With the continuous development of IoT (Internet of Things) technology, IoT has become a typical representative of the development of new generation of information technology. The IoT allows people to use our data and computing resource anytime and everywhere. In the context of the IoT, the security of the vast amount of data generated by smart devices is one of the biggest concerns. To meet the challenge, the user authentication scheme in IoT should ensure the essential security performance protection and low computing costs. A authentication protocol preserving user anonymity was proposed by Nikooghadam et al. in 2017. In this paper, we further analyze the security of Nikooghadam et al.'s protocol and propose an improved anonymous authentication protocol for IoT. We use the timestamp mechanism and rely on CDH (Computational Diffie-Hellman) problem to improve security primarily. The security of the proposed protocol is verified using BAN logic and the performance comparison and efficiency analysis are carried out. The results show that our improved protocol has higher security with little more computation cost.
With the rapid development and evolution of wireless network technology, electronic health has shown great potential in continuously monitoring the health of patients. The wireless medical sensor network (WMSN) has played an important role in this field. In WMSN, medical sensors are placed on patients to collect relevant health data and transmitted to medical professionals in hospitals or at home through insecure channels. These health data need to be highly protected because they contain patientrelated private information. Once the information is leaked or maliciously modified, it will cause the wrong diagnosis and endanger the health of patients. To protect information privacy and security from being stolen by illegal users, this article reviews the solutions of Farash et al. and further points out the existing vulnerabilities, such as privileged insider attack, user anonymity invalidation, and offline password guessing attack. In order to overcome these drawbacks, we use the timestamp mechanism and the Elliptic Curve Cryptography to propose an improved anonymous authentication protocol for a smart healthcare system. The security of our protocol is verified by Burrows-Abadi-Needham logic and Automated Validation of Internet Security Protocols and Applications (AVISPA) tools, and security features and efficiency analysis are performed with other related schemes. The results show that the improved protocol provides better security protection while ensuring computational and communication efficiency.
The authentication protocols are implemented to provide identity authentication for communication entities. With the increasing demand of network security and the development of technology, the anonymous authentication protocol for LBS (location based service) has gradually become a research hotspot and attracted extensive attentions, which provides anonymity of the user, confidentiality of location information and identity authentication simultaneously. An efficient and secure anonymous authentication protocol with enhanced privacy for location based service using asymmetric cryptography was proposed by Memon et al. in 2015. However, some scholars pointed out some weaknesses of Memon et al.'s protocol, such as the lack of resistance to password change attack, privileged insider attack and offline password guessing attack. They also pointed out the protocol failed to prevent adversaries from getting the sessionspecific temporary information. Besides, the mutual authentication was not perfect. Therefore, in this paper, we further analyze the security of Memon et al.'s protocol and propose an improved anonymous authentication protocol for location based service. We use the timestamp mechanism and rely on CDH (Computational Diffie-Hellman) problem to improve security primarily. The security of the proposed protocol is verified using BAN logic and the performance comparison and efficiency analysis are carried out. The results show that our improved protocol has higher security with little more computation cost.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.