A secure lightweight fuzzy embedder based user authentication scheme for internet of medical things applications

Praveen, R.; Pabitha, P.

doi:10.3233/jifs-223617

Cited by 24 publications

(2 citation statements)

References 47 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To improve on the efficiency and overcome attacks such as offline password guessing, three factor-based authentication schemes such as [168][169][170][171][172] were introduced. Other lightweight privacy-preserving techniques including [173][174][175]176] also provide improved efficiency.…”

Section: Defense Mechanisms Against Cloud Domain Attacksmentioning

confidence: 99%

Biometric Template Attacks and Recent Protection Mechanisms: A Survey

Abdullahi,

Sun,

Wang

et al. 2023

Preprint

View full text Add to dashboard Cite

Section: Defense Mechanisms Against Cloud Domain Attacksmentioning

confidence: 99%

Biometric Template Attacks and Recent Protection Mechanisms: A Survey

Abdullahi,

Sun,

Wang

et al. 2023

Preprint

View full text Add to dashboard Cite

“…However, M-FA requires specialized hardware such as fingerprint sensor, iris sensor, camera and so forth to capture the user's biometric data. 31 Furthermore, binding or generating secret keys from biometric characteristics (such as fuzzy commitment, 32 fuzzy extractors 33,34 etc.) incurs additional computational complexity on the end-user.…”

mentioning

confidence: 99%

A novel and provably secure mutual authentication protocol for cloud environment using elliptic curve cryptography and fuzzy verifier

Patel

Shukla

Patel

2023

Concurrency and Computation

View full text Add to dashboard Cite

SummaryCloud computing is an emerging paradigm that enables on‐demand data storage without considering the local infrastructure limitations of end‐users. The extensive growth in number of servers, resources, and networks intensifies security and privacy concerns in clouds. This necessitates secure mutual authentication and key agreement mechanism to verify the legitimacy of participating entities. In accordance, several authentication protocols have been designed to authenticate end‐users over insecure channels. This article presents security analysis of recent protocols that claim to render security and privacy features. We demonstrate that Kaur et al.'s protocol is vulnerable to replay attack, Dharminder et al.'s protocol is prone to user traceability and known session‐specific temporary information (KSSTI) attacks, and Bouchaala et al.'s protocol is prone to replay and KSSTI attacks. To withstand the aforementioned attacks, we propose an enhanced protocol based on fuzzy verifier and elliptic curve cryptography for clouds. Our protocol safeguards against security attacks while providing privacy functionalities. The security analysis is illustrated under real‐or‐random model, and correctness is verified under the Scyther security verification tool. Finally, comparative analysis with existing protocols shows that our protocol delivers robust security with reasonable computational and communication overheads than state‐of‐the‐art protocols.

show abstract