Vehicles in a vehicular ad-hoc network (VANET) broadcast beacons giving safety-related and traffic information. In an open-access environment, this means that the VANET is susceptible to security and privacy issues. In this paper, we propose a new pseudo-identity-based scheme for conditional anonymity with integrity and authentication in a VANET. The proposed scheme uses a pseudonym in the joining process with the roadside unit (RSU) to protect the real identity even from the RSU, in case it is compromised. All previous identity-based schemes have been prone to insider attackers, and have not met the revocation process. Our scheme resolves these drawbacks as the vehicle signs the beacon with a signature obtained from the RSU. Our scheme satisfies the requirements for security and privacy, and especially the requirements for message integrity and authentication, privacy preservation, non-repudiation, traceability, and revocation. In addition, it provides conditional anonymity to guarantee the protection of an honest vehicle's real identity, unless malicious activities are detected. It is also resistant to common attacks such as modification, replay, impersonation, and man-in-the-middle (MITM) attacks. Although the numerous existing schemes have used a bilinear pairing operation, our scheme does not depend on this due to the complex operations involved, which cause significant computation overhead. Furthermore, it does not have a certification revocation list, giving rise to significant costs due to storage and inefficient communication. Our analysis demonstrates that our scheme can satisfy the security and privacy requirements of a VANET more effectively than previous schemes. We also compare our scheme with the recently proposed schemes in terms of communication and computation and demonstrate its cost-efficiency and appropriateness in working with the VANET. Meanwhile, the computation costs of the beacon signing and verification in our scheme are reduced by 49.9% and 33.3%, respectively.
Over the past years, vehicular ad hoc networks (VANETs) have been commonly used in intelligent traffic systems. VANET's design encompasses critical features that include autonomy, distributed networking, and rapidly changing topology. The characteristics of VANET and its implementations for road safety have attracted considerable industry and academia interest, particularly in research involving transport systems enhancement that could potentially save lives. Message broadcasting in an open access system, such as VANET, is the main and utmost challenging problem with regard to security and privacy in VANETs. Various studies on VANET security and privacy have been proposed. Nevertheless, none has considered overall privacy requirements such as unobservability. In order to address these shortcomings, we propose a VANET based privacy-preserving communication scheme (VPPCS), which meets the requirements for content and contextual privacy. It leverages elliptic curve cryptography (ECC) and an identity-based encryption scheme. We have carried out a detailed security analysis (burrows-abadi-needham (BAN) logic, random oracle model, security of proof, and security attributes) to validate and verify the proposed scheme. The analysis has shown that our scheme is secure and also shown to be effective in a performance evaluation. The proposed scheme does not only meet the previously mentioned security and privacy requirements, but also impervious to various types of attacks such as replay, impersonation, modification, and man-in-themiddle attacks.INDEX TERMS BAN logic, privacy-preserving, elliptic curve, random oracle model, identity-based cryptography.
Efficient and Flexible Multi-Factor Authentication Protocol Based on Fuzzy Extractor of Administrator’s Fingerprint and Smart Mobile Device
In an era of tremendous development in information technology and the Internet of Things (IoT), security plays a key role in safety devices connected with the Internet. Authentication is vital in the security field, and to achieve a strong authentication scheme, there are several systems using a Multi-Factor Authentication (MFA) scheme based on a smart card, token, and biometric. However, these schemes have suffered from the extra cost; lost, stolen or broken factor, and malicious attacks. In this paper, we design an MFA protocol to be the authenticated administrator of IoT’s devices. The main components of our protocol are a smart mobile device and the fuzzy extractor of the administrator’s fingerprint. The information of the authenticated user is stored in an anomalous manner in mobile devices and servers to resist well-known attacks, and, as a result, the attacker fails to authenticate the system when they obtain a mobile device or password. Our work overcomes the above-mentioned issues and does not require extra cost for a fingerprint device. By using the AVISPA tool to analysis protocol security, the results are good and safe against known attacks.
In the era of modern trends such as cloud computing, social media applications, emails, mobile applications, and URLs that lead to increased risks for defrauding authorized users, and then the attackers try to gain illegal access to accounts of users through a malicious attack. The phishing attack is one of the dangerous attacks caused to access of authorized account illegally way. The finances, business, banking, and other sensitive in states are faces by this type of attacks due to the important information they have. In this paper, we propose a secure verification scheme that can overcome the above-mentioned issues. Additionally, the proposed scheme can resist famous cyberattacks such as impersonate attacks, MITM attacks. Moreover, the proposed scheme has security features like strong verification, forward secrecy, user’s identity anomaly. The security analysis and the experimental results proved the strongest of the proposed scheme compared with other related works. Finally, our proposed scheme balanced between the performance and the security merits.
Nowadays, a lot of images and documents are saved on data sets and cloud servers such as certificates, personal images, and passports. These images and documents are utilized in several applications to serve residents living in smart cities. Image similarity is considered as one of the applications of smart cities. The major challenges faced in the field of image management are searching and retrieving images. This is because searching based on image content requires a long time. In this paper, the researchers present a secure scheme to retrieve images in smart cities to identify wanted criminals by using the Gray Level Cooccurrence Matrix. The proposed scheme extracts only five features of the query image which are contrast, homogeneity, entropy, energy, and dissimilarity. This work consists of six phases which are registration, authentication, face detection, features extraction, image similarity, and image retrieval. The current study runs on a database of 810 images which was borrowed from face94 to measure the performance of image retrieval. The results of the experiment showed that the average
Recently, the incorporation of state-of-the-art technology such as Electronic Healthcare Records (EHRs), networks, and cloud computing has transformed the traditional healthcare system. However, security problems have arisen as a result of the integration of technology. Secure remote user authentication is a core part of the healthcare system to validate the user’s identification via an unsecured communication network. Since then, several remote user authentication schemes have been presented, each with its own set of pros and limitations. As a result, security, malicious attacks, and privacy concerns are considered one of the main challenges related to the healthcare system. In this paper, we propose a safe user authentication scheme for patients in the healthcare system that overcomes these flaws and confirms the security of the proposed work using scyther, a formal security tool. In the healthcare environment, our work provides an effective means to construct an environment capable of setting, registering, storing, searching, analyzing, authentication, and verifying electronic healthcare information in order to protect the information of patients. Furthermore, our suggested scheme uses symmetric encryption based on the crypto-hash function for accessing the anomaly of the patient’s identity and One-Time Password (OTP). Towards the end of the study, the performance analysis results indicate a delicate balance of security and performance that is frequently lacking in previous works.
The wide use of vehicular ad hoc networks (VANETs) in the last decade hasled many researchers to find efficient and reliable methods to obtain the desired benefits and offer services, such as healthcare and traffic management. However, VANETs suffer from security issues represented by authentication and data integrity. In thispaper, we propose a robust mutual authentication scheme based on elliptic curve cryptography (ECC), cryptography hash function, and a pseudonym. The proposed work was twofold in focus: first, on healthcare in emergency cars which use VANETs, and second, on overcoming security issues, such as resisting familiar attacks (e.g. insider attacks and reply attacks). Because of the serious situation generated by the worldwide outbreak of the Covid-19 epidemic, we also found this research valuable in supporting global efforts to combat the rapid spread of this virus, by finding the safest and fastest routes to epidemic treatment centres for medical staff, assistance teams in medical operations, fumigation control, and all work teams associated with disease control. This research attempts to contribute by proposing a special signal used to define epidemic teams. The best route, fast route can be chosen by using VANETs infrastructure. This scheme also deals with metric security features, such as key management, data integrity, and data privacy. In the communication and computation cost, we noticed that our proposed scheme achieved good results compared with the related works.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
Contact Info
hi@scite.ai
334 Leonard St
Brooklyn, NY 11211
Product
Resources
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.
