Xiaomin Wang

Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards

In 2002, Chien et al. proposed an efficient remote authentication scheme using smart cards, in which only few hashing operations are required. Later, Ku et al. gave an improved scheme to repair the security pitfalls found in Chien et al.s scheme. Also Yoon et al. presented an enhancement on Ku et al.s scheme. In this paper, we show that both Ku et al.s scheme and Yoon et al.s scheme are still vulnerable to the guessing attack, forgery attack and denial of service (DoS) attack. In addition, their schemes lack efficiency when users input wrong passwords. To remedy these flaws, this paper proposes an efficient improvement over Ku et al.s and Yoon et al.s schemes with more security. The computation cost, security, and efficiency of the improved scheme are embarking for the real application in the resource-limited environment.

Secure chaotic system with application to chaotic ciphers

Chaotic cryptography has been widely investigated in the past few years. However, the undesirable dynamical properties of the underlying chaotic systems degrade the security of chaotic ciphers and thereby discourage their applications. To address this issue, this paper first presents discrimination criteria for secure chaotic systems (SCSs) whose dynamical properties make them useful for the construction of secure ciphers and then discusses a class of chaotic systems, digital dynamical filters (DDFs), that meet the SCS criteria. Then, a DDF-based pseudorandom bit generator (DDF-PRBG) for constructing stream ciphers is proposed. Theoretical analysis and simulation results demonstrate that both the DDF and the DDF-PRBG, which satisfy the SCS criteria, have desirable cryptographic properties. Consequently, the SCS criteria and the DDF reference model can be used to overcome the problems caused by the dynamical properties of the underlying chaotic systems and increase the security of chaotic ciphers.

Cryptanalysis and improvement on a parallel keyed hash function based on chaotic neural network

This paper analyzes the security of a chaotic parallel keyed hash function in detail, and points out that it is susceptible to two kinds of forgery attacks and weak key attack (which results in MAC collision). To remedy such security flaws, an improved scheme is further proposed, and its security and performance are also discussed. The theoretical analysis shows that the improved scheme is more secure than the original one. In the meanwhile, it can also keep the parallel merit and other performance advantages of the original scheme.

Geographic Wormhole Detection in Wireless Sensor Networks

Wireless sensor networks (WSNs) are ubiquitous and pervasive, and therefore; highly susceptible to a number of security attacks. Denial of Service (DoS) attack is considered the most dominant and a major threat to WSNs. Moreover, the wormhole attack represents one of the potential forms of the Denial of Service (DoS) attack. Besides, crafting the wormhole attack is comparatively simple; though, its detection is nontrivial. On the contrary, the extant wormhole defense methods need both specialized hardware and strong assumptions to defend against static and dynamic wormhole attack. The ensuing paper introduces a novel scheme to detect wormhole attacks in a geographic routing protocol (DWGRP). The main contribution of this paper is to detect malicious nodes and select the best and the most reliable neighbors based on pairwise key pre-distribution technique and the beacon packet. Moreover, this novel technique is not subject to any specific assumption, requirement, or specialized hardware, such as a precise synchronized clock. The proposed detection method is validated by comparisons with several related techniques in the literature, such as Received Signal Strength (RSS), Authentication of Nodes Scheme (ANS), Wormhole Detection uses Hound Packet (WHOP), and Wormhole Detection with Neighborhood Information (WDI) using the NS-2 simulator. The analysis of the simulations shows promising results with low False Detection Rate (FDR) in the geographic routing protocols.

A Lightweight Authenticated Encryption Scheme Based on Chaotic SCML for Railway Cloud Service

In recent years, intelligent railway operation and maintenance using cloud technology have received wide consideration for the provision of public transport services. Under the cloud environment, information security is critical to ensure the integrity of data through protection from unauthorized manipulation and the confidentiality through protection against the leakage of sensitive information. This paper proposes a lightweight authenticated encryption scheme with associated data based on a novel discrete chaotic S-box coupled map lattice (SCML), which avoids the dynamic degradation of the digital chaotic system and low efficiency of the chaos-based cryptosystem. Based on the chaotic SCML, an authenticated encryption scheme that protects the confidentiality and integrity in one pass is presented in detail. The security analysis and performance simulations in software and hardware show that the proposed scheme is efficient and provides adequate security through authentication and encryption. Such a scheme could be used for applications in a railway cloud service that requires moderate security and low-cost implementations.

An Efficient and Secure Biometric Remote User Authentication Scheme Using Smart Cards

Remote user authentication schemes are widely investigated recently. This paper points out some existent problems in smartcard based schemes. As a comprehensive solution, a novel authentication scheme using two-variant hashing technique and fingerprint-biometric is presented. Security analysis shows that the proposed scheme provides secure, robust, and trustworthy remote authentication over insecure network. Moreover, computational costs and efficiency of this scheme are encouraging for practical implementation in the resource-constraint environment.

Chaotic keystream generator using coupled NDFs with parameter perturbing

Chaotic cryptology has been widely investigated recently. This paper analyzes the security pitfalls existing in digital chaotic stream ciphers, which work on the well characterized one-dimensional(1-D) chaotic systems. As a practical solution to these problems caused by 1-D chaotic systems, a chaotic keystream generator using nonlinear digital filters with n-D uniform distribution is proposed. To improve system security further and overcome the effects of finite wordlength, the coupling method with parameter perturbing is considered. Detailed theoretical analyses show that it has perfect cryptographic properties, and can be used to construct stream ciphers with higher security than other 1-D chaotic ciphers. Finally, some numeric experiments are made and the experimental results coincide well with the theoretical analyses.

Chaotic Pseudorandom Bit Generator Using n-dimensional Nonlinear Digital Filter

A chaotic pseudorandom bit generator (PRBG) using n-dimensional NDF is proposed. To overcome the effects of finite wordlength to NDF and to hide its dynamic behavior, a coupling method followed by a quantization function is adopted. Detailed theoretical analyses show that the proposed PRBG has perfect cryptographic properties, and can be used to construct stream ciphers with higher security than other chaotic ciphers. Moreover, it is much faster than other chaotic pseudo random number generators due to the inherent parallel structure of NDF. Finally, some experiments are made for confirmation.

A virtual bridge certificate authority-based cross-domain authentication mechanism for distributed collaborative manufacturing systems

The virtual enterprise VE is a new collaborative intelligent manufacturing paradigm that pools the core competencies of its member enterprises through computer networks to exploit transient market opportunities. The successful operation of such an organization is strongly dependent on its information securities, in which cross-domain authentication among entities of different member enterprises is a crucial issue. This problem is particularly difficult in VEs because of their collaborative nature in terms of agility, market dynamics, low cost, and diversity of collaboration modes. In this paper, we put forward a novel virtual bridge certificate authority BCA trust model, based on which an efficient cross-domain authentication scheme is further presented. The proposed scheme is implemented by the distributed verifiable secret sharing protocol and the threshold elliptic curve cryptosystem signature algorithm. It has the same advantages of simple construction and short length of inter-enterprise certification paths as the BCA model but does not need to create and maintain a dedicated physical BCA. In addition, the proposed scheme has the merits of high bit security, high efficiency, low cost, conspiracy attack resistance, and adaptability to diverse collaboration modes of VE. Therefore, the scheme is suitable for cross-domain authentications in VEs, especially for resource-limited applications. Copyright

Narrowband Interference Cancellation in Chaos Communication Based on Dual Estimation

The performance and capacity of chaos communication systems are degraded in the presence of narrowband interference. The minimum phase space volume (MPSV) method is a well known method to suppress narrowband interference in chaos communication, however, its computing burden is heavy in estimating model parameters due to random search, and the AR model stable assumption does not usually satisfied. In order to alleviate this disadvantage, a dual estimation Narrowband Interference Cancellation (NBIC) algorithm based on squared root unscented Kalman filter (SRUKF) is proposed to estimate the interference state and model parameter simultaneously given noisy observation signal. The complete performance analysis of the various NBIC algorithms was carried out in the differential chaos shift keying (DCSK) systems. Simulation results show that the proposed dual estimation NBIC algorithm yields effective interference suppression capability, especially in single tone jammer. Further, SRUKF-based dual estimation always outperformed the Kalman-based methods.