Mridul Kumar Gupta

C-COMPACTNESS MODULO AN IDEAL

We investigate the concepts of quasi-H-closed modulo an ideal which generalizes quasi-H-closedness and C-compactness modulo an ideal which simultaneously generalizes C-compactness and compactness modulo an ideal. We obtain a characterization of maximal C-compactness modulo an ideal. Preservation of C-compactness modulo an ideal by functions is also investigated.

More efficient key-hash based fingerprint remote authentication scheme using mobile device

Today, the world is taking large leaps of progress in technology. The technology is turning the vision of achieving transparency, speed, accuracy, authenticity, friendliness and security in various services and access control mechanisms, into reality. Consequently, new and newer ideas are coming forth by researchers throughout the world. Khan et al. (Chaos Solitons Fractals 35(3):519–524, 2008) proposed remote user authentication scheme with mobile device, using hash-function and fingerprint biometric. In 2012, Chen et al. pointed out forged login attack through loss of mobile device on Khan et al.’s scheme and subsequently proposed a scheme to improve on this drawback. Truong et al. (Proceedings of 26th IEEE International Conference on Advanced Information Networking and Applications, pp 678–685, 2012) demonstrated that in Chen et al.’s scheme, an adversary can successfully replay an intercepted login request. They also showed that how an adversary can make fool of both the participants of Chen et al.’s protocol by taking advantage of the fact that the user is not anonymous in scheme. Further, they proposed an improvement to Chen et al.’s scheme to cut off its problems. Through this paper, we show that Chen et al.’s scheme has some other drawbacks too and the improvement proposed by Truong et al. is still insecure and vulnerable. We also propose an improved scheme which overcomes the flaws and inherits the goodness of both the schemes, Chen et al.’s scheme and Truong et al.’s scheme.

Cryptanalysis and security enhancement of Chen et al.’s remote user authentication scheme using smart card

Recently (2011) Chen et al. found that Wang et al.’s scheme (2007) is vulnerable to impersonation attacks and parallel session attacks; and then proposed a security enhancement of Wang et al.’s scheme. Chen et al. claimed to inherit the merits and eradicate the flaws of the original scheme through their improved scheme. Unfortunately, we found that Chen et al.’s scheme inherits some flaws of the original scheme, like the known-key attack, smart card loss attack and its serious consequences. In addition, Chen et al.’s scheme is not easily reparable and is unable to provide forward secrecy. Thus Chen et al.’s scheme still has scope for security enhancement. Finally, we propose an improved scheme with better security strength. Moreover, we analyze the performance of our scheme and prove that ours is suitable for applications with high security requirements.

An improved timestamp-based password authentication scheme: comments, cryptanalysis, and improvement

In 2003, Shen et al. proposed a timestamp-based password authentication scheme by using smart card. Later, in 2005 and 2008, this scheme was found susceptible to forged login attacks by some researchers, and improved schemes were proposed. In 2011, Awasthi et al. pointed out an additional security threat on the scheme of Shen et al. and also suggested remedy by proposing an enhanced scheme. In this paper, we analyze the additional attack identified by Awasthi et al. on the scheme of Shen et al. show its flaws and rectify it. Further, we find that the scheme of Awasthi et al. still fails to withstand forged login attack, smart card loss attack, offline password guessing attack, and so on, and also inherits some weaknesses from the original scheme. Therefore, we propose an improved version of the scheme of Awasthi et al. Our improved scheme not only resists the attacks that we depict on the scheme of Awasthi et al. but is also free from the attacks pointed out so far on the scheme of Shen et al. Copyright

The iterative combinations of a new sequence of linear positive operators

In the present paper, we study a new sequence of linear positive operators. We obtain a Voronovskaja type asymptotic formula and an estimate on error in terms of higher-order modulus of continuity for the iterative combinations of the new sequence of linear positive operators. Here, we also note that the rates of convergence of these operators for bounded variation functions, for which one-sided limits f(@x+) and f(@x-) exist, are not analogous to the results of Gupta [1].

Cryptanalysis of truong et al.'s fingerprint biometric remote authentication scheme using mobile device

In 2010, Chen et al. focused at the vulnerability of smart card based authentication systems owing to leakage of secret information from smart card. They proposed a scheme with a view to boost the security of such authentication systems. However, in 2012, Truong et al. found Chen et al.s scheme weak at resisting replay attack and spoofing attacks; thereby they proposed an improved scheme to counterfeit these weaknesses. Undoubtedly, the improved scheme by Truong et al. is free from defects pointed out on Chen et al.s scheme, but here we show that problems like impersonation attacks, password guessing, etc are adhered with its design. We show that Truong et al.s scheme violates Chen et al.s aim to get rid of information-leak hazard from the smart card or mobile device based authentication schemes.

Cryptanalysis of “an improved timestamp-based remote user authentication scheme”

With the popularity of Internet technology, remote user authentication is receiving more and more attention than before. Recently, Awasthi et al. analysed weakness of the timestamp-based authentication scheme proposed by Shen et al. and proposed an improved scheme to prevent its forgery attacks. They claimed that their scheme is secure against forged login attack, provides forward secrecy, and has better performance than that of Shen et al.s scheme without increasing any additional computations. In this paper, we show that the improved scheme proposed by Awasthi et al. is vulnerable to attacks like smart card loss attack, man-in-the-middle attack, ID-theft attack, etc. Further, we explain how their improved scheme inherits weakness from the original scheme and falls prey to some other attacks also.

On the Efficiency and Fairness of Congestion Control Algorithms

In this paper we study various congestion control algorithms. Based on study and mathematical formulation, we present efficiency and fairness properties of congestion control algorithms. We also introduce a very important theorem namely if number of steps in equilibrium state is less, then efficiency is more.Index Terms- Congestion control, equilibrium state, efficiency, fairness.

Cryptanalysis of Enhancements of a Password Authentication Scheme over Insecure Networks

In 2005, Liao et al. pointed out some weaknesses in Das et al.’s dynamic ID-based scheme. They proposed a slight modification to Das et al.’s scheme to improve its weaknesses. In 2008, Gao-Tu, and in 2010, Sood et al., found vulnerabilities in Liao et al.’s scheme; and independently proposed its security enhanced versions. However, we identify that Gao-Tu’s scheme is insecure against user impersonation attack, server counterfeit attack, man in the middle attack, server’s resource exhaustion attack and does not provide session key agreement. We also demonstrate that Sood et al.’s scheme is still vulnerable to malicious user attack in different ways and user’s password is revealed to the server. Besides both the schemes have no provision for revocation of lost or stolen smart card. Our cryptanalysis results are important for security engineers, who are responsible for the design and development of smart card-based user authentication systems.

Further cryptanalysis of ‘A remote authentication scheme using mobile device’

In 2008, Khan et al. proposed a remote user authentication scheme on mobile device, using hash-function and fingerprint biometric. In 2010, Chen et al. discussed some security weaknesses of Khan et al.s scheme and subsequently proposed an improved scheme. Recently, Truong et al. have demonstrated that in Chen et al.s scheme, an adversary can successfully replay an intercepted login request. They also showed how an adversary can cheat both the legal participants, by taking advantage of the fact that the scheme does not provide anonymity to the user. In this paper, we show that Chen et al.s scheme suffers from some additional drawbacks which were not presented by Truong et al. in its analysis.