Design and Verification of Secure Mutual Authentication Protocols for Mobile Multihop Relay WiMAX Networks against Rogue Base/Relay Stations

Huang, Jiesheng; Huang, Chin‐Tser

doi:10.1155/2016/9859830

Cited by 7 publications

(3 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It uses Security Protocol Description Language (SPDL) to describe messages, roles, and security parameters. Scyther can be used to verify a protocol by implementing an unbounded or bounded number of roles and sessions [53]. It also has a graphical user interface and represents any attacks found using graphs.…”

Section: B Formal Security Analysismentioning

confidence: 99%

A Robust Device-to-Device Continuous Authentication Protocol for the Internet of Things

Badhib¹,

Alshehri

Cherif

2021

IEEE Access

View full text Add to dashboard Cite

The Internet of Things (IoT) is a heterogeneous environment that connects billions of devices. Thus, it is a significantly high-value target for attackers and suffers from several threats, especially impersonation attacks during the session. Moreover, the denial of service attack (DoS) threatens IoT environments, as it affects the availability and energy of communicating devices. Continuous authentication solves session hijacking since it checks user legitimacy during the session. Several continuous authentication schemes were proposed to authenticate users to IoT devices, while few works addressed device-to-device authentication. Therefore, it is essential to authenticate devices because if one device gets compromised, then the whole system is at risk. Continuous authentication between devices differs from user-to-device authentication since it cannot rely on biometrics and passwords. This research proposes a fast and secure device-to-device continuous authentication protocol that relies on devices' features (token, battery, and location), and mitigates DoS attacks using shadow IDs and emergency keys. Moreover, it takes the sensor movement into account while preserving privacy. To evaluate the robustness and validate the security of the proposed protocol, we conducted informal and formal analyses using Scyther. In addition, we tested its performance to establish computation costs relative to the system counterparts. The results show the protocol is robust against security threats, incurring reasonable computational costs.

show abstract

Section: B Formal Security Analysismentioning

confidence: 99%

A Robust Device-to-Device Continuous Authentication Protocol for the Internet of Things

Badhib¹,

Alshehri

Cherif

2021

IEEE Access

View full text Add to dashboard Cite

show abstract

“…They found numerous weaknesses in ISO/IEC 9798 standard protocols 66 . The Scyther tool has been used to analyze and verify the security claims of many new AKA protocols in order to formally verify secrecy claims and mutual authentication for the newly designed protocols 43, 53, 67–73 …”

Section: The Security Verification Via Scyther Toolmentioning

confidence: 99%

Cryptanalysis and improvement of the YAK protocol with formal security proof and security verification via Scyther

Mohammad

2020

Int J Communication

View full text Add to dashboard Cite

Hao proposed the YAK as a robust key agreement based on public-key authentication, and the author claimed that the YAK protocol withstands all known attacks and therefore is secure against an extremely strong adversary. However, Toorani showed the security flaws in the YAK protocol. This paper shows that the YAK protocol cannot withstand the known key security attack, and its consequences lead us to introduce a new key compromise impersonation attack, where an adversary is allowed to reveal both the shared static secret key between two-party participation and the ephemeral private key of the initiator party in order to mount this attack. In addition, we present a new security model that covers these attacks against an extremely strong adversary. Moreover, we propose an improved YAK protocol to remedy these attacks and the previous attacks mentioned by Toorani on the YAK protocol, and the proposed protocol uses a verification mechanism in its block design that provides entity authentication and key confirmation. Meanwhile, we show that the proposed protocol is secure in the proposed formal security model under the gap Diffie-Hellman assumption and the random oracle assumption. Moreover, we verify the security of the proposed protocol and YAK protocol by using an automatic verification method such as the Scyther tool, and the verification result shows that the security claims of the proposed protocol are proven, in contrast to those of the YAK protocol, which are not proven. The security and performance comparisons show that the improved YAK protocol outperforms previous related protocols. K E Y W O R D Sauthenticated key agreement, cryptanalysis, eCK, formal security model, key compromise impersonation, known key security, Scyther tool | INTRODUCTIONAs a result of the rapid development in the Internet of Things (IoT)-related applications in daily life, which uses diverse communication devices, securing data has become a more challenging task. Due to a diverse powerful adversary for revealing secret information from a party's participation via the open communication model, many formal security models and automated verification tools have been developed for finding security flaws in proposed new protocols before implementing them in applications. Consequently, secret key distribution and user authentication became the most important security issues in IoT. Nowadays, the security proof and verification process of an Authenticated Key Agreement (AKA) protocol in the formal security model is important for successful IoT applications.Diffie-Hellman (DH) key exchange protocol is a fundamental building block to distribute a shared secret key over an insecure communication model, 1 which is based on the concept of asymmetric cryptography. The shared secret key is used to provide confidentiality, integrity, nonrepudiation, and authenticity for data during transmission over an untrusted communication model. An AKA protocol is based on a public key, wherein the two intended participating parties exchange static and ephemeral ...

show abstract

“…The work of Zhang et al [152] describes how to set up a fake UMTS base station that connects the UE to a network which is different from the default one, leading to unaware use of expensive roaming services. Finally, the work in [153] describes a MITM attack in WiMAX networks that exploits the lack of synchronization between the user and a legitimate base station to spoof the identity of the user.…”

Section: Security Considerationsmentioning

confidence: 99%

Network-In-a-Box: A Survey About On-Demand Flexible Networks

Pozza

Rao

Flinck

et al. 2018

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

One of the key features of next-generation mobile networks is the ability to satisfy the requirements coming from different verticals. For satisfying these requirements, 5G networks will need to dynamically reconfigure the deployment of the network functions. However, the current deployments of mobile networks are experiencing difficulties in exhibiting the required flexibility. At the same time, the research on connectivity provisioning in use cases such as after-disaster scenarios or battlefields has converged towards the idea of Network-In-a-Box. This idea revolves around fitting all software and hardware modules needed by a mobile network in a single or a handful of physical devices. A Network-In-a-Box inherently offers a high level of flexibility that makes it capable of providing connectivity services in a wide range of scenarios. Therefore, the Network-In-a-Box concept represents an alternative approach for satisfying the requirements of next-generation mobile networks. In this survey, we analyze the state-of-the-art of Network-In-a-Box solutions proposed by academia and industry in the time frame starting from 1998 up to early 2017. First, we present the main use cases around which the concept has been conceived. Then, we abstract the common features of the Network-In-a-Box implementations, and discuss how different proposals offer these features. We then draw our conclusions and discuss possible future research directions, including steps required to reach an even higher level of flexibility. The aim of our analysis is twofold. On one hand, we provide a comprehensive view of the idea of Network-In-a-Box. On the other hand, through the analysis we present the features that future mobile networks should exhibit to achieve their design goals. In particular, we show how the Network-In-a-Box fosters the transition towards the next-generation mobile networks.

show abstract

Design and Verification of Secure Mutual Authentication Protocols for Mobile Multihop Relay WiMAX Networks against Rogue Base/Relay Stations

Cited by 7 publications

References 18 publications

A Robust Device-to-Device Continuous Authentication Protocol for the Internet of Things

A Robust Device-to-Device Continuous Authentication Protocol for the Internet of Things

Cryptanalysis and improvement of the YAK protocol with formal security proof and security verification via Scyther

Network-In-a-Box: A Survey About On-Demand Flexible Networks

Contact Info

Product

Resources

About