Liling Cao scite author profile

Security Comm. Networks

Wan-cheng

2014

In order to enhance the security in wireless communication, authentication schemes come to be more crucial and widely deployed recently, especially those which are referred to as multi-factor biometric authentication that base on password, biometrics, and smart card protections. A new scheme in this way was proposed in 2010 by Li and Hwang. Then Das extended the work of Li et al. and made an improvement of their weak scheme in 2011. However, in 2012, Younghwa An demonstrated that Das's protocol failed to achieve mutual authentication for the server and the user. In this paper, it is described that Younghwa An's scheme cannot withstand the following two attacks. (i) It is still vulnerable to replay attack, then an adversary can masquerade as the legal server. (ii) It cannot provide user anonymity and resistance to user masquerading attack, because an adversary can execute the re-registration process by intercepting the ID i in the login phase. Therefore, an improvement to Younghwa An's scheme is presented in this paper. Then, security formal analysis of the modified scheme using the Burrows-Abadi-Needham logic is given, which demonstrates that the modified scheme with slight high computation costs can protect against the several possible attacks.

An Improved Authentication Protocol Using Smart Cards for the Internet of Things

et al. 2019

With the continuous development of IoT (Internet of Things) technology, IoT has become a typical representative of the development of new generation of information technology. The IoT allows people to use our data and computing resource anytime and everywhere. In the context of the IoT, the security of the vast amount of data generated by smart devices is one of the biggest concerns. To meet the challenge, the user authentication scheme in IoT should ensure the essential security performance protection and low computing costs. A authentication protocol preserving user anonymity was proposed by Nikooghadam et al. in 2017. In this paper, we further analyze the security of Nikooghadam et al.'s protocol and propose an improved anonymous authentication protocol for IoT. We use the timestamp mechanism and rely on CDH (Computational Diffie-Hellman) problem to improve security primarily. The security of the proposed protocol is verified using BAN logic and the performance comparison and efficiency analysis are carried out. The results show that our improved protocol has higher security with little more computation cost.

A Parallel Biological Optimization Algorithm to Solve the Unbalanced Assignment Problem Based on DNA Molecular Computing

Wang

et al. 2015

IJMS

The unbalanced assignment problem (UAP) is to optimally resolve the problem of assigning n jobs to m individuals (m < n), such that minimum cost or maximum profit obtained. It is a vitally important Non-deterministic Polynomial (NP) complete problem in operation management and applied mathematics, having numerous real life applications. In this paper, we present a new parallel DNA algorithm for solving the unbalanced assignment problem using DNA molecular operations. We reasonably design flexible-length DNA strands representing different jobs and individuals, take appropriate steps, and get the solutions of the UAP in the proper length range and O(mn) time. We extend the application of DNA molecular operations and simultaneity to simplify the complexity of the computation.

An Authentication Protocol in LTE-WLAN Heterogeneous Converged Network Based on Certificateless Signcryption Scheme With Identity Privacy Protection

2019

Aiming at to avoid the security drawbacks of the authentication protocol in Long Term Evolution-Wireless Local Area Network (LTE-WLAN) heterogeneous converged network proposed by the 3rd Generation Partnership Project (3GPP), an improved protocol based on hybrid cryptosystem is proposed to achieve access authentication for WLAN user equipment(UE) with identity privacy protection. The security analysis shows that by using certificateless signcryption(CLSC) scheme without pairing calculation based on Elliptic Curve Cryptography (ECC), hash chain and identity index mechanism, the proposed authentication protocol provides the following ten kinds of security properties: anonymous protection for International Mobile Subscriber Identity (IMSI), update on shared keys, protection for master session key(MSK), resistance to impersonation attack, replay attack, man-in-the-middle attack, redirect attack and Denial of Service (DoS) attack, mutual authentication between communication entities, and without framework modification from the original protocol. The performance analysis shows that the approximate calculation time of all the communication entities is 79 ms in total and that of UE is 266 us. Thus, our proposed protocol is superior to some other related improved protocols in terms of security and efficiency.

An Improved Anonymous Authentication Protocol for Location-Based Service

et al. 2019

The authentication protocols are implemented to provide identity authentication for communication entities. With the increasing demand of network security and the development of technology, the anonymous authentication protocol for LBS (location based service) has gradually become a research hotspot and attracted extensive attentions, which provides anonymity of the user, confidentiality of location information and identity authentication simultaneously. An efficient and secure anonymous authentication protocol with enhanced privacy for location based service using asymmetric cryptography was proposed by Memon et al. in 2015. However, some scholars pointed out some weaknesses of Memon et al.'s protocol, such as the lack of resistance to password change attack, privileged insider attack and offline password guessing attack. They also pointed out the protocol failed to prevent adversaries from getting the sessionspecific temporary information. Besides, the mutual authentication was not perfect. Therefore, in this paper, we further analyze the security of Memon et al.'s protocol and propose an improved anonymous authentication protocol for location based service. We use the timestamp mechanism and rely on CDH (Computational Diffie-Hellman) problem to improve security primarily. The security of the proposed protocol is verified using BAN logic and the performance comparison and efficiency analysis are carried out. The results show that our improved protocol has higher security with little more computation cost.

An Identity Privacy Protection Scheme in LTE-WLAN Heterogeneous Converged Network

et al. 2021

Aiming at to avoid the drawbacks of the identity privacy protection scheme in Long Term Evolution-Wireless Local Area Network (LTE-WLAN) heterogeneous converged network proposed by the 3rd Generation Partnership Project (3GPP), an improved scheme based on identity index is proposed to achieve anonymity, untraceability and dynamic identity. Security analysis shows that our proposed scheme can prevent replay attack and man-in-the-middle attack for network layer authentication. The results of comparison with the related schemes show that security and efficiency of our proposed scheme is prior to some other existing ones with low computation cost and short time delay.

Certificateless Cross-Domain Group Authentication Key Agreement Scheme Based on ECC

Wireless Communications and Mobile Computing

Liang

Zhang

et al. 2022

Focusing on the problem that existing traditional cross-domain group authentication schemes have a high complexity, a certificateless cross-domain group authentication key agreement scheme based on ECC is proposed. The protocol provides scalability and can meet the requirements of cross-domain key negotiation by multiple participants in different domains. Security analysis shows that the proposed scheme is secure in the random oracle security model, it can resist some attacks under the extended Canetti-Krawczyk (eCK) security model. Performance analysis shows that the proposed scheme is of strong practical application value with high efficiency; it costs relatively low amount of calculation and communication.

A Secure and Efficient Multi-Factor Mutual Certificateless Authentication with Key Agreement Protocol for Mobile Client-Server Environment on ECC without the third-party

Wan-cheng

2016

IJSIA