Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment

Zhao, Yan; Li, Shiming; Jiang, Liehui

doi:10.1155/2018/9178941

Cited by 34 publications

(23 citation statements)

References 53 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recently, many smart card authentication protocols based on the password were proposed [42][43][44]. Most of these protocols are still vulnerable to ID-theft attack, offline password guessing attacks, undetectable online password guessing attacks, and user impersonation attack.…”

Section: Smart Card With Password Based Methodsmentioning

confidence: 99%

D-FAP: Dual-Factor Authentication Protocol for Mobile Cloud Connected Devices

Abuarqoub

2019

JSAN

View full text Add to dashboard Cite

Emerging Mobile Cloud Computing (MCC) technologies offer a new world of promise by leveraging the quality of mobile services. With MCC, resource-constrained mobile devices could capitalize on the computation/storage resources of cloud servers via communication networks. While MCC adoption is growing significantly, several challenges need to be addressed to make MCC-based solutions scale and meet the ever-growing demand for more resource intensive applications. Security is a critical problem hindering the adoption of MCC. One of the most important aspects of MCC security is to establish authenticated communication sessions between mobile devices and cloud servers. The huge amount of data stored on mobile devices poses information security risks and privacy concerns for individuals, enterprises, and governments. The ability to establish authenticated communication sessions between mobile devices and cloud servers can resolve many security concerns. Limited computing and energy resources on mobile devices makes authentication and encryption a challenging task. In this paper, an overview of MCC authentication protocols is presented. Then, a Dual-Factor Authentication Protocol for MCC devices (D-FAP) is proposed. D-FAP aims at increasing authentication security by using multi-factors while offloading computation to the cloud to reduce battery consumption. The security of the protocol is formally verified and informal analysis is performed for various attacks. The results prove that the D-FAP is successful in mitigating various outsider and insider attacks.

show abstract

Section: Smart Card With Password Based Methodsmentioning

confidence: 99%

D-FAP: Dual-Factor Authentication Protocol for Mobile Cloud Connected Devices

Abuarqoub

2019

JSAN

View full text Add to dashboard Cite

show abstract

“…The methodology of calculating the computational time is the same as discussed in Subsection 4.1. The smart card protocols [106][107][108][109] are based on modular exponentiations whereas protocol [105] and [110][111][112] The cost of other operations has been ignored in this analysis as the time taken by them is reasonably small in comparison to modular exponentiation and elliptic curve point multiplication. Computational cost of the smart card protocols has been publicized in Table 14 (p is the number of elliptic curve point multiplications;…”

Section: Recent Security Protocols For Smart Cardsmentioning

confidence: 99%

“…3 presents the graphical analysis of computational of different smart card security protocols. [110] 3 0 3 0 6 0 7.503 7.503 15.006 Xie et al [105] 3 0 3 0 6 0 7.503 7.503 15.006 T r u o n g et al [111] 2 0 2 0 4 0 5.002 5.002 10.004 Z h a o, L i and J i a n g [112] 2 0 2 0 4 0 5.002 5.002 10.004…”

Section: Recent Security Protocols For Smart Cardsmentioning

confidence: 99%

“…Yeh [107] × ×  × ×    ×   × W a n g et al [108]   ×         × O d e l u, Das and G o s w a m i [109]        × × ×   C h a u d h r y et al [110]             Xie et al [105]             T r u o n g et al [111]     ×    × ×  × Z h a o, L i and J i a n g [112]            …”

Section: S P R P L K K a I M P S I A I N A P G A P I P P A L J A I Dmentioning

confidence: 99%

See 1 more Smart Citation

Security of Low Computing Power Devices: A Survey of Requirements, Challenges & Possible Solutions

Singh

Patro²

2019

Cybernetics and Information Technologies

View full text Add to dashboard Cite

Security has been a primary concern in almost all areas of computing and for the devices that are low on computing power it becomes more important. In this paper, a new class of computing device termed as Low Computing Power Device (LCPD) has been defined conceptually. The paper brings out common attributes, security requirements and security challenges of all kinds of low computing power devices in one place so that common security solutions for these can be designed and implemented rather than doing this for each individual device type. A survey of existing recent security solutions for different LCPDs hasve been presented here. This paper has also provided possible security solutions for LCPDs which include identification of countermeasures against different threats and attacks on these devices, and choosing appropriate cryptographic mechanism for implementing the countermeasures efficiently.

show abstract

“…An information system improves usability, maintainability, and security through standardization and development of best practices [3,4]. Authentication is the main gateway in an information system to get authorization to access the account [5]. The authentication process is a user validation process in a smart card, biometric, or username-password [6,7].…”

Section: Introductionmentioning

confidence: 99%

Block-hash of blockchain framework against man-in-the-middle attacks

Riadi

Umar

Busthomi

et al. 2021

regist. j. ilm. teknol. sist. inf.

View full text Add to dashboard Cite

Payload authentication is vulnerable to Man-in-the-middle (MITM) attack. Blockchain technology offers methods such as peer to peer, block hash, and proof-of-work to secure the payload of authentication process. The implementation uses block hash and proof-of-work methods on blockchain technology and testing is using White-box-testing and security tests distributed to system security practitioners who are competent in MITM attacks. The analyisis results before implementing Blockchain technology show that the authentication payload is still in plain text, so the data confidentiality has not minimize passive voice. After implementing Blockchain technology to the system, white-box testing using the Wireshark gives the result that the authentication payload sent has been well encrypted and safe enough. The percentage of security test results gets 95% which shows that securing the system from MITM attacks is relatively high. Although it has succeeded in securing the system from MITM attacks, it still has a vulnerability from other cyber attacks, so implementation of the Blockchain needs security improvisation.

show abstract

Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment

Cited by 34 publications

References 53 publications

D-FAP: Dual-Factor Authentication Protocol for Mobile Cloud Connected Devices

D-FAP: Dual-Factor Authentication Protocol for Mobile Cloud Connected Devices

Security of Low Computing Power Devices: A Survey of Requirements, Challenges & Possible Solutions

Block-hash of blockchain framework against man-in-the-middle attacks

Contact Info

Product

Resources

About