Currently, the popularity of the Internet of Things (IoT) has brought about an increase in the amount of data, so multi-server distributed cloud computing has been widely used in various applications that have brought convenience to our daily lives. At the same time, the development of the fifth generation (5G) of mobile communication technology has gradually become the main driving force for the popularization of the IoT. Because the 5G network is a heterogeneous network with multiple servers and small cells, the mutual authentication protocol under multiple servers is also applicable to the 5G network environment. However, much of the data will have serious storage and security issues during transmission. Aiming at the security issues in a multi-server (M-S) architecture, in 2018, Wu et al. proposed an authentication protocol in a distributed cloud environment. They claimed that their protocol is secure and resistant to various known types of attacks. However, we found that their protocol does not guarantee perfect forward secrecy (PFS) and suffers from privileged insider (PI) attacks. Such attacks will cause data to be out of sync. Therefore, we improved Wu et al.'s protocol and proposed an improvement in the 5G network environment. Finally, we performed a security analysis on the proposed protocol, including the automatic encryption protocol tool ProVerif, BAN logic, and informal security analysis, which proved that our protocol is secure. Compared with similar existing schemes, we have proved the efficiency of the scheme and achieved higher security standards. INDEX TERMS Authentication, multi-server, 5G networks, cryptanalysis, lightweight. Applying this for each component, we get S6:S j |≡ U i |≡ N i. Using A29, S6, and the jurisdiction rule, we get S7: S j |≡ N i. According to the message M2 and using the seeing rule, we get S8: CS {PID i , B 2 : N i , PID i x ; B 3 : ID i h(PID i N i) ; B 4 , T j }. Using the seeing rule for components we get S9: CS { N i , PID i x }. Using A4, S9, and the MM rule, we get S10: CS |≡ U i |∼ (N i , PID i). Using A5, S3, the freshness rule, and the N-V rule, we get S11: CS |≡ U i |≡ (N i , PID i). Using S11 and the belief rule, we get S12: CS |≡ U i |≡ (N i). S13: CS |≡ U i |≡ (PID i). Using A7, S12, and the jurisdiction rule, we get S14: CS |≡ N i. According to S8 and using the seeing rule, we get S15: CS { ID i h(PID i N i) }. Using A5, S14, and the MM rule, we get S16: CS |≡ U i |∼ ID i. Using A11, S16, and the N-V rule, we get S17: CS |≡ U i |≡ ID i. Using A9, S17, and the jurisdiction rule, we get S18: CS |≡ ID i. Using A14, S14, S18, and the belief rule, we get S19: CS |≡ (ID i , N i , HP i). Because K i = h(N i ID i HP i), we can get S20: CS |≡ k i. According to message M3 and using the seeing rule, we get S21: CS {PSID j , B 5 : N j , PSID i x ; B 6 : SID j h(PSID j N j) ; B 7 , T j }. Using the seeing rule for components we get S22: CS { N j , PSID i x }. Using A15, S22, and the message-meaning rule, we get S23: CS |≡ S j |∼ (N j , PSID j). Using A6, S23, the fresh...
The wireless sensor network is a network composed of sensor nodes self-organizing through the application of wireless communication technology. The application of wireless sensor networks (WSNs) requires high security, but the transmission of sensitive data may be exposed to the adversary. Therefore, to guarantee the security of information transmission, researchers propose numerous security authentication protocols. Recently, Wu et al. proposed a new three-factor authentication protocol for WSNs. However, we find that their protocol cannot resist key compromise impersonation attacks and known session-specific temporary information attacks. Meanwhile, it also violates perfect forward secrecy and anonymity. To overcome the proposed attacks, this paper proposes an enhanced protocol in which the security is verified by the formal analysis and informal analysis, Burross-Abadii-Needham (BAN) logic, and ProVerif tools. The comparison of security and performance proves that our protocol has higher security and lower computational overhead.
A multiserver environment can improve the efficiency of mobile network services more effectively than a single server in managing the increase in users. Because of the large number of users, the security of users’ personal information and communication information is more important in a multiserver environment. Recently, Wang et al. proposed a multiserver authentication scheme based on biometrics and proved the security of their scheme. However, we first demonstrate that their scheme is insecure against a known session-specific temporary information attacks, user impersonation attacks, and server impersonation attacks. To solve the security weakness, we propose an improved scheme based on Wang et al.’s scheme. The security of our improved scheme is also validated based on the formal security analysis, Burrows–Abadi–Needham (BAN) logic, ProVerif, and informal security analysis. Security and performance comparisons prove the security and efficiency of our scheme.
While cloud computing and Internet of Things (IoT) technologies have gradually matured, mobile intelligent transportation systems have begun to be widely used. In particular, the application of vehicular ad hoc networks (VANETs) is very convenient for real-time collection and analysis of traffic data. VANETs provide a great convenience for drivers and passengers, making it easier to choose routes. Currently, most research on VANETs obtains data through cloud servers. However, there are few studies on cloud servers obtaining vehicle information through the roadside unit (RSU). In the process of reading traffic information, there will be some private and sensitive information, which may be intercepted or tampered with in untrusted public channels. Therefore, it is necessary to propose a protocol to protect vehicle data during the information reading phase. In this paper, we propose a new provably secure authentication protocol to negotiate a session key before transmitting traffic information. This protocol can complete mutual authentication and generate a session key. Finally, security analysis and performance analysis show that our protocol is secure and efficient.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.