An Efficient Key-Management Scheme for Hierarchical Access Control in E-Medicine System

Communications in Computer and Information Science

Goswami

2012

Abstract. Several key management schemes for dynamic access control in a user hierarchy are proposed in the literature based on elliptic curve cryptosystem (ECC) and polynomial interpolation. Since the elliptic curve scalar multiplication and construction of interpolating polynomials are time-consuming operations, most of the proposed schemes require high storage and computational complexity. Further, most of the proposed schemes are vulnerable to different attacks including the manin-the-middle attacks. In this paper, we propose a novel key management scheme for hierarchical access control based on linear polynomials only. We show that our scheme is secure against different attacks including the man-in-the-middle attack, which are required for an idle access control scheme. Moreover, the computational cost and the storage space are significantly reduced in our scheme while compared to the recently proposed related schemes.

Section: Performance Comparison With Other Schemesmentioning

confidence: 79%

Section: Performance Comparison With Other Schemesmentioning

confidence: 93%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A Novel Key Management Mechanism for Dynamic Hierarchical Access Control Based on Linear Polynomials

Odelu

Communications in Computer and Information Science

Goswami

2012

“…In order to remedy such security flaw, Lin and Hsu (2011) proposed a key management scheme for dynamic hierarchical access control, which is again based on polynomial interpolation and ECC. Wu and Chen (2012) proposed a key management scheme to solve dynamic access control problems in a user hierarchy based on hybrid cryptosystem in e-medicine system. Though their scheme improves computational efficiency over Nikooghadam et al's (2010) scheme, it still suffers from large storage space for public parameters in public domain and computational inefficiency due to costly elliptic curve point multiplication operations.…”

Section: Figurementioning

confidence: 99%

“…For this purpose, we first define the following formal definitions of Indistinguishability of encryption and chosen plaintext attack (IND-CPA). (Wu and Chen, 2012)]: Let SE / ME be the single/multiple eavesdropper respectively, and…”

Section: Formal Security Analysis Of the Proposed Schemementioning

confidence: 99%

A novel linear polynomial-based dynamic key management scheme for hierarchical access control

Odelu

Goswami

2013

IJTMCC

Several key management schemes for dynamic access control in a user hierarchy are proposed in the literature. Most schemes are based on elliptic curve cryptography (ECC) and polynomial interpolation. Due to time-consuming operations involved in the elliptic curve scalar multiplication and construction of interpolating polynomials, most existing schemes require high storage and computational complexity. Moreover, most of the proposed schemes are vulnerable to different attacks including the man-in-the-middle attacks. In this paper, we devise a novel key management scheme for hierarchical access control based on linear polynomials only. We show that our scheme is secure against all possible different attacks including the man-in-the-middle attack, which are required for designing an access control scheme, through both the informal and formal security analysis. The computational cost and the storage space are significantly reduced in our scheme while compared to the recently proposed related schemes. Thus, our scheme is much suitable for practical applications.

A secure and effective biometric‐based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor

2015

Int J Communication

134

107

SUMMARYUser authentication is a prominent security requirement in wireless sensor networks (WSNs) for accessing the real-time data from the sensors directly by a legitimate user (external party). Several user authentication schemes are proposed in the literature. However, most of them are either vulnerable to different known attacks or they are inefficient. Recently, Althobaiti et al. presented a biometric-based user authentication scheme for WSNs. Although their scheme is efficient in computation, in this paper, we first show that their scheme has several security pitfalls such as (i) it is not resilient against node capture attack; (ii) it is insecure against impersonation attack; and (iii) it is insecure against man-in-the-middle attack. We then aim to propose a novel biometric-based user authentication scheme suitable for WSNs in order to withstand the security pitfalls found in Althobaiti et al. scheme. We show through the rigorous security analysis that our scheme is secure and satisfies the desirable security requirements. Furthermore, the simulation results for the formal security verification using the most widely used and accepted Automated Validation of Internet Security Protocols and Applications tool indicate that our scheme is secure. Our scheme is also efficient compared with existing related schemes.