Suchergebnisse

Recently, Om et al. proposed three-factor remote user authentication protocol using ElGamal cryptosystem and ensured that it is withstands to various kinds of security attacks. But, the authors review carefully Om et al.'s scheme and discover that it unable to resist three attacks (like password guessing; denial of service; and user impersonation). Moreover, their protocol is not facilitating user anonymity. To solve these security vulnerabilities, the authors devise a secure and robust anonymous identity based authentication scheme for multi-server environment. The authentication proof of the proposed scheme has validated using BAN (Burrows-Abadi-Needham) logic, which confirms the protocol facilitates mutual authentication and session-key negotiation securely. Informal security analysis also confirms that it is well protected against various security attacks. In addition, the proposed work is compared along with other schemes (in the context of smart card storage and computation costs as well as execution time).

Wireless local area networks (WLANs), like IEEE 802.11, are right now very common in numerous outdoor or indoor environments for providing wireless communication among WiFi-enabled devices by accessing an Access Point (infrastructure mode) or through peer to peer connections (ad hoc mode). Authentication is one among the most primary research challenges for the realization of the envisioned mobile and wireless Internet. This is mainly due to the latency delay introduced during the authentication process, which are of major concern for real-time applications and media streaming application. In the same way, it is also crucial for WLANs to authenticate clients and build secure channels with them. In the historical researches, the traditional authentication mechanisms frequently adopted the names and passwords of clients as login authentication. However, these Single Factor Authentication mechanisms are proved to be defective. In virtue of enhancing security, recent researches on authentication are built on Two-Factor authentication schemes. In this paper, the authors proposed a two factor, lightweight RFID authentication scheme based on elliptic curve cryptography (ECC) for WLAN. The analytic comparison demonstrates the research not just reduces the expense of proposed authentication schemes, yet gives security similarly as smart card technology. In addition, the performance of the proposed authentication scheme will analyze in terms of computational cost, communications cost, and storage cost.

In this article, the authors have proposed a secure two-factor remote user authentication and session key agreement protocol. As they have shown in the presented scheme, is precise and secure according to both formal and informal security analysis. For formal security analysis, they have applied BAN (Burrows-Abadi-Needham) logic which certifies that the presented scheme provides the amenity of mutual authentication and session key agreement safely. The informal security verification has shown that the proposed scheme is more vigorous against various sort of cruel threats. Moreover, the authors have simulated the presented scheme using broadly accepted AVISPA tool, whose simulation results make sure that the protocol is not dangerous from active and passive attacks together with replay and man-in-the-middle attacks. In addition, the performance evaluation and the security comparison have revealed that the presented scheme gives strong security as well as better complexity in the context of smart card memory requirement, communication cost and computation cost.

Wireless technology is widely spread everywhere in the real world and has a biggest contribution to mankind. However, with the vitality of wireless architectures, security protocols are vulnerable to attackers outside the system, failure in wireless connectivity and machine failures. Protocols must be streamlined to combat with these abnormal conditions. In this paper, the authors provide a review of an existing protocol by Lee et al. They found that the protocol proposed by Lee et al., Enhanced two factor key exchange protocol in public wireless LANs is vulnerable to traceable attack. It is a serious type of attack where the attacker can target a particular user/client. To ensure security, the authors propose an improved scheme which anonymously provides secure authentication satisfying synchronization, untraceability of user and resists common attacks in a wireless network. As most of the real time security protocols use bio-metric based authentication schemes, they also propose a smartcard based secure authentication scheme for wireless networks. Their proposed schemes are proved safe under the formal security analysis of BAN logic. Both of their protocols are simulated using Automated Validation of Internet Security Protocols and Applications (AVISPA). The simulation of their protocols under On-the-Fly-Model-Checker (OFMC) and Constant Logic based Attack Searcher (CL-AtSe) models of AVISPA results in a SAFE state. The authors have compared their proposed schemes against some of the recently proposed wireless authentication schemes in terms of attack resistivity and operational cost. Experimental results elicit a significant improvement over the existing schemes with low cost. Proposed untraceable, synchronized schemes can be applied for authentication purposes in public wireless networks, client server authentication system etc. with effective cost.