An enhanced authentication with key agreement scheme for satellite communication systems

To ensure secure communication in satellite communication systems, recently, Zhang et al presented an authentication with key agreement scheme and claimed that their scheme satisfies various security requirements. However, this paper demonstrates that Zhang et al's scheme is insecure against the stolen‐verifier attack and the denial of service attack. Furthermore, to authenticate a user, Zhang et al's scheme requires large computational load to exhaustively retrieve the user's identity and password from the account database according to a temporary identity and then update the temporary identity in the database. To overcome the weaknesses existing in Zhang et al's scheme, we proposed an enhanced authentication with key agreement scheme for satellite communication systems. The analyses of our proposed scheme show that the proposed scheme possesses perfect security properties and eliminates the weaknesses of Zhang et al's scheme well. Therefore, from the authors' viewpoints, the proposed scheme is more suitable for the authentication scheme of mobile satellite communication systems.     

An improved authentication scheme for mobile satellite communication systems

Recently, Lee et al. proposed a simple and efficient authentication scheme for mobile satellite communication systems. However, we find that their scheme is vulnerable to the smart card loss attack, the denial of service attack and the replay attack. To overcome the weaknesses of Lee et al.'s scheme, we proposed an authentication scheme for mobile satellite communication systems to improve security. The proposed scheme possesses the essential properties and security requirements, which should be considered for the authentication scheme of mobile satellite communication systems. Copyright © 2014 John Wiley & Sons, Ltd.     

A privacy‐preserving biometrics based authenticated key agreement scheme using ECC

To ensure secure communication over the insecure public network, this work presents a privacy‐preserving biometrics‐based authenticated key agreement scheme using elliptic curve cryptography, making full use of the advantages that the biometrics can be used to uniquely identify a particular human, and the elliptic curve cryptography can provide the same level security with far less key size compared with other public key cryptography. The proposed scheme realizes the mutual authentication of participants, session key agreement, and various security properties and also can resist kinds of known attacks. Moreover, the proposed scheme has perfect user experience in the aspect of changing password by not interacting with the server. In addition, the security features of our new designed scheme are formally proved under the widely used BPR adversary model. Therefore, from the viewpoint of the authors, the proposed scheme can be considered as the authenticated key agreement scheme for mobile users.     

A secure and efficient identity‐based mutual authentication scheme with smart card using elliptic curve cryptography

The e‐commerce has got great development in the past decades and brings great convenience to people. Users can obtain all kinds of services through e‐commerce platform with mobile device from anywhere and at anytime. To make it work well, e‐commerce platform must be secure and provide privacy preserving. To achieve this goal, Islam et al. proposed a dynamic identity‐based remote user mutual authentication scheme with smart card using Elliptic Curve Cryptography(ECC). Islam et al claimed that the security of their scheme was good enough to resist various attacks. However, we demonstrate that their scheme is vulnerable to insider attack and suffers from off‐line password guessing attack if smart card is compromised. To overcome the deficiencies, we present an improved scheme over Islam's scheme. The security proof and analysis shows that our scheme can also provide user anonymity and mutual authentication, and the security is enough to against relay attack, impersonation attack, and other common secure attackers. The performance analysis shows that the proposed scheme is more efficient than Islam et al's scheme.     

Security analysis of an authentication and key agreement protocol for satellite communications

Recently, Chang et al. proposed an authentication and key agreement protocol for satellite communications, and they claimed that their scheme could withstand various attacks. However, in this paper, we will show that their scheme is vulnerable to the denial of service attack and the impersonation attack. Moreover, we also point out that the adversary could compute the session key through the intercepted message. The analysis shows the scheme of Chang et al. is not secure for practical applications. Copyright © 2013 John Wiley & Sons, Ltd.     

A simple and efficient authentication scheme for mobile satellite communication systems

In this article, the authors shall propose a simple and efficient authentication scheme for mobile satellite communication systems. The proposed scheme can achieve the following security requirements: (S1) withstand impersonation attacks; (S2) withstand denial server attacks; (S3) withstand smart card loss attacks; (S4) withstand replay attacks; and (S5) withstand stolen‐verifier attacks, and achieve the following functionality requirements: (F1) freely choose identity; (F2) provide mutual authentication; (F3) provide session key agreement; (F4) provide user anonymity; and (F5) provide perfect forward secrecy. In additional, the proposed scheme does not use the high complex computation, such as public key cryptosystem or secret key cryptosystem, for the mobile users' side. The proposed scheme is only based on hash functions and exclusive‐OR operations. Compared with other schemes, the proposed scheme has a lower computation cost. It is more simple and efficient scheme. Copyright © 2011 John Wiley & Sons, Ltd.     

An authentication and key agreement protocol for satellite communications

In 2009 and 2011, Chen et al. and Lasc et al. proposed two separate authentication schemes for mobile satellite communication systems. Unfortunately, their schemes are unable to protect security in the event of smart card loss. In this paper, we propose a novel version that resists common malicious attacks and improves both the schemes of Chen et al. and Lasc et al. The security of our scheme is based on the discrete logarithm problem and one‐way hash function. A nonce mechanism is also applied to prevent replay attack. Furthermore, our scheme is more efficient than related schemes and thus more suitable for being implemented in satellite communication systems. Copyright © 2012 John Wiley & Sons, Ltd.     

A post quantum secure construction of an authentication protocol for satellite communication

Satellite's communication system is used to communicate under significant distance and circumstances where the other communication systems are not comfortable. Since all the data are exchanged over a public channel, so the security of the data is an essential component for the communicating parties. Both key exchange and authentication are two cryptographic tools to establish a secure communication between two parties. Currently, various kinds of authentication protocols are available to establish a secure network, but all of them depend on number–theoretical (discrete logarithm problem/factorization assumption) hard assumptions. Due to Shor's and Grover's computing algorithm number theoretic assumptions are breakable by quantum computers. Although Kumar and Garg have proposed a quantum attack-resistant protocol for satellite communication, it cannot resist stolen smart card attack. We have analyzed that how Kumar and Garg is vulnerable to the stolen smart card attack using differential power analysis attack described in He et al and Chen and Chen. We have also analyzed the modified version of signal leakage attack and sometimes called improved signal leakage attack on Kumar and Garg's protocol. We have tried to construct a secure and efficient authentication protocol for satellites communication that is secure against quantum computing. This is more efficient as it requires only three messages of exchange. This paper includes security proof and performance of the proposed authentication and key agreement protocol.     

A scalable and secure RFID mutual authentication protocol using ECC for Internet of Things

Very recently, Alamr et al (J. Supercomput 1‐14 doi: 10.1007/s11227‐016‐1861‐1) presented a radio frequency identifier (RFID) authentication protocol for the Internet of Things (IoT) through elliptic curve cryptography (ECC). They claimed the protocol to achieve several security properties and thwart all known attacks. However, this paper shows that their scheme is having correctness and scalability issues. The reader in their protocol can accommodate only one tag, which is not desirable in the IoT environments. The paper finally suggests an improvement to cater the correctness and scalability issues.     

An efficient authentication and key agreement scheme for secure smart grid communication services

The smart grid is a new and promising technology integrating new information and communication technologies to improve the distribution and consumption of electricity between energy suppliers and their end customers. However, this advanced solution is facing a serious security problem as regards the interception and falsification of power consumption data, hence generating falsified electricity consumption bills. This issue of security needs to be promptly and efficiently handled. Clearly, it is of paramount importance to have a security mechanism to avoid such losses. Our work focuses on this issue. It particularly concerns the development of a security mechanism to ensure a completely secure communication between energy suppliers and their consumers while preserving the privacy of end customers in terms of protection of their personal information including their identities. The experimental results underscore that our solution outperforms those of the literature in terms of computation cost and robustness against various types of attacks.     

A secure and enhanced elliptic curve cryptography‐based dynamic authentication scheme using smart card

In remote system security, 2‐factor authentication is one of the security approaches and provides fundamental protection to the system. Recently, numerous 2‐factor authentication schemes are proposed. In 2014, Troung et al proposed an enhanced dynamic authentication scheme using smart card mainly to provide anonymity, secure mutual authentication, and session key security. By the analysis of Troung et al's scheme, we observed that Troung et al' s scheme does not provide user anonymity, perfect forward secrecy, server's secret key security and does not allow the user to choose his/her password. We also identified that Troung et al's scheme is vulnerable to replay attack. To fix these security weaknesses, a robust authentication scheme is proposed and analyzed using the formal verification tool for measuring the robustness. From the observation of computational efficiency of the proposed scheme, we conclude that the scheme is more secure and easy to implement practically.     

A simple key agreement scheme based on chaotic maps for VSAT satellite communications

Security is an essential requirement in any data communication system because a cyber criminal might try to break into it at any point by any means possible. A key agreement procedure is a necessary technique to ensure the security of data communication by way of encryption and mutual authentication. This article proposes a simple key agreement scheme on the basis of chaotic maps for VSAT satellite communications. The new scheme keeps the advantages of all chaotic maps‐based public key cryptosystems, providing a secure function of session key agreement. Based on the intractability of chaotic map discrete logarithm problem and chaotic map Diffie–Hellman problem, the security of this new scheme has been proven to be robust enough against all the well‐known cryptographical attacks with perfect forward secrecy provided. In addition, compared with similar schemes that serve the same purposes, the proposed scheme demands a lower computation cost. With all the previous features put together, the proposed scheme is extremely suitable for the use in very small aperture terminal satellite communication environments. Copyright © 2013 John Wiley & Sons, Ltd.     

Secure anonymous authentication scheme without verification table for mobile satellite communication systems

An authentication scheme is one of the most basic and important security mechanisms for satellite communication systems because it prevents illegal access by an adversary. Lee et al. recently proposed an efficient authentication scheme for mobile satellite communication systems. However, we observed that this authentication scheme is vulnerable to a denial of service (DoS) attack and does not offer perfect forward secrecy. Therefore, we propose a novel secure authentication scheme without verification table for mobile satellite communication systems. The proposed scheme can simultaneously withstand DoS attacks and support user anonymity and user unlinkability. In addition, the proposed scheme is based on the elliptic curve cryptosystem, has low client‐side and server‐side computation costs, and achieves perfect forward secrecy. Copyright © 2013 John Wiley & Sons, Ltd.     

New entity authentication and access control scheme in satellite communication network

With the increasing global demand for satellite communications,the problem of entity authentication and access control of the satellite communication network needs to be solved urgently.To solve this problem,a new multiple center-based entity authentication and cross-domain access control scheme was proposed.The scheme divided the multiple centers into two layers for entity authentication,and maped the authorization of the multiple domains to achieve access control.Simulation experiments show that the proposed scheme support the entity authentication for 100 million users.Furthermore,it also allows 1 million users to access in parallel.     

Efficient dynamic authentication for mobile satellite communication systems without verification table

The mobile satellite system is an important wireless communication system widely used nowadays. The issue of protecting the transmission security in low‐earth‐orbit satellite networks thus becomes more and more critical. It is known that several authentication schemes for satellite communication systems have been proposed to deal with the issue. However, previous protocols either employ complicated public key computation or have to maintain a verification table. In this paper, the author will introduce a new dynamic authentication protocol for mobile satellite communication systems without using a verification table. The comparison results will also show that the proposed scheme has lower computational costs. Copyright © 2014 John Wiley & Sons, Ltd.     

An efficient two‐party authentication key exchange protocol for mobile environment

The primary goal of this research is to ensure secure communications by client‐server architectures in mobile environment. Although various two‐party authentication key exchange protocols are proposed and claimed to be resistant to a variety of attacks, studies have shown that various loopholes exist in these protocols. What's more, many two‐party authentication key exchange protocols use timestamp to prevent the replay attack and transmit the user's identity in plaintext form. Obviously, these methods will lead to the clock synchronization problem and user's anonymity problem. Fortunately, the three‐way challenged‐response handshake technique and masking user's original identity with a secret hash value used in our study address these problems well. Of course, the proposed protocol based on elliptic curve cryptography supports flawless mutual authentication of participants, agreement of session key, impersonation attack resistance, replay attack resistance, and prefect forward secrecy, as well. The analyses in the aspects of efficiency and security show that the proposed protocol is a better choice for mobile users.     

基于ECC和ID签名的WSN广播快速认证方案

广播认证是无线传感器网络(WSN)的一种基本安全服务,针对现有认证方案的计算量大、认证速度慢等问题,提出一种基于椭圆曲线加密(ECC)和身份(ID)签名的WSN广播快速认证方案.对现有EIBAS签名认证方案进行改进,通过节点间的合作,共享中间计算结果来减少邻居节点的计算量,以此提高认证速度,减少能量消耗.同时,提出一种安全机制,通过对多个邻居共享数据的对比来抵御恶意节点的攻击.实验结果表明,该方案相对于传统的椭圆曲线加密算法能够提高约42％的签名认证速度,降低约36％的能耗,大大延长网络生命周期.     

基于ECC的智能家居密钥管理机制的实现

目前智能家居系统的数据加密技术多采用对称加密方式,但是这种方式存在密钥管理的问题,为实现密钥的安全,智能家居系统采用非对称加密技术,在此基础上设计了基于椭圆曲线密码体制(ECC)的密钥管理机制来达到保障密钥安全的目的.本密钥管理机制包括基于ECC的数据加密密钥管理机制和基于ECC的数字签名密钥管理机制,它们可以使得无线网络节点在身份认证,密钥的产生、分发、存储、更新等环节中密钥的安全性得到保障,其中密钥的存储环节利用了芯片内部闪存的读保护机制,实现了硬件级别的安全存储.最后对本机制的安全性、耗时和可扩展性进行了分析,结果表明该机制具有较强的安全性和可扩展性,在耗时方面优于E-G密钥管理方案.     

Efficient authentication scheme for double-layer satellite network

To solve the issue of networking authentication among GEO and LEO satellites in double-layer satellite network,a secure and efficient authenticated key agreement scheme was proposed.Based on symmetric encryption,the proposed scheme can achieve trust establishment and secure communication between satellites without the trusted third party.Meanwhile,considering characteristics of highly unified clock and predictable satellite trajectory in satellite networks,a pre-calculation method was designed,which can effectively improve the authentication efficiency of satellite networking.Moreover,formal proof and security analysis demonstrate that the scheme can satisfy various security requirements during satellite networking.Performance analysis and simulation results show that the scheme has low computation and communication overhead,which can achieve the authentication of satellite networking in resource-limited scenarios.