 RESEARCH ARTICLE OPEN ACCESS Bometrc Based User Authentcaton n WSN Usng ABC Optmzaton D.Thamaraselv
More informationSmart-card-loss-attack and Improvement of Hsiang et al. s Authentication Scheme
Smart-card-loss-attack and Improvement of Hsiang et al. s Authentication Scheme Y.. Lee Department of Security Technology and Management WuFeng niversity, hiayi, 653, Taiwan yclee@wfu.edu.tw ABSTRAT Due
More informationAn Optimal Algorithm for Prufer Codes *
J. Software Engneerng & Applcatons, 2009, 2: 111-115 do:10.4236/jsea.2009.22016 Publshed Onlne July 2009 (www.scrp.org/journal/jsea) An Optmal Algorthm for Prufer Codes * Xaodong Wang 1, 2, Le Wang 3,
More informationAnalysis and Improvement of a Lightweight Anonymous Authentication Protocol for Mobile Pay-TV Systems (Full text)
Analyss and Improvement of a Lghtweght Anonymous Authentcaton Protocol for Moble Pay-TV Systems (Full text) arxv:1808.09493v3 [cs.cr] 13 Sep 2018 1 st Saeed Banaean Far Department of Electrcal and Computer
More informationPrivacy Models for RFID Authentication Protocols
Prvacy Models for RFID Authentcaton Protocols Jan Shen 1,2, Jn Wang 1,2, Yuan Me 1,2, Ilyong Chung 3 1 Jangsu Engneerng Center of Network Montorng, Nanjng Unversty of Informaton Scence &echnology, Nanjng,210044,Chna
More informationCluster Analysis of Electrical Behavior
Journal of Computer and Communcatons, 205, 3, 88-93 Publshed Onlne May 205 n ScRes. http://www.scrp.org/ournal/cc http://dx.do.org/0.4236/cc.205.350 Cluster Analyss of Electrcal Behavor Ln Lu Ln Lu, School
More informationA New Security Model for Cross-Realm C2C-PAKE Protocol
A New Securty Model for Cross-Realm C2C-PAKE Protocol Fengao Wang 1 Yuqng Zhang Natonal Computer Network Intruson Protecton Center, GSCAS, Beng, 100043 Abstract. Cross realm clent-to-clent password authentcated
More informationA new attack on Jakobsson Hybrid Mix-Net
A new attack on Jakobsson Hybrd Mx-Net Seyyed Amr Mortazav Tehran, Iran. sa.mortezav@gmal.com Abstract The Jakobsson hybrd Mx-net proposed by Jakobsson and Juels, s a very practcal and effcent scheme for
More informationCryptanalysis and Improvement of Mutual Authentication Protocol for EPC C1G2 passive RFID Tag
IJCSI Internatonal Journal of Computer Scence Issues, Volume 14, Issue 6, November 017 ISSN (Prnt): 1694-0814 ISSN (Onlne): 1694-0784 www.ijcsi.org https://do.org/10.0943/0101706.7684 76 Cryptanalyss and
More informationParallelism for Nested Loops with Non-uniform and Flow Dependences
Parallelsm for Nested Loops wth Non-unform and Flow Dependences Sam-Jn Jeong Dept. of Informaton & Communcaton Engneerng, Cheonan Unversty, 5, Anseo-dong, Cheonan, Chungnam, 330-80, Korea. seong@cheonan.ac.kr
More informationResearch Article Robust and Efficient Authentication Scheme for Session Initiation Protocol
Mathematcal Problems n Engneerng Volume 205, Artcle ID 894549, 9 pages http://dx.do.org/0.55/205/894549 Research Artcle Robust and Effcent Authentcaton Scheme for Sesson Intaton Protocol Yanrong Lu,,2
More informationPrivate Information Retrieval (PIR)
2 Levente Buttyán Problem formulaton Alce wants to obtan nformaton from a database, but she does not want the database to learn whch nformaton she wanted e.g., Alce s an nvestor queryng a stock-market
More informationDistributed Secret Key Management Based on ECC for Ad-hoc Network Yi-xuan WU, Hua-wei CHEN * and Lei WANG
2017 2nd Internatonal Conference on Computer, Network Securty and Communcaton Engneerng (CNSCE 2017) ISBN: 978-1-60595-439-4 Dstrbuted Secret Key Management Based on ECC for Ad-hoc Network Y-xuan WU, Hua-we
More informationA Practical Attack on KeeLoq
Introducton Our Attacks Practce Conclusons A Practcal Attack on KeeLoq Sebastaan Indesteege 1 Nathan Keller 2 Orr Dunkelman 1 El Bham 3 Bart Preneel 1 1 Dept. ESAT/SCD-COSIC, K.U.Leuven, Belgum. 2 Ensten
More informationSpecifications in 2001
Specfcatons n 200 MISTY (updated : May 3, 2002) September 27, 200 Mtsubsh Electrc Corporaton Block Cpher Algorthm MISTY Ths document shows a complete descrpton of encrypton algorthm MISTY, whch are secret-key
More informationEvaluation of an Enhanced Scheme for High-level Nested Network Mobility
IJCSNS Internatonal Journal of Computer Scence and Network Securty, VOL.15 No.10, October 2015 1 Evaluaton of an Enhanced Scheme for Hgh-level Nested Network Moblty Mohammed Babker Al Mohammed, Asha Hassan.
More informationThe Password Change Phase is Still Insecure
Manoj Kumar: The password change phase change is still insecure 1 The Password Change Phase is Still Insecure Manoj Kumar!"#$ %&''%% E. Mail: yamu_balyan@yahoo.co.in Abstract In 2004, W. C. Ku and S. M.
More informationA broadcast protocol with drivers anonymity for vehicle-to-vehicle communication networks
Int. J. Vehcle Informaton and Communcaton Systems, Vol. 2, Nos. 1/2, 2009 1 A broadcast protocol wth drvers anonymty for vehcle-to-vehcle communcaton networks Nader Mazen Rabad and Syed Masud Mahmud* Electrcal
More informationCryptanalysis Of Dynamic ID Based Remote User Authentication Scheme With Key Agreement
1 Cryptanalysis Of Dynamic ID Based Remote User Authentication Scheme With Key Agreement Sonam Devgan Kaul, Amit K. Awasthi School of Applied Sciences, Gautam Buddha University, Greater Noida, India sonamdevgan11@gmail.com,
More informationCryptanalysis of a Markov Chain Based User Authentication Scheme
Cryptanalysis of a Markov Chain Based User Authentication Scheme Ruhul Amin, G.P. Biswas Indian School of Mines, Dhanbad Department of Computer Science & Engineering Email: amin ruhul@live.com, gpbiswas@gmail.com
More informationThe Modified Scheme is still vulnerable to. the parallel Session Attack
1 The Modified Scheme is still vulnerable to the parallel Session Attack Manoj Kumar Department of Mathematics, Rashtriya Kishan (P.G.) College Shamli- Muzaffarnagar-247776 yamu_balyan@yahoo.co.in Abstract
More informationSimulation Based Analysis of FAST TCP using OMNET++
Smulaton Based Analyss of FAST TCP usng OMNET++ Umar ul Hassan 04030038@lums.edu.pk Md Term Report CS678 Topcs n Internet Research Sprng, 2006 Introducton Internet traffc s doublng roughly every 3 months
More informationLife Tables (Times) Summary. Sample StatFolio: lifetable times.sgp
Lfe Tables (Tmes) Summary... 1 Data Input... 2 Analyss Summary... 3 Survval Functon... 5 Log Survval Functon... 6 Cumulatve Hazard Functon... 7 Percentles... 7 Group Comparsons... 8 Summary The Lfe Tables
More informationVRT012 User s guide V0.1. Address: Žirmūnų g. 27, Vilnius LT-09105, Phone: (370-5) , Fax: (370-5) ,
VRT012 User s gude V0.1 Thank you for purchasng our product. We hope ths user-frendly devce wll be helpful n realsng your deas and brngng comfort to your lfe. Please take few mnutes to read ths manual
More informationConformation of EPC class 1 generation 2 standards RFID. system with mutual authentication and privacy protection
Conformaton of EPC class 1 generaton 2 standards RFID system wth mutual authentcaton and prvacy protecton Chn-Lng Chen Department of Computer Scence and Informaton Engneerng, Chaoyang Unversty of Technology,
More informationAn Efficient Password-Only Authenticated Three-Party Key Exchange Protocol
Internatonal Journal of Appled Engneerng Research ISSN 0973-4562 Volume 12, Number 14 (2017) pp. 4329-4339 Research Inda Publcatons. http://www.rpublcaton.com An Effcent Password-Only Authentcated Three-Party
More informationRemote User Authentication Scheme in Multi-server Environment using Smart Card
Remote User Authentication Scheme in Multi-server Environment using Smart Card Jitendra Kumar Tyagi A.K. Srivastava Pratap Singh Patwal ABSTRACT In a single server environment, one server is responsible
More informationA Smart Card Based Authentication Protocol for Strong Passwords
A Smart Card Based Authentication Protocol for Strong Passwords Chin-Chen Chang 1,2 and Hao-Chuan Tsai 2 1 Department of Computer Science and Information Engineering, Feng Chia University, Taichung, Taiwan,
More informationResource-Efficient Multi-Source Authentication Utilizing Split-Join One-Way Key Chain
Resource-Effcent Mult-Source Authentcaton Utlzng Splt-Jon One-Way ey Chan Seonho Cho, un Sun, Hyeonsang Eom 3 Department of Computer Scence, Bowe State Unversty, Bowe, Maryland, U.S.A. Center for Secure
More informationProviding Stronger Authentication at a LowCost to RFID Tags Operating under the EPCglobal Framework
2008 IEEE/IFIP Internatonal Conference on Embedded and Ubqutous Computng Provdng Stronger Authentcaton at a LowCost to RFID Tags Operatng under the EPCglobal Framework Pedro Pers-Lopez, ppers@nf.uc3m.es
More informationDesign and Analysis of Authenticated Key Agreement Schemes for Future IoT Applications and Session Initiation Protocol
Desgn and Analyss of Authentcated Key Agreement Schemes for Future IoT Applcatons and Sesson Intaton Protocol Thess submtted n partal fulfllment of the requrements for the degree of Master of Scence (By
More informationConstructing Minimum Connected Dominating Set: Algorithmic approach
Constructng Mnmum Connected Domnatng Set: Algorthmc approach G.N. Puroht and Usha Sharma Centre for Mathematcal Scences, Banasthal Unversty, Rajasthan 304022 usha.sharma94@yahoo.com Abstract: Connected
More informationLoad Balancing for Hex-Cell Interconnection Network
Int. J. Communcatons, Network and System Scences,,, - Publshed Onlne Aprl n ScRes. http://www.scrp.org/journal/jcns http://dx.do.org/./jcns.. Load Balancng for Hex-Cell Interconnecton Network Saher Manaseer,
More informationCourse Introduction. Algorithm 8/31/2017. COSC 320 Advanced Data Structures and Algorithms. COSC 320 Advanced Data Structures and Algorithms
Course Introducton Course Topcs Exams, abs, Proects A quc loo at a few algorthms 1 Advanced Data Structures and Algorthms Descrpton: We are gong to dscuss algorthm complexty analyss, algorthm desgn technques
More informationAPRAP: Another Privacy Preserving RF Authentication Protocol. Author(s)Miyaji, Atsuko; Rahman, Mohammad Sha
JAIST Repos https://dspace.j Ttle APRAP: Another Prvacy Preservng RF Authentcaton Protocol Author(s)Myaj, Atsuko; Rahman, Mohammad Sha Ctaton 2010 6th IEEE Workshop on Secure Net Protocols (NPSec): 13-18
More informationAn Enhanced Dynamic Identity Based Remote User Authentication Scheme Using Smart Card without a Verification Table
An Enhanced Dynamic Identity Based Remote User Authentication Scheme Using Smart Card without a Verification Table B. Sumitra, Research Scholar, Christ University, Bangalore, India (*Corresponding Author)
More informationLoad-Balanced Anycast Routing
Load-Balanced Anycast Routng Chng-Yu Ln, Jung-Hua Lo, and Sy-Yen Kuo Department of Electrcal Engneerng atonal Tawan Unversty, Tape, Tawan sykuo@cc.ee.ntu.edu.tw Abstract For fault-tolerance and load-balance
More informationA Distributed Private-Key Generator for Identity-Based Cryptography
A Dstrbuted Prvate-Key Generator for Identty-Based Cryptography Anket Kate Ian Goldberg Davd R. Cherton School of Computer Scence Unversty of Waterloo Waterloo, ON, Canada N2L 3G1 {akate,ang}@cs.uwaterloo.ca
More informationTime-Assisted Authentication Protocol
Tme-Asssted Authentcaton Protocol 1 Muhammad Blal Unversty of Scence and Technology, Korea Electroncs and Telecommuncaton Research Insttute, Rep. of Korea mblal@etr.re.kr, engr.mblal@yahoo.com 2 Shn-Gak
More informationSecure Distributed Cluster Formation in Wireless Sensor Networks
Secure Dstrbuted Cluster Formaton n Wreless Sensor Networks Kun Sun Intellgent Automaton, Inc. ksun@-a-.com Pa Peng Opsware Inc. ppeng@opsware.com Clff Wang Army Research Offce clff.wang@us.army.ml Peng
More informationIntroduction. Leslie Lamports Time, Clocks & the Ordering of Events in a Distributed System. Overview. Introduction Concepts: Time
Lesle Laports e, locks & the Orderng of Events n a Dstrbuted Syste Joseph Sprng Departent of oputer Scence Dstrbuted Systes and Securty Overvew Introducton he artal Orderng Logcal locks Orderng the Events
More informationSecurity Weaknesses of a Biometric-Based Remote User Authentication Scheme Using Smart Cards
Security Weaknesses of a Biometric-Based Remote User Authentication Scheme Using Smart Cards Younghwa An Computer Media Information Engineering, Kangnam University, 111, Gugal-dong, Giheung-gu, Yongin-si,
More informationResearch of Multiple Text Watermarks Technique in Electric Power System Texts
Sensors & Transducers 203 by IFSA http://www.sensorsportal.com Research of Multple Text atermarks Technque n Electrc Power System Texts Xao-X XING, Qng CHEN, 2 Lan-X FU School of Optcal-Electrcal and Computer
More informationID-based Directed Threshold Multisignature Scheme from Bilinear Pairings
P asudeva Reddy et al / Internatonal Journal on Computer Scence and Engneerng ol(), 9, 74-79 -based Drected Threshold Multsgnature Scheme from Blnear Parngs P asudeva Reddy, B Umaprasada Rao, T Gowr (
More informationA Method for Detecting the Exposure of a Secret Key in Key-Insulated Scheme
IJCSNS Internatonal Journal of Computer Scence and Network Securty, VOL.8 No.9, September 28 3 A Method for Detectng the Exposure of a Secret ey n ey-insulated Scheme Younggyo Lee and Dongho Won Department
More informationThe stream cipher MICKEY-128 (version 1) Algorithm specification issue 1.0
The stream cpher MICKEY-128 (verson 1 Algorthm specfcaton ssue 1. Steve Babbage Vodafone Group R&D, Newbury, UK steve.babbage@vodafone.com Matthew Dodd Independent consultant matthew@mdodd.net www.mdodd.net
More informationAn Improved Remote User Authentication Scheme with Smart Cards using Bilinear Pairings
An Improved Remote User Authentication Scheme with Smart Cards using Bilinear Pairings Debasis Giri and P. D. Srivastava Department of Mathematics Indian Institute of Technology, Kharagpur 721 302, India
More information3D vector computer graphics
3D vector computer graphcs Paolo Varagnolo: freelance engneer Padova Aprl 2016 Prvate Practce ----------------------------------- 1. Introducton Vector 3D model representaton n computer graphcs requres
More informationHermite Splines in Lie Groups as Products of Geodesics
Hermte Splnes n Le Groups as Products of Geodescs Ethan Eade Updated May 28, 2017 1 Introducton 1.1 Goal Ths document defnes a curve n the Le group G parametrzed by tme and by structural parameters n the
More informationEnsuring Basic Security and Preventing Replay Attack in a Query Processing Application Domain in WSN
Ensurng Basc Securty and Preventng Replay Attack n a Query Processng Applcaton Doman n WSN Amrta Ghosal 1, Subr Halder 1, Sanjb Sur 2, Avshek Dan 2, and Spra DasBt 2 1 Dept. of Comp. Sc. & Engg, Dr. B.
More informationCONTROLLING INFORMATION FLOWS DURING SOFTWARE DEVELOPMENT
CONTROLLING INFORMATION FLOWS DURING SOFTWARE DEVELOPMENT Shh-Chen Chou Department of Computer Scence and Informaton Engneerng, Natonal Dong Hwa Unversty, Tawan ABSTRACT Informaton flow control (IFC) s
More informationAn Optimized Pseudorandom Generator using Packed Matrices
An Optmzed Pseudorandom Generator usng Packed Matrces JOSE-VICENTE AGUIRRE 1, RAFAEL ÁLVAREZ, LEANDRO TORTOSA 3, ANTONIO ZAMORA 4 Dpt. of Computer Scence and Artfcal Intellgence Unversty of Alcante Campus
More informationConcurrent Apriori Data Mining Algorithms
Concurrent Apror Data Mnng Algorthms Vassl Halatchev Department of Electrcal Engneerng and Computer Scence York Unversty, Toronto October 8, 2015 Outlne Why t s mportant Introducton to Assocaton Rule Mnng
More informationPetri Net Based Software Dependability Engineering
Proc. RELECTRONIC 95, Budapest, pp. 181-186; October 1995 Petr Net Based Software Dependablty Engneerng Monka Hener Brandenburg Unversty of Technology Cottbus Computer Scence Insttute Postbox 101344 D-03013
More informationA New Transaction Processing Model Based on Optimistic Concurrency Control
A New Transacton Processng Model Based on Optmstc Concurrency Control Wang Pedong,Duan Xpng,Jr. Abstract-- In ths paper, to support moblty and dsconnecton of moble clents effectvely n moble computng envronment,
More informationThe Research of Ellipse Parameter Fitting Algorithm of Ultrasonic Imaging Logging in the Casing Hole
Appled Mathematcs, 04, 5, 37-3 Publshed Onlne May 04 n ScRes. http://www.scrp.org/journal/am http://dx.do.org/0.436/am.04.584 The Research of Ellpse Parameter Fttng Algorthm of Ultrasonc Imagng Loggng
More informationON SOME ENTERTAINING APPLICATIONS OF THE CONCEPT OF SET IN COMPUTER SCIENCE COURSE
Yordzhev K., Kostadnova H. Інформаційні технології в освіті ON SOME ENTERTAINING APPLICATIONS OF THE CONCEPT OF SET IN COMPUTER SCIENCE COURSE Yordzhev K., Kostadnova H. Some aspects of programmng educaton
More informationTerm Weighting Classification System Using the Chi-square Statistic for the Classification Subtask at NTCIR-6 Patent Retrieval Task
Proceedngs of NTCIR-6 Workshop Meetng, May 15-18, 2007, Tokyo, Japan Term Weghtng Classfcaton System Usng the Ch-square Statstc for the Classfcaton Subtask at NTCIR-6 Patent Retreval Task Kotaro Hashmoto
More informationDecentralized Attribute-Based Encryption and Data Sharing Scheme in Cloud Storage
COMPUTER SYSTEM SECURITY Decentralzed Attrbute-Based Encrypton and Data Sharng Scheme n Cloud Storage Xehua L*, Yanlong Wang, Mng Xu, Yapng Cu College of Computer Scence and Electronc Engneerng, Hunan
More informationRisk-Based Packet Routing for Privacy and Compliance-Preserving SDN
Rsk-Based Packet Routng for Prvacy and Complance-Preservng SDN Karan K. Budhraja Abhshek Malvankar Mehd Bahram Chnmay Kundu Ashsh Kundu Mukesh Snghal, Unversty of Maryland, Baltmore County, MD, USA Emal:
More informationA Resources Virtualization Approach Supporting Uniform Access to Heterogeneous Grid Resources 1
A Resources Vrtualzaton Approach Supportng Unform Access to Heterogeneous Grd Resources 1 Cunhao Fang 1, Yaoxue Zhang 2, Song Cao 3 1 Tsnghua Natonal Labatory of Inforamaton Scence and Technology 2 Department
More informationkccvoip.com basic voip training NAT/PAT extract 2008
kccvop.com basc vop tranng NAT/PAT extract 28 As we have seen n the prevous sldes, SIP and H2 both use addressng nsde ther packets to rely nformaton. Thnk of an envelope where we place the addresses of
More informationImproved Resource Allocation Algorithms for Practical Image Encoding in a Ubiquitous Computing Environment
JOURNAL OF COMPUTERS, VOL. 4, NO. 9, SEPTEMBER 2009 873 Improved Resource Allocaton Algorthms for Practcal Image Encodng n a Ubqutous Computng Envronment Manxong Dong, Long Zheng, Kaoru Ota, Song Guo School
More informationHybrid Protocol For Password-based Key Exchange in Three-party Setting
Hybrd Protocol For Password-based Key Exchange n Three-party Settng TngMao Chang, Jn Zhou, YaJuan Zhang, YueFe Zhu Abstract Modular desgn s a common approach for dealng wth complex tasks n modern cryptology.
More informationTrust-based Mutual Authentication for Bootstrapping in 6LoWPAN
634 JOURNL OF COMMUNICTIONS, VOL. 7, NO. 8, UGUST 202 Trust-based Mutual uthentcaton for Bootstrappng n 6LoWPN Hong Yu College of Computer Scence and Technology, Bejng Unversty of Technology, Bejng 0024,
More informationMathematics 256 a course in differential equations for engineering students
Mathematcs 56 a course n dfferental equatons for engneerng students Chapter 5. More effcent methods of numercal soluton Euler s method s qute neffcent. Because the error s essentally proportonal to the
More informationCMPS 10 Introduction to Computer Science Lecture Notes
CPS 0 Introducton to Computer Scence Lecture Notes Chapter : Algorthm Desgn How should we present algorthms? Natural languages lke Englsh, Spansh, or French whch are rch n nterpretaton and meanng are not
More informationSum of Linear and Fractional Multiobjective Programming Problem under Fuzzy Rules Constraints
Australan Journal of Basc and Appled Scences, 2(4): 1204-1208, 2008 ISSN 1991-8178 Sum of Lnear and Fractonal Multobjectve Programmng Problem under Fuzzy Rules Constrants 1 2 Sanjay Jan and Kalash Lachhwan
More informationA Binarization Algorithm specialized on Document Images and Photos
A Bnarzaton Algorthm specalzed on Document mages and Photos Ergna Kavalleratou Dept. of nformaton and Communcaton Systems Engneerng Unversty of the Aegean kavalleratou@aegean.gr Abstract n ths paper, a
More informationEnhanced Watermarking Technique for Color Images using Visual Cryptography
Informaton Assurance and Securty Letters 1 (2010) 024-028 Enhanced Watermarkng Technque for Color Images usng Vsual Cryptography Enas F. Al rawashdeh 1, Rawan I.Zaghloul 2 1 Balqa Appled Unversty, MIS
More informationA Frame Packing Mechanism Using PDO Communication Service within CANopen
28 A Frame Packng Mechansm Usng PDO Communcaton Servce wthn CANopen Mnkoo Kang and Kejn Park Dvson of Industral & Informaton Systems Engneerng, Ajou Unversty, Suwon, Gyeongg-do, South Korea Summary The
More informationELEC 377 Operating Systems. Week 6 Class 3
ELEC 377 Operatng Systems Week 6 Class 3 Last Class Memory Management Memory Pagng Pagng Structure ELEC 377 Operatng Systems Today Pagng Szes Vrtual Memory Concept Demand Pagng ELEC 377 Operatng Systems
More informationRobust Two-factor Smart Card Authentication
Robust Two-factor Smart Card Authentication Omer Mert Candan Sabanci University Istanbul, Turkey mcandan@sabanciuniv.edu Abstract Being very resilient devices, smart cards have been commonly used for two-factor
More informationAnalysis of Collaborative Distributed Admission Control in x Networks
1 Analyss of Collaboratve Dstrbuted Admsson Control n 82.11x Networks Thnh Nguyen, Member, IEEE, Ken Nguyen, Member, IEEE, Lnha He, Member, IEEE, Abstract Wth the recent surge of wreless home networks,
More informationRange images. Range image registration. Examples of sampling patterns. Range images and range surfaces
Range mages For many structured lght scanners, the range data forms a hghly regular pattern known as a range mage. he samplng pattern s determned by the specfc scanner. Range mage regstraton 1 Examples
More informationMiss in the Middle Attacks on IDEA and Khufu
Mss n the Mddle Attacks on IDEA and Khufu El Bham Alex Bryukov Ad Shamr Abstract. In a recent paper we developed a new cryptanalytc technque based on mpossble dfferentals, and used t to attack the Skpjack
More information124 Chapter 8. Case Study: A Memory Component ndcatng some error condton. An exceptonal return of a value e s called rasng excepton e. A return s ssue
Chapter 8 Case Study: A Memory Component In chapter 6 we gave the outlne of a case study on the renement of a safe regster. In ths chapter wepresent the outne of another case study on persstent communcaton;
More informationThe Greedy Method. Outline and Reading. Change Money Problem. Greedy Algorithms. Applications of the Greedy Strategy. The Greedy Method Technique
//00 :0 AM Outlne and Readng The Greedy Method The Greedy Method Technque (secton.) Fractonal Knapsack Problem (secton..) Task Schedulng (secton..) Mnmum Spannng Trees (secton.) Change Money Problem Greedy
More informationVirtual Machine Migration based on Trust Measurement of Computer Node
Appled Mechancs and Materals Onlne: 2014-04-04 ISSN: 1662-7482, Vols. 536-537, pp 678-682 do:10.4028/www.scentfc.net/amm.536-537.678 2014 Trans Tech Publcatons, Swtzerland Vrtual Machne Mgraton based on
More informationNAG Fortran Library Chapter Introduction. G10 Smoothing in Statistics
Introducton G10 NAG Fortran Lbrary Chapter Introducton G10 Smoothng n Statstcs Contents 1 Scope of the Chapter... 2 2 Background to the Problems... 2 2.1 Smoothng Methods... 2 2.2 Smoothng Splnes and Regresson
More informationThe Shortest Path of Touring Lines given in the Plane
Send Orders for Reprnts to reprnts@benthamscence.ae 262 The Open Cybernetcs & Systemcs Journal, 2015, 9, 262-267 The Shortest Path of Tourng Lnes gven n the Plane Open Access Ljuan Wang 1,2, Dandan He
More information