Improvement of the More Efficient and Secure ID-Based Remote Mutual Authentication with Key Agreement Scheme for Mobile Devices on ECC

Truong, Toan-Thinh; Tran, Minh–Triet; Duong, Anh-Duc

doi:10.1109/waina.2012.125

Cited by 31 publications

(13 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Secure functions of the proposed system can be classified into three modules: authentication/access control [31,32], encryption/key management, and SFS. The role and method of functions are as follows.…”

Section: Secure Functions In Secure Platformmentioning

confidence: 99%

A Secure Storage System for Sensitive Data Protection Based on Mobile Virtualization

Park

Kim

2015

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

Recently, the development of smart phones has been reported the number of security vulnerabilities. Although these smart phones have a concept of Sandbox for the security, sensitive personal information has been still exposed by internal data exchange or root privilege acquisition. In this paper, we propose a system framework for secure storage of sensitive data in smartphone. The system is divided into general domain (GD) and secure domain (SD) in mobile device utilizing domain separation technique of virtualization, and SD provides a secure execution environment to protect sensitive data and secure services. In addition, our system introduces the secure functions such as authentication/access control, and encryption/key management and secures filesystem to be run in SD and addresses a detailed secure filesystem as a key function for secure storage. Lastly, the experiments are conducted to measure the performance overhead imposed by security features in SD and by overall system with interdomain communication from GD to SD. These experiment results show suitability of our system and suggest applicability of various secure functions which can be applied in our secure storage system.

show abstract

Section: Secure Functions In Secure Platformmentioning

confidence: 99%

A Secure Storage System for Sensitive Data Protection Based on Mobile Virtualization

Park

Kim

2015

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

show abstract

“…Secondly, the session key is generated by the random numbers, which are randomly selected by the user and the device, respectively. At last, before computing a session key, both of them must authenticate each other [28]. Based on the reasons mentioned above, the attacker cannot perform the session key attack.…”

Section: Session Key Attackmentioning

confidence: 99%

Provable Secure and Efficient Digital Rights Management Authentication Scheme Using Smart Card Based on Elliptic Curve Cryptography

Zhang

Khan

Chen

et al. 2015

Mathematical Problems in Engineering

View full text Add to dashboard Cite

Since the concept of ubiquitous computing is firstly proposed by Mark Weiser, its connotation has been extending and expanding by many scholars. In pervasive computing application environment, many kinds of small devices containing smart cart are used to communicate with others. In 2013, Yang et al. proposed an enhanced authentication scheme using smart card for digital rights management. They demonstrated that their scheme is secure enough. However, Mishra et al. pointed out that Yang et al.’s scheme suffers from the password guessing attack and the denial of service attack. Moreover, they also demonstrated that Yang et al.’s scheme is not efficient enough when the user inputs an incorrect password. In this paper, we analyze Yang et al.’s scheme again, and find that their scheme is vulnerable to the session key attack. And, there are some mistakes in their scheme. To surmount the weakness of Yang et al.’s scheme, we propose a more efficient and provable secure digital rights management authentication scheme using smart card based on elliptic curve cryptography.

show abstract

“…Islam and Biswas further found that Yang and Chang's scheme does not define how to revoke the authentication key with same identity. Later, Truong et al [17] pointed out that Islam and Biswas's [16] scheme still cannot resist known session-specific temporary information attack. In this paper, we present a two-factor user authentication with key agreement scheme using elliptic curve cryptosystem based on Yang and Islam's scheme.…”

Section: Journal Of Electrical and Computer Engineeringmentioning

confidence: 99%

Two-Factor User Authentication with Key Agreement Scheme Based on Elliptic Curve Cryptosystem

Tan

2014

Journal of Electrical and Computer Engineering

View full text Add to dashboard Cite

A password authentication scheme using smart card is called two-factor authentication scheme. Two-factor authentication scheme is the most accepted and commonly used mechanism that provides the authorized users a secure and efficient method for accessing resources over insecure communication channel. Up to now, various two-factor user authentication schemes have been proposed. However, most of them are vulnerable to smart card loss attack, offline password guessing attack, impersonation attack, and so on. In this paper, we design a password remote user authentication with key agreement scheme using elliptic curve cryptosystem. Security analysis shows that the proposed scheme has high level of security. Moreover, the proposed scheme is more practical and secure in contrast to some related schemes.

show abstract

Improvement of the More Efficient and Secure ID-Based Remote Mutual Authentication with Key Agreement Scheme for Mobile Devices on ECC

Cited by 31 publications

References 12 publications

A Secure Storage System for Sensitive Data Protection Based on Mobile Virtualization

A Secure Storage System for Sensitive Data Protection Based on Mobile Virtualization

Provable Secure and Efficient Digital Rights Management Authentication Scheme Using Smart Card Based on Elliptic Curve Cryptography

Two-Factor User Authentication with Key Agreement Scheme Based on Elliptic Curve Cryptosystem

Contact Info

Product

Resources

About