Authentication scheme based on smart card in multi-server environment

Zhou, Simin; Gan, Qingqing; Wang, Xiaoming

doi:10.1007/s11276-018-1828-7

Cited by 12 publications

(5 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Zhou et al, [27], discussed a bio-metric-based authentication scheme. Due to the use of bilinear pairing and modular exponentiation operations, it suffers from excessive computation and communication overhead.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A group key-based lightweight Mutual Authentication and Key Agreement (MAKA) protocol for multi-server environment

Roy

Bhattacharya

2021

J Supercomput

View full text Add to dashboard Cite

Use of Internet-of-Things (IoT)-based wireless applications has been exponentially increased nowadays and likely to accelerate in near future. Thus, a large volume of traffic needs to be managed at the application server. In such scenario, the traditional single-server architecture shows serious performance bottleneck and needs to be replaced by multiple servers. In addition, several security and design vulnerabilities may arise while accessing application data through various resource-constraint mobile devices. Thus, ensuring entity authentication, application data confidentiality and energy-efficient computations are essential. In this article, we introduce a group key-based lightweight Mutual Authentication and Key Agreement (MAKA) protocol for multi-server environment. The proposed protocol is designed using lowcost cryptographic primitives (such as hash function and symmetric key encryption/ decryption) to address energy-efficiency requirements of the resource-constraint mobile devices. It reduces computational burden of the registration center by distributing the traffic load into a group of servers. Additionally, registration center needs not to maintain one-to-one communication with its users whenever a new server is added to the system. The protocol achieves various security and design properties which are verified both formally and informally. Finally, we compare our protocol with others to show its applicability in real-life implementations.

show abstract

Section: Related Workmentioning

confidence: 99%

“…session will be terminated if any verification remains unsuccessful. In addition, the integrity checks of the transmitted numbers n 1 and n 2 are also performed during verification of V 1 and V 2 , respectively (in contrast to [27]). On successful authentication, U i and S j individually compute sk = h(R u ‖n 1 ��n 2 ) .…”

Section: Informal Verificationmentioning

confidence: 99%

A group key-based lightweight Mutual Authentication and Key Agreement (MAKA) protocol for multi-server environment

Roy

Bhattacharya

2021

J Supercomput

View full text Add to dashboard Cite

show abstract

“…In addition, some of the existing schemes have drawbacks in terms of performance. Sharma and Kalra [28] proposed a remote user authentication scheme in the cloud environment, but the scheme fails to realize clock synchronization and time error detection [29].Wang et al [30] analyzed the two-factor authentication schemes of [31], [32] for multi-server environment, and proved that these schemes have some security defects, which would make them invalid in practical applications without further improvement. It can be seen that the aforementioned schemes all have security vulnerabilities.…”

Section: Intra-domain Identity Authenticationmentioning

confidence: 99%

LCDMA: Lightweight Cross-Domain Mutual Identity Authentication Scheme for Internet of Things

Gong

Zheng

Waqas

et al. 2023

IEEE Internet Things J.

View full text Add to dashboard Cite

With the widespread popularity of mobile terminals in the Internet of things (IoT), the demand for cross-domain access of mobile terminals between different regions has also increased significantly. The nature of wireless communication media makes mobile terminals vulnerable to security threats in cross-domain access. Identity authentication is a prerequisite for secure data transmission in cross-domain, and it is also the first step to guarantee the credibility of data sources. Most existing authentication schemes are based on bilinear pairing or public key encryption and decryption with high computation overhead, which are not suitable for the resource-limited mobile IoT terminals. Moreover, these schemes have some security drawbacks and cannot meet the security requirements of cross-domain access. In this paper, we propose a lightweight cross-domain mutual identity authentication (LCDMA) for mobile IoT environment. LCDMA uses symmetric polynomial instead of high-complexity bilinear pairing in the traditional schemes. We theoretically analyze the security performance under the random oracle model. Our results show that LCDMA not only resists common attacks, but also preserves secure traceability while guaranteeing anonymity. Performance evaluation further demonstrates that our scheme has better performance in terms of computation and communication overhead, compared with other existing representative schemes.

show abstract

“…Edge nodes could also serve as trusted gateways, adding new IIoT devices, removing existing ones, and being responsible for re-keying. Some existing works have detailed devices with the required authentication ability through various types of servers, including NFC tags [228][229][230], smart cards [231][232][233], RFID tags [234][235][236][237][238], and biometric traits [239][240][241]. Edge nodes could become a substitute for such a server, and may be attached to sensors, acting as proxies for sensor measurements.…”

Section: Authentication and Access Controlmentioning

confidence: 99%

A Survey on Industrial Internet of Things Security: Requirements, Attacks, AI-Based Solutions, and Edge Computing Opportunities

Alotaibi

2023

Sensors

View full text Add to dashboard Cite

The Industrial Internet of Things (IIoT) paradigm is a key research area derived from the Internet of Things (IoT). The emergence of IIoT has enabled a revolution in manufacturing and production, through the employment of various embedded sensing devices connected by an IoT network, along with a collection of enabling technologies, such as artificial intelligence (AI) and edge/fog computing. One of the unrivaled characteristics of IIoT is the inter-connectivity provided to industries; however, this characteristic might open the door for cyber-criminals to launch various attacks. In fact, one of the major challenges hindering the prevalent adoption of the IIoT paradigm is IoT security. Inevitably, there has been an inevitable increase in research proposals over the last decade to overcome these security concerns. To obtain an overview of this research area, conducting a literature survey of the published research is necessary, eliciting the various security requirements and their considerations. This paper provides a literature survey of IIoT security, focused on the period from 2017 to 2023. We identify IIoT security threats and classify them into three categories, based on the IIoT layer they exploit to launch these attacks. Additionally, we characterize the security requirements that these attacks violate. Finally, we highlight how emerging technologies, such as AI and edge/fog computing, can be adopted to address security concerns and enhance IIoT security.

show abstract

Authentication scheme based on smart card in multi-server environment

Cited by 12 publications

References 21 publications

A group key-based lightweight Mutual Authentication and Key Agreement (MAKA) protocol for multi-server environment

A group key-based lightweight Mutual Authentication and Key Agreement (MAKA) protocol for multi-server environment

LCDMA: Lightweight Cross-Domain Mutual Identity Authentication Scheme for Internet of Things

A Survey on Industrial Internet of Things Security: Requirements, Attacks, AI-Based Solutions, and Edge Computing Opportunities

Contact Info

Product

Resources

About