Leakage-Resilient Certificate-Based Authenticated Key Exchange Protocol

Tsai, Tung-Tso; Huang, Sen–Shan; Tseng, Yuh‐Min; Chuang, Yun-Hsin; Hung, Ying-Hao

doi:10.1109/ojcs.2022.3198073

Cited by 9 publications

(4 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Traditional authentication methods often need one of the wellknown authentication elements, such as a secret the user knows or a token the user possesses, to verify the identity of a user. Two-factor authentication and multi-factor authentication are two examples of current authentication methods that use multiple authentication factors to verify the identity of a person or device [8]. To make it extremely difficult, if not impossible, for an unauthorized party to obtain access to a protected resource, security experts have developed two-or multi-factor authentication systems [9].…”

Section: Introductionmentioning

confidence: 99%

Enhancing Security in IoT Networks: Advancements in Key Exchange, User Authentication, and Data Integrity Mechanisms

Reddy,

Rao

2024

IJACSA

View full text Add to dashboard Cite

Future Internet (FI) will be shaped by the Internet of Things (IoT), however because of their limited resources and varied communication capabilities, IoT devices present substantial challenges when it comes to securing connectivity. The adoption of robust security measures is hindered by limited compute power, memory, and energy resources, hence diminishing the promise for improved IoT capabilities. Confidentiality, integrity, and authenticity are ensured via authentication mechanisms are influenced by privacy needs, which are driven by sorts of customers that IoT networks service. Authentication is crucial in vital industries like linked cars and smart cities where hackers might use holes to access sensor data. Verification of the Gate Way Node (GWN), which is responsible for mutual authentication, user and sensor registration, and session key creation, is essential. The efficiency of key creation has been enhanced to tackle temporal intricacies linked to different key lengths. With notable advantages, the novel method shortens the time required to generate cryptographic keys: only 60 milliseconds for 100-bit keys and 120 milliseconds for 256-bit keys. This improvement fortifies resistance against new cyber threats by strengthening security basis of IoT networks and enhancing responsiveness and dependability. Through open transmission channels, users send login requests, and after successfully authenticating, they create session keys to establish secure connections with cloud servers. Python simulation resultsshow how resilient the system is to security threats while preserving affordable interaction, processing, and storage. This development not only strengthens IoT networks but also guarantees their sustainability in the face of changing security threats.

show abstract

Section: Introductionmentioning

confidence: 99%

Enhancing Security in IoT Networks: Advancements in Key Exchange, User Authentication, and Data Integrity Mechanisms

Reddy,

Rao

2024

IJACSA

View full text Add to dashboard Cite

show abstract

“…The spread of information across a network requires security [ 7 , 8 , 9 , 10 ]. The standard for a QR code is public, and its security on the Internet is dependent on methods such as authenticated key exchange [ 11 , 12 , 13 , 14 ], watermarking technology [ 15 , 16 , 17 , 18 ], or information hiding [ 19 , 20 , 21 ].…”

Section: Introductionmentioning

confidence: 99%

A Lossless-Recovery Secret Distribution Scheme Based on QR Codes

Pan

Liu

Yan

et al. 2023

Entropy

View full text Add to dashboard Cite

The visual cryptography scheme (VCS) distributes a secret to several images that can enhance the secure transmission of that secret. Quick response (QR) codes are widespread. VCS can be used to improve their secure transmission. Some schemes recover QR codes with many errors. This paper uses a distribution mechanism to achieve the error-free recovery of QR codes. An error-correction codeword (ECC) is used to divide the QR code into different areas. Every area is a key, and they are distributed to n shares. The loss of any share will make the reconstructed QR code impossible to decode normally. Stacking all shares can recover the secret QR code losslessly. Based on some experiments, the proposed scheme is relatively safe. The proposed scheme can restore a secret QR code without errors, and it is effective and feasible.

show abstract

“…The practicality of the bounded leakage model is limited because it restricts the total number of bits from a private key that can be disclosed to attackers during the system lifecycle to a fixed amount [27], [28]. The continual leakage model allows attackers to gradually acquire portions (partial bits) of private keys used in each computation, allowing the leakage unbounded [29], [30], [31], [32], [33]. Although some LR-CLSC schemes [34], [35] have been proposed, the schemes can only guarantee the security under a bounded leakage model.…”

Section: Introductionmentioning

confidence: 99%

Leakage-Resilient Certificateless Signcryption Scheme Under a Continual Leakage Model

2023

Self Cite

View full text Add to dashboard Cite

Signature can be used to verify the integrity of both a message and the identity of a signer, whereas encryption can be used to ensure the confidentiality of a message. In the past, cryptography researchers have studied and proposed numerous certificateless signcryption (CLSC) schemes to combine the benefits of both signature and encryption. However, these schemes may not be robust enough to withstand side-channel attacks. Through such attacks, an attacker can constantly retrieve a portion of a private key of the system, and could eventually recover the entire private key. Leakage-resilient certificateless signcryption (LR-CLSC) can ensure its security when the attacker launches such attacks. As far as we know, the existing LR-CLSC schemes can only guarantee the security under a bounded leakage model, where the portion of the private key that an attacker can obtain through side-channel attacks is limited. In this paper, we propose the first LR-CLSC scheme under a continual leakage model. Also, we demonstrate the proposed scheme is secure for the existential unforgeability and the ciphertexts indistinguishability against attackers with sidechannel attacking abilities.

show abstract

Leakage-Resilient Certificate-Based Authenticated Key Exchange Protocol

Cited by 9 publications

References 39 publications

Enhancing Security in IoT Networks: Advancements in Key Exchange, User Authentication, and Data Integrity Mechanisms

Enhancing Security in IoT Networks: Advancements in Key Exchange, User Authentication, and Data Integrity Mechanisms

A Lossless-Recovery Secret Distribution Scheme Based on QR Codes

Leakage-Resilient Certificateless Signcryption Scheme Under a Continual Leakage Model

Contact Info

Product

Resources

About