This document summarizes an efficient and secure dynamic ID-based remote user authentication scheme for a multi-server environment. It begins with an abstract describing the scheme. It then reviews a previous related work by Hsiang-Shih that addressed security flaws in an earlier Liao-Wang scheme. The document proposes a new enhanced scheme that maintains the security properties of Hsiang-Shih's scheme while improving usability by not requiring the user to know the server's ID to generate login requests. It describes the registration, login, and mutual verification/session key agreement phases of the proposed scheme in detail.
Low Power Elliptic Curve Digital Signature Design for Constrained DevicesCSCJournals
Digital signatures represent one of the most widely used security technologies for ensuring unforgeability and non-repudiation of digital data. In this paper a reduced power dissipation of hardware Elliptic Curve Digital Signature design has been developed. Our proposed architecture is based on the Globally Asynchronous Locally Synchronous (GALS) design methodology. In GALS system, modules that are not used frequently can be made to consume less power by pausing their local clocks until they are needed. Our design consists of using units that are clocked independently. The whole ECDSA design is captured using VHDL language, over the finite field GF (2163), and the Virtex IV FPGA device is used for the hardware implementation of the architecture
Cryptanalysis on Privacy-aware Two-factor Authentication Protocol for Wireles...IJECEIAES
Das first proposed two-factor authentication combining the smart card and password to resolve the security problems of wireless sensor networks (WSNs). After that, various researchers studied two-factor authentication suitable for WSNs. In user authentication protocols based on the symmetric key approach, a number of elliptic curve cryptography (ECC)-based authentication protocols have been proposed. To resolve the security and efficiency problems of ECC-based two-factor authentication protocols, Jiang et al. proposed a privacy-aware two-factor authentication protocol based on ECC for WSNs. However, this paper performs a vulnerability analysis on Jiang et al.’s authentication protocol and shows that it has security problems, such as a lack of mutual authentication, a risk of SID modification and DoS attacks, a lack of sensor anonymity, and weak ID anonymity.
Elliptic Curve Cryptography Based Data Transmission against Blackhole Attack ...IJECEIAES
This document discusses securing data transmission against blackhole attacks in mobile ad hoc networks (MANETS) using elliptic curve cryptography (ECC) and the Adhoc On Demand Multipath Distance Vector (AOMDV) routing protocol. It implements ECC to encrypt data packets at the source node before transmission over AOMDV's multiple paths. The performance of this secured approach is analyzed under varying numbers of blackhole attacker nodes based on metrics like average throughput, packet delivery ratio, average end-to-end delay, and normalized routing load. Simulation results show the encrypted packets being transferred between nodes via AOMDV are protected against blackhole attacks.
CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...IJNSA Journal
Recently, Li et al. proposed a secure biometric-based remote user authentication scheme using smart cards to withstand the security flaws of Li-Hwang’s efficient biometric-based remote user authentication scheme using smart cards. Li et al.’s scheme is based on biometrics verification, smart card and one-way hash function, and it also uses the random nonce rather than a synchronized clock, and thus it is efficient in computational cost and more secure than Li-Hwang’s scheme. Unfortunately, in this paper we show that Li et al.’s scheme still has some security weaknesses in their design. In order to withstand those weaknesses in their scheme, we further propose an improvement of their scheme so that the improved scheme always provides proper authentication and as a result, it establishes a session key between the user and the server at the end of successful user authentication.
Blind multi-signature scheme based on factoring and discrete logarithm problemTELKOMNIKA JOURNAL
One of the important objectives of information security systems is providing authentication of
the electronic documents and messages. In that, blind signature schemes are an important solution to
protect the privacy of users in security electronic transactions by highlighting the anonymity of participating
parties. Many studies have focused on blind signature schemes, however, most of the studied schemes
are based on single computationally difficult problem. Also, digital signature schemes from two difficult
problems were proposed but the fact is that only finding solution to single hard problem then these digital
signature schemes are breakable. In this paper, we propose a new signature schemes base on
the combination of the RSA and Schnorr signature schemes which are based on two hard problems: IFP
and DLP. Then expanding to propose a single blind signature scheme, a blind multi-signature scheme,
which are based on new baseline schemes.
CONSTRUCTING THE 2-ELEMENT AGDS PROTOCOL BASED ON THE DISCRETE LOGARITHM PROBLEMIJNSA Journal
It is considered a group signature scheme in frame of which different sets of signers sign electronic documents with hidden signatures and the head of the signing group generates a group signature of fixed size. A new mechanism for imbedding the information about signers into a group signature is proposed. The method provides possibilities for reducing the signature size and to construct collective signature protocols for signing groups. New group signature and collective signature protocols based on the computational difficulty of discrete logarithm are proposed.
This document presents an optimized FPGA hardware implementation of public key cryptography using encryption and decryption. The implementation uses two keys - a public key for encryption that anyone can use, and a private key for decryption that only the intended recipient possesses. The design was tested on a Xilinx Virtex 5 FPGA. Encryption and decryption were shown to work correctly when the proper keys were used. Without the private key, decryption was not possible, demonstrating the security of the approach. Synthesis results showed the design utilizes FPGA resources efficiently compared to other related work.
Channel coding adds redundancy to transmitted data to allow for error correction and detection. It is used to achieve reliable digital communication in the presence of noise and interference. There are two main types of channel coding: linear block codes and convolution codes. Linear block codes divide data into blocks and encode each block into a longer codeword. Convolution codes consider not only the current data but also previous data when encoding. Channel coding trades off bandwidth for improved error correction through the addition of redundant parity bits.
Low Power Elliptic Curve Digital Signature Design for Constrained DevicesCSCJournals
Digital signatures represent one of the most widely used security technologies for ensuring unforgeability and non-repudiation of digital data. In this paper a reduced power dissipation of hardware Elliptic Curve Digital Signature design has been developed. Our proposed architecture is based on the Globally Asynchronous Locally Synchronous (GALS) design methodology. In GALS system, modules that are not used frequently can be made to consume less power by pausing their local clocks until they are needed. Our design consists of using units that are clocked independently. The whole ECDSA design is captured using VHDL language, over the finite field GF (2163), and the Virtex IV FPGA device is used for the hardware implementation of the architecture
Cryptanalysis on Privacy-aware Two-factor Authentication Protocol for Wireles...IJECEIAES
Das first proposed two-factor authentication combining the smart card and password to resolve the security problems of wireless sensor networks (WSNs). After that, various researchers studied two-factor authentication suitable for WSNs. In user authentication protocols based on the symmetric key approach, a number of elliptic curve cryptography (ECC)-based authentication protocols have been proposed. To resolve the security and efficiency problems of ECC-based two-factor authentication protocols, Jiang et al. proposed a privacy-aware two-factor authentication protocol based on ECC for WSNs. However, this paper performs a vulnerability analysis on Jiang et al.’s authentication protocol and shows that it has security problems, such as a lack of mutual authentication, a risk of SID modification and DoS attacks, a lack of sensor anonymity, and weak ID anonymity.
Elliptic Curve Cryptography Based Data Transmission against Blackhole Attack ...IJECEIAES
This document discusses securing data transmission against blackhole attacks in mobile ad hoc networks (MANETS) using elliptic curve cryptography (ECC) and the Adhoc On Demand Multipath Distance Vector (AOMDV) routing protocol. It implements ECC to encrypt data packets at the source node before transmission over AOMDV's multiple paths. The performance of this secured approach is analyzed under varying numbers of blackhole attacker nodes based on metrics like average throughput, packet delivery ratio, average end-to-end delay, and normalized routing load. Simulation results show the encrypted packets being transferred between nodes via AOMDV are protected against blackhole attacks.
CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...IJNSA Journal
Recently, Li et al. proposed a secure biometric-based remote user authentication scheme using smart cards to withstand the security flaws of Li-Hwang’s efficient biometric-based remote user authentication scheme using smart cards. Li et al.’s scheme is based on biometrics verification, smart card and one-way hash function, and it also uses the random nonce rather than a synchronized clock, and thus it is efficient in computational cost and more secure than Li-Hwang’s scheme. Unfortunately, in this paper we show that Li et al.’s scheme still has some security weaknesses in their design. In order to withstand those weaknesses in their scheme, we further propose an improvement of their scheme so that the improved scheme always provides proper authentication and as a result, it establishes a session key between the user and the server at the end of successful user authentication.
Blind multi-signature scheme based on factoring and discrete logarithm problemTELKOMNIKA JOURNAL
One of the important objectives of information security systems is providing authentication of
the electronic documents and messages. In that, blind signature schemes are an important solution to
protect the privacy of users in security electronic transactions by highlighting the anonymity of participating
parties. Many studies have focused on blind signature schemes, however, most of the studied schemes
are based on single computationally difficult problem. Also, digital signature schemes from two difficult
problems were proposed but the fact is that only finding solution to single hard problem then these digital
signature schemes are breakable. In this paper, we propose a new signature schemes base on
the combination of the RSA and Schnorr signature schemes which are based on two hard problems: IFP
and DLP. Then expanding to propose a single blind signature scheme, a blind multi-signature scheme,
which are based on new baseline schemes.
CONSTRUCTING THE 2-ELEMENT AGDS PROTOCOL BASED ON THE DISCRETE LOGARITHM PROBLEMIJNSA Journal
It is considered a group signature scheme in frame of which different sets of signers sign electronic documents with hidden signatures and the head of the signing group generates a group signature of fixed size. A new mechanism for imbedding the information about signers into a group signature is proposed. The method provides possibilities for reducing the signature size and to construct collective signature protocols for signing groups. New group signature and collective signature protocols based on the computational difficulty of discrete logarithm are proposed.
This document presents an optimized FPGA hardware implementation of public key cryptography using encryption and decryption. The implementation uses two keys - a public key for encryption that anyone can use, and a private key for decryption that only the intended recipient possesses. The design was tested on a Xilinx Virtex 5 FPGA. Encryption and decryption were shown to work correctly when the proper keys were used. Without the private key, decryption was not possible, demonstrating the security of the approach. Synthesis results showed the design utilizes FPGA resources efficiently compared to other related work.
Channel coding adds redundancy to transmitted data to allow for error correction and detection. It is used to achieve reliable digital communication in the presence of noise and interference. There are two main types of channel coding: linear block codes and convolution codes. Linear block codes divide data into blocks and encode each block into a longer codeword. Convolution codes consider not only the current data but also previous data when encoding. Channel coding trades off bandwidth for improved error correction through the addition of redundant parity bits.
An authentication framework for wireless sensor networks using Signature Base...ijsrd.com
Authentication in Wireless Sensor Networks (WSNs) is a challenging process. Providing authentication for the Nodes in WSN is a vital issue in Secure Group communication among WSNs. Massive group of tiny sensor Nodes forms WSNs and these are placed in open, unattended milieu. Due to this reason, Nodes in WSN can endure exclusive encounters. WSNs are more vulnerable to active and passive attacks than wired ones due to their broadcasting nature, limitations in resources and unrestrained environments. However, security will be a significant factor for their complete implementation. In this proposal, a new approach has been introduced to achieve secure authentication among Nodes in WSNs.
The document proposes a Co-ordinate Interleaved Non-orthogonal Amplify and Forward (CINAF) relaying protocol to provide full diversity gain for all symbols transmitted in a cooperative wireless network. It involves precoding symbols using a unitary precoder before transmission and decoding them using a zero-forcing successive interference cancellation receiver. Simulation results show the CINAF protocol performs better than conventional amplify-and-forward relaying and a unitary precoding scheme in terms of symbol error rate and bit error rate.
This document describes the implementation of a Viterbi decoder using VHDL. It begins with background on convolutional encoding, the Viterbi algorithm for decoding convolutional codes, and the basic structure of a Viterbi decoder. It then discusses the design and simulation of a rate 1/2 constraint length 3 Viterbi decoder in VHDL targeting the Spartan-3A FPGA. Simulation results and comparisons to other FPGA devices are presented.
Low cost data acquisition from digital caliper to pceSAT Journals
Abstract This paper aims to reduce the Inspection time during Online patrol Inspection. A physical check sheet is used to note down the measured values. A Wired DIGIMATIC to keyboard signal converter device is prepared. A Wireless digimatic to keyboard signal converter device is recommended to reduce the Inspection time and errors. The purpose of Wireless digimatic to keyboard signal converter device is to build a system which integrates with the server through SAP and process these data’s to develop to its full potential. This Paper gives an account of reducing the inspection time during Online patrol Inspection in Pacific Fuel filter line. Trials are carried out after the development of solution and parameters are recorded, the achieved results were found to be highly beneficial and satisfactory. By this paper there is reduction in Inspection Time and errors. The thesis describes the above work in detail. Keywords: Data Acquisition, Vernier Calipers, Inspection Automation, Arduino uno, Wireless, Digimatic to Serial.
AN EFFICIENT PROXY SIGNCRYPTION SCHEME BASED ON THE DISCRETE LOGARITHM PROBLEMZac Darcy
This document proposes a new efficient proxy signcryption scheme based on the discrete logarithm problem (DLP). The scheme allows an original signer to delegate signing power to a proxy signer, who can then sign messages on behalf of the original signer. The scheme consists of setup, proxy-credential-generation, proxy-signcryption-generation, and proxy-unsigncryption-verification phases. It achieves security requirements like verifiability, unforgeability, identifiability, and prevention of misuse through use of public/private keys and the intractability of computing discrete logarithms. The scheme is proven correct and its security is analyzed.
Hard Decision Viterbi Decoder: Implementation on FPGA and Comparison of Resou...IJERA Editor
Viterbi decoder is the most important part in receiver section of wireless communication system. Viterbi
algorithm is one of the most common decoding algorithms used for decoding convolutional codes. Viterbi
decoder employs Maximum Likelihood technique to decode the convolutionally encoded data stream. In
practice, most of the communication systems use Viterbi decoding scheme in processors. But increased interest
on high speed Viterbi decoder in a single chip forced to realize with the speed of Giga-bit per second, without
using memory or off-chip processors. Implementation of proposed design and realization is possible due to
advanced Field Programmable Gate Array (FPGA) technologies and advanced Electronic Design Automatic
(EDA) tools. This paper involves designing an optimum structure of Viterbi decoder and implementing it on
different FPGA devices to compare the resource utilizations.
Design and implementation of log domain decoder IJECEIAES
Low-Density-Parity-Check (LDPC) code has become famous in communications systems for error correction, as an advantage of the robust performance in correcting errors and the ability to meet all the requirements of the 5G system. However, the mot challenge faced researchers is the hardware implementation, because of higher complexity and long run-time. In this paper, an efficient and optimum design for log domain decoder has been implemented using Xilinx system generator with FPGA device Kintex7 (XC7K325T-2FFG900C). Results confirm that the proposed decoder gives a Bit Error Rate (BER) very closed to theory calculations which illustrate that this decoder is suitable for next generation demand which needs a high data rate with very low BER.
Implementation Secure Authentication Using Elliptic Curve CryptographyAM Publications
Elliptic curve cryptography is the most efficient public key encryption scheme based on the elliptic curve concepts that
can be used to create faster, smaller, and efficient cryptographic keys. As a use of network increase for critical transaction, so
huge damages are caused by intrusion attacks hence there is the need of computer network security. To protect network against
various active and passive attack, various technique have been suggested. Mobile devices have many differences in their
capabilities, computational powers and security requirements. The security of mobile communication has stopped the list of
concerns for mobile phone users. Confidentiality, Authentication, Integrity and Non-repudiation are required security services for mobile communication.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Convolutional encoding with Viterbi decoding is a good forward error correction technique suitable for channels affected by noise degradation. Fangled Viterbi decoders are variants of Viterbi decoder (VD) which decodes quicker and takes less memory with no error detection capability. Modified fangled takes it a step further by gaining one bit error correction and detection capability at the cost of doubling the computational complexity and processing time. A new efficient fangled Viterbi algorithm is proposed in this paper with less complexity and processing time along with 2 bit error correction capabilities. For 1 bit error correction for 14 bit input data, when compared with Modified fangled Viterbi decoder, computational complexity has come down by 36-43% and processing delay was halved. For a 2 bit error correction, when compared with Modified fangled decoder computational complexity decreased by 22-36%.
This document discusses channel coding and linear block codes. Channel coding adds redundant bits to input data to allow error detection and correction at the receiver. Linear block codes divide the data into blocks, encode each block into a larger codeword, and use a generator matrix to map message blocks to unique codewords. The codewords can be detected and sometimes corrected using a parity check matrix. Hamming codes are a type of linear block code that can correct single bit errors. The document provides examples of encoding data using generator matrices and decoding using syndrome values and parity check matrices. It also discusses how the minimum distance of a code determines its error detection and correction capabilities.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Introduction: OSI Security Architecture, Security attacks, ,Security Services, Security
Mechanisms, Model for Network Security, Fundamentals of Abstract Algebra : Groups, Rings,
Fields, Modular Arithmetic, Euclidean Algorithm, Finite Fields of the form GF(p),Polynomial
Arithmetic, Finite Fields of the form GF(2n),Classical Encryption techniques, Block Ciphers and
Data Encryption Standard.
NON-STATISTICAL EUCLIDEAN-DISTANCE SISO DECODING OF ERROR-CORRECTING CODES OV...IJCSEA Journal
In this paper we describe novel non-statistical Euclidean distance soft-input, soft-output (SISO) decoding algorithms for the three currently most important error-correcting codes: the low-density parity-check (LDPC), turbo and polar codes. The metric is squared Euclidean distance, and the decoders operate using an antilog-log (AL) process. We have investigated the simulated bit-error rate (BER) performance of these non-statistical algorithms on three channel models: the additive White Gaussian noise (AWGN), the Rayleigh fading and Middleton’s Class-A impulsive noise channels, and compare them with the BER performances of the corresponding statistical decoding algorithms for the three codes and channels. In all cases the performance over the AWGN channel of the non-statistical algorithms is almost the same or slightly better than that of the statistical algorithms. In some cases the performance over the two nonGaussian channels of the non-statistical algorithms is worse than that of the statistical algorithms, but the use of a simple signal amplitude limiter placed before the decoder input significantly improves the actual and relative performances of the algorithms. Thus there is no performance loss, and sometimes a significant performance gain, for the proposed decoding algorithms. A major advantage of our algorithms is that estimation of the channel signal-to-noise ratio is not required, which in practice simplifies system implementation. In addition, we have found that the processing complexity of the non-statistical algorithms is similar or slightly less than that of the corresponding statistical algorithms, and is significantly less for the LDPC codes over all of the channels.
Multi-Server user Authentication Scheme for Privacy Preservation with Fuzzy C...IJCNCJournal
The integration of artificial intelligence technology with a scalable Internet of Things (IoT) platform facilitates diverse smart communication services, allowing remote users to access services from anywhere at any time. The multi-server environment within IoT introduces a flexible security service model, enabling users to interact with any server through a single registration. To ensure secure and privacy preservation services for resources, an authentication scheme is essential. Zhao et al. recently introduced a user authentication scheme for the multi-server environment, utilizing passwords and smart cards, claiming resilience against well-known attacks. This paper conducts cryptanalysis on Zhao et al.'s scheme, focusing on denial of service and privacy attacks, revealing a lack of user-friendliness. Subsequently, we propose a new multi-server user authentication scheme for privacy preservation with fuzzy commitment over the IoT environment, addressing the shortcomings of Zhao et al.'s scheme. Formal security verification of the proposed scheme is conducted using the ProVerif simulation tool. Through both formal and informal security analyses, we demonstrate that the proposed scheme is resilient against various known attacks and those identified in Zhao et al.'s scheme.
Multi-Server user Authentication Scheme for Privacy Preservation with Fuzzy C...IJCNCJournal
The integration of artificial intelligence technology with a scalable Internet of Things (IoT) platform facilitates diverse smart communication services, allowing remote users to access services from anywhere at any time. The multi-server environment within IoT introduces a flexible security service model, enabling users to interact with any server through a single registration. To ensure secure and privacy preservation services for resources, an authentication scheme is essential. Zhao et al. recently introduced a user authentication scheme for the multi-server environment, utilizing passwords and smart cards, claiming resilience against well-known attacks. This paper conducts cryptanalysis on Zhao et al.'s scheme, focusing on denial of service and privacy attacks, revealing a lack of user-friendliness. Subsequently, we propose a new multi-server user authentication scheme for privacy preservation with fuzzy commitment over the IoT environment, addressing the shortcomings of Zhao et al.'s scheme. Formal security verification of the proposed scheme is conducted using the ProVerif simulation tool. Through both formal and informal security analyses, we demonstrate that the proposed scheme is resilient against various known attacks and those identified in Zhao et al.'s scheme.
Password authentication with smart card is one of the simplest and efficient authentication mechanisms to ensure secure communication over insecure network environments. Recently, Tsai et al. proposed an improved password authentication scheme for smart card. Their scheme is more secure than the other previous schemes. In this paper, we show Tsai et al.’s scheme is vulnerable to password guessing attack and has computational overhead. Furthermore, we propose an enhanced password authentication scheme to eliminate the security vulnerability and enhance the overhead. By presenting concrete analysis of security and performance, we show that the proposed scheme cannot only resist various well known attacks, but also is more efficient than the other related works, and thus is feasible for practical applications.
A performance comparison of proposed approach of multiserver authentication a...eSAT Journals
Abstract
Use of smart card makes remote user verification and key agreement easy, elastic to making a secure scattered system environment. It is very important to provide user privacy protection in authentication phase. In this paper, we are describing the performance comparison of Jung approach for multiple server authentication and key agreement schemes with user protection in network security with our proposed approach. First we are describing the jaung approach then overview of our approach with comparison. All the areas those can be improved by us are also defined. Our approach is works for single server as well as multi sever environment. According to our analysis the jaung approach is open to the element, leak-of-verifier attack and session key discovery attack and smart card loss attack. We are saving data into the server table in form of digital identity, smart card is removed by us, and so the new approach is safe from smart card loss attack.
Keywords: User Verification, Session Key, Comparison, Key Size, Smart Card, Network Security.
A performance comparison of proposed approach of multiserver authentication a...eSAT Journals
Abstract
Use of smart card makes remote user verification and key agreement easy, elastic to making a secure scattered system environment. It is very important to provide user privacy protection in authentication phase. In this paper, we are describing the performance comparison of Jung approach for multiple server authentication and key agreement schemes with user protection in network security with our proposed approach. First we are describing the jaung approach then overview of our approach with comparison. All the areas those can be improved by us are also defined. Our approach is works for single server as well as multi sever environment. According to our analysis the jaung approach is open to the element, leak-of-verifier attack and session key discovery attack and smart card loss attack. We are saving data into the server table in form of digital identity, smart card is removed by us, and so the new approach is safe from smart card loss attack.
Keywords: User Verification, Session Key, Comparison, Key Size, Smart Card, Network Security.
CRYPTANALYSIS OF A MORE EFFICIENT AND SECURE DYNAMIC ID-BASED REMOTE USER AUT...IJNSA Journal
This document analyzes the security of a remote user authentication scheme proposed by Yan-yan Wang et al. It finds that the scheme is vulnerable to several attacks such as password guessing attacks, masquerading attacks, and denial of service attacks. The attacks are possible because the scheme does not properly protect sensitive parameters such as passwords and secrets stored on smart cards. While improving on previous schemes, this analyzed scheme still does not achieve the desired security properties for remote user authentication.
An authentication framework for wireless sensor networks using Signature Base...ijsrd.com
Authentication in Wireless Sensor Networks (WSNs) is a challenging process. Providing authentication for the Nodes in WSN is a vital issue in Secure Group communication among WSNs. Massive group of tiny sensor Nodes forms WSNs and these are placed in open, unattended milieu. Due to this reason, Nodes in WSN can endure exclusive encounters. WSNs are more vulnerable to active and passive attacks than wired ones due to their broadcasting nature, limitations in resources and unrestrained environments. However, security will be a significant factor for their complete implementation. In this proposal, a new approach has been introduced to achieve secure authentication among Nodes in WSNs.
The document proposes a Co-ordinate Interleaved Non-orthogonal Amplify and Forward (CINAF) relaying protocol to provide full diversity gain for all symbols transmitted in a cooperative wireless network. It involves precoding symbols using a unitary precoder before transmission and decoding them using a zero-forcing successive interference cancellation receiver. Simulation results show the CINAF protocol performs better than conventional amplify-and-forward relaying and a unitary precoding scheme in terms of symbol error rate and bit error rate.
This document describes the implementation of a Viterbi decoder using VHDL. It begins with background on convolutional encoding, the Viterbi algorithm for decoding convolutional codes, and the basic structure of a Viterbi decoder. It then discusses the design and simulation of a rate 1/2 constraint length 3 Viterbi decoder in VHDL targeting the Spartan-3A FPGA. Simulation results and comparisons to other FPGA devices are presented.
Low cost data acquisition from digital caliper to pceSAT Journals
Abstract This paper aims to reduce the Inspection time during Online patrol Inspection. A physical check sheet is used to note down the measured values. A Wired DIGIMATIC to keyboard signal converter device is prepared. A Wireless digimatic to keyboard signal converter device is recommended to reduce the Inspection time and errors. The purpose of Wireless digimatic to keyboard signal converter device is to build a system which integrates with the server through SAP and process these data’s to develop to its full potential. This Paper gives an account of reducing the inspection time during Online patrol Inspection in Pacific Fuel filter line. Trials are carried out after the development of solution and parameters are recorded, the achieved results were found to be highly beneficial and satisfactory. By this paper there is reduction in Inspection Time and errors. The thesis describes the above work in detail. Keywords: Data Acquisition, Vernier Calipers, Inspection Automation, Arduino uno, Wireless, Digimatic to Serial.
AN EFFICIENT PROXY SIGNCRYPTION SCHEME BASED ON THE DISCRETE LOGARITHM PROBLEMZac Darcy
This document proposes a new efficient proxy signcryption scheme based on the discrete logarithm problem (DLP). The scheme allows an original signer to delegate signing power to a proxy signer, who can then sign messages on behalf of the original signer. The scheme consists of setup, proxy-credential-generation, proxy-signcryption-generation, and proxy-unsigncryption-verification phases. It achieves security requirements like verifiability, unforgeability, identifiability, and prevention of misuse through use of public/private keys and the intractability of computing discrete logarithms. The scheme is proven correct and its security is analyzed.
Hard Decision Viterbi Decoder: Implementation on FPGA and Comparison of Resou...IJERA Editor
Viterbi decoder is the most important part in receiver section of wireless communication system. Viterbi
algorithm is one of the most common decoding algorithms used for decoding convolutional codes. Viterbi
decoder employs Maximum Likelihood technique to decode the convolutionally encoded data stream. In
practice, most of the communication systems use Viterbi decoding scheme in processors. But increased interest
on high speed Viterbi decoder in a single chip forced to realize with the speed of Giga-bit per second, without
using memory or off-chip processors. Implementation of proposed design and realization is possible due to
advanced Field Programmable Gate Array (FPGA) technologies and advanced Electronic Design Automatic
(EDA) tools. This paper involves designing an optimum structure of Viterbi decoder and implementing it on
different FPGA devices to compare the resource utilizations.
Design and implementation of log domain decoder IJECEIAES
Low-Density-Parity-Check (LDPC) code has become famous in communications systems for error correction, as an advantage of the robust performance in correcting errors and the ability to meet all the requirements of the 5G system. However, the mot challenge faced researchers is the hardware implementation, because of higher complexity and long run-time. In this paper, an efficient and optimum design for log domain decoder has been implemented using Xilinx system generator with FPGA device Kintex7 (XC7K325T-2FFG900C). Results confirm that the proposed decoder gives a Bit Error Rate (BER) very closed to theory calculations which illustrate that this decoder is suitable for next generation demand which needs a high data rate with very low BER.
Implementation Secure Authentication Using Elliptic Curve CryptographyAM Publications
Elliptic curve cryptography is the most efficient public key encryption scheme based on the elliptic curve concepts that
can be used to create faster, smaller, and efficient cryptographic keys. As a use of network increase for critical transaction, so
huge damages are caused by intrusion attacks hence there is the need of computer network security. To protect network against
various active and passive attack, various technique have been suggested. Mobile devices have many differences in their
capabilities, computational powers and security requirements. The security of mobile communication has stopped the list of
concerns for mobile phone users. Confidentiality, Authentication, Integrity and Non-repudiation are required security services for mobile communication.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Convolutional encoding with Viterbi decoding is a good forward error correction technique suitable for channels affected by noise degradation. Fangled Viterbi decoders are variants of Viterbi decoder (VD) which decodes quicker and takes less memory with no error detection capability. Modified fangled takes it a step further by gaining one bit error correction and detection capability at the cost of doubling the computational complexity and processing time. A new efficient fangled Viterbi algorithm is proposed in this paper with less complexity and processing time along with 2 bit error correction capabilities. For 1 bit error correction for 14 bit input data, when compared with Modified fangled Viterbi decoder, computational complexity has come down by 36-43% and processing delay was halved. For a 2 bit error correction, when compared with Modified fangled decoder computational complexity decreased by 22-36%.
This document discusses channel coding and linear block codes. Channel coding adds redundant bits to input data to allow error detection and correction at the receiver. Linear block codes divide the data into blocks, encode each block into a larger codeword, and use a generator matrix to map message blocks to unique codewords. The codewords can be detected and sometimes corrected using a parity check matrix. Hamming codes are a type of linear block code that can correct single bit errors. The document provides examples of encoding data using generator matrices and decoding using syndrome values and parity check matrices. It also discusses how the minimum distance of a code determines its error detection and correction capabilities.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Introduction: OSI Security Architecture, Security attacks, ,Security Services, Security
Mechanisms, Model for Network Security, Fundamentals of Abstract Algebra : Groups, Rings,
Fields, Modular Arithmetic, Euclidean Algorithm, Finite Fields of the form GF(p),Polynomial
Arithmetic, Finite Fields of the form GF(2n),Classical Encryption techniques, Block Ciphers and
Data Encryption Standard.
NON-STATISTICAL EUCLIDEAN-DISTANCE SISO DECODING OF ERROR-CORRECTING CODES OV...IJCSEA Journal
In this paper we describe novel non-statistical Euclidean distance soft-input, soft-output (SISO) decoding algorithms for the three currently most important error-correcting codes: the low-density parity-check (LDPC), turbo and polar codes. The metric is squared Euclidean distance, and the decoders operate using an antilog-log (AL) process. We have investigated the simulated bit-error rate (BER) performance of these non-statistical algorithms on three channel models: the additive White Gaussian noise (AWGN), the Rayleigh fading and Middleton’s Class-A impulsive noise channels, and compare them with the BER performances of the corresponding statistical decoding algorithms for the three codes and channels. In all cases the performance over the AWGN channel of the non-statistical algorithms is almost the same or slightly better than that of the statistical algorithms. In some cases the performance over the two nonGaussian channels of the non-statistical algorithms is worse than that of the statistical algorithms, but the use of a simple signal amplitude limiter placed before the decoder input significantly improves the actual and relative performances of the algorithms. Thus there is no performance loss, and sometimes a significant performance gain, for the proposed decoding algorithms. A major advantage of our algorithms is that estimation of the channel signal-to-noise ratio is not required, which in practice simplifies system implementation. In addition, we have found that the processing complexity of the non-statistical algorithms is similar or slightly less than that of the corresponding statistical algorithms, and is significantly less for the LDPC codes over all of the channels.
Multi-Server user Authentication Scheme for Privacy Preservation with Fuzzy C...IJCNCJournal
The integration of artificial intelligence technology with a scalable Internet of Things (IoT) platform facilitates diverse smart communication services, allowing remote users to access services from anywhere at any time. The multi-server environment within IoT introduces a flexible security service model, enabling users to interact with any server through a single registration. To ensure secure and privacy preservation services for resources, an authentication scheme is essential. Zhao et al. recently introduced a user authentication scheme for the multi-server environment, utilizing passwords and smart cards, claiming resilience against well-known attacks. This paper conducts cryptanalysis on Zhao et al.'s scheme, focusing on denial of service and privacy attacks, revealing a lack of user-friendliness. Subsequently, we propose a new multi-server user authentication scheme for privacy preservation with fuzzy commitment over the IoT environment, addressing the shortcomings of Zhao et al.'s scheme. Formal security verification of the proposed scheme is conducted using the ProVerif simulation tool. Through both formal and informal security analyses, we demonstrate that the proposed scheme is resilient against various known attacks and those identified in Zhao et al.'s scheme.
Multi-Server user Authentication Scheme for Privacy Preservation with Fuzzy C...IJCNCJournal
The integration of artificial intelligence technology with a scalable Internet of Things (IoT) platform facilitates diverse smart communication services, allowing remote users to access services from anywhere at any time. The multi-server environment within IoT introduces a flexible security service model, enabling users to interact with any server through a single registration. To ensure secure and privacy preservation services for resources, an authentication scheme is essential. Zhao et al. recently introduced a user authentication scheme for the multi-server environment, utilizing passwords and smart cards, claiming resilience against well-known attacks. This paper conducts cryptanalysis on Zhao et al.'s scheme, focusing on denial of service and privacy attacks, revealing a lack of user-friendliness. Subsequently, we propose a new multi-server user authentication scheme for privacy preservation with fuzzy commitment over the IoT environment, addressing the shortcomings of Zhao et al.'s scheme. Formal security verification of the proposed scheme is conducted using the ProVerif simulation tool. Through both formal and informal security analyses, we demonstrate that the proposed scheme is resilient against various known attacks and those identified in Zhao et al.'s scheme.
Password authentication with smart card is one of the simplest and efficient authentication mechanisms to ensure secure communication over insecure network environments. Recently, Tsai et al. proposed an improved password authentication scheme for smart card. Their scheme is more secure than the other previous schemes. In this paper, we show Tsai et al.’s scheme is vulnerable to password guessing attack and has computational overhead. Furthermore, we propose an enhanced password authentication scheme to eliminate the security vulnerability and enhance the overhead. By presenting concrete analysis of security and performance, we show that the proposed scheme cannot only resist various well known attacks, but also is more efficient than the other related works, and thus is feasible for practical applications.
A performance comparison of proposed approach of multiserver authentication a...eSAT Journals
Abstract
Use of smart card makes remote user verification and key agreement easy, elastic to making a secure scattered system environment. It is very important to provide user privacy protection in authentication phase. In this paper, we are describing the performance comparison of Jung approach for multiple server authentication and key agreement schemes with user protection in network security with our proposed approach. First we are describing the jaung approach then overview of our approach with comparison. All the areas those can be improved by us are also defined. Our approach is works for single server as well as multi sever environment. According to our analysis the jaung approach is open to the element, leak-of-verifier attack and session key discovery attack and smart card loss attack. We are saving data into the server table in form of digital identity, smart card is removed by us, and so the new approach is safe from smart card loss attack.
Keywords: User Verification, Session Key, Comparison, Key Size, Smart Card, Network Security.
A performance comparison of proposed approach of multiserver authentication a...eSAT Journals
Abstract
Use of smart card makes remote user verification and key agreement easy, elastic to making a secure scattered system environment. It is very important to provide user privacy protection in authentication phase. In this paper, we are describing the performance comparison of Jung approach for multiple server authentication and key agreement schemes with user protection in network security with our proposed approach. First we are describing the jaung approach then overview of our approach with comparison. All the areas those can be improved by us are also defined. Our approach is works for single server as well as multi sever environment. According to our analysis the jaung approach is open to the element, leak-of-verifier attack and session key discovery attack and smart card loss attack. We are saving data into the server table in form of digital identity, smart card is removed by us, and so the new approach is safe from smart card loss attack.
Keywords: User Verification, Session Key, Comparison, Key Size, Smart Card, Network Security.
CRYPTANALYSIS OF A MORE EFFICIENT AND SECURE DYNAMIC ID-BASED REMOTE USER AUT...IJNSA Journal
This document analyzes the security of a remote user authentication scheme proposed by Yan-yan Wang et al. It finds that the scheme is vulnerable to several attacks such as password guessing attacks, masquerading attacks, and denial of service attacks. The attacks are possible because the scheme does not properly protect sensitive parameters such as passwords and secrets stored on smart cards. While improving on previous schemes, this analyzed scheme still does not achieve the desired security properties for remote user authentication.
Guillou-quisquater protocol for user authentication based on zero knowledge p...TELKOMNIKA JOURNAL
Authentication is the act of confirming the validity of someone’s personal data. In the traditional
authentication system, username and password are sent to the server for verification. However, this
scheme is not secure, because the password can be sniffed. In addition, the server will keep the user’s
password for the authentication. This makes the system vulnerable when the database server is hacked.
Zero knowledge authentication allows server to authenticate user without knowing the user’s password. In
this research, this scheme was implemented with Guillou-Quisquater protocol. Two login mechanisms
were used: file-based certificate with key and local storage. Testing phase was carried out based on the
Open Web Application Security Project (OWASP) penetration testing scheme. Furthermore, penetration
testing was also performed by an expert based on Acunetix report. Three potential vulnerabilities were
found and risk estimation was calculated. According to OWASP risk rating, these vulnerabilities were at the
medium level.
New Blind Muti-signature Schemes based on ECDLP IJECEIAES
In various types of electronic transactions, including election systems and digital cash schemes, user anonymity and authentication are always required. Blind signatures are considered the most important solutions to meeting these requirements. Many studies have focused on blind signature schemes; however, most of the studied schemes are single blind signature schemes. Although blind multi-signature schemes are available, few studies have focused on these schemes. In this article, blind multi-signature schemes are proposed based on the Elliptic Curve Discrete Logarithm Problem (ECDLP). The proposed schemes are based on the GOST R34.10-2012 digital signature standard and the EC-Schnorr digital signature scheme, and they satisfy blind multi-signature security requirements and have better computational performance than previously proposed schemes. The proposed schemes can be applied in election systems and digital cash schemes.
Security for automation in Internet of Things by using one time passwordSHASHANK WANKHADE
The document discusses improving security for automation in the Internet of Things using one-time passwords. It proposes generating one-time passwords using AES algorithms to provide highly authorized authentication and access to equipment. The proposal includes using elliptic curve cryptography to generate one-time passwords and extending the AES symmetric encryption scheme with Lamport's one-time password algorithm. It analyzes the performance and security of the proposed scheme, finding it can be implemented in IoT networks to provide two-factor authentication between devices, applications, and their communications securely and efficiently with a smaller key size and lower computational requirements compared to other existing one-time password schemes.
Secure Checkpointing Approach for Mobile Environmentidescitation
The document describes a secure checkpointing approach for mobile environments. It proposes using elliptic curve cryptography combined with checkpointing to provide a low overhead, secure, fault tolerant system. Key points:
- Checkpointing is used to save system states to allow recovery from failures. Elliptic curve cryptography provides security by encrypting communication and generating digital signatures.
- The approach shifts cryptographic calculations to base stations to reduce mobile node overhead. Checkpoints and recovery information are stored at base stations.
- Mobile nodes save checkpoints and transfer them to the current base station they are connected to. A recovery algorithm allows processes to rollback and resume from the last saved checkpoint if a failure occurs.
The document summarizes a research paper that analyzes and improves upon the Khan et al. remote user authentication scheme. It first reviews Khan et al.'s scheme, which aimed to address weaknesses in Wang et al.'s scheme. However, the document then identifies weaknesses in Khan et al.'s scheme related to user anonymity, efficiency of wrong password login, forward secrecy, and session key agreement efficiency. To address these, the document proposes an improved authentication scheme based on two-factor authentication using smart cards. It analyzes the security of the proposed scheme and compares it to related works.
Cryptanalysis and Security Enhancement of a Khan et al.'s Schemeiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
IRJET- Signrecrypting Proxy Re-Signature in Secure VanetIRJET Journal
1. The document proposes a SignReCrypting Proxy Re-signature (SRCPR) scheme for secure vehicular ad hoc networks (VANETs). SRCPR combines signcryption, re-encryption, and re-signature to provide security while reducing computation costs.
2. SRCPR includes phases for key generation, vehicle registration, signcryption, message verification, and decryption. It also details an authentication framework between users, the cloud center, and vehicles using tickets.
3. Evaluation results show SRCPR provides security while reducing computation time and costs compared to existing approaches for VANETs.
PRIVACY PRESERVING USER AUTHENTICATION SCHEME BASED ON SMART CARDijcisjournal
One of the most commonly used user authentication mechanisms is two factor authentication based on smart card and password. The core feature of the scheme is to enforce that the user must have the smart card and know the password in order to gain access to server. Recently, Liu et al. proposed a smart card based password authentication scheme and argued that it is secure against insider attack, replay attack and man in the middle attack and provides perfect forward secrecy. In this paper, we show security weaknesses in Liu et al.’s scheme focused on off-line password guessing attack and masquerading attack and it does not provide perfect forward secrecy and anonymity. Accordingly, we propose a privacy preserving user authentication scheme based on smart card, denoted as PUAS, to remedy these security weaknesses and to provide anonymity and perfect forward secrecy. PUAS is more secure with a bit of computational overhead to support several positive properties in security and privacy.
IRJET- Survey on Wireless Body Area Network Security AlgorithmsIRJET Journal
This document summarizes and compares various security algorithms that can be used in Wireless Body Area Networks (WBANs). It first provides background on WBANs and discusses their use for continuous health monitoring. It then analyzes five specific WBAN security algorithms: Blowfish algorithm, Light Weight Encryption Algorithm, clustered algorithm, Elliptic Curve Cryptography algorithm, and Position-aware Body Node Coordinator Placement Algorithm. Each algorithm is described and its advantages and disadvantages are outlined. The document concludes that these algorithms can help prevent unauthorized access to sensitive patient health data transmitted over WBANs.
Elliptic Curve based Authenticated Session Key Establishment Protocol for Hig...IJNSA Journal
The existing authenticated session key establishment protocols are either vulnerable to dictionary attack on identity privacy of a client or the methods adopted to resist this attack are found to be computationally inefficient. This paper proposes a new authenticated key establishment protocol which uses elliptic curve based DDH problem. The protocol provides identity privacy of the client in addition to the other security properties needed for a session key establishment protocol. In comparison with the existing protocols, the proposed protocol offers equivalent security with less parameters resulting in lower computational load, communication bandwidth cost, power consumption and memory requirement.
This document proposes improvements to the remote user authentication scheme of Hsiang and Shih. It summarizes their scheme and identifies two security weaknesses: offline password guessing attacks and undetectable online password guessing attacks. It then proposes a new improved scheme that introduces two unknown factors to protect each parameter stored on the smart card, in order to overcome the weaknesses identified in Hsiang and Shih's scheme.
The authors analyze a nonce-based remote user authentication scheme using smart cards proposed by Lee et al. They find that the scheme is vulnerable to parallel session attacks, where an attacker can impersonate a legitimate user, and denial of service attacks. They propose modifications to the scheme to address these weaknesses by adding nonces and password verification to prevent parallel sessions and dictionary attacks.
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECCijcisjournal
The document presents a new efficient and secure digital multi-signature protocol based on elliptic curve cryptography. The proposed protocol reduces time complexity compared to previous schemes. It consists of setup, key generation, signature generation, and verification phases. The signature generation is efficient and distributed among group members. The protocol is secure against insider attacks and difficult to forge signatures due to the difficulty of solving the elliptic curve discrete logarithm problem. Performance analysis shows the proposed protocol has lower time complexity than previous digital multi-signature schemes.
This paper proposes a signature verification system that uses feature extraction on Java and data classification using a neural network on Python. It is designed for small computational devices. The system takes in a signature, preprocesses it, extracts global, statistical and local features in Java. These features are then classified using a neural network developed in Python. Experimental results show the system achieves 95% accuracy for signature verification. Key parameters like learning rate, momentum, epochs were optimized. The system provides interoperability across platforms and is suitable for applications on small devices.
Similar to EFFICIENT AND SECURE DYNAMIC ID-BASED REMOTE USER AUTHENTICATION SCHEME WITH SESSION KEY AGREEMENT FOR MULTI-SERVER ENVIRONMENT (20)
Comparative analysis between traditional aquaponics and reconstructed aquapon...bijceesjournal
The aquaponic system of planting is a method that does not require soil usage. It is a method that only needs water, fish, lava rocks (a substitute for soil), and plants. Aquaponic systems are sustainable and environmentally friendly. Its use not only helps to plant in small spaces but also helps reduce artificial chemical use and minimizes excess water use, as aquaponics consumes 90% less water than soil-based gardening. The study applied a descriptive and experimental design to assess and compare conventional and reconstructed aquaponic methods for reproducing tomatoes. The researchers created an observation checklist to determine the significant factors of the study. The study aims to determine the significant difference between traditional aquaponics and reconstructed aquaponics systems propagating tomatoes in terms of height, weight, girth, and number of fruits. The reconstructed aquaponics system’s higher growth yield results in a much more nourished crop than the traditional aquaponics system. It is superior in its number of fruits, height, weight, and girth measurement. Moreover, the reconstructed aquaponics system is proven to eliminate all the hindrances present in the traditional aquaponics system, which are overcrowding of fish, algae growth, pest problems, contaminated water, and dead fish.
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMSIJNSA Journal
The smart irrigation system represents an innovative approach to optimize water usage in agricultural and landscaping practices. The integration of cutting-edge technologies, including sensors, actuators, and data analysis, empowers this system to provide accurate monitoring and control of irrigation processes by leveraging real-time environmental conditions. The main objective of a smart irrigation system is to optimize water efficiency, minimize expenses, and foster the adoption of sustainable water management methods. This paper conducts a systematic risk assessment by exploring the key components/assets and their functionalities in the smart irrigation system. The crucial role of sensors in gathering data on soil moisture, weather patterns, and plant well-being is emphasized in this system. These sensors enable intelligent decision-making in irrigation scheduling and water distribution, leading to enhanced water efficiency and sustainable water management practices. Actuators enable automated control of irrigation devices, ensuring precise and targeted water delivery to plants. Additionally, the paper addresses the potential threat and vulnerabilities associated with smart irrigation systems. It discusses limitations of the system, such as power constraints and computational capabilities, and calculates the potential security risks. The paper suggests possible risk treatment methods for effective secure system operation. In conclusion, the paper emphasizes the significant benefits of implementing smart irrigation systems, including improved water conservation, increased crop yield, and reduced environmental impact. Additionally, based on the security analysis conducted, the paper recommends the implementation of countermeasures and security approaches to address vulnerabilities and ensure the integrity and reliability of the system. By incorporating these measures, smart irrigation technology can revolutionize water management practices in agriculture, promoting sustainability, resource efficiency, and safeguarding against potential security threats.
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...IJECEIAES
Climate change's impact on the planet forced the United Nations and governments to promote green energies and electric transportation. The deployments of photovoltaic (PV) and electric vehicle (EV) systems gained stronger momentum due to their numerous advantages over fossil fuel types. The advantages go beyond sustainability to reach financial support and stability. The work in this paper introduces the hybrid system between PV and EV to support industrial and commercial plants. This paper covers the theoretical framework of the proposed hybrid system including the required equation to complete the cost analysis when PV and EV are present. In addition, the proposed design diagram which sets the priorities and requirements of the system is presented. The proposed approach allows setup to advance their power stability, especially during power outages. The presented information supports researchers and plant owners to complete the necessary analysis while promoting the deployment of clean energy. The result of a case study that represents a dairy milk farmer supports the theoretical works and highlights its advanced benefits to existing plants. The short return on investment of the proposed approach supports the paper's novelty approach for the sustainable electrical system. In addition, the proposed system allows for an isolated power setup without the need for a transmission line which enhances the safety of the electrical network
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024Sinan KOZAK
Sinan from the Delivery Hero mobile infrastructure engineering team shares a deep dive into performance acceleration with Gradle build cache optimizations. Sinan shares their journey into solving complex build-cache problems that affect Gradle builds. By understanding the challenges and solutions found in our journey, we aim to demonstrate the possibilities for faster builds. The case study reveals how overlapping outputs and cache misconfigurations led to significant increases in build times, especially as the project scaled up with numerous modules using Paparazzi tests. The journey from diagnosing to defeating cache issues offers invaluable lessons on maintaining cache integrity without sacrificing functionality.
International Conference on NLP, Artificial Intelligence, Machine Learning an...gerogepatton
International Conference on NLP, Artificial Intelligence, Machine Learning and Applications (NLAIM 2024) offers a premier global platform for exchanging insights and findings in the theory, methodology, and applications of NLP, Artificial Intelligence, Machine Learning, and their applications. The conference seeks substantial contributions across all key domains of NLP, Artificial Intelligence, Machine Learning, and their practical applications, aiming to foster both theoretical advancements and real-world implementations. With a focus on facilitating collaboration between researchers and practitioners from academia and industry, the conference serves as a nexus for sharing the latest developments in the field.
ACEP Magazine edition 4th launched on 05.06.2024Rahul
This document provides information about the third edition of the magazine "Sthapatya" published by the Association of Civil Engineers (Practicing) Aurangabad. It includes messages from current and past presidents of ACEP, memories and photos from past ACEP events, information on life time achievement awards given by ACEP, and a technical article on concrete maintenance, repairs and strengthening. The document highlights activities of ACEP and provides a technical educational article for members.
Redefining brain tumor segmentation: a cutting-edge convolutional neural netw...IJECEIAES
Medical image analysis has witnessed significant advancements with deep learning techniques. In the domain of brain tumor segmentation, the ability to
precisely delineate tumor boundaries from magnetic resonance imaging (MRI)
scans holds profound implications for diagnosis. This study presents an ensemble convolutional neural network (CNN) with transfer learning, integrating
the state-of-the-art Deeplabv3+ architecture with the ResNet18 backbone. The
model is rigorously trained and evaluated, exhibiting remarkable performance
metrics, including an impressive global accuracy of 99.286%, a high-class accuracy of 82.191%, a mean intersection over union (IoU) of 79.900%, a weighted
IoU of 98.620%, and a Boundary F1 (BF) score of 83.303%. Notably, a detailed comparative analysis with existing methods showcases the superiority of
our proposed model. These findings underscore the model’s competence in precise brain tumor localization, underscoring its potential to revolutionize medical
image analysis and enhance healthcare outcomes. This research paves the way
for future exploration and optimization of advanced CNN models in medical
imaging, emphasizing addressing false positives and resource efficiency.
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECTjpsjournal1
The rivalry between prominent international actors for dominance over Central Asia's hydrocarbon
reserves and the ancient silk trade route, along with China's diplomatic endeavours in the area, has been
referred to as the "New Great Game." This research centres on the power struggle, considering
geopolitical, geostrategic, and geoeconomic variables. Topics including trade, political hegemony, oil
politics, and conventional and nontraditional security are all explored and explained by the researcher.
Using Mackinder's Heartland, Spykman Rimland, and Hegemonic Stability theories, examines China's role
in Central Asia. This study adheres to the empirical epistemological method and has taken care of
objectivity. This study analyze primary and secondary research documents critically to elaborate role of
china’s geo economic outreach in central Asian countries and its future prospect. China is thriving in trade,
pipeline politics, and winning states, according to this study, thanks to important instruments like the
Shanghai Cooperation Organisation and the Belt and Road Economic Initiative. According to this study,
China is seeing significant success in commerce, pipeline politics, and gaining influence on other
governments. This success may be attributed to the effective utilisation of key tools such as the Shanghai
Cooperation Organisation and the Belt and Road Economic Initiative.
Using recycled concrete aggregates (RCA) for pavements is crucial to achieving sustainability. Implementing RCA for new pavement can minimize carbon footprint, conserve natural resources, reduce harmful emissions, and lower life cycle costs. Compared to natural aggregate (NA), RCA pavement has fewer comprehensive studies and sustainability assessments.
Recycled Concrete Aggregate in Construction Part III
EFFICIENT AND SECURE DYNAMIC ID-BASED REMOTE USER AUTHENTICATION SCHEME WITH SESSION KEY AGREEMENT FOR MULTI-SERVER ENVIRONMENT
1. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
DOI : 10.5121/ijnsa.2010.2409 106
EFFICIENT AND SECURE DYNAMIC ID-BASED
REMOTE USER AUTHENTICATION SCHEME WITH
SESSION KEY AGREEMENT FOR MULTI-SERVER
ENVIRONMENT
Rafael Martínez-Peláez1, 2
, Francisco Rico-Novella1
, Cristina Satizábal3
and
Jacek Pomykała4
1
Telematic Engineering Department, Technical University of Catalonia
{rafaelm, f.rico}@entel.upc.edu
2
Licenciatura en Informatica, Universidad de la Sierra Sur
rpelaez@unsis.edu.mx
3
Division de Estudios de Postgrado, Universidad de la Sierra Sur
isatizabal@unsis.edu.mx
4
Faculty of Mathematics, Informatics and Mechanics, Warsaw University
pomykala@mimuw.edu.pl
ABSTRACT
In 2007, Liao-Wang proposed a dynamic ID-based remote user authentication scheme for multi-server
environment using smart cards. However, Hsiang-Shih demonstrated that Liao-Wang’s scheme has
security flaws. Moreover, Hsiang-Shih proposed an improvement scheme which resolves the security
flaws of Liao-Wang scheme. In this paper, we propose an enhanced remote user authentication scheme
which maintains the merits of Hsiang-Shih’s scheme. Performance evaluation demonstrated the efficiency
of the proposed scheme over related works. Security analysis proved that the proposed scheme is secure
against known attacks.
KEYWORDS
Low-cost Cryptography, Multi-server, Mutual Authentication, Secure Communication, Smart-card
1. INTRODUCTION
Since the beginning of Internet, remote user authentication has been one of the major issues in
network security. A traditional remote user authentication scheme permits identifying legal
users, among those who are not, to get them access to resources. In order to improve network
security, many schemes provide mutual verification. Mutual verification is the process in where
each participant, in a communication, can verify the identity of each other. Other property
desirable in a remote user authentication scheme is the key agreement between parties.
Lamport [1] introduced the concept of hash chain to authenticate remote user over open
networks. Due to the low computational cost of a one-way hash function [2], [3], Lamport’s
scheme is feasible for practical implementation with lightweight devices. However, Lamport’s
scheme requires that the server maintains a verification table, making it vulnerable to steal
information. Hwang et al. [4] proposed a server authentication scheme without verification table
in 1990. Since Lamport’s scheme and Hwang et al.’s scheme, several remote user authentication
schemes with smart cards have been proposed [5], [6], [7], [8], [9], [10], [11].
2. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
107
In this paper, we focus on dynamic ID-based remote user authentication schemes using smart
cards. The first remote user authentication scheme which introduced the concept of dynamic ID-
based was proposed by Das et al. [12] in 2004. The scheme is based on one-way hash function
and the server does not maintain a verification table. This scheme prevents that an attacker or an
observer can know the identity of each user. However, Das et al.’s scheme is not suitable for
multi-server environment. Afterwards, Liao-Wang [13] proposed a dynamic ID-based remote
user authentication scheme for multi-server environment. However, Liao-Wang’s scheme is
vulnerable to the following common attacks: insider, masquerade, server spoofing and
registration centre spoofing. Hsiang-Shih [14] proposed an improvement of Liao-Wang’s
scheme which allows mutual authentication, establishes a session key and prevents common
attacks.
Although, the scheme proposed by Hsiang-Shih is more secure than Liao-Wang, this scheme
has the following drawback: each user must known the identification of the server in order to
create the login request message. In this case, if the user does not known the identification of the
server he cannot create the login request message, making this scheme less practical for real
implementation in a multi-server environment.
In this paper, we propose a new dynamic ID-based remote user authentication scheme based on
Hsian-Shih’s scheme. In contrast to the original scheme, the proposed scheme offers the
following advantages: 1) it is easy-of-use - users can create the login request message without
known the identification of each server; 2) more efficient in terms of computational cost; 3) and
provides strong security.
The rest of this paper is organized as follows. In section 2, we review Hsian-Shih’s scheme.
Section 3 shows the details of the proposed scheme. In section 4, we carry out the security
analysis of the proposed scheme. In section 5, we compare the proposed scheme with the related
schemes. Conclusions are given in section 6.
2. RELATED WORKS
In this section, we review the scheme proposed by Hsiang-Shih which form the basis of our
proposal. The notations used in this paper are summarized in Table 1.
Table 1. Notations.
Notation Meaning
U The user
S The server
RC The registration centre
ID The identification of U
CID The dynamic ID of U
SID The identification of S
H() A secure one-way hash function
SKU-S Session key between U and S
r, x, y, z The secret keys maintained by RC
⊕ Exclusive-or operation
|| String concatenation operation
In general, dynamic ID-based remote user authentication schemes using smart card are defined
by three phases: Registration, Login, and Mutual Verification and Session Key Agreement. In
the registration phase, each user obtains the needed parameters in the scheme. In the login
3. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
108
phase, each user uses her smart card to initialize a communication with a remote server. In the
mutual authentication and session key agreement phase, the participants (user and server) carry
out the authentication process and establish a session key for securing the transmitted data. In
addition, each scheme has a password change phase that enables users to update their passwords
freely without establish a communication with RC.
2.1. Hsiang-Shih’s Scheme
Hsiang-Shih’s [14] scheme is an improvement of the scheme proposed by Liao-Wang [13]. It
features are: 1) modification of the former protocol to provide mutual verification and establish
a session key; and 2) improve security.
Registration phase. In this phase, U obtains the needed parameters to be part of the scheme.
The process is as follows: U chooses and keys ID, PW and secret number b, and computes h(b
⊕ PW). Then, U sends ID and h(b ⊕ PW) to RC through a secure channel. Upon receiving the
registration request message, RC computes the security parameters (from step 4 to 9) to make
her member of the scheme. In the step 10, RC stores V, B, H, R, h() in U’s smart card. Finally, U
enters b into her smart card. Table 2 shows the protocol.
Table 2. Registration protocol.
1. U: ID, PW, b
2. U: h(b ⊕ PW)
3. U RC: ID, h(b ⊕ PW)
4. RC: T = h(ID || x)
5. RC: V = T ⊕ h(ID || h(b ⊕ PW))
6. RC: A = h(h(b ⊕ PW) || r) ⊕ h(x ⊕ r)
7. RC: B = A ⊕ h(b ⊕ PW)
8. RC: R = h(h(b ⊕ PW) || r)
9. RC: H = h(T)
10. RC U: V, B, H, R, h()
11. U: V, B, H, R, h(), b
Login phase. In this phase, U creates the login request message as follows: Firstly, U keys her
ID and PW, and the identification of S. Then, her smart card recovers T’ from V and computes
H*. The smart card checks whether or not H* and H are equal. If the verification is correct, the
identity of U is assured and the smart card generates a nonce N. The nonce N is used to compute
the security parameters (A, CID, P, Q, D, C). Finally, U sends the login request message (CID,
P, Q, D, C, N) to S. Table 3 shows the protocol.
Table 3. Login protocol.
1. U: ID, PW, SID
2. U: T’ = V ⊕ h(ID || h(b ⊕ PW))
3. U: H* = h(T’)
4. U: H* ?= H
5. U: N
6. U: A’ = B ⊕ h(b ⊕ PW)
7. U: CID = h(b ⊕ PW) ⊕ h(T’ || A’ || N)
8. U: P = T’ ⊕ h(A’ || N || SID)
9. U: Q = h(B || A’ || N)
4. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
109
10. U: D = R ⊕ SID ⊕ N
11. U: C = h(A’ || N+1 || SID)
12. U S: CID, P, Q, D, C, N
Mutual verification and session key agreement phase. In this phase, S, RC and U perform the
following process:
Upon receiving the login request message, S generates a nonce N1 and computes M. Then, S
sends the user’s verification message to RC. Afterward, RC recovers N1’ from M and computes
R*, A* and C* (steps 5, 6 and 7). RC checks whether or not C* and C are equal. If they are
equal, it generates a nonce N2 and computes C1 and C2. In step 12, RC sends the
acknowledgement message to S. S verifies the authenticity of RC through steps 13 and 14. If the
verification process is correct, S computes and sends the challenge request message to U. U
computes M2* and compares it with M2. If they are equal, the identity of S is assured. C
computes and sends the challenge response message to S. S computes and compares M3* with
M3. If the verification is correct, the identity of U is assured. Finally, U and S computes the
session key SKU-B. Table 4 shows the protocol.
Table 4. Mutual verification and session key agreement protocol.
1. S: N1
2. S: M = h(SID || y) ⊕ N1
3. S RC: M, SID, D, C, N
4. RC: N1’ = h(SID || y) ⊕ M
5. RC: R* = D ⊕ SID ⊕ N
6. RC: A* = R* ⊕ h(x ⊕ r)
7. RC: C* = h(A* || N+1 || SID)
8. RC: C* ?= C
9. RC: N2
10. RC: C1 = h(N1 || h(SID || y) || N2)
11. RC: C2 = A ⊕ h(h(SID || y) ⊕ N1
12. RC S: C1, C2, N2
13. S: C1* = h(N1 || h(SID || y) || N2)
14. S: C1* ?= C1
15. S: A’ = C2 ⊕ h(h(SID || y) ⊕ N1
16. S: T’ = P ⊕ h(A’ || N || SID)
17. S: H(b ⊕ PW)’ = CID ⊕ h(T’ || A’ || N)
18. S: B* = A’ ⊕ h(b ⊕ PW)’
19. S: Q* = h(B* || A’ || N)
20. S: Q* ?= Q
21. S: N3
22. S: M2 = h(B* || N || A’ || SID)
23. S U: M2, N3
24. U: M2* = h(B* || N || A’ || SID)
25. U: M2* ?= M2
26. U: M3 = h(B || N3 || A || SID)
27. U S: M3
28. S: M3* = h(B || N3 || A || SID)
29. S: M3* ?= M3
30. U: SKU-B = h(B || A || N || N3 || SID)
31. S: SKU-B = h(B || A || N || N3 || SID)
5. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
110
3. PROPOSED SCHEME
In this section, we propose an improvement on Hsiang-Shih’s scheme which keeps the merits of
the original scheme and is easy-of-use.
3.1. Registration phase
In this phase, when U wants to be a legal participant in the scheme, she must submit her identity
ID to RC. In our scheme, U must apply in person at a Registration Centre office in where each
new user must present identification document, birth certificate and other personal documents.
New users must choose and submit her ID to RC. RC generates randomly a password PW and
secret value b, and computes the security parameters for each new user. The process is as
follows:
Firstly, U chooses and submits her ID to RC. Upon receiving the identification of U, RC
generates randomly two values for each user, PW and b. Then, RC computes the security
parameters (from step 4 to 10) using user’s identification ID, secret keys (x and z), and user’s
password PW and secret value b. Finally, RC stores some secure parameters (V, B, R, H, b, h())
in the U’s smart card and sends this smart card to this user via secure channel. Table 5 describes
the operations carried out by U and RC.
Table 5. Our proposed registration protocol.
1. U: ID
2. U RC: ID
3. RC: PW, b
4. RC: T = h(ID || x || b)
5. RC: V = T ⊕ h(ID || PW)
6. RC: A = h(h(ID || PW) || z)
7. RC: B = A ⊕ h(ID || PW || b)
8. RC: R = h(h(PW || b) || x)
9. RC: H = h(T)
10. RC: I = H ⊕ R
11. RC U: V, B, H, I, b, h()
In addition, each server must obtain its security parameter h(SID || y) via a secure channel.
3.2. Login phase
In this phase, when U wants to login the server S, she must insert her smart card and key her ID
and PW. Her smart card must verify the identity of U before creates and sends the login request
message to S. The process is as follows:
In the first step, U keys her ID and PW. Then, her smart card recovers T’ from V. The smart card
computes H* and checks whether or not is equal to H. If the verification is correct, the legality
of U is assured and the smart card computes the needed parameters (from step 5 to 12) to create
the login request message. Finally, U’s smart card sends the login request message (h(PW || b),
Q, D, CID, P) to S. Table 6 shows the operations carried out by U.
6. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
111
Table 6. Our proposed login protocol.
1. U: ID, PW
2. U: T’ = V ⊕ h(ID || PW)
3. U: H* = h(T’)
4. U: H* ?= H
5. U: R’ = H* ⊕ I
6. U: A’ = B ⊕ h(ID || PW || b)
7. U: N
8. U: Q = R’ ⊕ N
9. U: D = R’ ⊕ h(ID || PW) ⊕ N
10. U: C = h(A’ || R’ || N)
11. U: CID = h(PW || b || N) ⊕ C
12. U: P = h(C || h(PW || b || N) || Q)
13. U S: h(PW || b), Q, D, CID, P
Note that U does not need to know server’s identity SID.
3.3. Mutual verification and session key agreement phase
In this phase, when S receives the login request message from U, S asks RC about the legality of
U. RC verifies the legality of S and provides security information, which can be used to carry
out the authentication of U, to S. Afterward, S and U complete the mutual authentication
process. Finally, U and S establish a session key for protecting transmitted data. Table 7 shows
the operations carried out by S, RC and U.
Table 7. Our proposed mutual verification and session key agreement protocol.
1. S: N1
2. S: M = h(h(SID || y) || N1)
3. S: O = M ⊕ h(PW || b)
4. S RC: SID, N1, O, Q, D
5. RC: h(SID || y)*
6. RC: M* = h(h(SID || y)* || N1)
7. RC: M* ?= M
8. RC: h(PW || b)’ = M* ⊕ O
9. RC: R* = h(h(PW || b)’ || x)
10. RC: N’ = R ⊕ Q
11. RC: h(ID || PW)’ = R* ⊕ D ⊕ N’
12. RC: A* = h(h(ID || PW)’ || z)
13. RC: C* = h(A* || R* || N’)
14. RC: N2
15. RC: M1 = C* ⊕ h(h(SID || y) || N2)
16. RC: C1 = A* ⊕ h(h(SID || y) || N’)
17. RC: C2 = h(h(SID || y) || N’) ⊕ h(h(SID || y) || N2) ⊕
N’
18. RC S: N2, M1, C1, C2
19. S: h(h(SID || y) || N2)*
20. S: C’ = M1 ⊕ h(h(SID || y) || N2)*
21. S: h(PW || b || N)’ = CID ⊕ C’
22. S: P* = h(C’ || h(PW || b || N)’ || Q)
7. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
112
23. S: P* ?= P
24. S: N3
25. S: M2 = C’ ⊕ N3
26. S: M3 = h(h(h(SID || y) || N2)* || N3)
27. S U: C1, C2, M2, M3
28. U: h(h(SID || y) || N’)’ = A ⊕ C1
29. U:
h(h(SID || y) || N2)’ = h(h(SID || y) || N’)’ ⊕ C2
⊕ N
30. U: N3’ = C’ ⊕ M2
31. U: M3* = h(h(h(SID || y) || N2)’ || N3’)
32. U: M3* ?= M3
33. U: M4 = h(C || h(h(SID || y) || N2)’ || N3’)
34. U S: M4
35. S: M4* = h(C’ || h(h(SID || y) || N2)* || N3)
36. S: M4* ?= M4
37. U: SKU-S = h(h(PW || b || N) || h(h(SID || y) || N2)’)
38. S: SKU-S = h(h(PW || b || N)’ || h(h(SID || y) || N2))
Upon receiving the login request message, S generates a nonce N1 and computes M and O. S
sends the user’s verification request message (SID, N1, O, Q, D) to RC. After receiving the
message from S, RC computes the security parameter of S (h(SID || y)*). Then, RC verifies if S
is a legal server comparing M* with M (step 7). If the identity of S is assured, RC recovers h(PW
|| b)’ and computes R* using its secret key x. Afterward, RC recovers N’ and h(ID || PW)’ from
Q and D, respectively. RC computes A* using its secret key z and h(ID || PW)’. RC has all the
security parameters to compute C*. Finally, RC computes and sends the user’s verification
response message (N2, M1, C1, C2) to S.
After receiving the message from RC, S verifies the identity of RC computing steps 19 to 23. If
the verification is correct, S generates a nonce N3 and computes a challenge (M2, M3). Finally, S
sends the login response message (C1, C2, M2, M3) to U.
Upon receiving the login response message, U computes the challenge response by using C1 and
C2. By means of C1 and C2, U can recover two security parameters computed by RC. Then, U
recovers N3 generated by S and computes M3*. Afterward, U checks whether or not M3* is equal
to M3. If there are equal, the identity of S is assured. Finally, U computes and sends the
challenge-response message (M4) to S.
Upon receiving the challenge-response message, S computes and checks whether or not M4* and
M4 are equal. If there are equal, the identity of U is assured.
In steps 37 and 38, U and S computes the session key SKU-S.
3.4. Password phase
In this phase, U can update her password whenever she wants. The process is as follows: U
inserts her smart card and keys her ID and PW and request to change her PW. Then, U’s smart
card checks the validity of U comparing H* with H. If they are equal, U can key her new
password PWnew. U’s smart card computes V* = T ⊕ h(ID || PWnew) and replaces V with V*.
8. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
113
4. SECURITY ANALYSIS
In this section, we describe the security of the proposed scheme. It demonstrates that our
scheme can resistance known attacks to provide strong security.
Leak of password. If a malicious user obtains the U’s smart card, she cannot recover U’s
identification ID and password PW by using V, B, H, I and b or other combination of them.
Masquerade registration centre. If a malicious user wants to impersonate the registration
centre, she needs to know y, x, and z for computing C, M1, C1 and C2.
Masquerade server attack. If a malicious user attempts to impersonate the server S, she must
be able to forge a valid challenge (M2, M3). However, this attempt will fail, because it is
infeasible to compute M3 = h(h(SID || y) || N2 ) || N3) without the knowledge of h(SID || y). Note
also that there is no way to compute M3, even if SID and N1 are known by the malicious user.
Masquerade user attack. If a malicious user tries to masquerade as legal user, she must be able
to forge a valid login request message (h(PW || b), Q, D, CID, P). However, it is impossible to
compute CID = h(PW || b || N) ⊕ C or P = h(C || h(PW || b || N) || Q) without the knowledge of
A, R, h(ID || PW) and the user’s nonce N. Although, the malicious user can access all the secure
parameters stored in the smart card [15], [16] (V, B, H, I, and b), she cannot obtain security
parameters h(ID || PW), A and R from V, B, H, I, b, Q, D, CID, P or any other combinations of
them.
Replay attack. The proposed scheme uses nonce to withstand replay attack. Nonces N, N1, N2
and N3 are generated independently and their values differ among sessions. For that reason,
malicious users cannot get access to the system by using previous messages.
Secure password change. In the proposed scheme, U’s smart card verifies the correctness of
the actual password PW by comparing H* with the stored H. If the verification process is
correct, U’s smart card accepts the new password PWnew.
Secret key guessing attack. A malicious user can try to extract the registration centre keys x, y
and z from A = h(h(ID || PW) || z), B = A ⊕ h(ID || PW || z) and R = h(h(PW || b) || x). However,
this attempt will fail because it is computationally infeasible to invert a one-way hash function.
Stolen secret keys. A malicious user can try to extract the RC’s secret keys x and z from A and
R. However, she cannot obtain these parameters because it is computationally infeasible to
invert a one-way hash function h().
Stolen verification table. Because the servers and the registration centre do not store and
maintain any verification table, the proposed scheme is secure against this attack.
5. PERFORMANCE COMPARISON
In this section, we compare the computational cost, communication cost and storage capacity of
the proposed scheme with two other multi-server authentication schemes. The performance
comparison is summarized in Table 8.
Due to the limited computational power of smart cards, the scheme must take computational
cost evaluation into consideration. In order to carry out the computational cost evaluation, we
use the following notation Th as the execution time for one-way hash function. Because
9. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
114
exclusive-or operation requires very low execution time, it is usually neglected considering its
computational cost.
Computational cost. The computational cost is defined as the total time of various operations
executed in each step. From Table 8, we can observe that our scheme is more efficient than
Liao-Wang’s scheme and Hsiang-Shih’s scheme. In our scheme, users perform 6 one-way hash
functions in the login phase. On the other hand, in the scheme proposed by Hsiang-Shih users
perform 7 one-way hash functions. The totally number of one-way hash functions carried out by
each user in our scheme is 9 while users in the scheme proposed by Hsiang-Shih performed 11
one-way hash functions. The computational cost required by our scheme and Liao-Wang’s
scheme is the same from users’ point of view. Moreover, servers performed fewer operations in
our scheme than in previous works.
Communication cost. Table 8 shows the communication cost required by each scheme. In the
login phase, our scheme has a better performance than Hsiang-Shih’s scheme. Although our
scheme requires more communication cost than Hsiang-Shih’s scheme in the mutual
verification and session key agreement phase, the cost is very low for the current network
technologies.
Storage capacity. We evaluate the storage capacity required by our scheme. We assume that
the output size of a one-way hash function, random numbers and secret keys are 160-bit, and
identification, password and nonce are 32-bit length; so the memory needed in the user’s smart
card is 800(5*160) bits, the server requires 160(1*160) bits to store its secret parameter and the
registration centre requires 480(3*160).
Table 8. Performance comparison between our scheme and related schemes.
[13] [14] Ours
Computational cost in the registration phase
U - 1Th -
S - - -
RC 5Th 6Th 6Th
Computational cost in the login phase
U 6Th 7Th 6Th
S - - -
RC - - -
Computational cost in the mutual verification and session
key agreement phase
U 3Th 3Th 3Th
S 7Th 8Th 6Th
RC - 5Th 7Th
Communication cost in the login phase
U 512bits 832bits 800bits
S - - -
RC - - -
Communication cost in the mutual verification and session
key agreement phase
U 160bits 160bits 160bits
S 192bits 736bits 1312bits
RC - 352bits 512bits
Storage capacity U 640bits 800bits 800bits
6. CONCLUSIONS
We have analyzed the scheme proposed by Hsiang and Shih from the following point of views:
1) security; and 2) efficiency. Their scheme prevents the known attacks, making it secure. On
the other hand, their scheme requires high computational cost, as we explained in Table 8.
Moreover, the scheme is not easy-of-use because each user must know the server’s identity
which is not comfortable for users. Hence, we have proposed a new dynamic ID-based remote
user authentication scheme using smart cards for multi-server environment. We have shown that
10. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
115
our scheme is more efficient, in terms of computational cost, and at the same time provides
strong security. The proposed scheme prevents the known attacks, keeping the merits of Hsiang
and Shih’s scheme. Furthermore, the proposed scheme provides the following properties:
establish a session key, mutual verification, easy-of-use, without verification table and based on
one-way hash function.
ACKNOWLEDGEMENTS
This work has been partially supported by the Spanish public funded projects ARES
(CONSOLIDERINGENIO-2010 CSD2007-00004) and ITACA (TSI2006-13409-C02-02), and
graduate scholarship from CONACYT (Mexico).
REFERENCES
[1] L. Lamport, "Password authentication with insecure communication," Communications of the
ACM, vol. 24, pp. 770-772, 1981.
[2] R. Rivest, "RFC 1321 - the MD5 message-disgest algorithm," IETF Working Group 1992.
[3] NIST, "Secure Hash Standard (SHA), FIPS PUB 180-1," National Institute of Standards and
Technology 1995.
[4] T. Hwang, Y. Chen, and C. S. Laih, "Non-interactive password authentication without password
tables," presented at IEEE Region 10 Conference on Computer and Communication System,
1990.
[5] C. C. Chang and T. C. Wu, "Remote password authentication with smart cards," IEE
Proceedings-E, vol. 138, pp. 165-168, 1991.
[6] H. Y. Chien, J. K. Jan, and Y. M. Tseng, "An Efficient and practical solution to remote
authentication: smart card," Computers & Security, vol. 21, pp. 372-375, 2002.
[7] C. C. Lee, L. H. Li, and M. S. Hwang, "A remote user authentication scheme using hash
functions," ACM SIGOPS Operating Systems Review, vol. 36, pp. 23-29, 2002.
[8] W. C. Ku and S. M. Chen, "Weaknesses and improvements of an efficient password based
remote user authentication scheme using smart cards," IEEE Transactions on Consumer
Electronics, vol. 50, pp. 204-207, 2004.
[9] B. Wang and Z. Q. Li, "A forward-secure user authentication scheme with smart cards,"
International Journal of Network Security, vol. 3, pp. 116-119, 2006.
[10] M. A. Ahmed, D. R. Lakshmi, and S. A. Sattar, "Cryptanalysis of a more efficient and secure
dynamic ID-based remote user authentication scheme," International Journal of Network
Security & Its Applications, vol. 1, pp. 32-37, 2009.
[11] R. Martínez-Peláez, F. Rico-Novella, C. Satizabal, and J. Pomykala, "Strong remote user
authentication scheme using smart cards," presented at Eighth International Network
Conference, 2010.
[12] M. L. Das, A. Saxena, and V. P. Gulati, "A Dynamic ID-based remote user authentication
scheme," IEEE Transactions on Consumer Electronics, vol. 50, pp. 629-631, 2004.
[13] Y.-P. Liao and S.-S. Wang, "A Secure Dynamic ID Based Remote User Authentication Scheme
for Multi-server environment," Computer Standards & Interfaces, vol. Available online, 2007.
[14] H. C. Hsiang and W. K. Shih, "Improvement of the secure dynamic ID based remote user
authentication scheme for multi-server environment," Computer Standards & Interfaces, vol. 31,
pp. 1118-1123, 2009.
[15] P. Kocher, J. Jaffe, and B. Jun, "Differential power analysis," in Advances in Cryptology -
Crypto'99, vol. LNCS 1666, 1999, pp. 388-397.
[16] T. S. Messerges, E. A. Dabbish, and R. H. Sloan, "Examining smart-card security under the
threat of power analysis attacks," IEEE Transactions on Computers, vol. 51, pp. 541-552, 2002.
11. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.4, October 2010
116
Authors
Rafael Martínez-Peláez received his degree in
Computational System Engineering from the
Universidad del Valle de Mexico in 2004. Currently, he
is working on a PhD in Telematic Engineering at the
Technical University of Catalonia (Spain). Presently, he
works in the Licenciatura en Informatica of Universidad
de la Sierra Sur and collaborates with the Tecnologias
de Informacion y Comunicaciones group. His main
areas of interest are electronic and mobile payment
systems, and applications of smart card and biometrics
with security protocols design.
Francisco Rico-Novella received his degree in
Telecommunication Engineering and his PhD from the
Technical University of Catalonia (Spain) in 1989 and
1995, respectively. Presently, he works in the
Department of Telematic Engineering with the
Telematics Service group. His current research interests
include network security and electronic commerce.
Cristina Satizábal received her degree in Electronic and
Telecommunications Engineering from Cauca
University (Colombia) in 2000 and her PhD in
Telematic Engineering from the Technical University of
Catalonia (Spain) in 2007. Currently, she is part of the
División de Estudios de Postgrado of Universidad de la
Sierra Sur (Mexico). Her current research interests
include network security and e-government.
Jacek Pomykała received his Master degree in 1981 and
PhD degree in 1986 from the Warsaw University.
Presently, he works in the Faculty of Mathematics
Informatics and Mechanics of Warsaw University, and
Computer Science Department of Warsaw Management
Academy. His research interests include number theory,
cryptology, computational complexity, and computer
systems security.