Yeongjae Cho scite author profile

Yeongjae Cho

2Publications

24Citation Statements Received

133Citation Statements Given

How they've been cited

How they cite others

133

Affiliations

Kyungpook National University

Publications

Order By: Most citations

A Secure Three-Factor Authentication Protocol for E-Governance System Based on Multiserver Environments

Cho

Kwon

et al. 2022

IEEE Access

View full text Add to dashboard Cite

In electronic governance (e-governance) system, citizens can access government services such as transportation, licensing and immigration remotely over the Internet. With the development of information and communication technology, usage of the e-governance system has been increased. To efficiently provide citizens with various e-governance services, multi-server environments can be applied to the e-governance system. However, messages can be inserted, deleted, and modified by a malicious adversary since these are transmitted through a public channel. Therefore, many researchers have suggested mutual authentication protocols for secure communication in multi-server environments. In 2020, Sudhakar et al. proposed a smart card based lightweight authentication protocol for multi-server environments. We analyze Sudhakar et al.'s protocol to propose a secure mutual authentication protocol in the egovernance system based on multi-server environments. However, we disclosure that their protocol is not resistant to smart card stolen, insider, man-in-the-middle, user impersonation, and session key disclosure attacks. Moreover, Sudhakar et al.'s protocol does not provide mutual authentication. To improve these security problems, we suggest a secure three-factor mutual authentication protocol for the e-governance system based on multi-server environments. We prove our protocol's security using informal security analysis, Burrows-Abadi-Needham (BAN) logic, and Real-or-Random (ROR) model. We also simulate our protocol utilizing Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. We estimate the proposed protocol's security functionalities, computation costs, and communication overheads compared with existing related protocols. Consequently, we demonstrate that our protocol is secure and suitable for the e-governance system.

show abstract

A Secure and Anonymous User Authentication Scheme for IoT-Enabled Smart Home Environments Using PUF

Cho

Kwon

et al. 2022

IEEE Access

View full text Add to dashboard Cite

With the continuous development of Internet of Things (IoT) technology, research on smart home environments is being conducted by many researchers. In smart home environments, home users can remotely access and control a variety of home devices such as smart curtains, lights, and speakers placed throughout the house. Despite providing convenient services, including home monitoring, temperature management, and daily work assistance, smart homes can be vulnerable to malicious attacks because all messages are transmitted over insecure channels. Moreover, home devices can be a target for device capture attacks since they are placed in physically accessible locations. Therefore, a secure authentication and key agreement scheme is required to prevent such security problems. In 2021, Zou et al. proposed a two-factor-based authentication and key agreement scheme using elliptic curve cryptography (ECC) in smart home environments. They claimed that their scheme provides user anonymity and forward secrecy. However, we prove that their scheme suffers from forgery, ephemeral secret leakage, and session key disclosure attacks. To overcome the security vulnerabilities of Zou et al.'s scheme and provide home users with secure communication in smart home environments, we propose a secure user authentication scheme using physical unclonable functions (PUF). We utilize Real-or-Random (ROR) model and Burrows-Abadi-Needham (BAN) logic to verify the session key security and mutual authentication of the proposed scheme, respectively. Furthermore, we use the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool to simulate the resistance of our scheme to security attacks. After that, we analyze and compare the communication costs, computational consumption, and security functionalities along with related schemes.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Yeongjae Cho

A Secure Three-Factor Authentication Protocol for E-Governance System Based on Multiserver Environments

A Secure and Anonymous User Authentication Scheme for IoT-Enabled Smart Home Environments Using PUF

Contact Info

Product

Resources

About