A lightweight and secure two factor anonymous authentication protocol for Global Mobility Networks

Baig, Ahmed Fraz; Hassan, Khwaja Mansoor ul; Ghani, Anwar; Chaudhry, Shehzad Ashraf; Khan, Imran; Ashraf, Muhammad Usman

doi:10.1371/journal.pone.0196061

Cited by 9 publications

(8 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Lee et al also in [23] introduced another scheme, but they emphasized that their protocol suffers from logical errors and denial-ofservice attacks of the registration phase. In 2018, Baig et al proposed a new lightweight scheme to solve these issues [24]. However, in [25] have been shown the Baig et al's scheme cannot provide user privacy.…”

Section: Related Workmentioning

confidence: 99%

“…On the other hand, the detailed security analysis of AMAPG and its formal security verification using Scyther tool confirms that it provides desired security against different attacks. To keep In the term of computational costs, as depicted in Table 7 and Figure 8, the Baig et al [24] and AMAPG schemes require the least amount of time for calculations, respectively. Focusing on the M U computation analysis as it is the resource constrain device, it can easily seen in Table 7, the Baig et al [24] and AMAPG schemes in their M U side require 6T h and 9T h , respectively which are the fastest.…”

Section: Security and Performance Comparisonmentioning

confidence: 99%

See 1 more Smart Citation

AMAPG: Advanced Mobile Authentication Protocol for GLOMONET

et al. 2021

View full text Add to dashboard Cite

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Security and Performance Comparisonmentioning

confidence: 99%

AMAPG: Advanced Mobile Authentication Protocol for GLOMONET

et al. 2021

View full text Add to dashboard Cite

show abstract

“…Likewise, Lee et al found that the scheme proposed by Mun et al is not safe from man-in-the-middle and masquerade attacks, and perfect forward secrecy is also not satisfactory [11]. Lee et al proposed a scheme to solve these security problems, but they highlighted that this scheme is also vulnerable to logical errors and denialof-service attacks of the registration phase, similar to the scheme proposed by Ahmed et al Then, Ahmed et al proposed a new lightweight scheme to address these issues [12]. However, as we mentioned earlier in this subsection, Ahmed et al's scheme cannot completely provide user privacy and other security features.…”

Section: Plos Onementioning

confidence: 99%

“…We considered not only the privacy preserving mentioned in Section 3.4, but also other security requirements to consider in the GLOMONET environment [33]. Table 2 compares privacy preserving, security attack resistance and some security requirements of our proposed scheme and other related schemes [4,9,11,12,34].…”

Section: Informal Security Analysismentioning

confidence: 99%

Lightweight user authentication scheme for roaming service in GLOMONET with privacy preserving

Kang

Lee

et al. 2021

PLoS ONE

View full text Add to dashboard Cite

With the development of information technology and the Internet, users can conveniently use roaming services without time and space restrictions. This roaming service is initiated by establishing a session key between a home node, which exists in a home network, and a mobile node, which exists in a foreign network. However, in the process of verifying a legitimate user and establishing a session key, various security threats and privacy exposure issues can arise. This study demonstrates that the authentication scheme for the roaming service proposed in the existing Global Mobility Network (GLOMONET) environment has several vulnerabilities and, hence, is impractical. In addition, the scheme does not satisfy the privacy of the session key or user’s identity or password. Accordingly, we propose a new lightweight authentication scheme to compensate for these vulnerabilities and secure a high level of privacy, such as non-traceability. In addition, formal and informal analyses are conducted to examine the safety of the proposed scheme. Based on the results of our analyses, we prove that the proposed scheme is highly secure and applicable to the actual GLOMONET environment.

show abstract

“…Any security protocol needs to achieve backward secrecy to protect future sessions or communication [31]. Backward secrecy ensures that even if the attacker gains the secret session key, he will not be in a position to compromise the future session keys [48]. The proposed protocol ensures backward secrecy in both phases.…”

Section: ) Backward Secrecymentioning

confidence: 99%

A Robust Device-to-Device Continuous Authentication Protocol for the Internet of Things

Badhib¹,

Alshehri

Cherif

2021

IEEE Access

View full text Add to dashboard Cite

The Internet of Things (IoT) is a heterogeneous environment that connects billions of devices. Thus, it is a significantly high-value target for attackers and suffers from several threats, especially impersonation attacks during the session. Moreover, the denial of service attack (DoS) threatens IoT environments, as it affects the availability and energy of communicating devices. Continuous authentication solves session hijacking since it checks user legitimacy during the session. Several continuous authentication schemes were proposed to authenticate users to IoT devices, while few works addressed device-to-device authentication. Therefore, it is essential to authenticate devices because if one device gets compromised, then the whole system is at risk. Continuous authentication between devices differs from user-to-device authentication since it cannot rely on biometrics and passwords. This research proposes a fast and secure device-to-device continuous authentication protocol that relies on devices' features (token, battery, and location), and mitigates DoS attacks using shadow IDs and emergency keys. Moreover, it takes the sensor movement into account while preserving privacy. To evaluate the robustness and validate the security of the proposed protocol, we conducted informal and formal analyses using Scyther. In addition, we tested its performance to establish computation costs relative to the system counterparts. The results show the protocol is robust against security threats, incurring reasonable computational costs.

show abstract

A lightweight and secure two factor anonymous authentication protocol for Global Mobility Networks

Cited by 9 publications

References 29 publications

AMAPG: Advanced Mobile Authentication Protocol for GLOMONET

AMAPG: Advanced Mobile Authentication Protocol for GLOMONET

Lightweight user authentication scheme for roaming service in GLOMONET with privacy preserving

A Robust Device-to-Device Continuous Authentication Protocol for the Internet of Things

Contact Info

Product

Resources

About