Marimuthu Karuppiah

A secure remote user mutual authentication scheme using smart cards

Authentication thwarts unauthorised users from accessing resources in insecure network environments. Password authentication based on smart cards is one of the simplest and most efficient authentication methods and is commonly deployed to authenticate the legitimacy of remote users. Based on cryptographic techniques, several password authentication schemes have previously been implemented. However, all of these schemes are vulnerable to various malicious attacks that are discussed below. In this paper, we propose a secure remote user mutual authentication scheme using smart cards that achieves all security requirements. Furthermore, we show that our proposed scheme can withstand various malicious attacks and is more suitable for practical applications than other related schemes.

A novel and provably secure authentication and key agreement scheme with user anonymity for global mobility networks

Ubiquitous networks support the roaming service for mobile communication devices. The mobile user can use the services in the foreign network with the help of the home network. Mutual authentication plays an important role in the roaming services, and researchers put their interests on the authentication schemes. Recently, in 2016, Gope and Hwang found that mutual authentication scheme of He et al. for global mobility networks had security disadvantages such as vulnerability to forgery attacks, unfair key agreement, and destitution of user anonymity. Then, they presented an improved scheme. However, we find that the scheme cannot resist the off-line guessing attack and the de-synchronization attack. Also, it lacks strong forward security. Moreover, the session key is known to HA in that scheme. To get over the weaknesses, we propose a new two-factor authentication scheme for global mobility networks. We use formal proof with random oracle model, formal verification with the tool Proverif, and informal analysis to demonstrate the security of the proposed scheme. Compared with some very recent schemes, our scheme is more applicable. Copyright

A Secure Authentication Scheme with User Anonymity for Roaming Service in Global Mobility Networks

In global mobility networks, user authentication is an essential security mechanism that permits mobile users to use the roaming services offered by foreign agents with the support of home agent in mobile network environment. Recently, Rhee et al. analyzed Wu et al. and Wei et al. authentication scheme, and proposed a smart card based user authentication scheme with user anonymity in global mobility networks. However, in this paper, we find that Rhee et al. scheme is vulnerable to user impersonation attacks and off-line password guessing attacks. Moreover, the scheme does not preserve user anonymity; does not provide perfect forward secrecy, and an option to change/update the password; and does not detect wrong password quickly. Hence we propose a secure authentication scheme with user anonymity for roaming service in global mobility networks. Furthermore, performance analysis shows that compared with existing authentication schemes, our proposed scheme is simple and secure.

Secure and Efficient Two-Factor User Authentication Scheme with User Anonymity for Network Based E-Health Care Applications

Benefited from the development of network and communication technologies, E-health care systems and telemedicine have got the fast development. By using the E-health care systems, patient can enjoy the remote medical service provided by the medical server. Medical data are important privacy information for patient, so it is an important issue to ensure the secure of transmitted medical data through public network. Authentication scheme can thwart unauthorized users from accessing services via insecure network environments, so user authentication with privacy protection is an important mechanism for the security of E-health care systems. Recently, based on three factors (password, biometric and smart card), an user authentication scheme for E-health care systems was been proposed by Amin et al., and they claimed that their scheme can withstand most of common attacks. Unfortunate, we find that their scheme cannot achieve the untraceability feature of the patient. Besides, their scheme lacks a password check mechanism such that it is inefficient to find the unauthorized login by the mistake of input a wrong password. Due to the same reason, their scheme is vulnerable to Denial of Service (DoS) attack if the patient updates the password mistakenly by using a wrong password. In order improve the security level of authentication scheme for E-health care application, a robust user authentication scheme with privacy protection is proposed for E-health care systems. Then, security prove of our scheme are analysed. Security and performance analyses show that our scheme is more powerful and secure for E-health care systems when compared with other related schemes.

Cryptanalysis and an Improvement of New Remote Mutual Authentication Scheme using Smart Cards

Abstract In this paper, the security of a remote user mutual authentication scheme using smart cards proposed by Rajaram et al., [Rajaram R, Amutha Prabakar M, New Remote Mutual Authentication Scheme using Smart Cards, Transactions on Data Privacy, 2(2009): 141--152] is analysed. We show that Rajaram et al., scheme is still vulnerable to user impersonation attacks, off-line password guessing attacks and time synchronization problem. Moreover, the scheme does not provide an option to change or update the password and efficient login, and lacks proper mutual authentication. We also propose a password-based remote user mutual authentication scheme which provides the remedy for the vulnerabilities of Rajaram et al., scheme. Furthermore, performance analysis shows that compared with Rajaram et al., authentication scheme, our proposed scheme is simple and secure.

A secure user authentication and key-agreement scheme using wireless sensor networks for agriculture monitoring

Abstract Agriculture is the backbone of our economic system and plays an important role in the life of an economy. It does not only provide raw material and food, but also provides large employment opportunities. Therefore, agriculture requires modern technology for increasing the productivity. In this context, wireless sensor networks ( WSNs ) could be utilized for monitoring the climatic parameters such as (temperature, humidity, light, carbon dioxide, soil moisture, acidity etc.) in an agriculture field. The climatic parameters are very important in terms of growth, quality and productivity of crops. But, any kind of interception, modification, insertion, and deletion on these parameters can have negative effect on crop. Therefore, security and privacy are important issues in agriculture field. In this regard, we design a novel remote user authentication scheme using wireless sensor networks for agriculture monitoring. The protocol is validated through Burrows–Abadi–Needham (BAN) logic and also simulated using Automated Validation Information Security Protocols and Applications ( AVISPA ) tool. We formally analyze the security of the scheme using random oracle model. In addition, the informal security analysis shows that the proposed protocol is secure and resists various kinds of malicious attacks. As a results, the proposed protocol is applicable in a real life application.

An enhanced and secure trust-extended authentication mechanism for vehicular ad-hoc networks

Vehicular Ad-hoc Networks VANETs are a move towards regulating safe traffic and intelligent transportation system. A VANETs is characterized by extremely dynamic topographical conditions owing to speedily moving vehicles. In VANETs, vehicles can transmit messages within a pre-defined area to achieve safety and efficiency of the system. Then ensuring authenticity of origin of messages to the receiver in such a dynamic environment is a crucial challenge. Another concern in VANET is preservation of privacy of user/vehicle. Recently, Chuang and Lee proposed a trust-extended authentication mechanism TEAM for vehicle-to-vehicle communications in VANETs. TEAM not only satisfies various security features but also enhances the performance of the authentication process using transitive trust relationship among vehicles. Nonetheless, our analysis shows that TEAM is vulnerable to insider attack, privacy breach, impersonation attacks and some other problems. In this paper, to eradicate the vulnerabilities found in Chuang-Lees scheme, an enhanced trust-extended authentication scheme for VANET is proposed. We display the efficiency of our scheme through security analysis and comparison. Through simulation results using widely accepted NS-2 simulator, we show that our scheme authenticates vehicles faster than Chuang-Lees scheme. Copyright

Remote user authentication scheme using smart card: a review

User authentication is the process of verifying the legitimacy of a user. Until now, several authentication schemes using smart card proposed in the literature and each proposed scheme has its own merits and demerits. A common attribute among most of the proposed schemes is that the user identity is static in all the transaction sessions, which may reveal some facts about that user and can create threat of identity theft during the communication. In this paper, we have defined all the security requirements and all the goals an ideal remote user authentication scheme should satisfy and achieve. We have presented the results of our survey about remote user authentication schemes for client-server model. All the schemes are vulnerable to various attacks and do not meet the goals. In the future, we look forward to an ideal remote user authentication scheme, which meets all the security requirements and achieves all the goals can be developed. We should confidence that the attacks and goals we offer here can also aid future researchers develop better schemes.

A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks

AbstractUser authentication scheme is an essential issue for offering roaming service to mobile users in global mobile network (GLOMONET). However, designing an anonymous user authentication scheme in GLOMONET is a challenging task since wireless communication networks are susceptible to a variety of attacks and mobile devices are of limited storage, processing and communication capabilities. Recently, Miyoung and Rhee examined the schemes proposed by Wei et al. and Wu et al., and came up with an improved authentication scheme offering user anonymity in GLOMONET. We point out that Miyoung and Rhee scheme is exposed to off-line password guessing and user impersonation attacks. Also, their scheme cannot offer user anonymity, password change or updating option and quick detection of wrong password. In order to overcome the flaws present in Miyoung and Rhee scheme, we propose a dynamic ID-based generic framework for anonymous authentication scheme for roaming service in GLOMONET, which is invincible to various prying attacks of intruders. Furthermore, the performance analysis proves that our scheme is versatile, simple and secure when compared to the existing authentication schemes.

A secure lightweight authentication scheme with user anonymity for roaming service in ubiquitous networks

Ubiquitous networks provide effective roaming services for mobile users MUs. Through the worldwide roaming technology, authorized MUs can avail ubiquitous network services. Important security issues to be considered in ubiquitous networks are authentication of roaming MUs and protection of privacy of MUs. However, because of the broadcast nature of wireless channel and resource limitations of terminals, providing efficient user authentication with privacy preservation is a challenging task. Very recently, Farash et al. proposed an authentication scheme with anonymity for consumer roaming in ubiquitous networks and claimed their scheme achieves all security requirements. In this paper, we show that the scheme of Farash et al. fails to achieve user anonymity and mutual authentication. Their scheme also fails to provide local password verification, and it has a faulty password change phase. Moreover, their scheme is vulnerable to replay, offline password guessing, and forgery attacks. To fix the security flaws of the scheme of Farash et al., we present an improved authentication scheme for accessing roaming service provided by ubiquitous networks. We then formally verify the security properties of our scheme by the widely-accepted push-button tool called Automated Validation of Internet Security Protocols and Applications. Security and performance analyses show that our scheme is more powerful, efficient, and secure when it is compared with existing schemes. Copyright