The incredible development of Internet of things technology promotes the integration of application systems, which enable people to enjoy the convenience of multiple application services through a single intelligent device or terminal. In order to implement value exchange and information sharing between different applications, cross-domain access is inevitable. In order to prevent illegal access, identity authentication is necessary before the terminal accesses the service. Because of the need to introduce a trusted third party, the traditional centralized authentication model not only destroys the autonomy and flexibility of the application system, but also causes issues such as single point of failure and hidden dangers of unilateral control. This paper proposes an identity-based cross-domain authentication scheme for the Internet of Things. This scheme uses the Blockchain as a decentralized trust anchor instead of the traditional certificate of authority, and uses the identity-based self-authentication algorithm to replace the traditional PKI authentication algorithm. The scheme proposed in this paper implements a decentralized authentication model, which can guarantee the autonomy and initiative of the security domain.
The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, cloud computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To ensure these services can only be accessed conveniently by authorized users, many password and smart card based authentication schemes for multiserver architecture have been proposed. Recently, Truong et al. introduced an identity based user authentication scheme on elliptic curve cryptography in multiserver environment and claimed that their scheme is secure against popular attacks. However, in this paper, we point out that their scheme suffers from offline password guessing and impersonation attack and fails to achieve security requirements of this kind of authentication scheme. Moreover, we put forward a new scheme to conquer security pitfalls in the above scheme. Security analysis indicates that the proposed scheme can be free from well-known attacks. Performance discussion demonstrates that our scheme has advantages in terms of both security property and computation efficiency and thus is more desirable for practical applications in multiserver environment.
The fifth-generation mobile communication technology (5G) provides high-bandwidth and low-latency data channels for massive IoT terminals to access the core business network. At the same time, it also brings higher security threats and challenges. Terminal identity authentication is an important security mechanism to ensure the core business network; however, most of the existing solutions adopt a centralized authentication model. Once the number of authentication requests exceeds the processing capacity of the authentication center service, it will cause authentication request congestion or deadlock. The decentralized authentication model can effectively solve the above problems. This article proposes a decentralized IoT authentication scheme called A2 Chain. First, A2 Chain uses edge computing to decentralize the processing of authentication requests and eliminate the burden on authentication services and the network. Second, to implement cross-domain identity verification of IoT devices, A2 Chain uses blockchain, and sidechain technologies are used to securely share the identity verification information of IoT devices. Additionally, A2 Chain replaces public key infrastructure (PKI) algorithm with identity-based cryptography (IBC) algorithm to eliminate the management overhead caused by centralized authentication model.
The Internet of Things is currently the most popular field of communication and information research directions. Their application in the amount of information involved, are extremely large amount of data. How to ensure the transmission efficiency of business information under the premise of improving networking applications data security to protect the user's privacy data will be particularly important. Paper uses a custom data packet encapsulation mechanism, reducing the overhead of data resources; another based on their cross-platform communication features, combined with secure encryption and decryption, signature and authentication algorithm, the establishment of a secure communication system of things model for the differentiation of things communications environment, providing a standard packet structure, namely smart business security IOT application Protocol intelligent Service Security Application Protocol (ISSAP).
With the wide deployment of new computing paradigms, such as cloud computing and edge computing, the people can access services provided by remote servers more conveniently via the Internet. To preserve the security of those messages transmitted over the public channel, remote user authentication protocols are popularly implemented in various information systems. Recently, Park et al. pointed that Cao and Ge's three-factor authentication scheme suffers from offline identity guessing attack and server impersonation attack. They also proposed a new scheme after presenting the corresponding cryptanalysis. However, we found that Park et al.'s scheme is vulnerable to offline password guessing attack, which is the most serious threat against this kind of authentication scheme. In addition, their scheme cannot provide complete correctness due to the misuse of bio-hashing and also fails to achieve user untraceability and perfect forward secrecy. To conquer these security pitfalls, we put forward a password, smart card, and biometrics-based three-factor remote user authentication scheme using the extended Chebyshev chaotic maps. The security analysis indicates that the proposed scheme can withstand various well-known attacks including offline guessing attack, impersonation attack, and so on. The performance evaluation shows that the proposed scheme provides stronger security guarantee at the cost of acceptable computation overhead. Thus, the proposed scheme is more desirable for securing communication in mobile networks.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.