WorldWideScience

Sample records for attack resistant authenticated

  1. Key Recovery Attacks on Recent Authenticated Ciphers

    DEFF Research Database (Denmark)

    Bogdanov, Andrey; Dobraunig, Christoph; Eichlseder, Maria

    2014-01-01

    In this paper, we cryptanalyze three authenticated ciphers: AVALANCHE, Calico, and RBS. While the former two are contestants in the ongoing international CAESAR competition for authenticated encryption schemes, the latter has recently been proposed for lightweight applications such as RFID systems...... and wireless networks. All these schemes use well-established and secure components such as the AES, Grain-like NFSRs, ChaCha and SipHash as their building blocks. However, we discover key recovery attacks for all three designs, featuring square-root complexities. Using a key collision technique, we can...

  2. Proposal and Its Evaluation of a Shoulder-Surfing Attack Resistant Authentication Method:Secret Tap with Double Shift

    OpenAIRE

    Yoshihiro Kita; Fumio Sugai; MiRang Park; Naonobu Okazaki

    2015-01-01

    Recently, mobile terminals such as smartphones have come into widespread use. Most of such mobile terminals store several types of important data, such as personal information. Therefore, it is necessary to lock and unlock terminals using a personal authentication method such as personal identification numbers (PINs) in order to prevent data theft. However, most existing authentication methods have a common problem referred to here as “shoulder-surfing”, in which authentication information is...

  3. Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication

    Science.gov (United States)

    Sasaki, Yu; Wang, Lei; Ohta, Kazuo; Kunihiro, Noboru

    In this paper, we propose password recovery attacks against challenge-response authentication protocols. Our attacks use a message difference for a MD5 collision attack proposed in IEICE 2008. First, we show how to efficiently find a message pair that collides with the above message difference. Second, we show that a password used in authenticated post office protocol (APOP) can be recovered practically. We also show that the password recovery attack can be applied to a session initiation protocol (SIP) and digest authentication. Our attack can recover up to the first 31 password characters in a short time and up to the first 60 characters faster than the naive search method. We have implemented our attack and confirmed that 31 characters can be successfully recovered.

  4. Biometric Authentication Systems Attacks: Liveness Detection to the ...

    African Journals Online (AJOL)

    AFRICAN JOURNALS ONLINE (AJOL) · Journals · Advanced Search · USING AJOL · RESOURCES ... access control, sensitive data protection and on-line tracking systems. ... This paper has identified such vulnerabilities and threats, particularly ... Systems, Authentication, Verification, Vulnerabilities, attacks, Threats.

  5. The LOCAL attack: Cryptanalysis of the authenticated encryption scheme ALE

    DEFF Research Database (Denmark)

    Khovratovich, Dmitry; Rechberger, Christian

    2014-01-01

    We show how to produce a forged (ciphertext, tag) pair for the scheme ALE with data and time complexity of 2102 ALE encryptions of short messages and the same number of authentication attempts. We use a differential attack based on a local collision, which exploits the availability of extracted...

  6. Possibility of spoof attack against robustness of multibiometric authentication systems

    Science.gov (United States)

    Hariri, Mahdi; Shokouhi, Shahriar Baradaran

    2011-07-01

    Multibiometric systems have been recently developed in order to overcome some weaknesses of single biometric authentication systems, but security of these systems against spoofing has not received enough attention. In this paper, we propose a novel practical method for simulation of possibilities of spoof attacks against a biometric authentication system. Using this method, we model matching scores from standard to completely spoofed genuine samples. Sum, product, and Bayes fusion rules are applied for score level combination. The security of multimodal authentication systems are examined and compared with the single systems against various spoof possibilities. However, vulnerability of fused systems is considerably increased against spoofing, but their robustness is generally higher than single matcher systems. In this paper we show that robustness of a combined system is not always higher than a single system against spoof attack. We propose empirical methods for upgrading the security of multibiometric systems, which contain how to organize and select biometric traits and matchers against various possibilities of spoof attack. These methods provide considerable robustness and present an appropriate reason for using combined systems against spoof attacks.

  7. Distinguishing attack and second-preimage attack on encrypted message authentication codes (EMAC)

    Science.gov (United States)

    Ariwibowo, Sigit; Windarta, Susila

    2016-02-01

    In this paper we show that distinguisher on CBC-MAC can be applied to Encrypted Message Authentication Code (EMAC) scheme. EMAC scheme in general is vulnerable to distinguishing attack and second preimage attack. Distinguishing attack simulation on AES-EMAC using 225 message modifications, no collision have been found. According to second preimage attack simulation on AES-EMAC no collision found between EMAC value of S1 and S2, i.e. no second preimage found for messages that have been tested. Based on distinguishing attack simulation on truncated AES-EMAC we found collision in every message therefore we cannot distinguish truncated AES-EMAC with random function. Second-preimage attack is successfully performed on truncated AES-EMAC.

  8. Attacks on quantum key distribution protocols that employ non-ITS authentication

    Science.gov (United States)

    Pacher, C.; Abidin, A.; Lorünser, T.; Peev, M.; Ursin, R.; Zeilinger, A.; Larsson, J.-Å.

    2016-01-01

    We demonstrate how adversaries with large computing resources can break quantum key distribution (QKD) protocols which employ a particular message authentication code suggested previously. This authentication code, featuring low key consumption, is not information-theoretically secure (ITS) since for each message the eavesdropper has intercepted she is able to send a different message from a set of messages that she can calculate by finding collisions of a cryptographic hash function. However, when this authentication code was introduced, it was shown to prevent straightforward man-in-the-middle (MITM) attacks against QKD protocols. In this paper, we prove that the set of messages that collide with any given message under this authentication code contains with high probability a message that has small Hamming distance to any other given message. Based on this fact, we present extended MITM attacks against different versions of BB84 QKD protocols using the addressed authentication code; for three protocols, we describe every single action taken by the adversary. For all protocols, the adversary can obtain complete knowledge of the key, and for most protocols her success probability in doing so approaches unity. Since the attacks work against all authentication methods which allow to calculate colliding messages, the underlying building blocks of the presented attacks expose the potential pitfalls arising as a consequence of non-ITS authentication in QKD post-processing. We propose countermeasures, increasing the eavesdroppers demand for computational power, and also prove necessary and sufficient conditions for upgrading the discussed authentication code to the ITS level.

  9. Wolf Attack Probability: A Theoretical Security Measure in Biometric Authentication Systems

    Science.gov (United States)

    Une, Masashi; Otsuka, Akira; Imai, Hideki

    This paper will propose a wolf attack probability (WAP) as a new measure for evaluating security of biometric authentication systems. The wolf attack is an attempt to impersonate a victim by feeding “wolves” into the system to be attacked. The “wolf” means an input value which can be falsely accepted as a match with multiple templates. WAP is defined as a maximum success probability of the wolf attack with one wolf sample. In this paper, we give a rigorous definition of the new security measure which gives strength estimation of an individual biometric authentication system against impersonation attacks. We show that if one reestimates using our WAP measure, a typical fingerprint algorithm turns out to be much weaker than theoretically estimated by Ratha et al. Moreover, we apply the wolf attack to a finger-vein-pattern based algorithm. Surprisingly, we show that there exists an extremely strong wolf which falsely matches all templates for any threshold value.

  10. Adaptable Authentication Model: Exploring Security with Weaker Attacker Models

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2011-01-01

    suffer because of the identified vulnerabilities. Therefore, we may need to analyze a protocol for weaker notions of security. In this paper, we present a security model that supports such weaker notions. In this model, the overall goals of an authentication protocol are broken into a finer granularity......; for each fine level authentication goal, we determine the “least strongest-attacker” for which the authentication goal can be satisfied. We demonstrate that this model can be used to reason about the security of supposedly insecure protocols. Such adaptability is particularly useful in those applications...

  11. Cryptanalysis of Three Password-Based Remote User Authentication Schemes with Non-Tamper-Resistant Smart Card

    OpenAIRE

    Wang, Chenyu; Xu, Guoai

    2017-01-01

    Remote user authentication is the first step to guarantee the security of online services. Online services grow rapidly and numerous remote user authentication schemes were proposed with high capability and efficiency. Recently, there are three new improved remote user authentication schemes which claim to be resistant to various attacks. Unfortunately, according to our analysis, these schemes all fail to achieve some critical security goals. This paper demonstrates that they all suffer from ...

  12. Attack-Resistant Trust Metrics

    Science.gov (United States)

    Levien, Raph

    The Internet is an amazingly powerful tool for connecting people together, unmatched in human history. Yet, with that power comes great potential for spam and abuse. Trust metrics are an attempt to compute the set of which people are trustworthy and which are likely attackers. This chapter presents two specific trust metrics developed and deployed on the Advogato Website, which is a community blog for free software developers. This real-world experience demonstrates that the trust metrics fulfilled their goals, but that for good results, it is important to match the assumptions of the abstract trust metric computation to the real-world implementation.

  13. Detecting and Preventing Sybil Attacks in Wireless Sensor Networks Using Message Authentication and Passing Method.

    Science.gov (United States)

    Dhamodharan, Udaya Suriya Raj Kumar; Vayanaperumal, Rajamani

    2015-01-01

    Wireless sensor networks are highly indispensable for securing network protection. Highly critical attacks of various kinds have been documented in wireless sensor network till now by many researchers. The Sybil attack is a massive destructive attack against the sensor network where numerous genuine identities with forged identities are used for getting an illegal entry into a network. Discerning the Sybil attack, sinkhole, and wormhole attack while multicasting is a tremendous job in wireless sensor network. Basically a Sybil attack means a node which pretends its identity to other nodes. Communication to an illegal node results in data loss and becomes dangerous in the network. The existing method Random Password Comparison has only a scheme which just verifies the node identities by analyzing the neighbors. A survey was done on a Sybil attack with the objective of resolving this problem. The survey has proposed a combined CAM-PVM (compare and match-position verification method) with MAP (message authentication and passing) for detecting, eliminating, and eventually preventing the entry of Sybil nodes in the network. We propose a scheme of assuring security for wireless sensor network, to deal with attacks of these kinds in unicasting and multicasting.

  14. Detecting and Preventing Sybil Attacks in Wireless Sensor Networks Using Message Authentication and Passing Method

    Directory of Open Access Journals (Sweden)

    Udaya Suriya Raj Kumar Dhamodharan

    2015-01-01

    Full Text Available Wireless sensor networks are highly indispensable for securing network protection. Highly critical attacks of various kinds have been documented in wireless sensor network till now by many researchers. The Sybil attack is a massive destructive attack against the sensor network where numerous genuine identities with forged identities are used for getting an illegal entry into a network. Discerning the Sybil attack, sinkhole, and wormhole attack while multicasting is a tremendous job in wireless sensor network. Basically a Sybil attack means a node which pretends its identity to other nodes. Communication to an illegal node results in data loss and becomes dangerous in the network. The existing method Random Password Comparison has only a scheme which just verifies the node identities by analyzing the neighbors. A survey was done on a Sybil attack with the objective of resolving this problem. The survey has proposed a combined CAM-PVM (compare and match-position verification method with MAP (message authentication and passing for detecting, eliminating, and eventually preventing the entry of Sybil nodes in the network. We propose a scheme of assuring security for wireless sensor network, to deal with attacks of these kinds in unicasting and multicasting.

  15. Impersonation attack on a quantum secure direct communication and authentication protocol with improvement

    Science.gov (United States)

    Amerimehr, Ali; Hadain Dehkordi, Massoud

    2018-03-01

    We analyze the security of a quantum secure direct communication and authentication protocol based on single photons. We first give an impersonation attack on the protocol. The cryptanalysis shows that there is a gap in the authentication procedure of the protocol so that an opponent can reveal the secret information by an undetectable attempt. We then propose an improvement for the protocol and show it closes the gap by applying a mutual authentication procedure. In the improved protocol single photons are transmitted once in a session, so it is easy to implement as the primary protocol. Furthermore, we use a novel technique for secret order rearrangement of photons by which not only quantum storage is eliminated also a secret key can be reused securely. So the new protocol is applicable in practical approaches like embedded system devices.

  16. Continuous-variable quantum authentication of physical unclonable keys: Security against an emulation attack

    Science.gov (United States)

    Nikolopoulos, Georgios M.

    2018-01-01

    We consider a recently proposed entity authentication protocol in which a physical unclonable key is interrogated by random coherent states of light, and the quadratures of the scattered light are analyzed by means of a coarse-grained homodyne detection. We derive a sufficient condition for the protocol to be secure against an emulation attack in which an adversary knows the challenge-response properties of the key and moreover, he can access the challenges during the verification. The security analysis relies on Holevo's bound and Fano's inequality, and suggests that the protocol is secure against the emulation attack for a broad range of physical parameters that are within reach of today's technology.

  17. Password-only authenticated three-party key exchange proven secure against insider dictionary attacks.

    Science.gov (United States)

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Paik, Juryon; Won, Dongho

    2014-01-01

    While a number of protocols for password-only authenticated key exchange (PAKE) in the 3-party setting have been proposed, it still remains a challenging task to prove the security of a 3-party PAKE protocol against insider dictionary attacks. To the best of our knowledge, there is no 3-party PAKE protocol that carries a formal proof, or even definition, of security against insider dictionary attacks. In this paper, we present the first 3-party PAKE protocol proven secure against both online and offline dictionary attacks as well as insider and outsider dictionary attacks. Our construct can be viewed as a protocol compiler that transforms any 2-party PAKE protocol into a 3-party PAKE protocol with 2 additional rounds of communication. We also present a simple and intuitive approach of formally modelling dictionary attacks in the password-only 3-party setting, which significantly reduces the complexity of proving the security of 3-party PAKE protocols against dictionary attacks. In addition, we investigate the security of the well-known 3-party PAKE protocol, called GPAKE, due to Abdalla et al. (2005, 2006), and demonstrate that the security of GPAKE against online dictionary attacks depends heavily on the composition of its two building blocks, namely a 2-party PAKE protocol and a 3-party key distribution protocol.

  18. Using Physical Context-Based Authentication against External Attacks: Models and Protocols

    Directory of Open Access Journals (Sweden)

    Wilson S. Melo

    2018-01-01

    Full Text Available Modern systems are increasingly dependent on the integration of physical processes and information technologies. This trend is remarkable in applications involving sensor networks, cyberphysical systems, and Internet of Things. Despite its complexity, such integration results in physical context information that can be used to improve security, especially authentication. In this paper, we show that entities sharing the same physical context can use it for establishing a secure communication channel and protecting each other against external attacks. We present such approach proposing a theoretical model for generating unique bitstreams. Two different protocols are suggested. Each one is evaluated using probabilistic analysis and simulation. In the end, we implement the authentication mechanism in a case study using networks radio signal as physical event generator. The results demonstrate the performance of each of the protocols and their suitability for applications in real world.

  19. A Three Factor Remote User Authentication Scheme Using Collision Resist Fuzzy Extractor in Single Server Environment

    Directory of Open Access Journals (Sweden)

    Giri Debasis

    2017-01-01

    Full Text Available Due to rapid growth of online applications, it is needed to provide such a facility by which communicators can get the services by applying the applications in a secure way. As communications are done through an insecure channel like Internet, any adversary can trap and modify the communication messages. Only authentication procedure can overcome the aforementioned problem. Many researchers have proposed so many authentication schemes in this literature. But, this paper has shown that many of them are not usable in real world application scenarios because, the existing schemes cannot resist all the possible attacks. Therefore, this paper has proposed a three factor authentication scheme using hash function and fuzzy extractor. This paper has further analyzed the security of the proposed scheme using random oracle model. The analysis shows that the proposed scheme can resist all the possible attacks. Furthermore, comparison between proposed scheme and related existing schemes shows that the proposed scheme has better trade-off among storage, computational and communication costs.

  20. Lightweight Privacy-Preserving Authentication Protocols Secure against Active Attack in an Asymmetric Way

    Science.gov (United States)

    Cui, Yank; Kobara, Kazukuni; Matsuura, Kanta; Imai, Hideki

    As pervasive computing technologies develop fast, the privacy protection becomes a crucial issue and needs to be coped with very carefully. Typically, it is difficult to efficiently identify and manage plenty of the low-cost pervasive devices like Radio Frequency Identification Devices (RFID), without leaking any privacy information. In particular, the attacker may not only eavesdrop the communication in a passive way, but also mount an active attack to ask queries adaptively, which is obviously more dangerous. Towards settling this problem, in this paper, we propose two lightweight authentication protocols which are privacy-preserving against active attack, in an asymmetric way. That asymmetric style with privacy-oriented simplification succeeds to reduce the load of low-cost devices and drastically decrease the computation cost for the management of server. This is because that, unlike the usual management of the identities, our approach does not require any synchronization nor exhaustive search in the database, which enjoys great convenience in case of a large-scale system. The protocols are based on a fast asymmetric encryption with specialized simplification and only one cryptographic hash function, which consequently assigns an easy work to pervasive devices. Besides, our results do not require the strong assumption of the random oracle.

  1. Secure Data Aggregation in Wireless Sensor Network-Fujisaki Okamoto(FO) Authentication Scheme against Sybil Attack.

    Science.gov (United States)

    Nirmal Raja, K; Maraline Beno, M

    2017-07-01

    In the wireless sensor network(WSN) security is a major issue. There are several network security schemes proposed in research. In the network, malicious nodes obstruct the performance of the network. The network can be vulnerable by Sybil attack. When a node illicitly assertions multiple identities or claims fake IDs, the WSN grieves from an attack named Sybil attack. This attack threatens wireless sensor network in data aggregation, synchronizing system, routing, fair resource allocation and misbehavior detection. Henceforth, the research is carried out to prevent the Sybil attack and increase the performance of the network. This paper presents the novel security mechanism and Fujisaki Okamoto algorithm and also application of the work. The Fujisaki-Okamoto (FO) algorithm is ID based cryptographic scheme and gives strong authentication against Sybil attack. By using Network simulator2 (NS2) the scheme is simulated. In this proposed scheme broadcasting key, time taken for different key sizes, energy consumption, Packet delivery ratio, Throughput were analyzed.

  2. On securing wireless sensor network--novel authentication scheme against DOS attacks.

    Science.gov (United States)

    Raja, K Nirmal; Beno, M Marsaline

    2014-10-01

    Wireless sensor networks are generally deployed for collecting data from various environments. Several applications specific sensor network cryptography algorithms have been proposed in research. However WSN's has many constrictions, including low computation capability, less memory, limited energy resources, vulnerability to physical capture, which enforce unique security challenges needs to make a lot of improvements. This paper presents a novel security mechanism and algorithm for wireless sensor network security and also an application of this algorithm. The proposed scheme is given to strong authentication against Denial of Service Attacks (DOS). The scheme is simulated using network simulator2 (NS2). Then this scheme is analyzed based on the network packet delivery ratio and found that throughput has improved.

  3. Cryptanalysis of Three Password-Based Remote User Authentication Schemes with Non-Tamper-Resistant Smart Card

    Directory of Open Access Journals (Sweden)

    Chenyu Wang

    2017-01-01

    Full Text Available Remote user authentication is the first step to guarantee the security of online services. Online services grow rapidly and numerous remote user authentication schemes were proposed with high capability and efficiency. Recently, there are three new improved remote user authentication schemes which claim to be resistant to various attacks. Unfortunately, according to our analysis, these schemes all fail to achieve some critical security goals. This paper demonstrates that they all suffer from offline dictionary attack or fail to achieve forward secrecy and user anonymity. It is worth mentioning that we divide offline dictionary attacks into two categories: (1 the ones using the verification from smart cards and (2 the ones using the verification from the open channel. The second is more complicated and intractable than the first type. Such distinction benefits the exploration of better design principles. We also discuss some practical solutions to the two kinds of attacks, respectively. Furthermore, we proposed a reference model to deal with the first kind of attack and proved its effectiveness by taking one of our cryptanalysis schemes as an example.

  4. Authenticating a tamper-resistant module in a base station router

    NARCIS (Netherlands)

    Bosch, H.G.P.; Kraml, M.; Mullender, Sape J.; Polakos, P.; Samuel, L.G.

    2007-01-01

    The present invention provides a method involving a tamper-resistant module and an authentication server. The method includes receiving, at the tamper-resistant module, information encrypted using a first secret key stored in the authentication server. The method also includes authenticating the

  5. A Color Image Watermarking Scheme Resistant against Geometrical Attacks

    Directory of Open Access Journals (Sweden)

    Y. Xing

    2010-04-01

    Full Text Available The geometrical attacks are still a problem for many digital watermarking algorithms at present. In this paper, we propose a watermarking algorithm for color images resistant to geometrical distortions (rotation and scaling. The singular value decomposition is used for watermark embedding and extraction. The log-polar map- ping (LPM and phase correlation method are used to register the position of geometrical distortion suffered by the watermarked image. Experiments with different kinds of color images and watermarks demonstrate that the watermarking algorithm is robust to common image processing attacks, especially geometrical attacks.

  6. An authenticated encrypted routing protocol against attacks in mobile ad-hoc networks

    Directory of Open Access Journals (Sweden)

    C.C. Suma

    2017-01-01

    Full Text Available Mobile Ad hoc Network is stated as a cluster that contains Digital data terminals and they are furnished with the wireless transceivers which are able to communicate with each other with no need of any fixed architecture or concentrated authority. Security is one of the major issues in MANETs because of vast applications such as Military Battlefields, emergency and rescue operations[10]. In order to provide anonymous communications and to identify the malicious nodes in MANETs, many authors have proposed different secure routing protocols but each protocol have their own advantages and disadvantages. In MANTE’s each and every node in the communicating network functions like router and transmits the packets among the networking nodes for the purpose of communication[11]. Sometimes nodes may be attacked by the malicious nodes or the legitimate node will be caught by foemen there by controlling and preventing the nodes to perform the assigned task or nodes may be corrupted due to loss of energy. So, due to these drawbacks securing the network under the presence of adversaries is an important thing. The existing protocols were designed with keeping anonymity and the identification of vicious nodes in the network as the main goal. For providing better security, the anonymity factors such as Unidentifiability and Unlinkability must be fully satisfied[1]. Many anonymous routing schemes that concentrate on achieving anonymity are proposed in the past decade and they provides the security at different levels and also provides the privacy protection that is of different cost. In this paper we consider a protocol called Authenticated Secure Routing Protocol proposed which provides both security & anonymity. Anonymity is achieved in this protocol using Group signature. Over all by using this protocol performance in terms of throughput as well as the packet dropping rate is good compared to the other living protocols.

  7. Quantum attack-resistent certificateless multi-receiver signcryption scheme.

    Directory of Open Access Journals (Sweden)

    Huixian Li

    Full Text Available The existing certificateless signcryption schemes were designed mainly based on the traditional public key cryptography, in which the security relies on the hard problems, such as factor decomposition and discrete logarithm. However, these problems will be easily solved by the quantum computing. So the existing certificateless signcryption schemes are vulnerable to the quantum attack. Multivariate public key cryptography (MPKC, which can resist the quantum attack, is one of the alternative solutions to guarantee the security of communications in the post-quantum age. Motivated by these concerns, we proposed a new construction of the certificateless multi-receiver signcryption scheme (CLMSC based on MPKC. The new scheme inherits the security of MPKC, which can withstand the quantum attack. Multivariate quadratic polynomial operations, which have lower computation complexity than bilinear pairing operations, are employed in signcrypting a message for a certain number of receivers in our scheme. Security analysis shows that our scheme is a secure MPKC-based scheme. We proved its security under the hardness of the Multivariate Quadratic (MQ problem and its unforgeability under the Isomorphism of Polynomials (IP assumption in the random oracle model. The analysis results show that our scheme also has the security properties of non-repudiation, perfect forward secrecy, perfect backward secrecy and public verifiability. Compared with the existing schemes in terms of computation complexity and ciphertext length, our scheme is more efficient, which makes it suitable for terminals with low computation capacity like smart cards.

  8. A Secured Authentication Protocol for SIP Using Elliptic Curves Cryptography

    Science.gov (United States)

    Chen, Tien-Ho; Yeh, Hsiu-Lien; Liu, Pin-Chuan; Hsiang, Han-Chen; Shih, Wei-Kuan

    Session initiation protocol (SIP) is a technology regularly performed in Internet Telephony, and Hyper Text Transport Protocol (HTTP) as digest authentication is one of the major methods for SIP authentication mechanism. In 2005, Yang et al. pointed out that HTTP could not resist server spoofing attack and off-line guessing attack and proposed a secret authentication with Diffie-Hellman concept. In 2009, Tsai proposed a nonce based authentication protocol for SIP. In this paper, we demonstrate that their protocol could not resist the password guessing attack and insider attack. Furthermore, we propose an ECC-based authentication mechanism to solve their issues and present security analysis of our protocol to show that ours is suitable for applications with higher security requirement.

  9. Acidic Attack Resistance of Cement Mortar Treated with Alkaline

    Directory of Open Access Journals (Sweden)

    Nadia Nazhat Sabeeh

    2017-12-01

    Full Text Available The negative effect of acidic attack on the properties of concrete and cement mortar is a topic of increasing significance in the recent years. Many attempts has occurred to mitigate this negative impact by improving the properties of concrete and increase resistance to acids by using additives. The present study includes treatment of sand by alkaline material and examine the effect of treatment on cement mortar resistance towards hydrochloric and sulfuric acid. Results show that sand treatment by alkaline material significantly enhance mortar ability to resist acids. In terms of loss weight, the maximum weight rate gain was 25.54% for specimens immersed in Hydrochloric acid with water cement ratio 40%. For specimens immersed in HCl, the average gain in compressive strength is (20.15-19.433% for w/c (40-45% respectively. The average gain in modulus of rupture toward the influence of H2SO4 is (18.37–17.99% for w/c (40-45%, respectively.

  10. Definition of Entity Authentication

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2010-01-01

    Authentication is considered a pre-requisite for communication security, but the definition of authentication is generally not agreed upon. Many attacks on authentication protocols are the result of misunderstanding of the goals of authentication. This state of affairs indicate limitations in the...

  11. Efficient and side-channel resistant authenticated encryption of FPGA bitstreams

    DEFF Research Database (Denmark)

    Bogdanov, Andrey; Moradi, Amir; Yalcin, Tolga

    2013-01-01

    AE modes of operation with the same countermeasure. We conclude that the deployment of dedicated AE schemes such as ALE significantly facilitates the real-world efficiency and security of FPGA bitstream protection in practice: Not only our solution enables authenticated encryption for bitstream...... on low-cost FPGAs but it also aims to mitigate physical attacks which have been lately shown to undermine the security of the bitstream protection mechanisms in the field.......State-of-the-art solutions for FPGA bitstream protection rely on encryption and authentication of the bitstream to both ensure its confidentiality, thwarting unauthorized copying and reverse engineering, and prevent its unauthorized modification, maintaining a root of trust in the field. Adequate...

  12. Authentication over Noisy Channels

    OpenAIRE

    Lai, Lifeng; Gamal, Hesham El; Poor, H. Vincent

    2008-01-01

    In this work, message authentication over noisy channels is studied. The model developed in this paper is the authentication theory counterpart of Wyner's wiretap channel model. Two types of opponent attacks, namely impersonation attacks and substitution attacks, are investigated for both single message and multiple message authentication scenarios. For each scenario, information theoretic lower and upper bounds on the opponent's success probability are derived. Remarkably, in both scenarios,...

  13. Faster and timing-attack resistant AES-GCM

    NARCIS (Netherlands)

    Käsper, E.; Schwabe, P.; Clavier, C.; Gaj, K.

    2009-01-01

    We present a bitsliced implementation of AES encryption in counter mode for 64-bit Intel processors. Running at 7.59 cycles/byte on a Core 2, it is up to 25% faster than previous implementations, while simultaneously offering protection against timing attacks. In particular, it is the only

  14. A robust cloud access scheme with mutual authentication

    Directory of Open Access Journals (Sweden)

    Chen Chin-Ling

    2016-01-01

    Full Text Available Due to the progress of network technology, we can access some information through remote servers, and we also can save and access lots of personal data in remote servers. Therefore, to protect these data and resist unauthorized access is an important issue. Some researchers proposed authentication scheme, but there still exist some security weaknesses. This article is based on the concept of HDFS (Hadoop Distributed File System, and offers a robust authentication scheme. The proposed scheme achieves mutual authentication, prevents re-play attack, solves asynchronous issue, and prevents offline password guessing attack.

  15. CUE: counterfeit-resistant usable eye movement-based authentication via oculomotor plant characteristics and complex eye movement patterns

    Science.gov (United States)

    Komogortsev, Oleg V.; Karpov, Alexey; Holland, Corey D.

    2012-06-01

    The widespread use of computers throughout modern society introduces the necessity for usable and counterfeit-resistant authentication methods to ensure secure access to personal resources such as bank accounts, e-mail, and social media. Current authentication methods require tedious memorization of lengthy pass phrases, are often prone to shouldersurfing, and may be easily replicated (either by counterfeiting parts of the human body or by guessing an authentication token based on readily available information). This paper describes preliminary work toward a counterfeit-resistant usable eye movement-based (CUE) authentication method. CUE does not require any passwords (improving the memorability aspect of the authentication system), and aims to provide high resistance to spoofing and shoulder-surfing by employing the combined biometric capabilities of two behavioral biometric traits: 1) oculomotor plant characteristics (OPC) which represent the internal, non-visible, anatomical structure of the eye; 2) complex eye movement patterns (CEM) which represent the strategies employed by the brain to guide visual attention. Both OPC and CEM are extracted from the eye movement signal provided by an eye tracking system. Preliminary results indicate that the fusion of OPC and CEM traits is capable of providing a 30% reduction in authentication error when compared to the authentication accuracy of individual traits.

  16. Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks.

    Science.gov (United States)

    Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

    2015-11-30

    Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost.

  17. Practical quantum private query with better performance in resisting joint-measurement attack

    Science.gov (United States)

    Wei, Chun-Yan; Wang, Tian-Yin; Gao, Fei

    2016-04-01

    As a kind of practical protocol, quantum-key-distribution (QKD)-based quantum private queries (QPQs) have drawn lots of attention. However, joint-measurement (JM) attack poses a noticeable threat to the database security in such protocols. That is, by JM attack a malicious user can illegally elicit many more items from the database than the average amount an honest one can obtain. Taking Jacobi et al.'s protocol as an example, by JM attack a malicious user can obtain as many as 500 bits, instead of the expected 2.44 bits, from a 104-bit database in one query. It is a noticeable security flaw in theory, and would also arise in application with the development of quantum memories. To solve this problem, we propose a QPQ protocol based on a two-way QKD scheme, which behaves much better in resisting JM attack. Concretely, the user Alice cannot get more database items by conducting JM attack on the qubits because she has to send them back to Bob (the database holder) before knowing which of them should be jointly measured. Furthermore, JM attack by both Alice and Bob would be detected with certain probability, which is quite different from previous protocols. Moreover, our protocol retains the good characters of QKD-based QPQs, e.g., it is loss tolerant and robust against quantum memory attack.

  18. A blind video watermarking scheme resistant to rotation and collusion attacks

    Directory of Open Access Journals (Sweden)

    Amlan Karmakar

    2016-04-01

    Full Text Available In this paper, Discrete Cosine Transform (DCT based blind video watermarking algorithm is proposed, which is perceptually invisible and robust against rotation and collusion attacks. To make the scheme resistant against rotation, watermark is embedded within the square blocks, placed on the middle position of every luminance channel. Then Zernike moments of those square blocks are calculated. The rotation invariance property of the Complex Zernike moments is exploited to predict the rotation angle of the video at the time of extraction of watermark bits. To make the scheme robust against collusion, design of the scheme is done in such a way that the embedding blocks will vary for the successive frames of the video. A Pseudo Random Number (PRN generator and a permutation vector are used to achieve the goal. The experimental results show that the scheme is robust against conventional video attacks, rotation attack and collusion attacks.

  19. A Terrorist-fraud Resistant and Extractor-free Anonymous Distance-bounding Protocol

    OpenAIRE

    Avoine , Gildas; Bultel , Xavier; Gambs , Sébastien; Gerault , David; Lafourcade , Pascal; Onete , Cristina; Robert , Jean-Marc

    2017-01-01

    International audience; Distance-bounding protocols have been introduced to thwart relay attacks against contactless authentication protocols. In this context, veri-fiers have to authenticate the credentials of untrusted provers. Unfortunately , these protocols are themselves subject to complex threats such as terrorist-fraud attacks, in which a malicious prover helps an accomplice to authenticate. Provably guaranteeing the resistance of distance-bounding protocols to these attacks is a compl...

  20. A secure smart-card based authentication and key agreement scheme for telecare medicine information systems.

    Science.gov (United States)

    Lee, Tian-Fu; Liu, Chuan-Ming

    2013-06-01

    A smart-card based authentication scheme for telecare medicine information systems enables patients, doctors, nurses, health visitors and the medicine information systems to establish a secure communication platform through public networks. Zhu recently presented an improved authentication scheme in order to solve the weakness of the authentication scheme of Wei et al., where the off-line password guessing attacks cannot be resisted. This investigation indicates that the improved scheme of Zhu has some faults such that the authentication scheme cannot execute correctly and is vulnerable to the attack of parallel sessions. Additionally, an enhanced authentication scheme based on the scheme of Zhu is proposed. The enhanced scheme not only avoids the weakness in the original scheme, but also provides users' anonymity and authenticated key agreements for secure data communications.

  1. Security strategy of powered-off SRAM for resisting physical attack to data remanence

    International Nuclear Information System (INIS)

    Yu Kai; Zou Xuecheng; Yu Guoyi; Wang Weixu

    2009-01-01

    This paper presents a security strategy for resisting a physical attack utilizing data remanence in powered-off static random access memory (SRAM). Based on the mechanism of physical attack to data remanence, the strategy intends to erase data remanence in memory cells once the power supply is removed, which disturbs attackers trying to steal the right information. Novel on-chip secure circuits including secure power supply and erase transistor are integrated into conventional SRAM to realize erase operation. Implemented in 0.25 μm Huahong-NEC CMOS technology, an SRAM exploiting the proposed security strategy shows the erase operation is accomplished within 0.2 μs and data remanence is successfully eliminated. Compared with conventional SRAM, the retentive time of data remanence is reduced by 82% while the operation power consumption only increases by 7%.

  2. Fides: Lightweight Authenticated Cipher with Side-Channel Resistance for Constrained Hardware

    DEFF Research Database (Denmark)

    Bilgin, Begul; Bogdanov, Andrey; Knezevic, Miroslav

    2013-01-01

    In this paper, we present a novel lightweight authenticated cipher optimized for hardware implementations called Fides. It is an online nonce-based authenticated encryption scheme with authenticated data whose area requirements are as low as 793 GE and 1001 GE for 80-bit and 96-bit security...

  3. A Hash Based Remote User Authentication and Authenticated Key Agreement Scheme for the Integrated EPR Information System.

    Science.gov (United States)

    Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi; Wang, Chun-Cheng

    2015-11-01

    To protect patient privacy and ensure authorized access to remote medical services, many remote user authentication schemes for the integrated electronic patient record (EPR) information system have been proposed in the literature. In a recent paper, Das proposed a hash based remote user authentication scheme using passwords and smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various passive and active attacks. However, in this paper, we found that Das's authentication scheme is still vulnerable to modification and user duplication attacks. Thereafter we propose a secure and efficient authentication scheme for the integrated EPR information system based on lightweight hash function and bitwise exclusive-or (XOR) operations. The security proof and performance analysis show our new scheme is well-suited to adoption in remote medical healthcare services.

  4. Applying LU Decomposition of Matrices to Design Anonymity Bilateral Remote User Authentication Scheme

    Directory of Open Access Journals (Sweden)

    Xiong Li

    2013-01-01

    Full Text Available We apply LU decomposition of matrices to present an anonymous bilateral authentication scheme. This paper aims at improving security and providing more excellent performances for remote user authentication scheme. The proposed scheme can provide bilateral authentication and session key agreement, can quickly check the validity of the input password, and can really protect the user anonymity. The security of the proposed scheme is based on the discrete logarithm problem (DLP, Diffie-Hellman problem (DHP, and the one-way hash function. It can resist various attacks such as insider attack, impersonation attack, server spoofing attack, and stolen smart card attack. Moreover, the presented scheme is computationally efficient for real-life implementation.

  5. Password Authenticated Key Exchange and Protected Password Change Protocols

    Directory of Open Access Journals (Sweden)

    Ting-Yi Chang

    2017-07-01

    Full Text Available In this paper, we propose new password authenticated key exchange (PAKE and protected password change (PPC protocols without any symmetric or public-key cryptosystems. The security of the proposed protocols is based on the computational Diffie-Hellman assumption in the random oracle model. The proposed scheme can resist both forgery server and denial of service attacks.

  6. Authentication and consensus overhead in vehicular ad hoc networks

    NARCIS (Netherlands)

    Petit, Jonathan; Mammeri, Zoubir

    Vehicular ad hoc networks aim at increasing passenger safety by exchanging warning messages between vehicles wirelessly. A main challenge is to resist to various malicious abuses and security attacks. However, any security mechanism comes with overhead. We analyze how the authentication algorithm

  7. Influence of recycled fine aggregates on the resistance of mortars to magnesium sulfate attack

    International Nuclear Information System (INIS)

    Lee, Seung-Tae

    2009-01-01

    The influence of recycled fine aggregates, which had been reclaimed from field-demolished concretes, on the resistance of mortar specimens to magnesium sulfate attack was investigated. Mortar specimens were prepared with recycled fine aggregates at different replacement levels (0%, 25%, 50%, 75% and 100% of natural fine aggregate by mass). The mortar specimens were exposed to 4.24% magnesium sulfate solution for about 1 year at ambient temperature, and regularly monitored for visual appearance, compressive strength loss and expansion. Additionally, in order to identify products of magnesium sulfate attack, mortar samples incorporating 0%, 25% and 100% replacement levels of the recycled fine aggregates were examined by X-ray diffraction (XRD) technique. Experimental results confirmed that the use of recycled fine aggregates up to a maximum 50% replacement level is effective under severe magnesium sulfate environment, irrespective of type of recycled fine aggregates. However, the worse performance was observed in mortar specimens incorporating 100% replacement level. It was found that the water absorption of recycled fine aggregates affected deterioration of mortar specimens, especially at a higher replacement level. XRD results indicated that the main cause of deterioration of the mortar specimens was primarily due to the formation of gypsum and thaumasite by magnesium sulfate attack. In addition, it appeared that the conversion of C-S-H into M-S-H by the attack probably influenced mechanical deterioration of mortar specimens with recycled fine aggregates.

  8. Robust biometrics based authentication and key agreement scheme for multi-server environments using smart cards.

    Science.gov (United States)

    Lu, Yanrong; Li, Lixiang; Yang, Xing; Yang, Yixian

    2015-01-01

    Biometrics authenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.'s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes.

  9. Robust biometrics based authentication and key agreement scheme for multi-server environments using smart cards.

    Directory of Open Access Journals (Sweden)

    Yanrong Lu

    Full Text Available Biometrics authenticated schemes using smart cards have attracted much attention in multi-server environments. Several schemes of this type where proposed in the past. However, many of them were found to have some design flaws. This paper concentrates on the security weaknesses of the three-factor authentication scheme by Mishra et al. After careful analysis, we find their scheme does not really resist replay attack while failing to provide an efficient password change phase. We further propose an improvement of Mishra et al.'s scheme with the purpose of preventing the security threats of their scheme. We demonstrate the proposed scheme is given to strong authentication against several attacks including attacks shown in the original scheme. In addition, we compare the performance and functionality with other multi-server authenticated key schemes.

  10. An Improved Dynamic ID-Based Remote User Authentication with Key Agreement Scheme

    Directory of Open Access Journals (Sweden)

    Juan Qu

    2013-01-01

    Full Text Available In recent years, several dynamic ID-based remote user authentication schemes have been proposed. In 2012, Wen and Li proposed a dynamic ID-based remote user authentication with key agreement scheme. They claimed that their scheme can resist impersonation attack and insider attack and provide anonymity for the users. However, we will show that Wen and Li's scheme cannot withstand insider attack and forward secrecy, does not provide anonymity for the users, and inefficiency for error password login. In this paper, we propose a novel ECC-based remote user authentication scheme which is immune to various known types of attack and is more secure and practical for mobile clients.

  11. Resistance to acid attack of portland cement mortars produced with red mud as a pozzolanic additive

    International Nuclear Information System (INIS)

    Balbino, Thiago Gabriel Ferreira; Fortes, Gustavo Mattos; Lourenco, Rafaela Roberta; Rodrigues, Jose de Anchieta

    2011-01-01

    Portland cement structures are usually exposed to aggressive environments, which requires the knowledge of the performance of these materials under deleterious conditions. In this study, it was evaluated the resistance to acid attack of mortars that contain ordinary (CPI) and compost (CPII-Z) Portland cements, adding to the first red mud (RB) as a pozzolanic additive in different conditions: without calcination, calcined at 400 ° C and at 600 ° C. The specimens were subjected to HCl and H 2 SO 4 solutions, both with concentration of 1.0 Mol L -1 for 28 days, monitoring the weight loss and leached material nature by atomic emission inductively coupled plasma (ICP). The hydration products were studied by thermogravimetric analysis (TGA) and X-ray diffraction (XRD) of the hydrated cement pastes. It was observed a reduction of portlandite amount in the RB containing cement pastes, indicating a possible pozzolanic activity of the red mud. The mortars prepared with RB were more resistant to HCl, while that ones with calcined RB present a better performance in H 2 SO 4 attack. (author)

  12. ReTrust: attack-resistant and lightweight trust management for medical sensor networks.

    Science.gov (United States)

    He, Daojing; Chen, Chun; Chan, Sammy; Bu, Jiajun; Vasilakos, Athanasios V

    2012-07-01

    Wireless medical sensor networks (MSNs) enable ubiquitous health monitoring of users during their everyday lives, at health sites, without restricting their freedom. Establishing trust among distributed network entities has been recognized as a powerful tool to improve the security and performance of distributed networks such as mobile ad hoc networks and sensor networks. However, most existing trust systems are not well suited for MSNs due to the unique operational and security requirements of MSNs. Moreover, similar to most security schemes, trust management methods themselves can be vulnerable to attacks. Unfortunately, this issue is often ignored in existing trust systems. In this paper, we identify the security and performance challenges facing a sensor network for wireless medical monitoring and suggest it should follow a two-tier architecture. Based on such an architecture, we develop an attack-resistant and lightweight trust management scheme named ReTrust. This paper also reports the experimental results of the Collection Tree Protocol using our proposed system in a network of TelosB motes, which show that ReTrust not only can efficiently detect malicious/faulty behaviors, but can also significantly improve the network performance in practice.

  13. Staphyloxanthin photobleaching sensitizes methicillin-resistant Staphylococcus aureus to reactive oxygen species attack

    Science.gov (United States)

    Dong, Pu-Ting; Mohammad, Haroon; Hui, Jie; Wang, Xiaoyu; Li, Junjie; Liang, Lijia; Seleem, Mohamed N.; Cheng, Ji-Xin

    2018-02-01

    Given that the dearth of new antibiotic development loads an existential burden on successful infectious disease therapy, health organizations are calling for alternative approaches to combat methicillin-resistant Staphylococcus aureus (MRSA) infections. Here, we report a drug-free photonic approach to eliminate MRSA through photobleaching of staphyloxanthin, an indispensable membrane-bound antioxidant of S. aureus. The photobleaching process, uncovered through a transient absorption imaging study and quantitated by absorption spectroscopy and mass spectrometry, decomposes staphyloxanthin, and sensitizes MRSA to reactive oxygen species attack. Consequently, staphyloxanthin bleaching by low-level blue light eradicates MRSA synergistically with external or internal reactive oxygen species. The effectiveness of this synergistic therapy is validated in MRSA culture, MRSAinfected macrophage cells. Collectively, these findings highlight broad applications of staphyloxanthin photobleaching for treatment of MRSA infections.

  14. Resistance of Particleboards Made from Fast-Growing Wood Species to Subterranean Termite Attack.

    Science.gov (United States)

    Hermawan, Dede; Hadi, Yusuf S; Fajriani, Esi; Massijaya, Muhamad Y; Hadjib, Nurwati

    2012-05-29

    Laboratory-made particleboards were tested for their resistance to subterranean termite, Coptotermes curvignathus Holmgren (Order Isoptera, Family Termitidae) by Indonesian standard SNI 01.7207-2006, during four weeks and at the end of the test their mass loss percentage and feeding rate were determined. Particleboards consisted of: jabon (Anthocephalus cadamba, Family Rubiacea) with a density of 0.41 g/cm³; sungkai (Peronema canescens, Family Verbenaceae) with a density of 0.46 g/cm³; mangium (Acacia mangium, Family Rhamnaceae) with a density of 0.60 g/cm³ separately and the three species mixture at a rate of 1:1:1. Densities of the boards were targetted at 0.60 g/cm³ and 0.80 g/cm³ by using 12% urea formaldehyde as binder with 2% paraffin as additive based on oven dry wood particle weight. The hand-formed mats and hot-pressing at 130 °C and 2.45 MPa for 10 min were applied. The results showed that particleboards density did not affect mass loss and feeding rate, but the particleboards made from higher density wood resulted in higher resistance to subterranean termite attack. The most resistant particleboards were made of magium, followed by sungkai, mixed species, and jabon.

  15. Resistance of Particleboards Made from Fast-Growing Wood Species to Subterranean Termite Attack

    Directory of Open Access Journals (Sweden)

    Nurwati Hadjib

    2012-05-01

    Full Text Available Laboratory-made particleboards were tested for their resistance to subterranean termite, Coptotermes curvignathus Holmgren (Order Isoptera, Family Termitidae by Indonesian standard SNI 01.7207–2006, during four weeks and at the end of the test their mass loss percentage and feeding rate were determined. Particleboards consisted of: jabon (Anthocephalus cadamba, Family Rubiacea with a density of 0.41 g/cm3; sungkai (Peronema canescens, Family Verbenaceae with a density of 0.46 g/cm3; mangium (Acacia mangium, Family Rhamnaceae with a density of 0.60 g/cm3 separately and the three species mixture at a rate of 1:1:1. Densities of the boards were targetted at 0.60 g/cm3 and 0.80 g/cm3 by using 12% urea formaldehyde as binder with 2% paraffin as additive based on oven dry wood particle weight. The hand-formed mats and hot-pressing at 130 °C and 2.45 MPa for 10 min were applied. The results showed that particleboards density did not affect mass loss and feeding rate, but the particleboards made from higher density wood resulted in higher resistance to subterranean termite attack. The most resistant particleboards were made of magium, followed by sungkai, mixed species, and jabon.

  16. Asynchronous Advanced Encryption Standard Hardware with Random Noise Injection for Improved Side-Channel Attack Resistance

    Directory of Open Access Journals (Sweden)

    Siva Kotipalli

    2014-01-01

    (SCA resistance. These designs are based on a delay-insensitive (DI logic paradigm known as null convention logic (NCL, which supports useful properties for resisting SCAs including dual-rail encoding, clock-free operation, and monotonic transitions. Potential benefits include reduced and more uniform switching activities and reduced signal-to-noise (SNR ratio. A novel method to further augment NCL AES hardware with random voltage scaling technique is also presented for additional security. Thereby, the proposed components leak significantly less side-channel information than conventional clocked approaches. To quantitatively verify such improvements, functional verification and WASSO (weighted average simultaneous switching output analysis have been carried out on both conventional synchronous approach and the proposed NCL based approach using Mentor Graphics ModelSim and Xilinx simulation tools. Hardware implementation has been carried out on both designs exploiting a specified side-channel attack standard evaluation FPGA board, called SASEBO-GII, and the corresponding power waveforms for both designs have been collected. Along with the results of software simulations, we have analyzed the collected waveforms to validate the claims related to benefits of the proposed cryptohardware design approach.

  17. Prototype Centralized Managing Permissions System Based on the Election Multibiometric Authentication

    Directory of Open Access Journals (Sweden)

    Alexey Nikolaevich Ruchay

    2013-02-01

    Full Text Available This work aims to develop a prototype system of centralized managing permissions based on the election multibiometric authentication. The novelty of this work is to develop the principles of distinction and multi-factor authentication, because at the moment there is no such development. Depending on various conditions and factors, including the availability of electronic means and convenience, resistance to attacks and exploits, disease or injury of users the biometric authentication can be selected on the basis of any such biometrics as rhythm password, voice, dynamic signatures and graphics recognition.

  18. Cryptanalysis and improvement of a biometrics-based authentication and key agreement scheme for multi-server environments.

    Science.gov (United States)

    Yang, Li; Zheng, Zhiming

    2018-01-01

    According to advancements in the wireless technologies, study of biometrics-based multi-server authenticated key agreement schemes has acquired a lot of momentum. Recently, Wang et al. presented a three-factor authentication protocol with key agreement and claimed that their scheme was resistant to several prominent attacks. Unfortunately, this paper indicates that their protocol is still vulnerable to the user impersonation attack, privileged insider attack and server spoofing attack. Furthermore, their protocol cannot provide the perfect forward secrecy. As a remedy of these aforementioned problems, we propose a biometrics-based authentication and key agreement scheme for multi-server environments. Compared with various related schemes, our protocol achieves the stronger security and provides more functionality properties. Besides, the proposed protocol shows the satisfactory performances in respect of storage requirement, communication overhead and computational cost. Thus, our protocol is suitable for expert systems and other multi-server architectures. Consequently, the proposed protocol is more appropriate in the distributed networks.

  19. Puzzolanic cements of greater resistance at the attack of selenitic waters than the high sulfate resistance portland cements, and viceverse

    Directory of Open Access Journals (Sweden)

    Talero, Rafael

    1987-09-01

    Full Text Available This work confirms the certainty of the predictions of useful service given by Kaluosek and al. for the sulphate resistant portland cements (type V, USA, subject to severe selenitic attack. Two sulphate resistant portland cements, were tested by means of the Le Chatelier Anstett method. The tarts were destroyed at ages of three years, having detected in them the presence of thaumasite by XRD. Even so, the impossibility and possibility thaumasite formation was confirmed in pozzolanic cements tarts, which either had or did not have adequate amount of pozzolana (diatomite for such purpose.

    Este trabajo confirman las predicciones de vida útil dadas por Kalousek y colaboradores, para los cementos portland de elevada resistencia al ataque de los iones sulfato (tipo V, USA, sometidos a un severo ataque selenitoso. Se ensayaron dos cementos portland de elevada resistencia al ataque del yeso, mediante el ensayo de Le Chatelier-Anstett. Sus tortas correspondientes se destruyeron a la edad de tres años, habiéndose detectado en las mismas la presencia de thaumasita por DRX. Asimismo se confirmó la imposibilidad y posibilidad de formación de thaumasita en tortas de cementos puzolánicos, los cuales tenían, o no, respectivamente, una adecuada cantidad de puzolana (diatomita para tales fines.

  20. A New Privacy-Preserving Handover Authentication Scheme for Wireless Networks.

    Science.gov (United States)

    Wang, Changji; Yuan, Yuan; Wu, Jiayuan

    2017-06-20

    Handover authentication is a critical issue in wireless networks, which is being used to ensure mobile nodes wander over multiple access points securely and seamlessly. A variety of handover authentication schemes for wireless networks have been proposed in the literature. Unfortunately, existing handover authentication schemes are vulnerable to a few security attacks, or incur high communication and computation costs. Recently, He et al. proposed a handover authentication scheme PairHand and claimed it can resist various attacks without rigorous security proofs. In this paper, we show that PairHand does not meet forward secrecy and strong anonymity. More seriously, it is vulnerable to key compromise attack, where an adversary can recover the private key of any mobile node. Then, we propose a new efficient and provably secure handover authentication scheme for wireless networks based on elliptic curve cryptography. Compared with existing schemes, our proposed scheme can resist key compromise attack, and achieves forward secrecy and strong anonymity. Moreover, it is more efficient in terms of computation and communication.

  1. A robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

    Science.gov (United States)

    Wen, Fengtong

    2013-12-01

    User authentication plays an important role to protect resources or services from being accessed by unauthorized users. In a recent paper, Das et al. proposed a secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. This scheme uses three factors, e.g. biometrics, password, and smart card, to protect the security. It protects user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Das et al.'s scheme, and show that the scheme is in fact insecure against the replay attack, user impersonation attacks and off-line guessing attacks. Then, we also propose a robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. Compared with the existing schemes, our protocol uses a different user authentication mechanism to resist replay attack. We show that our proposed scheme can provide stronger security than previous protocols. Furthermore, we demonstrate the validity of the proposed scheme through the BAN (Burrows, Abadi, and Needham) logic.

  2. Estimation of terrorist attack resistibility of dual-purpose cask TP-117 with DU (depleted uranium) gamma shield

    International Nuclear Information System (INIS)

    Alekseev, O.G.; Matveev, V.Z.; Morenko, A.I.; Il'kaev, R.I.; Shapovalov, V.I.

    2004-01-01

    Report is devoted to numerical research of dual-purpose unified cask (used for SFA transportation and storage) resistance to terrorist attacks. High resistance of dual-purpose unified cask has been achieved due to the unique design-technological solutions and implementation of depleted uranium in cask construction. In suggested variant of construction depleted uranium fulfils functions of shielding and constructional material. It is used both in metallic and cermet form (basing on steel and depleted uranium dioxide). Implementation of depleted uranium in cask construction allows maximal load in existing overall dimensions of the cask. At the same time: 1) all safety requirements (IAEA) are met, 2) dual-purpose cask with SFA has high resistance to terrorist attacks

  3. Estimation of terrorist attack resistibility of dual-purpose cask TP-117 with DU (depleted uranium) gamma shield

    Energy Technology Data Exchange (ETDEWEB)

    Alekseev, O.G.; Matveev, V.Z.; Morenko, A.I.; Il' kaev, R.I.; Shapovalov, V.I. [Russian Federal Nuclear Center - All-Russian Research Inst. of Experimental Physics, Sarov (Russian Federation)

    2004-07-01

    Report is devoted to numerical research of dual-purpose unified cask (used for SFA transportation and storage) resistance to terrorist attacks. High resistance of dual-purpose unified cask has been achieved due to the unique design-technological solutions and implementation of depleted uranium in cask construction. In suggested variant of construction depleted uranium fulfils functions of shielding and constructional material. It is used both in metallic and cermet form (basing on steel and depleted uranium dioxide). Implementation of depleted uranium in cask construction allows maximal load in existing overall dimensions of the cask. At the same time: 1) all safety requirements (IAEA) are met, 2) dual-purpose cask with SFA has high resistance to terrorist attacks.

  4. Anonymous Authentication Systems Based on Private Information Retrieval

    OpenAIRE

    Nakamura, Toru; Inenaga, Shunsuke; Ikeda, Daisuke; Baba, Kensuke; Yasuura, Hiroto

    2009-01-01

    This paper focuses on authentication with three types of entities: a user who sends an authentication request, an authentication-server who receives and verifies the request, and a database who supplies the authentication-server with information for verifying the request. This paper presents novel authentication protocols that satisfy the following important properties: (1) secure against replay attacks, (2) the database(s) cannot identify which user is authenticating and (3) the authenticati...

  5. The Switching Generator: New Clock-Controlled Generator with Resistance against the Algebraic and Side Channel Attacks

    Directory of Open Access Journals (Sweden)

    Jun Choi

    2015-06-01

    Full Text Available Since Advanced Encryption Standard (AES in stream modes, such as counter (CTR, output feedback (OFB and cipher feedback (CFB, can meet most industrial requirements, the range of applications for dedicated stream ciphers is decreasing. There are many attack results using algebraic properties and side channel information against stream ciphers for hardware applications. Al-Hinai et al. presented an algebraic attack approach to a family of irregularly clock-controlled linear feedback shift register systems: the stop and go generator, self-decimated generator and alternating step generator. Other clock-controlled systems, such as shrinking and cascade generators, are indeed vulnerable against side channel attacks. To overcome these threats, new clock-controlled systems were presented, e.g., the generalized alternating step generator, cascade jump-controlled generator and mutual clock-controlled generator. However, the algebraic attack could be applied directly on these new systems. In this paper, we propose a new clock-controlled generator: the switching generator, which has resistance to algebraic and side channel attacks. This generator also preserves both security properties and the efficiency of existing clock-controlled generators.

  6. Resistance of borax–copper treated wood in aboveground exposure to attack by Formosan subterranean termites

    Science.gov (United States)

    Stan Lebow; Bessie Woodward; Douglas Crawford; William Abbott

    2005-01-01

    The spread of Formosan subterranean termites (FSTs) in the southern United States has increased public interest in finding a preservative treatment to protect framing lumber from termite attack. This study evaluated the use of a borax-based preservative to protect wood from FST attack. Southern Pine and Douglas-fir specimens were pressure-treated with three...

  7. An enhanced dynamic ID-based authentication scheme for telecare medical information systems

    Directory of Open Access Journals (Sweden)

    Ankita Chaturvedi

    2017-01-01

    Full Text Available The authentication schemes for telecare medical information systems (TMIS try to ensure secure and authorized access. ID-based authentication schemes address secure communication, but privacy is not properly addressed. In recent times, dynamic ID-based remote user authentication schemes for TMIS have been presented to protect user’s privacy. The dynamic ID-based authentication schemes efficiently protect the user’s privacy. Unfortunately, most of the existing dynamic ID-based authentication schemes for TMIS ignore the input verifying condition. This makes login and password change phases inefficient. Inefficiency of the password change phase may lead to denial of service attack in the case of incorrect input in the password change phase. To overcome these weaknesses, we proposed a new dynamic ID-based authentication scheme using a smart card. The proposed scheme can quickly detect incorrect inputs which makes the login and password change phase efficient. We adopt the approach with the aim to protect privacy, and efficient login and password change phases. The proposed scheme also resists off-line password guessing attack and denial of service attack. We also demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham logic. In addition, our scheme is comparable in terms of the communication and computational overheads with relevant schemes for TMIS.

  8. Resistance against brute-force attacks on stateless forwarding in information centric networking

    OpenAIRE

    Alzahrani, Bander A.; Reed, Martin J.; Vassilakis, Vassilios G.

    2015-01-01

    Line Speed Publish/Subscribe Inter-networking (LIPSIN) is one of the proposed forwarding mechanisms in Information Centric Networking (ICN). It is a stateless source-routing approach based on Bloom filters. However, it has been shown that LIPSIN is vulnerable to brute-force attacks which may lead to distributed denial-of-service (DDoS) attacks and unsolicited messages. In this work, we propose a new forwarding approach that maintains the advantages of Bloom filter based forwarding while allow...

  9. Blocking of Brute Force Attack

    OpenAIRE

    M.Venkata Krishna Reddy

    2012-01-01

    A common threat Web developers face is a password-guessing attack known as a brute-force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. If your Web site requires user authentication, you are a good target for a brute-force attack. An attacker can always discover a password through a brute-force attack, but the downside is that it co...

  10. A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system.

    Science.gov (United States)

    Lee, Tian-Fu; Chang, I-Pin; Lin, Tsung-Hung; Wang, Ching-Cheng

    2013-06-01

    The integrated EPR information system supports convenient and rapid e-medicine services. A secure and efficient authentication scheme for the integrated EPR information system provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Wu et al. proposed an efficient password-based user authentication scheme using smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various malicious attacks. However, their scheme is still vulnerable to lost smart card and stolen verifier attacks. This investigation discusses these weaknesses and proposes a secure and efficient authentication scheme for the integrated EPR information system as alternative. Compared with related approaches, the proposed scheme not only retains a lower computational cost and does not require verifier tables for storing users' secrets, but also solves the security problems in previous schemes and withstands possible attacks.

  11. Applying Semigroup Property of Enhanced Chebyshev Polynomials to Anonymous Authentication Protocol

    Directory of Open Access Journals (Sweden)

    Hong Lai

    2012-01-01

    Full Text Available We apply semigroup property of enhanced Chebyshev polynomials to present an anonymous authentication protocol. This paper aims at improving security and reducing computational and storage overhead. The proposed scheme not only has much lower computational complexity and cost in the initialization phase but also allows the users to choose their passwords freely. Moreover, it can provide revocation of lost or stolen smart card, which can resist man-in-the-middle attack and off-line dictionary attack together with various known attacks.

  12. Simulation-Based Performance Evaluation of Predictive-Hashing Based Multicast Authentication Protocol

    Directory of Open Access Journals (Sweden)

    Seonho Choi

    2012-12-01

    Full Text Available A predictive-hashing based Denial-of-Service (DoS resistant multicast authentication protocol was proposed based upon predictive-hashing, one-way key chain, erasure codes, and distillation codes techniques [4, 5]. It was claimed that this new scheme should be more resistant to various types of DoS attacks, and its worst-case resource requirements were derived in terms of coarse-level system parameters including CPU times for signature verification and erasure/distillation decoding operations, attack levels, etc. To show the effectiveness of our approach and to analyze exact resource requirements in various attack scenarios with different parameter settings, we designed and implemented an attack simulator which is platformindependent. Various attack scenarios may be created with different attack types and parameters against a receiver equipped with the predictive-hashing based protocol. The design of the simulator is explained, and the simulation results are presented with detailed resource usage statistics. In addition, resistance level to various types of DoS attacks is formulated with a newly defined resistance metric. By comparing these results to those from another approach, PRABS [8], we show that the resistance level of our protocol is greatly enhanced even in the presence of many attack streams.

  13. Design of a Secure Authentication and Key Agreement Scheme Preserving User Privacy Usable in Telecare Medicine Information Systems.

    Science.gov (United States)

    Arshad, Hamed; Rasoolzadegan, Abbas

    2016-11-01

    Authentication and key agreement schemes play a very important role in enhancing the level of security of telecare medicine information systems (TMISs). Recently, Amin and Biswas demonstrated that the authentication scheme proposed by Giri et al. is vulnerable to off-line password guessing attacks and privileged insider attacks and also does not provide user anonymity. They also proposed an improved authentication scheme, claiming that it resists various security attacks. However, this paper demonstrates that Amin and Biswas's scheme is defenseless against off-line password guessing attacks and replay attacks and also does not provide perfect forward secrecy. This paper also shows that Giri et al.'s scheme not only suffers from the weaknesses pointed out by Amin and Biswas, but it also is vulnerable to replay attacks and does not provide perfect forward secrecy. Moreover, this paper proposes a novel authentication and key agreement scheme to overcome the mentioned weaknesses. Security and performance analyses show that the proposed scheme not only overcomes the mentioned security weaknesses, but also is more efficient than the previous schemes.

  14. An Enhanced Privacy-Preserving Authentication Scheme for Vehicle Sensor Networks.

    Science.gov (United States)

    Zhou, Yousheng; Zhao, Xiaofeng; Jiang, Yi; Shang, Fengjun; Deng, Shaojiang; Wang, Xiaojun

    2017-12-08

    Vehicle sensor networks (VSNs) are ushering in a promising future by enabling more intelligent transportation systems and providing a more efficient driving experience. However, because of their inherent openness, VSNs are subject to a large number of potential security threats. Although various authentication schemes have been proposed for addressing security problems, they are not suitable for VSN applications because of their high computation and communication costs. Chuang and Lee have developed a trust-extended authentication mechanism (TEAM) for vehicle-to-vehicle communication using a transitive trust relationship, which they claim can resist various attacks. However, it fails to counter internal attacks because of the utilization of a shared secret key. In this paper, to eliminate the vulnerability of TEAM, an enhanced privacy-preserving authentication scheme for VSNs is constructed. The security of our proposed scheme is proven under the random oracle model based on the assumption of the computational Diffie-Hellman problem.

  15. Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things

    DEFF Research Database (Denmark)

    Mahalle, Parikshit N.; Anggorojati, Bayu; Prasad, Neeli R.

    2013-01-01

    In the last few years the Internet of Things (IoT) has seen widespread application and can be found in each field. Authentication and access control are important and critical functionalities in the context of IoT to enable secure communication between devices. Mobility, dynamic network topology...... and weak physical security of low power devices in IoT networks are possible sources for security vulnerabilities. It is promising to make an authentication and access control attack resistant and lightweight in a resource constrained and distributed IoT environment. This paper presents the Identity...... Authentication and Capability based Access Control (IACAC) model with protocol evaluation and performance analysis. To protect IoT from man-in-the-middle, replay and denial of service (Dos) attacks, the concept of capability for access control is introduced. The novelty of this model is that, it presents...

  16. An Enhanced Privacy-Preserving Authentication Scheme for Vehicle Sensor Networks

    Science.gov (United States)

    Zhou, Yousheng; Zhao, Xiaofeng; Jiang, Yi; Shang, Fengjun; Deng, Shaojiang; Wang, Xiaojun

    2017-01-01

    Vehicle sensor networks (VSNs) are ushering in a promising future by enabling more intelligent transportation systems and providing a more efficient driving experience. However, because of their inherent openness, VSNs are subject to a large number of potential security threats. Although various authentication schemes have been proposed for addressing security problems, they are not suitable for VSN applications because of their high computation and communication costs. Chuang and Lee have developed a trust-extended authentication mechanism (TEAM) for vehicle-to-vehicle communication using a transitive trust relationship, which they claim can resist various attacks. However, it fails to counter internal attacks because of the utilization of a shared secret key. In this paper, to eliminate the vulnerability of TEAM, an enhanced privacy-preserving authentication scheme for VSNs is constructed. The security of our proposed scheme is proven under the random oracle model based on the assumption of the computational Diffie–Hellman problem. PMID:29292792

  17. An Enhanced Privacy-Preserving Authentication Scheme for Vehicle Sensor Networks

    Directory of Open Access Journals (Sweden)

    Yousheng Zhou

    2017-12-01

    Full Text Available Vehicle sensor networks (VSNs are ushering in a promising future by enabling more intelligent transportation systems and providing a more efficient driving experience. However, because of their inherent openness, VSNs are subject to a large number of potential security threats. Although various authentication schemes have been proposed for addressing security problems, they are not suitable for VSN applications because of their high computation and communication costs. Chuang and Lee have developed a trust-extended authentication mechanism (TEAM for vehicle-to-vehicle communication using a transitive trust relationship, which they claim can resist various attacks. However, it fails to counter internal attacks because of the utilization of a shared secret key. In this paper, to eliminate the vulnerability of TEAM, an enhanced privacy-preserving authentication scheme for VSNs is constructed. The security of our proposed scheme is proven under the random oracle model based on the assumption of the computational Diffie–Hellman problem.

  18. Qubit authentication

    International Nuclear Information System (INIS)

    Curty, Marcos; Santos, David J.; Perez, Esther; Garcia-Fernandez, Priscila

    2002-01-01

    Secure communication requires message authentication. In this paper we address the problem of how to authenticate quantum information sent through a quantum channel between two communicating parties with the minimum amount of resources. Specifically, our objective is to determine whether one elementary quantum message (a qubit) can be authenticated with a key of minimum length. We show that, unlike the case of classical-message quantum authentication, this is not possible

  19. Twisted Polynomials and Forgery Attacks on GCM

    DEFF Research Database (Denmark)

    Abdelraheem, Mohamed Ahmed A. M. A.; Beelen, Peter; Bogdanov, Andrey

    2015-01-01

    Polynomial hashing as an instantiation of universal hashing is a widely employed method for the construction of MACs and authenticated encryption (AE) schemes, the ubiquitous GCM being a prominent example. It is also used in recent AE proposals within the CAESAR competition which aim at providing...... in an improved key recovery algorithm. As cryptanalytic applications of our twisted polynomials, we develop the first universal forgery attacks on GCM in the weak-key model that do not require nonce reuse. Moreover, we present universal weak-key forgeries for the nonce-misuse resistant AE scheme POET, which...

  20. Privacy Leaks through Data Hijacking Attack on Mobile Systems

    Directory of Open Access Journals (Sweden)

    Zhang Daojuan

    2017-01-01

    Full Text Available To persistently eavesdrop on the mobile devices, attackers may obtain the elevated privilege and inject malicious modules into the user devices. Unfortunately, the attackers may not be able to obtain the privilege for a long period of time since the exploitable vulnerabilities may be fixed or the malware may be removed. In this paper, we propose a new data hijacking attack for the mobile apps. By employing the proposed method, the attackers are only required to obtain the root privilege of the user devices once, and they can persistently eavesdrop without any change to the original device. Specifically, we design a new approach to construct a shadow system by hijacking user data files. In the shadow system, attackers possess the identical abilities to the victims. For instance, if a victim has logged into the email app, the attacker can also access the email server in the shadow system without authentication in a long period of time. Without reauthentication of the app, it is difficult for victims to notice the intrusion since the whole eavesdropping is performed on other devices (rather than the user devices. In our experiments, we evaluate the effectiveness of the proposed attack and the result demonstrates that even the Android apps released by the top developers cannot resist this attack. Finally, we discuss some approaches to defend the proposed attack.

  1. Optical identity authentication technique based on compressive ghost imaging with QR code

    Science.gov (United States)

    Wenjie, Zhan; Leihong, Zhang; Xi, Zeng; Yi, Kang

    2018-04-01

    With the rapid development of computer technology, information security has attracted more and more attention. It is not only related to the information and property security of individuals and enterprises, but also to the security and social stability of a country. Identity authentication is the first line of defense in information security. In authentication systems, response time and security are the most important factors. An optical authentication technology based on compressive ghost imaging with QR codes is proposed in this paper. The scheme can be authenticated with a small number of samples. Therefore, the response time of the algorithm is short. At the same time, the algorithm can resist certain noise attacks, so it offers good security.

  2. A Lightweight Anonymous Authentication Protocol with Perfect Forward Secrecy for Wireless Sensor Networks.

    Science.gov (United States)

    Xiong, Ling; Peng, Daiyuan; Peng, Tu; Liang, Hongbin; Liu, Zhicai

    2017-11-21

    Due to their frequent use in unattended and hostile deployment environments, the security in wireless sensor networks (WSNs) has attracted much interest in the past two decades. However, it remains a challenge to design a lightweight authentication protocol for WSNs because the designers are confronted with a series of desirable security requirements, e.g., user anonymity, perfect forward secrecy, resistance to de-synchronization attack. Recently, the authors presented two authentication schemes that attempt to provide user anonymity and to resist various known attacks. Unfortunately, in this work we shall show that user anonymity of the two schemes is achieved at the price of an impractical search operation-the gateway node may search for every possible value. Besides this defect, they are also prone to smart card loss attacks and have no provision for perfect forward secrecy. As our main contribution, a lightweight anonymous authentication scheme with perfect forward secrecy is designed, and what we believe the most interesting feature is that user anonymity, perfect forward secrecy, and resistance to de-synchronization attack can be achieved at the same time. As far as we know, it is extremely difficult to meet these security features simultaneously only using the lightweight operations, such as symmetric encryption/decryption and hash functions.

  3. A Lightweight Anonymous Authentication Protocol with Perfect Forward Secrecy for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Ling Xiong

    2017-11-01

    Full Text Available Due to their frequent use in unattended and hostile deployment environments, the security in wireless sensor networks (WSNs has attracted much interest in the past two decades. However, it remains a challenge to design a lightweight authentication protocol for WSNs because the designers are confronted with a series of desirable security requirements, e.g., user anonymity, perfect forward secrecy, resistance to de-synchronization attack. Recently, the authors presented two authentication schemes that attempt to provide user anonymity and to resist various known attacks. Unfortunately, in this work we shall show that user anonymity of the two schemes is achieved at the price of an impractical search operation—the gateway node may search for every possible value. Besides this defect, they are also prone to smart card loss attacks and have no provision for perfect forward secrecy. As our main contribution, a lightweight anonymous authentication scheme with perfect forward secrecy is designed, and what we believe the most interesting feature is that user anonymity, perfect forward secrecy, and resistance to de-synchronization attack can be achieved at the same time. As far as we know, it is extremely difficult to meet these security features simultaneously only using the lightweight operations, such as symmetric encryption/decryption and hash functions.

  4. An improved authenticated key agreement protocol for telecare medicine information system.

    Science.gov (United States)

    Liu, Wenhao; Xie, Qi; Wang, Shengbao; Hu, Bin

    2016-01-01

    In telecare medicine information systems (TMIS), identity authentication of patients plays an important role and has been widely studied in the research field. Generally, it is realized by an authenticated key agreement protocol, and many such protocols were proposed in the literature. Recently, Zhang et al. pointed out that Islam et al.'s protocol suffers from the following security weaknesses: (1) Any legal but malicious patient can reveal other user's identity; (2) An attacker can launch off-line password guessing attack and the impersonation attack if the patient's identity is compromised. Zhang et al. also proposed an improved authenticated key agreement scheme with privacy protection for TMIS. However, in this paper, we point out that Zhang et al.'s scheme cannot resist off-line password guessing attack, and it fails to provide the revocation of lost/stolen smartcard. In order to overcome these weaknesses, we propose an improved protocol, the security and authentication of which can be proven using applied pi calculus based formal verification tool ProVerif.

  5. An improved biometrics-based authentication scheme for telecare medical information systems.

    Science.gov (United States)

    Guo, Dianli; Wen, Qiaoyan; Li, Wenmin; Zhang, Hua; Jin, Zhengping

    2015-03-01

    Telecare medical information system (TMIS) offers healthcare delivery services and patients can acquire their desired medical services conveniently through public networks. The protection of patients' privacy and data confidentiality are significant. Very recently, Mishra et al. proposed a biometrics-based authentication scheme for telecare medical information system. Their scheme can protect user privacy and is believed to resist a range of network attacks. In this paper, we analyze Mishra et al.'s scheme and identify that their scheme is insecure to against known session key attack and impersonation attack. Thereby, we present a modified biometrics-based authentication scheme for TMIS to eliminate the aforementioned faults. Besides, we demonstrate the completeness of the proposed scheme through BAN-logic. Compared to the related schemes, our protocol can provide stronger security and it is more practical.

  6. A new method for robust video watermarking resistant against key estimation attacks

    Science.gov (United States)

    Mitekin, Vitaly

    2015-12-01

    This paper presents a new method for high-capacity robust digital video watermarking and algorithms of embedding and extraction of watermark based on this method. Proposed method uses password-based two-dimensional pseudonoise arrays for watermark embedding, making brute-force attacks aimed at steganographic key retrieval mostly impractical. Proposed algorithm for 2-dimensional "noise-like" watermarking patterns generation also allows to significantly decrease watermark collision probability ( i.e. probability of correct watermark detection and extraction using incorrect steganographic key or password).. Experimental research provided in this work also shows that simple correlation-based watermark detection procedure can be used, providing watermark robustness against lossy compression and watermark estimation attacks. At the same time, without decreasing robustness of embedded watermark, average complexity of the brute-force key retrieval attack can be increased to 1014 watermark extraction attempts (compared to 104-106 for a known robust watermarking schemes). Experimental results also shows that for lowest embedding intensity watermark preserves it's robustness against lossy compression of host video and at the same time preserves higher video quality (PSNR up to 51dB) compared to known wavelet-based and DCT-based watermarking algorithms.

  7. An Anonymous Mutual Authenticated Key Agreement Scheme for Wearable Sensors in Wireless Body Area Networks

    Directory of Open Access Journals (Sweden)

    Chien-Ming Chen

    2018-07-01

    Full Text Available The advancement of Wireless Body Area Networks (WBAN have led to significant progress in medical and health care systems. However, such networks still suffer from major security and privacy threats, especially for the data collected in medical or health care applications. Lack of security and existence of anonymous communication in WBAN brings about the operation failure of these networks. Recently, Li et al. proposed a lightweight protocol for wearable sensors in wireless body area networks. In their paper, the authors claimed that the protocol may provide anonymous mutual authentication and resist against various types of attacks. This study shows that such a protocol is still vulnerable to three types of attacks, i.e., the offline identity guessing attack, the sensor node impersonation attack and the hub node spoofing attack. We then present a secure scheme that addresses these problems, and retains similar efficiency in wireless sensors nodes and mobile phones.

  8. Complexity attack resistant flow lookup achemes for IPv6: a measurement based comparison

    OpenAIRE

    Malone, David; Tobin, R. Joshua

    2008-01-01

    In this paper we look at the problem of choosing a good flow state lookup scheme for IPv6 firewalls. We want to choose a scheme which is fast when dealing with typical traffic, but whose performance will not degrade unnecessarily when subject to a complexity attack. We demonstrate the existing problem and, using captured traffic, assess a number of replacement schemes that are hash and tree based. Our aim is to improve FreeBSD’s ipfw firewall, and so finally we implement the most pro...

  9. RESISTANCE TO THE ATTACK OF DRY-WOOD TERMITES (Cryptotermes brevis) OF SIX WOOD SPECIES

    OpenAIRE

    Fabrício Gomes Gonçalves; José Tarcísio da Silva Oliveira

    2006-01-01

    The dry wood termites are one of the largest causes of damages in wood used in Brazil. This work analyzed the attackof the Cryptotermes brevis in six commercials wood species in the north of the Rio de Janeiro and south of the Espírito Santo. The testobserved the number of holes, the percentage of died individuals and the damage of the pieces. When compared to the Pinus sp(reference), the species with less susceptibility to the attack were Cedrela fissilis, Cariocar brasiliense and Goupia gla...

  10. Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards.

    Science.gov (United States)

    An, Younghwa

    2012-01-01

    Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das's authentication scheme, and we have shown that Das's authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das's authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

  11. Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards

    Directory of Open Access Journals (Sweden)

    Younghwa An

    2012-01-01

    Full Text Available Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das’s authentication scheme, and we have shown that Das’s authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das’s authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.

  12. Changes in a Primary Resistance Parameter of Lodgepole Pine to Bark Beetle Attack One Year Following Fertilization and Thinning

    Directory of Open Access Journals (Sweden)

    Stephen P. Cook

    2015-01-01

    Full Text Available Many of the forest soils in the Intermountain West are deficient in several nutrients, including nitrogen (N, potassium (K, sulfur (S and boron (B and these deficiencies may impact tree resistance to insect attack. Two potential techniques for manipulating tree resistance are fertilization and thinning. We examined fertilization (both alone and in conjunction with stand thinning. Conifer resistance to bark beetles involves a three-step response, the first stage of which is resin flow. Rapid resin flow can prevent the colonization of bark beetles within a tree. Fertilization with low levels of N resulted in an increase in resin flow while high levels of N did not significantly increase resin flow in treated trees. Thinning did not result in higher concentrations of foliar K or B but did result in higher concentrations of foliar N and S. The highest concentrations of foliar N and S consistently occurred in the trees from thinned treatments, regardless of fertilization. There was a negative correlation between tree growth and resin flow one year following treatments. Increasing available nutrient levels to trees (either through fertilization or stand density management may result in modified resistance parameters that must be considered when making management decisions.

  13. Security analysis and improvement of a privacy authentication scheme for telecare medical information systems.

    Science.gov (United States)

    Wu, Fan; Xu, Lili

    2013-08-01

    Nowadays, patients can gain many kinds of medical service on line via Telecare Medical Information Systems(TMIS) due to the fast development of computer technology. So security of communication through network between the users and the server is very significant. Authentication plays an important part to protect information from being attacked by malicious attackers. Recently, Jiang et al. proposed a privacy enhanced scheme for TMIS using smart cards and claimed their scheme was better than Chen et al.'s. However, we have showed that Jiang et al.'s scheme has the weakness of ID uselessness and is vulnerable to off-line password guessing attack and user impersonation attack if an attacker compromises the legal user's smart card. Also, it can't resist DoS attack in two cases: after a successful impersonation attack and wrong password input in Password change phase. Then we propose an improved mutual authentication scheme used for a telecare medical information system. Remote monitoring, checking patients' past medical history record and medical consultant can be applied in the system where information transmits via Internet. Finally, our analysis indicates that the suggested scheme overcomes the disadvantages of Jiang et al.'s scheme and is practical for TMIS.

  14. An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Chenyu Wang

    2017-12-01

    Full Text Available As an essential part of Internet of Things (IoT, wireless sensor networks (WSNs have touched every aspect of our lives, such as health monitoring, environmental monitoring and traffic monitoring. However, due to its openness, wireless sensor networks are vulnerable to various security threats. User authentication, as the first fundamental step to protect systems from various attacks, has attracted much attention. Numerous user authentication protocols armed with formal proof are springing up. Recently, two biometric-based schemes were proposed with confidence to be resistant to the known attacks including offline dictionary attack, impersonation attack and so on. However, after a scrutinization of these two schemes, we found them not secure enough as claimed, and then demonstrated that these schemes suffer from various attacks, such as offline dictionary attack, impersonation attack, no user anonymity, no forward secrecy, etc. Furthermore, we proposed an enhanced scheme to overcome the identified weaknesses, and proved its security via Burrows–Abadi–Needham (BAN logic and the heuristic analysis. Finally, we compared our scheme with other related schemes, and the results showed the superiority of our scheme.

  15. An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks.

    Science.gov (United States)

    Wang, Chenyu; Xu, Guoai; Sun, Jing

    2017-12-19

    As an essential part of Internet of Things (IoT), wireless sensor networks (WSNs) have touched every aspect of our lives, such as health monitoring, environmental monitoring and traffic monitoring. However, due to its openness, wireless sensor networks are vulnerable to various security threats. User authentication, as the first fundamental step to protect systems from various attacks, has attracted much attention. Numerous user authentication protocols armed with formal proof are springing up. Recently, two biometric-based schemes were proposed with confidence to be resistant to the known attacks including offline dictionary attack, impersonation attack and so on. However, after a scrutinization of these two schemes, we found them not secure enough as claimed, and then demonstrated that these schemes suffer from various attacks, such as offline dictionary attack, impersonation attack, no user anonymity, no forward secrecy, etc. Furthermore, we proposed an enhanced scheme to overcome the identified weaknesses, and proved its security via Burrows-Abadi-Needham (BAN) logic and the heuristic analysis. Finally, we compared our scheme with other related schemes, and the results showed the superiority of our scheme.

  16. RESISTANCE TO THE ATTACK OF DRY-WOOD TERMITES (Cryptotermes brevis OF SIX WOOD SPECIES

    Directory of Open Access Journals (Sweden)

    Fabrício Gomes Gonçalves

    2006-03-01

    Full Text Available The dry wood termites are one of the largest causes of damages in wood used in Brazil. This work analyzed the attackof the Cryptotermes brevis in six commercials wood species in the north of the Rio de Janeiro and south of the Espírito Santo. The testobserved the number of holes, the percentage of died individuals and the damage of the pieces. When compared to the Pinus sp(reference, the species with less susceptibility to the attack were Cedrela fissilis, Cariocar brasiliense and Goupia glabra, that alsopresented the largest percentages of mortality of termites. The Schizolobium parahyba, Toona ciliata and the Tachigalia myrmecophyllawere the species with the highest level of damage.

  17. A Non-blind Color Image Watermarking Scheme Resistent Against Geometric Attacks

    Directory of Open Access Journals (Sweden)

    A. Ghafoor

    2012-12-01

    Full Text Available A non-blind color image watermarking scheme using principle component analysis, discrete wavelet transform and singular value decomposition is proposed. The color components are uncorrelated using principle component analysis. The watermark is embedded into the singular values of discrete wavelet transformed sub-band associated with principle component containing most of the color information. The scheme was tested against various attacks (including histogram equalization, rotation, Gaussian noise, scaling, cropping, Y-shearing, X-shearing, median filtering, affine transformation, translation, salt & pepper, sharpening, to check robustness. The results of proposed scheme are compared with state-of-the-art existing color watermarking schemes using normalized correlation coefficient and peak signal to noise ratio. The simulation results show that proposed scheme is robust and imperceptible.

  18. An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Chun-Ta Li

    2013-07-01

    Full Text Available Wireless sensor networks (WSNs can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs. Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.’s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users’ attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.’s authentication scheme are left unchanged.

  19. An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks.

    Science.gov (United States)

    Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

    2013-07-24

    Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged.

  20. Towards distortion-free robust image authentication

    International Nuclear Information System (INIS)

    Coltuc, D

    2007-01-01

    This paper investigates a general framework for distortion-free robust image authentication by multiple marking. First, by robust watermarking a subsampled version of image edges is embedded. Then, by reversible watermarking the information needed to recover the original image is inserted, too. The hiding capacity of the reversible watermarking is the essential requirement for this approach. Thus in case of no attacks not only image is authenticated but also the original is exactly recovered. In case of attacks, reversibility is lost, but image can still be authenticated. Preliminary results providing very good robustness against JPEG compression are presented

  1. An Improvement on Remote User Authentication Schemes Using Smart Cards

    Directory of Open Access Journals (Sweden)

    Chin-Ling Chen

    2018-01-01

    Full Text Available In 2010, Yeh et al. proposed two robust remote user authentication schemes using smart cards; their claims were such that their schemes defended against ID-theft attacks, reply attacks, undetectable on-line password guessing attacks, off-line password guessing attacks, user impersonation attack, server counterfeit attack and man-in-the-middle attack. In this paper, we show that Yeh et al.’s schemes are still vulnerable to ID-theft attack, off-line password guessing attacks, undetectable on-line password guessing attacks and user impersonation attack. Notably, problems remain in situations where the user lost a smart card or the malicious legal user. To remedy these flaws, this paper proposes an improvement on Yeh et al.’s remote user authentication schemes using smart cards.

  2. Resistance of the packing to attack of insects pest in irradiated ration

    International Nuclear Information System (INIS)

    Arthur, Paula B.; Arthur, Valter; Silva, Lucia C.A.S.; Franco, Suely S.H.

    2013-01-01

    The pests as beetles, acarids, moths and mushrooms among other, usually infest products stored as: grains, crumbs, flours, coffee, tobacco, dried fruits, animal rations, spices, dehydrated plants, causing the visual depreciation and promoting the deterioration of the products. The objective of the research was use the gamma radiation of Cobalt-60 in the disinfestation of some types of rations used for feeding of animals of small size. In the experiment packing measuring 10 cm x 20 cm with capacity of 70 grams of substrate (ration) with 4 types of existent marks in the trade: (1), (2), (3) and (4) of free samples were used. Each treatment had 10 repetitions, that were irradiated with doses of: 0 (control) 0,5; 1,0 and 2,0 kGy, to do the disinfestation of the ration samples. After the irradiation all the packing and the control were conditioned in plastic boxes of 80 cm x 50 cm with cover, where the insects: Lasioderma serricorne, Plodia interpuctella, Sitophilus zeamais and S. oryzae were liberated, in a total of 400 for each box. The boxes were maintained at room acclimatized with 27 ± 2 deg C and relative humidity of 70 ± 5%. The counting of the number of insects and holes in the packing were made after 60 days. The results showed that only the package of the ration type number 4, was susceptive to the attack of the species of insects. (author)

  3. Resistance of the packing to attack of insects pest in irradiated ration

    Energy Technology Data Exchange (ETDEWEB)

    Arthur, Paula B.; Arthur, Valter; Silva, Lucia C.A.S.; Franco, Suely S.H., E-mail: paula.arthur@hotmail.com [Centro de Energia Nuclear na Agricultura (CENA/USP), Piracicaba, SP (Brazil). Lab. de Radiobiologia e Ambiente; Franco, Jose G.; Villavicencio, Anna L.H.C., E-mail: gilmita@uol.com.br, E-mail: villavic@ipen.br [Instituto de Pesquisas Energeticas e Nucleares (IPEN/CNEN-SP), Sao Paulo, SP (Brazil)

    2013-07-01

    The pests as beetles, acarids, moths and mushrooms among other, usually infest products stored as: grains, crumbs, flours, coffee, tobacco, dried fruits, animal rations, spices, dehydrated plants, causing the visual depreciation and promoting the deterioration of the products. The objective of the research was use the gamma radiation of Cobalt-60 in the disinfestation of some types of rations used for feeding of animals of small size. In the experiment packing measuring 10 cm x 20 cm with capacity of 70 grams of substrate (ration) with 4 types of existent marks in the trade: (1), (2), (3) and (4) of free samples were used. Each treatment had 10 repetitions, that were irradiated with doses of: 0 (control) 0,5; 1,0 and 2,0 kGy, to do the disinfestation of the ration samples. After the irradiation all the packing and the control were conditioned in plastic boxes of 80 cm x 50 cm with cover, where the insects: Lasioderma serricorne, Plodia interpuctella, Sitophilus zeamais and S. oryzae were liberated, in a total of 400 for each box. The boxes were maintained at room acclimatized with 27 ± 2 deg C and relative humidity of 70 ± 5%. The counting of the number of insects and holes in the packing were made after 60 days. The results showed that only the package of the ration type number 4, was susceptive to the attack of the species of insects. (author)

  4. Corrosion of Carbon Steel and Corrosion-Resistant Rebars in Concrete Structures Under Chloride Ion Attack

    Science.gov (United States)

    Mohamed, Nedal; Boulfiza, Mohamed; Evitts, Richard

    2013-03-01

    Corrosion of reinforced concrete is the most challenging durability problem that threatens reinforced concrete structures, especially structures that are subject to severe environmental conditions (i.e., highway bridges, marine structures, etc.). Corrosion of reinforcing steel leads to cracking and spalling of the concrete cover and billions of dollars are spent every year on repairing such damaged structures. New types of reinforcements have been developed to avoid these high-cost repairs. Thus, it is important to study the corrosion behavior of these new types of reinforcements and compare them to the traditional carbon steel reinforcements. This study aimed at characterizing the corrosion behavior of three competing reinforcing steels; conventional carbon steel, micro-composite steel (MMFX-2) and 316LN stainless steel, through experiments in carbonated and non-carbonated concrete exposed to chloride-laden environments. Synthetic pore water solutions have been used to simulate both cases of sound and carbonated concrete under chloride ions attack. A three-electrode corrosion cell is used for determining the corrosion characteristics and rates. Multiple electrochemical techniques were applied using a Gamry PC4™ potentiostat manufactured by Gamry Instruments (Warminster, PA). DC corrosion measurements were applied on samples subjected to fixed chloride concentration in the solution.

  5. User Authentication in Smartphones for Telehealth.

    Science.gov (United States)

    Smith, Katherine A; Zhou, Leming; Watzlaf, Valerie J M

    2017-01-01

    Many functions previously conducted on desktop computers are now performed on smartphones. Smartphones provide convenience, portability, and connectivity. When smartphones are used in the conduct of telehealth, sensitive data is invariably accessed, rendering the devices in need of user authentication to ensure data protection. User authentication of smartphones can help mitigate potential Health Insurance Portability and Accountability Act (HIPAA) breaches and keep sensitive patient information protected, while also facilitating the convenience of smartphones within everyday life and healthcare. This paper presents and examines several types of authentication methods available to smartphone users to help ensure security of sensitive data from attackers. The applications of these authentication methods in telehealth are discussed.

  6. Heuristic attacks against graphical password generators

    CSIR Research Space (South Africa)

    Peach, S

    2010-05-01

    Full Text Available In this paper the authors explore heuristic attacks against graphical password generators. A new trend is emerging to use user clickable pictures to generate passwords. This technique of authentication can be successfully used for - for example...

  7. Implicit Smartphone User Authentication with Sensors and Contextual Machine Learning

    OpenAIRE

    Lee, Wei-Han; Lee, Ruby B.

    2017-01-01

    Authentication of smartphone users is important because a lot of sensitive data is stored in the smartphone and the smartphone is also used to access various cloud data and services. However, smartphones are easily stolen or co-opted by an attacker. Beyond the initial login, it is highly desirable to re-authenticate end-users who are continuing to access security-critical services and data. Hence, this paper proposes a novel authentication system for implicit, continuous authentication of the...

  8. An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System.

    Science.gov (United States)

    Li, Chun-Ta; Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

    2017-06-23

    In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients' physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu-Chung's scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP.

  9. An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System

    Science.gov (United States)

    Wu, Tsu-Yang; Chen, Chin-Ling; Lee, Cheng-Chi; Chen, Chien-Ming

    2017-01-01

    In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients’ physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu–Chung’s scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP. PMID:28644381

  10. The Caryopsis of Red-Grained Rice Has Enhanced Resistance to Fungal Attack

    Directory of Open Access Journals (Sweden)

    Alberto Gianinetti

    2018-06-01

    Full Text Available Seed persistence in the soil is threatened by microorganisms, but the seed coat helps protect the seed from them. Although modern rice (Oryza sativa L. cultivars have a whitish caryopsis, some varieties have a red caryopsis coat, a trait typical of wild Oryza species. The red colour is due to the oxidation of proanthocyanidins, a class of flavonoids that is found in the outer layers of the seed in many species. We aimed to assess whether these natural compounds (proanthocyanidins and proanthocyanidin-derived pigment have some protective effect against microbial attacks. Dehulled caryopses of white-grained and red-grained rice genotypes were employed to assay fungal infection. Specifically, three white-grained rice cultivars (Perla, Augusto, and Koral and three red-grained rice varieties (Perla Rosso, Augusto Rosso, and Koral Rosso were used. In a first test, the caryopses were infected with Epicoccum nigrum at 10 °C, and seedling growth was then assessed at 30 °C. In a second test, the degree of infection by the mycotoxigenic fungus Fusarium sporotrichioides was assayed by measuring the accumulation of T-2/HT-2 toxins in the caryopses. Infection was performed at 10 °C to prevent rice germination while allowing fungal growth. In both the tests, red caryopses showed reduced, or delayed, infection with respect to white ones. One black-grained cultivar (Venere was assayed for the accumulation of T-2/HT-2 toxins as well, with results corresponding to those of the red-grained rice varieties. We argue that the red pigment accumulating in the caryopsis coat, and/or the proanthocyanidins associated with it, provides a protective barrier against challenging microorganisms.

  11. An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography.

    Directory of Open Access Journals (Sweden)

    Alavalapati Goutham Reddy

    Full Text Available Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.'s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.'s protocol and existing similar protocols.

  12. An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography

    Science.gov (United States)

    Reddy, Alavalapati Goutham; Das, Ashok Kumar; Odelu, Vanga; Yoo, Kee-Young

    2016-01-01

    Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.’s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN) logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.’s protocol and existing similar protocols. PMID:27163786

  13. An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography.

    Science.gov (United States)

    Reddy, Alavalapati Goutham; Das, Ashok Kumar; Odelu, Vanga; Yoo, Kee-Young

    2016-01-01

    Biometric based authentication protocols for multi-server architectures have gained momentum in recent times due to advancements in wireless technologies and associated constraints. Lu et al. recently proposed a robust biometric based authentication with key agreement protocol for a multi-server environment using smart cards. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful investigation of this paper proves that Lu et al.'s protocol does not provide user anonymity, perfect forward secrecy and is susceptible to server and user impersonation attacks, man-in-middle attacks and clock synchronization problems. In addition, this paper proposes an enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography using smartcards. We proved that the proposed protocol achieves mutual authentication using Burrows-Abadi-Needham (BAN) logic. The formal security of the proposed protocol is verified using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our protocol can withstand active and passive attacks. The formal and informal security analyses and performance analysis demonstrates that the proposed protocol is robust and efficient compared to Lu et al.'s protocol and existing similar protocols.

  14. Speaker Authentication

    CERN Document Server

    Li, Qi (Peter)

    2012-01-01

    This book focuses on use of voice as a biometric measure for personal authentication. In particular, "Speaker Recognition" covers two approaches in speaker authentication: speaker verification (SV) and verbal information verification (VIV). The SV approach attempts to verify a speaker’s identity based on his/her voice characteristics while the VIV approach validates a speaker’s identity through verification of the content of his/her utterance(s). SV and VIV can be combined for new applications. This is still a new research topic with significant potential applications. The book provides with a broad overview of the recent advances in speaker authentication while giving enough attention to advanced and useful algorithms and techniques. It also provides a step by step introduction to the current state of the speaker authentication technology, from the fundamental concepts to advanced algorithms. We will also present major design methodologies and share our experience in developing real and successful speake...

  15. Quantum Dialogue with Authentication Based on Bell States

    Science.gov (United States)

    Shen, Dongsu; Ma, Wenping; Yin, Xunru; Li, Xiaoping

    2013-06-01

    We propose an authenticated quantum dialogue protocol, which is based on a shared private quantum entangled channel. In this protocol, the EPR pairs are randomly prepared in one of the four Bell states for communication. By performing four Pauli operations on the shared EPR pairs to encode their shared authentication key and secret message, two legitimate users can implement mutual identity authentication and quantum dialogue without the help from the third party authenticator. Furthermore, due to the EPR pairs which are used for secure communication are utilized to implement authentication and the whole authentication process is included in the direct secure communication process, it does not require additional particles to realize authentication in this protocol. The updated authentication key provides the counterparts with a new authentication key for the next authentication and direct communication. Compared with other secure communication with authentication protocols, this one is more secure and efficient owing to the combination of authentication and direct communication. Security analysis shows that it is secure against the eavesdropping attack, the impersonation attack and the man-in-the-middle (MITM) attack.

  16. Geospatial Authentication

    Science.gov (United States)

    Lyle, Stacey D.

    2009-01-01

    A software package that has been designed to allow authentication for determining if the rover(s) is/are within a set of boundaries or a specific area to access critical geospatial information by using GPS signal structures as a means to authenticate mobile devices into a network wirelessly and in real-time. The advantage lies in that the system only allows those with designated geospatial boundaries or areas into the server.

  17. Enhanced Security and Pairing-free Handover Authentication Scheme for Mobile Wireless Networks

    Science.gov (United States)

    Chen, Rui; Shu, Guangqiang; Chen, Peng; Zhang, Lijun

    2017-10-01

    With the widely deployment of mobile wireless networks, we aim to propose a secure and seamless handover authentication scheme that allows users to roam freely in wireless networks without worrying about security and privacy issues. Given the open characteristic of wireless networks, safety and efficiency should be considered seriously. Several previous protocols are designed based on a bilinear pairing mapping, which is time-consuming and inefficient work, as well as unsuitable for practical situations. To address these issues, we designed a new pairing-free handover authentication scheme for mobile wireless networks. This scheme is an effective improvement of the protocol by Xu et al., which is suffer from the mobile node impersonation attack. Security analysis and simulation experiment indicate that the proposed protocol has many excellent security properties when compared with other recent similar handover schemes, such as mutual authentication and resistance to known network threats, as well as requiring lower computation and communication cost.

  18. Resistance of Alkali Activated Water-Cooled Slag Geopolymer to Sulphate Attack

    Directory of Open Access Journals (Sweden)

    S. A. Hasanein

    2011-06-01

    Full Text Available Ground granulated blast furnace slag is a finely ground, rapidly chilled aluminosilicate melt material that is separated from molten iron in the blast furnace as a by-product. Rapid cooling results in an amorphous or a glassy phase known as GGBFS or water cooled slag (WCS. Alkaline activation of latent hydraulic WCS by sodium hydroxide and/or sodium silicate in different ratios was studied. Curing was performed under 100 % relative humidity and at a temperature of 38°C. The results showed that mixing of both sodium hydroxide and sodium silicate in ratio of 3:3 wt.,% is the optimum one giving better mechanical as well as microstructural characteristics as compared with cement mortar that has various cement content (cement : sand were 1:3 and 1:2. Durability of the water cooled slag in 5 % MgSO4 as revealed by better microstructure and high resistivity-clarifying that activation by 3:3 sodium hydroxide and sodium silicate, respectively is better than using 2 and 6 % of sodium hydroxide.

  19. THE IMPACT OF FERTILIZATION AND FOLIAR STIMULATION PRODUCTS BOTH ON INCREASING THE RESISTANCE TO MAJOR PHYTOPATHOGENS ATTACKS, AND ON INCREASING THE QUANTITY AND QUALITY OF WINE GRAPES HARVEST

    Directory of Open Access Journals (Sweden)

    Cristina BUNESCU

    2014-12-01

    Full Text Available The paper aimed to demonstrate the impact of fertilization and foliar stimulation products both on increasing the resistance to major phytopathogens attacks, and on increasing the quantity and quality of wine grapes harvest. Applying the foliar fertilizer products Plonvit Kali (c1, Tytanit (c2 and Optysil (c3 to vines, for a period of three years (2011/2013, in phenophases of intensive growth of shoots and grapes at approved dosages, simultaneously with pesticide treatment, not only a reduction of pathogenic fungi attack was obtained, but also and an increase of harvest without diminishing the quality of the grapes.

  20. Context-Aware Multimodal FIDO Authenticator for Sustainable IT Services

    Directory of Open Access Journals (Sweden)

    Seung-Hyun Kim

    2018-05-01

    Full Text Available Existing sustainable IT services have several problems related to user authentication such as the inefficiency of managing the system security, low security, and low usability. In this paper, we propose a Fast IDentity Online (FIDO authenticator that performs continuous authentication with implicit authentication based on user context and multimodal authentication. The proposed FIDO authenticator, a context-aware multimodal FIDO authentication (CAMFA method, combines information such as the user context, state of the mobile device, and user biometrics, then applies implicit and explicit authentication methods to meet the level of authentication required by the service provider. This reduces the user’s explicit authentication burden and continually authenticates users at risk during the session. Moreover, it is able to respond to attacks such as the theft of the authentication method or session hijacking. To study the effectiveness of CAMFA, we ran a user study by collecting data from 22 participants over 42 days of activity on a practical Android platform. The result of the user study demonstrates that the number of explicit authentication requests could be reduced by half. Based on the results of this study, an advanced user authentication that provides multimodal and continuous authentication could be applied to sustainable IT services.

  1. Cardiac Outcomes After Ischemic Stroke or Transient Ischemic Attack: Effects of Pioglitazone in Patients With Insulin Resistance Without Diabetes Mellitus.

    Science.gov (United States)

    Young, Lawrence H; Viscoli, Catherine M; Curtis, Jeptha P; Inzucchi, Silvio E; Schwartz, Gregory G; Lovejoy, Anne M; Furie, Karen L; Gorman, Mark J; Conwit, Robin; Abbott, J Dawn; Jacoby, Daniel L; Kolansky, Daniel M; Pfau, Steven E; Ling, Frederick S; Kernan, Walter N

    2017-05-16

    Insulin resistance is highly prevalent among patients with atherosclerosis and is associated with an increased risk for myocardial infarction (MI) and stroke. The IRIS trial (Insulin Resistance Intervention after Stroke) demonstrated that pioglitazone decreased the composite risk for fatal or nonfatal stroke and MI in patients with insulin resistance without diabetes mellitus, after a recent ischemic stroke or transient ischemic attack. The type and severity of cardiac events in this population and the impact of pioglitazone on these events have not been described. We performed a secondary analysis of the effects of pioglitazone, in comparison with placebo, on acute coronary syndromes (MI and unstable angina) among IRIS participants. All potential acute coronary syndrome episodes were adjudicated in a blinded fashion by an independent clinical events committee. The study cohort was composed of 3876 IRIS participants, mean age 63 years, 65% male, 89% white race, and 12% with a history of coronary artery disease. Over a median follow-up of 4.8 years, there were 225 acute coronary syndrome events, including 141 MIs and 84 episodes of unstable angina. The MIs included 28 (19%) with ST-segment elevation. The majority of MIs were type 1 (94, 65%), followed by type 2 (45, 32%). Serum troponin was 10× to 100× upper limit of normal in 49 (35%) and >100× upper limit of normal in 39 (28%). Pioglitazone reduced the risk of acute coronary syndrome (hazard ratio, 0.71; 95% confidence interval, 0.54-0.94; P =0.02). Pioglitazone also reduced the risk of type 1 MI (hazard ratio, 0.62; 95% confidence interval, 0.40-0.96; log-rank P =0.03), but not type 2 MI (hazard ratio, 1.05; 95% confidence interval, 0.58-1.91; P =0.87). Similarly, pioglitazone reduced the risk of large MIs with serum troponin >100× upper limit of normal (hazard ratio, 0.44; 95% confidence interval, 0.22-0.87; P =0.02), but not smaller MIs. Among patients with insulin resistance without diabetes mellitus

  2. Understanding plant defence responses against herbivore attacks: an essential first step towards the development of sustainable resistance against pests.

    Science.gov (United States)

    Santamaria, M Estrella; Martínez, Manuel; Cambra, Inés; Grbic, Vojislava; Diaz, Isabel

    2013-08-01

    Plant-herbivore relationships are complex interactions encompassing elaborate networks of molecules, signals and strategies used to overcome defences developed by each other. Herbivores use multiple feeding strategies to obtain nutrients from host plants. In turn, plants respond by triggering defence mechanisms to inhibit, block or modify the metabolism of the pest. As part of these defences, herbivore-challenged plants emit volatiles to attract natural enemies and warn neighbouring plants of the imminent threat. In response, herbivores develop a variety of strategies to suppress plant-induced protection. Our understanding of the plant-herbivore interphase is limited, although recent molecular approaches have revealed the participation of a battery of genes, proteins and volatile metabolites in attack-defence processes. This review describes the intricate and dynamic defence systems governing plant-herbivore interactions by examining the diverse strategies plants employ to deny phytophagous arthropods the ability to breach newly developed mechanisms of plant resistance. A cornerstone of this understanding is the use of transgenic tools to unravel the complex networks that control these interactions.

  3. Software Authentication

    International Nuclear Information System (INIS)

    Wolford, J.K.; Geelhood, B.D.; Hamilton, V.A.; Ingraham, J.; MacArthur, D.W.; Mitchell, D.J.; Mullens, J.A.; Vanier, P. E.; White, G.K.; Whiteson, R.

    2001-01-01

    The effort to define guidance for authentication of software for arms control and nuclear material transparency measurements draws on a variety of disciplines and has involved synthesizing established criteria and practices with newer methods. Challenges include the need to protect classified information that the software manipulates as well as deal with the rapid pace of innovation in the technology of nuclear material monitoring. The resulting guidance will shape the design of future systems and inform the process of authentication of instruments now being developed. This paper explores the technical issues underlying the guidance and presents its major tenets

  4. DMP: Detouring Using Multiple Paths against Jamming Attack for Ubiquitous Networking System

    Directory of Open Access Journals (Sweden)

    Mihui Kim

    2010-04-01

    Full Text Available To successfully realize the ubiquitous network environment including home automation or industrial control systems, it is important to be able to resist a jamming attack. This has recently been considered as an extremely threatening attack because it can collapse the entire network, despite the existence of basic security protocols such as encryption and authentication. In this paper, we present a method of jamming attack tolerant routing using multiple paths based on zones. The proposed scheme divides the network into zones, and manages the candidate forward nodes of neighbor zones. After detecting an attack, detour nodes decide zones for rerouting, and detour packets destined for victim nodes through forward nodes in the decided zones. Simulation results show that our scheme increases the PDR (Packet Delivery Ratio and decreases the delay significantly in comparison with rerouting by a general routing protocol on sensor networks, AODV (Ad hoc On Demand Distance Vector, and a conventional JAM (Jammed Area Mapping service with one reroute.

  5. DMP: detouring using multiple paths against jamming attack for ubiquitous networking system.

    Science.gov (United States)

    Kim, Mihui; Chae, Kijoon

    2010-01-01

    To successfully realize the ubiquitous network environment including home automation or industrial control systems, it is important to be able to resist a jamming attack. This has recently been considered as an extremely threatening attack because it can collapse the entire network, despite the existence of basic security protocols such as encryption and authentication. In this paper, we present a method of jamming attack tolerant routing using multiple paths based on zones. The proposed scheme divides the network into zones, and manages the candidate forward nodes of neighbor zones. After detecting an attack, detour nodes decide zones for rerouting, and detour packets destined for victim nodes through forward nodes in the decided zones. Simulation results show that our scheme increases the PDR (Packet Delivery Ratio) and decreases the delay significantly in comparison with rerouting by a general routing protocol on sensor networks, AODV (Ad hoc On Demand Distance Vector), and a conventional JAM (Jammed Area Mapping) service with one reroute.

  6. Herbivore-induced plant responses in Brassica oleracea prevail over effects of constitutive resistance and result in enhanced herbivore attack

    NARCIS (Netherlands)

    Poelman, E.H.; van Loon, J.J.A.; Van Dam, N.M.; Dicke, M.; Vet, L.E.M.

    2010-01-01

    1. Plant responses to herbivore attack may have community-wide effects on the composition of the plant-associated insect community. Thereby, plant responses to an early-season herbivore may have profound consequences for the amount and type of future attack. 2. Here we studied the effect of

  7. Strengthening Authentication

    Science.gov (United States)

    Gale, Doug

    2007-01-01

    The basics of authentication are straightforward. One can prove his or her identity in three ways: (1) something one "has" (for example, a key or a birth certificate); (2) something one "knows" (such as a password); or (3) something one "is" (such as one's fingerprints, used in biometric technologies). In the world of computers and networks, the…

  8. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

    Science.gov (United States)

    Jung, Jaewook; Kang, Dongwoo; Lee, Donghoon; Won, Dongho

    2017-01-01

    Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

  9. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

    Directory of Open Access Journals (Sweden)

    Jaewook Jung

    Full Text Available Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

  10. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System

    Science.gov (United States)

    Kang, Dongwoo; Lee, Donghoon; Won, Dongho

    2017-01-01

    Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency. PMID:28046075

  11. 1-RAAP: An Efficient 1-Round Anonymous Authentication Protocol for Wireless Body Area Networks.

    Science.gov (United States)

    Liu, Jingwei; Zhang, Lihuan; Sun, Rong

    2016-05-19

    Thanks to the rapid technological convergence of wireless communications, medical sensors and cloud computing, Wireless Body Area Networks (WBANs) have emerged as a novel networking paradigm enabling ubiquitous Internet services, allowing people to receive medical care, monitor health status in real-time, analyze sports data and even enjoy online entertainment remotely. However, because of the mobility and openness of wireless communications, WBANs are inevitably exposed to a large set of potential attacks, significantly undermining their utility and impeding their widespread deployment. To prevent attackers from threatening legitimate WBAN users or abusing WBAN services, an efficient and secure authentication protocol termed 1-Round Anonymous Authentication Protocol (1-RAAP) is proposed in this paper. In particular, 1-RAAP preserves anonymity, mutual authentication, non-repudiation and some other desirable security properties, while only requiring users to perform several low cost computational operations. More importantly, 1-RAAP is provably secure thanks to its design basis, which is resistant to the anonymous in the random oracle model. To validate the computational efficiency of 1-RAAP, a set of comprehensive comparative studies between 1-RAAP and other authentication protocols is conducted, and the results clearly show that 1-RAAP achieves the best performance in terms of computational overhead.

  12. 1-RAAP: An Efficient 1-Round Anonymous Authentication Protocol for Wireless Body Area Networks

    Directory of Open Access Journals (Sweden)

    Jingwei Liu

    2016-05-01

    Full Text Available Thanks to the rapid technological convergence of wireless communications, medical sensors and cloud computing, Wireless Body Area Networks (WBANs have emerged as a novel networking paradigm enabling ubiquitous Internet services, allowing people to receive medical care, monitor health status in real-time, analyze sports data and even enjoy online entertainment remotely. However, because of the mobility and openness of wireless communications, WBANs are inevitably exposed to a large set of potential attacks, significantly undermining their utility and impeding their widespread deployment. To prevent attackers from threatening legitimate WBAN users or abusing WBAN services, an efficient and secure authentication protocol termed 1-Round Anonymous Authentication Protocol (1-RAAP is proposed in this paper. In particular, 1-RAAP preserves anonymity, mutual authentication, non-repudiation and some other desirable security properties, while only requiring users to perform several low cost computational operations. More importantly, 1-RAAP is provably secure thanks to its design basis, which is resistant to the anonymous in the random oracle model. To validate the computational efficiency of 1-RAAP, a set of comprehensive comparative studies between 1-RAAP and other authentication protocols is conducted, and the results clearly show that 1-RAAP achieves the best performance in terms of computational overhead.

  13. Facelock: familiarity-based graphical authentication.

    Science.gov (United States)

    Jenkins, Rob; McLachlan, Jane L; Renaud, Karen

    2014-01-01

    Authentication codes such as passwords and PIN numbers are widely used to control access to resources. One major drawback of these codes is that they are difficult to remember. Account holders are often faced with a choice between forgetting a code, which can be inconvenient, or writing it down, which compromises security. In two studies, we test a new knowledge-based authentication method that does not impose memory load on the user. Psychological research on face recognition has revealed an important distinction between familiar and unfamiliar face perception: When a face is familiar to the observer, it can be identified across a wide range of images. However, when the face is unfamiliar, generalisation across images is poor. This contrast can be used as the basis for a personalised 'facelock', in which authentication succeeds or fails based on image-invariant recognition of faces that are familiar to the account holder. In Study 1, account holders authenticated easily by detecting familiar targets among other faces (97.5% success rate), even after a one-year delay (86.1% success rate). Zero-acquaintance attackers were reduced to guessing (authenticate (6.6% success rate). In Study 2, we found that shoulder-surfing attacks by strangers could be defeated by presenting different photos of the same target faces in observed and attacked grids (1.9% success rate). Our findings suggest that the contrast between familiar and unfamiliar face recognition may be useful for developers of graphical authentication systems.

  14. Multifactor Authentication: Its Time Has Come

    Directory of Open Access Journals (Sweden)

    Jim Reno

    2013-08-01

    Full Text Available Transactions of any value must be authenticated to help prevent online crime. Even seemingly innocent interactions, such as social media postings, can have serious consequences if used fraudulently. A key problem in modern online interactions is establishing the identity of the user without alienating the user. Historically, almost all online authentications have been implemented using simple passwords, but increasingly these methods are under attack. Multifactor authentication requires the presentation of two or more of the three authentication factor types: “What you know”, “What you have”, and “What you are”. After presentation, each factor must be validated by the other party for authentication to occur. Multifactor authentication is a potential solution to the authentication problem, and it is beginning to be implemented at websites operated by well-known companies. This article surveys the different mechanisms used to implement multifactor authentication. How a site chooses to implement multifactor authentication affects security as well as the overall user experience.

  15. User Authentication in Smartphones for Telehealth

    Directory of Open Access Journals (Sweden)

    Katherine A. Smith

    2017-11-01

    Full Text Available Many functions previously conducted on desktop computers are now performed on smartphones. Smartphones provide convenience, portability, and connectivity.  When smartphones are used in the conduct of telehealth, sensitive data is invariably accessed, rendering the devices in need of user authentication to ensure data protection. User authentication of smartphones can help mitigate potential Health Insurance Portability and Accountability Act (HIPAA breaches and keep sensitive patient information protected, while also facilitating the convenience of smartphones within everyday life and healthcare. This paper presents and examines several types of authentication methods available to smartphone users to help ensure security of sensitive data from attackers. The applications of these authentication methods in telehealth are discussed.  Keywords: Authentication, Biometrics, HIPAA, Mobile security, Telehealth

  16. System and method for authentication

    Science.gov (United States)

    Duerksen, Gary L.; Miller, Seth A.

    2015-12-29

    Described are methods and systems for determining authenticity. For example, the method may include providing an object of authentication, capturing characteristic data from the object of authentication, deriving authentication data from the characteristic data of the object of authentication, and comparing the authentication data with an electronic database comprising reference authentication data to provide an authenticity score for the object of authentication. The reference authentication data may correspond to one or more reference objects of authentication other than the object of authentication.

  17. On the security of two remote user authentication schemes for telecare medical information systems.

    Science.gov (United States)

    Kim, Kee-Won; Lee, Jae-Dong

    2014-05-01

    The telecare medical information systems (TMISs) support convenient and rapid health-care services. A secure and efficient authentication scheme for TMIS provides safeguarding patients' electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Kumari et al. proposed a password based user authentication scheme using smart cards for TMIS, and claimed that the proposed scheme could resist various malicious attacks. However, we point out that their scheme is still vulnerable to lost smart card and cannot provide forward secrecy. Subsequently, Das and Goswami proposed a secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. They simulated their scheme for the formal security verification using the widely-accepted automated validation of Internet security protocols and applications (AVISPA) tool to ensure that their scheme is secure against passive and active attacks. However, we show that their scheme is still vulnerable to smart card loss attacks and cannot provide forward secrecy property. The proposed cryptanalysis discourages any use of the two schemes under investigation in practice and reveals some subtleties and challenges in designing this type of schemes.

  18. Cryptanalysis and improvement of a biometrics-based authentication and key agreement scheme for multi-server environments

    Science.gov (United States)

    Zheng, Zhiming

    2018-01-01

    According to advancements in the wireless technologies, study of biometrics-based multi-server authenticated key agreement schemes has acquired a lot of momentum. Recently, Wang et al. presented a three-factor authentication protocol with key agreement and claimed that their scheme was resistant to several prominent attacks. Unfortunately, this paper indicates that their protocol is still vulnerable to the user impersonation attack, privileged insider attack and server spoofing attack. Furthermore, their protocol cannot provide the perfect forward secrecy. As a remedy of these aforementioned problems, we propose a biometrics-based authentication and key agreement scheme for multi-server environments. Compared with various related schemes, our protocol achieves the stronger security and provides more functionality properties. Besides, the proposed protocol shows the satisfactory performances in respect of storage requirement, communication overhead and computational cost. Thus, our protocol is suitable for expert systems and other multi-server architectures. Consequently, the proposed protocol is more appropriate in the distributed networks. PMID:29534085

  19. Biometrics based authentication scheme for session initiation protocol

    OpenAIRE

    Xie, Qi; Tang, Zhixiong

    2016-01-01

    Many two-factor challenge-response based session initiation protocol (SIP) has been proposed, but most of them are vulnerable to smart card stolen attacks and password guessing attacks. In this paper, we propose a novel three-factor SIP authentication scheme using biometrics, password and smart card, and utilize the pi calculus-based formal verification tool ProVerif to prove that the proposed protocol achieves security and authentication. Furthermore, our protocol is highly efficient when co...

  20. Weaknesses of a dynamic identity based authentication protocol for multi-server architecture

    OpenAIRE

    Han, Weiwei

    2012-01-01

    Recently, Li et al. proposed a dynamic identity based authentication protocol for multi-server architecture. They claimed their protocol is secure and can withstand various attacks. But we found some security loopholes in the protocol. Accordingly, the current paper demonstrates that Li et al.'s protocol is vulnerable to the replay attack, the password guessing attack and the masquerade attack.

  1. Authentic Teachers: Student Criteria Perceiving Authenticity of Teachers

    Science.gov (United States)

    De Bruyckere, Pedro; Kirschner, Paul A.

    2016-01-01

    Authenticity is seen by many as a key for good learning and education. There is talk of authentic instruction, authentic learning, authentic problems, authentic assessment, authentic tools and authentic teachers. The problem is that while authenticity is an often-used adjective describing almost all aspects of teaching and learning, the concept…

  2. Press touch code: A finger press based screen size independent authentication scheme for smart devices

    Science.gov (United States)

    Ranak, M. S. A. Noman; Nor, Nur Nadiah Hanim Binti Mohd; Zamli, Kamal Z.

    2017-01-01

    Due to recent advancements and appealing applications, the purchase rate of smart devices is increasing at a higher rate. Parallely, the security related threats and attacks are also increasing at a greater ratio on these devices. As a result, a considerable number of attacks have been noted in the recent past. To resist these attacks, many password-based authentication schemes are proposed. However, most of these schemes are not screen size independent; whereas, smart devices come in different sizes. Specifically, they are not suitable for miniature smart devices due to the small screen size and/or lack of full sized keyboards. In this paper, we propose a new screen size independent password-based authentication scheme, which also offers an affordable defense against shoulder surfing, brute force, and smudge attacks. In the proposed scheme, the Press Touch (PT)—a.k.a., Force Touch in Apple’s MacBook, Apple Watch, ZTE’s Axon 7 phone; 3D Touch in iPhone 6 and 7; and so on—is transformed into a new type of code, named Press Touch Code (PTC). We design and implement three variants of it, namely mono-PTC, multi-PTC, and multi-PTC with Grid, on the Android Operating System. An in-lab experiment and a comprehensive survey have been conducted on 105 participants to demonstrate the effectiveness of the proposed scheme. PMID:29084262

  3. Press touch code: A finger press based screen size independent authentication scheme for smart devices.

    Science.gov (United States)

    Ranak, M S A Noman; Azad, Saiful; Nor, Nur Nadiah Hanim Binti Mohd; Zamli, Kamal Z

    2017-01-01

    Due to recent advancements and appealing applications, the purchase rate of smart devices is increasing at a higher rate. Parallely, the security related threats and attacks are also increasing at a greater ratio on these devices. As a result, a considerable number of attacks have been noted in the recent past. To resist these attacks, many password-based authentication schemes are proposed. However, most of these schemes are not screen size independent; whereas, smart devices come in different sizes. Specifically, they are not suitable for miniature smart devices due to the small screen size and/or lack of full sized keyboards. In this paper, we propose a new screen size independent password-based authentication scheme, which also offers an affordable defense against shoulder surfing, brute force, and smudge attacks. In the proposed scheme, the Press Touch (PT)-a.k.a., Force Touch in Apple's MacBook, Apple Watch, ZTE's Axon 7 phone; 3D Touch in iPhone 6 and 7; and so on-is transformed into a new type of code, named Press Touch Code (PTC). We design and implement three variants of it, namely mono-PTC, multi-PTC, and multi-PTC with Grid, on the Android Operating System. An in-lab experiment and a comprehensive survey have been conducted on 105 participants to demonstrate the effectiveness of the proposed scheme.

  4. Press touch code: A finger press based screen size independent authentication scheme for smart devices.

    Directory of Open Access Journals (Sweden)

    M S A Noman Ranak

    Full Text Available Due to recent advancements and appealing applications, the purchase rate of smart devices is increasing at a higher rate. Parallely, the security related threats and attacks are also increasing at a greater ratio on these devices. As a result, a considerable number of attacks have been noted in the recent past. To resist these attacks, many password-based authentication schemes are proposed. However, most of these schemes are not screen size independent; whereas, smart devices come in different sizes. Specifically, they are not suitable for miniature smart devices due to the small screen size and/or lack of full sized keyboards. In this paper, we propose a new screen size independent password-based authentication scheme, which also offers an affordable defense against shoulder surfing, brute force, and smudge attacks. In the proposed scheme, the Press Touch (PT-a.k.a., Force Touch in Apple's MacBook, Apple Watch, ZTE's Axon 7 phone; 3D Touch in iPhone 6 and 7; and so on-is transformed into a new type of code, named Press Touch Code (PTC. We design and implement three variants of it, namely mono-PTC, multi-PTC, and multi-PTC with Grid, on the Android Operating System. An in-lab experiment and a comprehensive survey have been conducted on 105 participants to demonstrate the effectiveness of the proposed scheme.

  5. Quantum identity authentication based on ping-pong technique for photons

    Energy Technology Data Exchange (ETDEWEB)

    Zhang Zheshen [State Key Laboratory of Advanced Optical Communication Systems and Networks, Department of Electronic Engineering, Shanghai Jiao Tong University, Shanghai 200030 (China)]. E-mail: zheshenzhang@hotmail.com; Zeng Guihua [State Key Laboratory of Advanced Optical Communication Systems and Networks, Department of Electronic Engineering, Shanghai Jiao Tong University, Shanghai 200030 (China)]. E-mail: ghzeng@sjtu.edu.cn; Zhou Nanrun [Department of Electronics Information Engineering, Nanchang University, Nanchang 330029 (China); Xiong Jin [State Key Laboratory of Advanced Optical Communication Systems and Networks, Department of Electronic Engineering, Shanghai Jiao Tong University, Shanghai 200030 (China)

    2006-08-07

    To prevent active attack, an one-way quantum identity authentication scheme is proposed by employing mechanism of ping-pong protocol and property of quantum controlled-NOT gate. It can verify the user's identity as well as distribute an updated key as the authentication key. Analytical results show the proposed scheme is secure under general individual attack.

  6. Quantum identity authentication based on ping-pong technique for photons

    International Nuclear Information System (INIS)

    Zhang Zheshen; Zeng Guihua; Zhou Nanrun; Xiong Jin

    2006-01-01

    To prevent active attack, an one-way quantum identity authentication scheme is proposed by employing mechanism of ping-pong protocol and property of quantum controlled-NOT gate. It can verify the user's identity as well as distribute an updated key as the authentication key. Analytical results show the proposed scheme is secure under general individual attack

  7. Tibetan Interpretations of Authenticity

    DEFF Research Database (Denmark)

    Sobisch, Jan-Ulrich

    2015-01-01

    The four means of authentication are arguments for the authentication of Buddhist teachings in a Tibetan tradition. Different traditions emphasize different means of authentication. These reveal interesting facts about the self-image of these traditions.......The four means of authentication are arguments for the authentication of Buddhist teachings in a Tibetan tradition. Different traditions emphasize different means of authentication. These reveal interesting facts about the self-image of these traditions....

  8. Effect of sodium sulphate attack on the resistance to flexion, formation of expansive compounds and microcracking in cement paste; Efeito do ataque por sulfato de sodio na resistencia a flexao, formacao de compostos expansivos e microfissuracao de pastas de cimento

    Energy Technology Data Exchange (ETDEWEB)

    Souza, Rui Barbosa de; John, Vanderlei Moacyr; Cincotto, Maria Alba [Universidade de Sao Paulo (USP), SP (Brazil). Escola Politecnica], e-mail: rui.souza@poli.usp.br, e-mail: vanderley.john@poli.usp.br, e-mail: maria.cincotto@poli.usp.br; Simao, Cristina Aiex [PETROBRAS S.A., Rio de Janeiro, RJ (Brazil). Centro de Pesquisas (CENPES). Gerencia de Tecnologia e Engenharia de Poco], e-mail: caies@petrobras.com.br

    2008-06-15

    The main objective of this research is to study the common methods for evaluating cement reactivity to sulfate attack. Resistance to sulfate attack was measured by determining the flexural strength in cement paste samples with exposure to Na{sub 2}SO{sub 4} solution (45,426 ppm of SO{sub 4}{sup 2-}), at a high temperature (55 deg C). The results of flexural strength showed that the resistance increases due to the attack because the products fill the pores. (author)

  9. AIS authentication

    CERN Multimedia

    2006-01-01

    Users are invited to use the NICE password for AIS authentication. As announced in CNL June-August 2006 (see http://www.cerncourier.com/articles/cnl/3/6/14/1) it is possible to use the NICE username and password to log on to AIS. The procedure is now fully operational and users can themselves reset the AIS password such that the NICE password will be used for authentication required by AIS applications. We strongly recommend CERN users who have a NICE account (this is the case of most users) to do this, with the objective to reduce the number of passwords they need to remember. This can be achieved very easily, directly from the Change Password option on the AIS login (https://aislogin.cern.ch/). Users should just select the '[Change Password]' option displayed at the bottom of the page, provide the 'Old Password' and then click on the button 'Use Nice password' followed by 'Submit'. Change Password option on the AIS login windowSetting the AIS password - Use Nice Password It should be noted that the proce...

  10. An enhanced password authentication scheme for session initiation protocol with perfect forward secrecy.

    Science.gov (United States)

    Qiu, Shuming; Xu, Guoai; Ahmad, Haseeb; Guo, Yanhui

    2018-01-01

    The Session Initiation Protocol (SIP) is an extensive and esteemed communication protocol employed to regulate signaling as well as for controlling multimedia communication sessions. Recently, Kumari et al. proposed an improved smart card based authentication scheme for SIP based on Farash's scheme. Farash claimed that his protocol is resistant against various known attacks. But, we observe some accountable flaws in Farash's protocol. We point out that Farash's protocol is prone to key-compromise impersonation attack and is unable to provide pre-verification in the smart card, efficient password change and perfect forward secrecy. To overcome these limitations, in this paper we present an enhanced authentication mechanism based on Kumari et al.'s scheme. We prove that the proposed protocol not only overcomes the issues in Farash's scheme, but it can also resist against all known attacks. We also provide the security analysis of the proposed scheme with the help of widespread AVISPA (Automated Validation of Internet Security Protocols and Applications) software. At last, comparing with the earlier proposals in terms of security and efficiency, we conclude that the proposed protocol is efficient and more secure.

  11. An enhanced password authentication scheme for session initiation protocol with perfect forward secrecy

    Science.gov (United States)

    2018-01-01

    The Session Initiation Protocol (SIP) is an extensive and esteemed communication protocol employed to regulate signaling as well as for controlling multimedia communication sessions. Recently, Kumari et al. proposed an improved smart card based authentication scheme for SIP based on Farash’s scheme. Farash claimed that his protocol is resistant against various known attacks. But, we observe some accountable flaws in Farash’s protocol. We point out that Farash’s protocol is prone to key-compromise impersonation attack and is unable to provide pre-verification in the smart card, efficient password change and perfect forward secrecy. To overcome these limitations, in this paper we present an enhanced authentication mechanism based on Kumari et al.’s scheme. We prove that the proposed protocol not only overcomes the issues in Farash’s scheme, but it can also resist against all known attacks. We also provide the security analysis of the proposed scheme with the help of widespread AVISPA (Automated Validation of Internet Security Protocols and Applications) software. At last, comparing with the earlier proposals in terms of security and efficiency, we conclude that the proposed protocol is efficient and more secure. PMID:29547619

  12. A Secure and Efficient Handover Authentication Protocol for Wireless Networks

    Directory of Open Access Journals (Sweden)

    Weijia Wang

    2014-06-01

    Full Text Available Handover authentication protocol is a promising access control technology in the fields of WLANs and mobile wireless sensor networks. In this paper, we firstly review an effcient handover authentication protocol, named PairHand, and its existing security attacks and improvements. Then, we present an improved key recovery attack by using the linearly combining method and reanalyze its feasibility on the improved PairHand protocol. Finally, we present a new handover authentication protocol, which not only achieves the same desirable effciency features of PairHand, but enjoys the provable security in the random oracle model.

  13. Baseline Measurements of Shoulder Surfing Analysis and Comparability for Smartphone Unlock Authentication

    Science.gov (United States)

    2017-05-22

    In this research, we explore a novel approach to measuring the susceptibility of smarthphone unlock authentication to shoulder surfing attacks. We...have created a series of video recordings where researchers enter authentication sequences into mobile devices (e.g. PINs, graphical patterns with...and played the role of attackers, viewing video-recorded footage of PIN and graphical pattern authentication input with various camera angles, hand

  14. "Thick" Authenticity: New Media and Authentic Learning.

    Science.gov (United States)

    Shaffer, David Williamson; Resnick, Mitchel

    1999-01-01

    Discusses authenticity as it is applied to educational interventions and argues that the concept should be analyzed more closely. Describes four kinds of authenticity; analyzes how computational media are well-suited to support different aspects of authentic learning; and discusses connectivity, modeling, and pluralism. Contains 75 references.…

  15. Post-Session Authentication

    DEFF Research Database (Denmark)

    Ahmed, Naveed; Jensen, Christian D.

    2012-01-01

    Entity authentication provides confidence in the claimed identity of a peer entity, but the manner in which this goal is achieved results in different types of authentication. An important factor in this regard is the order between authentication and the execution of the associated session....... In this paper, we consider the case of post-session authentication, where parties authenticate each other at the end of their interactive session. This use of authentication is different from session-less authentication (e.g., in RFID) and pre-session authentication (e.g., for access control.) Post......-session authentication, although a new term, is not a new concept; it is the basis of at least a few practical schemes. We, for the first time, systematically study it and present the underlying authentication model. Further, we show that an important class of problems is solvable using post-session authentication...

  16. An Optimal Non-Interactive Message Authentication Protocol

    OpenAIRE

    Pasini, Sylvain; Vaudenay, Serge

    2006-01-01

    Vaudenay recently proposed a message authentication protocol which is interactive and based on short authenticated strings (SAS). We study here SAS-based non-interactive message authentication protocols (NIMAP). We start by the analysis of two popular non-interactive message authentication protocols. The first one is based on a collision-resistant hash function and was presented by Balfanz et al. The second protocol is based on a universal hash function family and was proposed by Gehrmann, Mi...

  17. Facelock: familiarity-based graphical authentication

    Directory of Open Access Journals (Sweden)

    Rob Jenkins

    2014-06-01

    Full Text Available Authentication codes such as passwords and PIN numbers are widely used to control access to resources. One major drawback of these codes is that they are difficult to remember. Account holders are often faced with a choice between forgetting a code, which can be inconvenient, or writing it down, which compromises security. In two studies, we test a new knowledge-based authentication method that does not impose memory load on the user. Psychological research on face recognition has revealed an important distinction between familiar and unfamiliar face perception: When a face is familiar to the observer, it can be identified across a wide range of images. However, when the face is unfamiliar, generalisation across images is poor. This contrast can be used as the basis for a personalised ‘facelock’, in which authentication succeeds or fails based on image-invariant recognition of faces that are familiar to the account holder. In Study 1, account holders authenticated easily by detecting familiar targets among other faces (97.5% success rate, even after a one-year delay (86.1% success rate. Zero-acquaintance attackers were reduced to guessing (<1% success rate. Even personal attackers who knew the account holder well were rarely able to authenticate (6.6% success rate. In Study 2, we found that shoulder-surfing attacks by strangers could be defeated by presenting different photos of the same target faces in observed and attacked grids (1.9% success rate. Our findings suggest that the contrast between familiar and unfamiliar face recognition may be useful for developers of graphical authentication systems.

  18. Robust and Efficient Authentication Scheme for Session Initiation Protocol

    Directory of Open Access Journals (Sweden)

    Yanrong Lu

    2015-01-01

    Full Text Available The session initiation protocol (SIP is a powerful application-layer protocol which is used as a signaling one for establishing, modifying, and terminating sessions among participants. Authentication is becoming an increasingly crucial issue when a user asks to access SIP services. Hitherto, many authentication schemes have been proposed to enhance the security of SIP. In 2014, Arshad and Nikooghadam proposed an enhanced authentication and key agreement scheme for SIP and claimed that their scheme could withstand various attacks. However, in this paper, we show that Arshad and Nikooghadam’s authentication scheme is still susceptible to key-compromise impersonation and trace attacks and does not provide proper mutual authentication. To conquer the flaws, we propose a secure and efficient ECC-based authentication scheme for SIP. Through the informal and formal security analyses, we demonstrate that our scheme is resilient to possible known attacks including the attacks found in Arshad et al.’s scheme. In addition, the performance analysis shows that our scheme has similar or better efficiency in comparison with other existing ECC-based authentication schemes for SIP.

  19. Attack surfaces

    DEFF Research Database (Denmark)

    Gruschka, Nils; Jensen, Meiko

    2010-01-01

    The new paradigm of cloud computing poses severe security risks to its adopters. In order to cope with these risks, appropriate taxonomies and classification criteria for attacks on cloud computing are required. In this work-in-progress paper we present one such taxonomy based on the notion...... of attack surfaces of the cloud computing scenario participants....

  20. A Secure and Anonymous Two-Factor Authentication Protocol in Multiserver Environment

    Directory of Open Access Journals (Sweden)

    Chenyu Wang

    2018-01-01

    Full Text Available With the great development of network technology, the multiserver system gets widely used in providing various of services. And the two-factor authentication protocols in multiserver system attract more and more attention. Recently, there are two new schemes for multiserver environment which claimed to be secure against the known attacks. However, after a scrutinization of these two schemes, we found that (1 their description of the adversary’s abilities is inaccurate; (2 their schemes suffer from many attacks. Thus, firstly, we corrected their description on the adversary capacities to introduce a widely accepted adversary model and then summarized fourteen security requirements of multiserver based on the works of pioneer contributors. Secondly, we revealed that one of the two schemes fails to preserve forward secrecy and user anonymity and cannot resist stolen-verifier attack and off-line dictionary attack and so forth and also demonstrated that another scheme fails to preserve forward secrecy and user anonymity and is not secure to insider attack and off-line dictionary attack, and so forth. Finally, we designed an enhanced scheme to overcome these identified weaknesses, proved its security via BAN logic and heuristic analysis, and then compared it with other relevant schemes. The comparison results showed the superiority of our scheme.

  1. A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems.

    Science.gov (United States)

    Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao

    2014-09-01

    Telecare medicine information system (TMIS) is widely used for providing a convenient and efficient communicating platform between patients at home and physicians at medical centers or home health care (HHC) organizations. To ensure patient privacy, in 2013, Hao et al. proposed a chaotic map based authentication scheme with user anonymity for TMIS. Later, Lee showed that Hao et al.'s scheme is in no provision for providing fairness in session key establishment and gave an efficient user authentication and key agreement scheme using smart cards, in which only few hashing and Chebyshev chaotic map operations are required. In addition, Jiang et al. discussed that Hao et al.'s scheme can not resist stolen smart card attack and they further presented an improved scheme which attempts to repair the security pitfalls found in Hao et al.'s scheme. In this paper, we found that both Lee's and Jiang et al.'s authentication schemes have a serious security problem in that a registered user's secret parameters may be intentionally exposed to many non-registered users and this problem causing the service misuse attack. Therefore, we propose a slight modification on Lee's scheme to prevent the shortcomings. Compared with previous schemes, our improved scheme not only inherits the advantages of Lee's and Jiang et al.'s authentication schemes for TMIS but also remedies the serious security weakness of not being able to withstand service misuse attack.

  2. Authenticating the Leader

    DEFF Research Database (Denmark)

    Johnsen, Christian Garmann

    As authentic leadership, with its dictum of being true to the self, has become increasingly influential among practitioners and mainstream leadership scholars, critical writers have drawn attention to the negative consequences of this development. Yet, few scholars have investigated the problem...... of authentication within discourse of authentic leadership. If authentic leadership is to make any sense, it is necessary to be able to distinguish the authentic from the inauthentic leader – in other words, it is necessary to authenticate the leader. This paper uses Gilles Deleuze’s reading of Plato as the point...... of departure for discussing the problem of authentication – separating the authentic leader form the inauthentic one – in the leadership guru Bill George’s model of authentic leadership. By doing so, the paper offers a way of conceptualizing the problem of authenticating leaders, as well as challenging...

  3. Security enhancement of a biometric based authentication scheme for telecare medicine information systems with nonce.

    Science.gov (United States)

    Mishra, Dheerendra; Mukhopadhyay, Sourav; Kumari, Saru; Khan, Muhammad Khurram; Chaturvedi, Ankita

    2014-05-01

    Telecare medicine information systems (TMIS) present the platform to deliver clinical service door to door. The technological advances in mobile computing are enhancing the quality of healthcare and a user can access these services using its mobile device. However, user and Telecare system communicate via public channels in these online services which increase the security risk. Therefore, it is required to ensure that only authorized user is accessing the system and user is interacting with the correct system. The mutual authentication provides the way to achieve this. Although existing schemes are either vulnerable to attacks or they have higher computational cost while an scalable authentication scheme for mobile devices should be secure and efficient. Recently, Awasthi and Srivastava presented a biometric based authentication scheme for TMIS with nonce. Their scheme only requires the computation of the hash and XOR functions.pagebreak Thus, this scheme fits for TMIS. However, we observe that Awasthi and Srivastava's scheme does not achieve efficient password change phase. Moreover, their scheme does not resist off-line password guessing attack. Further, we propose an improvement of Awasthi and Srivastava's scheme with the aim to remove the drawbacks of their scheme.

  4. Post-Session Authentication

    OpenAIRE

    Ahmed , Naveed; Jensen , Christian ,

    2012-01-01

    Part 1: Full Papers; International audience; Entity authentication provides confidence in the claimed identity of a peer entity, but the manner in which this goal is achieved results in different types of authentication. An important factor in this regard is the order between authentication and the execution of the associated session. In this paper, we consider the case of post-session authentication, where parties authenticate each other at the end of their interactive session. This use of a...

  5. Authentication Using Mobile Phones

    OpenAIRE

    Fusek, Z.

    2015-01-01

    This project deals with authentication by a mobile device. The mobile device with the operating system Android 5.0 was chosen as authentication device. The user can perform authentication with emulation of contactless chip cards by using Host-based Card Emulation, which runs via Near Field Communication, where cryptographic keys are stored in a secure environment KeyStore. The project continues with implementation of authentication via Bluetooth LE and describes application for authentization...

  6. Heart Attack

    Science.gov (United States)

    ... properly causes your body's blood sugar levels to rise, increasing your risk of heart attack. Metabolic syndrome. This occurs when you have obesity, high blood pressure and high blood sugar. Having metabolic ...

  7. Heart Attack

    Science.gov (United States)

    ... family history of heart attack race – African Americans, Mexican Americans, Native Americans, and native Hawaiians are at ... Your doctor will prescribe the medicines that are right for you. If you have had a heart ...

  8. Authenticating the Leader

    DEFF Research Database (Denmark)

    Garmann Johnsen, Christian

    2018-01-01

    In the wake of a series of corporate scandals, there has been a growing call for authentic leadership in order to ensure ethical conduct in contemporary organizations. Authentic leadership, however, depends upon the ability to draw a distinction between the authentic and inauthentic leader......’s inverted Platonism, the paper challenges the practice by which authentic leaders are distinguished from inauthentic leaders. In conclusion, the paper suggests that an adequate concept of authentic leadership should consider how ethics can occur when the authentic leader is able to critically reflect his...

  9. An Approach for Prevention of MitM Attack Based on Rogue AP in Wireless Network

    OpenAIRE

    Zhendong Wu; Mengru Cai; Siyu Liang

    2014-01-01

    With the rapid development of WLAN, more and more schools and businesses have begun to provide the WLAN for users. However, WLAN is considerably more susceptible to MitM (man- in-the-middle) attack. To overcome it, we propose a dynamic password technology named Two-way Dynamic Authentication Technology (TDAT). It uses two-factor during the initial authentication, and uses a two-way hash chain during the cross-domain authentication. TDAT effectively protects users' authentication credentials a...

  10. Location-assured, multifactor authentication on smartphones via LTE communication

    Science.gov (United States)

    Kuseler, Torben; Lami, Ihsan A.; Al-Assam, Hisham

    2013-05-01

    With the added security provided by LTE, geographical location has become an important factor for authentication to enhance the security of remote client authentication during mCommerce applications using Smartphones. Tight combination of geographical location with classic authentication factors like PINs/Biometrics in a real-time, remote verification scheme over the LTE layer connection assures the authenticator about the client itself (via PIN/biometric) as well as the client's current location, thus defines the important aspects of "who", "when", and "where" of the authentication attempt without eaves dropping or man on the middle attacks. To securely integrate location as an authentication factor into the remote authentication scheme, client's location must be verified independently, i.e. the authenticator should not solely rely on the location determined on and reported by the client's Smartphone. The latest wireless data communication technology for mobile phones (4G LTE, Long-Term Evolution), recently being rolled out in various networks, can be employed to enhance this location-factor requirement of independent location verification. LTE's Control Plane LBS provisions, when integrated with user-based authentication and independent source of localisation factors ensures secure efficient, continuous location tracking of the Smartphone. This feature can be performed during normal operation of the LTE-based communication between client and network operator resulting in the authenticator being able to verify the client's claimed location more securely and accurately. Trials and experiments show that such algorithm implementation is viable for nowadays Smartphone-based banking via LTE communication.

  11. Extended KCI attack against two-party key establishment protocols

    NARCIS (Netherlands)

    Tang, Qiang; Chen, Liqun

    2011-01-01

    We introduce an extended Key Compromise Impersonation (KCI) attack against two-party key establishment protocols, where an adversary has access to both long-term and ephemeral secrets of a victim. Such an attack poses serious threats to both key authentication and key confirmation properties of a

  12. Authentication Assurance Levels

    International Nuclear Information System (INIS)

    Kouzes, Richard T.; Cash, James R.; Devaney, David M.; Geelhood, Bruce D.; Hansen, Randy R.; Melton, Ronald B.; Pitts, W. Karl

    2002-01-01

    This Common Criteria approach has been applied to create a definition of Authentication Assurance Levels that can quantify the level of assurance reached for a system subject to a set of authentication procedures. The arms-control authentication application of the Common Criteria expands on more typical information security evaluations in that it must contend with information barriers and preclude sophisticated intentional subversion attempts.

  13. Study of Wireless Authentication Center with Mixed Encryption in WSN

    Directory of Open Access Journals (Sweden)

    Yiqin Lu

    2016-01-01

    Full Text Available WSN (wireless sensor network has been used in a wide range of applications nowadays. Sensor networks may often relay critical data; thus, security must be a high priority. However, due to their limited computational, energy, and storage resources, sensor nodes are vulnerable to attack. So how to protect sensor nodes from attacks without raising computational capability and energy consumption is a worthwhile issue. A WAC (wireless authentication center with mixed encryption named “MEWAC” is proposed. MEWAC is based on MCU (Microcontroller Unit and WiFi (Wireless Fidelity module and uses RSA, AES (Advanced Encryption Standard, and SHA-1 (Secure Hash Algorithm 1 to provide high performance authentication and data encryption services for sensor nodes. The experimental results show that MEWAC has the advantages of low cost, low power consumption, good performance, and stability; moreover, the authentication protocol improves the security of WSN and reduces the overhead in node authentication.

  14. Comment on 'Quantum direct communication with authentication'

    International Nuclear Information System (INIS)

    Zhang, Zhan-jun; Liu, Jun; Wang, Dong; Shi, Shou-hua

    2007-01-01

    Two protocols of quantum direct communication with authentication [Phys. Rev. A 73, 042305 (2006)] were recently proposed by Lee, Lim, and Yang. In this paper we will show that in the two protocols the authenticator Trent should be prevented from knowing the secret message. The first protocol can be eavesdropped on by Trent using the intercept-measure-resend attack, while the second protocol can be eavesdropped on by Trent using a simple single-qubit measurement. To fix these leaks, we revise the original versions of the protocols by using the Pauli Z operation σ z instead of the original bit-flip operation X. As a consequence, the attacks we present can be prevented and accordingly the protocol securities are improved

  15. Authenticated Quantum Key Distribution with Collective Detection using Single Photons

    Science.gov (United States)

    Huang, Wei; Xu, Bing-Jie; Duan, Ji-Tong; Liu, Bin; Su, Qi; He, Yuan-Hang; Jia, Heng-Yue

    2016-10-01

    We present two authenticated quantum key distribution (AQKD) protocols by utilizing the idea of collective (eavesdropping) detection. One is a two-party AQKD protocol, the other is a multiparty AQKD protocol with star network topology. In these protocols, the classical channels need not be assumed to be authenticated and the single photons are used as the quantum information carriers. To achieve mutual identity authentication and establish a random key in each of the proposed protocols, only one participant should be capable of preparing and measuring single photons, and the main quantum ability that the rest of the participants should have is just performing certain unitary operations. Security analysis shows that these protocols are free from various kinds of attacks, especially the impersonation attack and the man-in-the-middle (MITM) attack.

  16. Secure and Efficient Anonymous Authentication Scheme in Global Mobility Networks

    Directory of Open Access Journals (Sweden)

    Jun-Sub Kim

    2013-01-01

    Full Text Available In 2012, Mun et al. pointed out that Wu et al.’s scheme failed to achieve user anonymity and perfect forward secrecy and disclosed the passwords of legitimate users. And they proposed a new enhancement for anonymous authentication scheme. However, their proposed scheme has vulnerabilities that are susceptible to replay attack and man-in-the-middle attack. It also incurs a high overhead in the database. In this paper, we examine the vulnerabilities in the existing schemes and the computational overhead incurred in the database. We then propose a secure and efficient anonymous authentication scheme for roaming service in global mobility network. Our proposed scheme is secure against various attacks, provides mutual authentication and session key establishment, and incurs less computational overhead in the database than Mun et al.'s scheme.

  17. Further attacks on Yeung-Mintzer fragile watermarking scheme

    Science.gov (United States)

    Fridrich, Jessica; Goljan, Miroslav; Memon, Nasir D.

    2000-05-01

    In this paper, we describe new and improved attacks on the authentication scheme previously proposed by Yeung and Mintzer. Previous attacks assumed that the binary watermark logo inserted in an image for the purposes of authentication was known. Here we remove that assumption and show how the scheme is still vulnerable, even if the binary logo is not known but the attacker has access to multiple images that have been watermarked with the same secret key and contain the same (but unknown) logo. We present two attacks. The first attack infers the secret watermark insertion function and the binary logo, given multiple images authenticated with the same key and containing the same logo. We show that a very good approximation to the logo and watermark insertion function can be constructed using as few as two images. With color images, one needs many more images, nevertheless the attack is still feasible. The second attack we present, which we call the 'collage-attack' is a variation of the Holliman-Memon counterfeiting attack. The proposed variation does not require knowledge of the watermark logo and produces counterfeits of superior quality by means of a suitable dithering process that we develop.

  18. Routing Data Authentication in Wireless Networks; TOPICAL

    International Nuclear Information System (INIS)

    TORGERSON, MARK D.; VAN LEEUWEN, BRIAN P.

    2001-01-01

    In this paper, we discuss several specific threats directed at the routing data of an ad hoc network. We address security issues that arise from wrapping authentication mechanisms around ad hoc routing data. We show that this bolt-on approach to security may make certain attacks more difficult, but still leaves the network routing data vulnerable. We also show that under a certain adversarial model, most existing routing protocols cannot be secured with the aid of digital signatures

  19. Multi-factor authentication

    Science.gov (United States)

    Hamlet, Jason R; Pierson, Lyndon G

    2014-10-21

    Detection and deterrence of spoofing of user authentication may be achieved by including a cryptographic fingerprint unit within a hardware device for authenticating a user of the hardware device. The cryptographic fingerprint unit includes an internal physically unclonable function ("PUF") circuit disposed in or on the hardware device, which generates a PUF value. Combining logic is coupled to receive the PUF value, combines the PUF value with one or more other authentication factors to generate a multi-factor authentication value. A key generator is coupled to generate a private key and a public key based on the multi-factor authentication value while a decryptor is coupled to receive an authentication challenge posed to the hardware device and encrypted with the public key and coupled to output a response to the authentication challenge decrypted with the private key.

  20. Security enhanced multi-factor biometric authentication scheme using bio-hash function.

    Directory of Open Access Journals (Sweden)

    Younsung Choi

    Full Text Available With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An's scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user's ID during login. Cao and Ge improved upon Younghwa An's scheme, but various security problems remained. This study demonstrates that Cao and Ge's scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge's scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost.

  1. Security enhanced multi-factor biometric authentication scheme using bio-hash function

    Science.gov (United States)

    Lee, Youngsook; Moon, Jongho

    2017-01-01

    With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An’s scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user’s ID during login. Cao and Ge improved upon Younghwa An’s scheme, but various security problems remained. This study demonstrates that Cao and Ge’s scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge’s scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost. PMID:28459867

  2. Security enhanced multi-factor biometric authentication scheme using bio-hash function.

    Science.gov (United States)

    Choi, Younsung; Lee, Youngsook; Moon, Jongho; Won, Dongho

    2017-01-01

    With the rapid development of personal information and wireless communication technology, user authentication schemes have been crucial to ensure that wireless communications are secure. As such, various authentication schemes with multi-factor authentication have been proposed to improve the security of electronic communications. Multi-factor authentication involves the use of passwords, smart cards, and various biometrics to provide users with the utmost privacy and data protection. Cao and Ge analyzed various authentication schemes and found that Younghwa An's scheme was susceptible to a replay attack where an adversary masquerades as a legal server and a user masquerading attack where user anonymity is not provided, allowing an adversary to execute a password change process by intercepting the user's ID during login. Cao and Ge improved upon Younghwa An's scheme, but various security problems remained. This study demonstrates that Cao and Ge's scheme is susceptible to a biometric recognition error, slow wrong password detection, off-line password attack, user impersonation attack, ID guessing attack, a DoS attack, and that their scheme cannot provide session key agreement. Then, to address all weaknesses identified in Cao and Ge's scheme, this study proposes a security enhanced multi-factor biometric authentication scheme and provides a security analysis and formal analysis using Burrows-Abadi-Needham logic. Finally, the efficiency analysis reveals that the proposed scheme can protect against several possible types of attacks with only a slightly high computational cost.

  3. Chaotic maps and biometrics-based anonymous three-party authenticated key exchange protocol without using passwords

    International Nuclear Information System (INIS)

    Xie Qi; Hu Bin; Chen Ke-Fei; Liu Wen-Hao; Tan Xiao

    2015-01-01

    In three-party password authenticated key exchange (AKE) protocol, since two users use their passwords to establish a secure session key over an insecure communication channel with the help of the trusted server, such a protocol may suffer the password guessing attacks and the server has to maintain the password table. To eliminate the shortages of password-based AKE protocol, very recently, according to chaotic maps, Lee et al. [2015 Nonlinear Dyn. 79 2485] proposed a first three-party-authenticated key exchange scheme without using passwords, and claimed its security by providing a well-organized BAN logic test. Unfortunately, their protocol cannot resist impersonation attack, which is demonstrated in the present paper. To overcome their security weakness, by using chaotic maps, we propose a biometrics-based anonymous three-party AKE protocol with the same advantages. Further, we use the pi calculus-based formal verification tool ProVerif to show that our AKE protocol achieves authentication, security and anonymity, and an acceptable efficiency. (paper)

  4. Chaotic maps and biometrics-based anonymous three-party authenticated key exchange protocol without using passwords

    Science.gov (United States)

    Xie, Qi; Hu, Bin; Chen, Ke-Fei; Liu, Wen-Hao; Tan, Xiao

    2015-11-01

    In three-party password authenticated key exchange (AKE) protocol, since two users use their passwords to establish a secure session key over an insecure communication channel with the help of the trusted server, such a protocol may suffer the password guessing attacks and the server has to maintain the password table. To eliminate the shortages of password-based AKE protocol, very recently, according to chaotic maps, Lee et al. [2015 Nonlinear Dyn. 79 2485] proposed a first three-party-authenticated key exchange scheme without using passwords, and claimed its security by providing a well-organized BAN logic test. Unfortunately, their protocol cannot resist impersonation attack, which is demonstrated in the present paper. To overcome their security weakness, by using chaotic maps, we propose a biometrics-based anonymous three-party AKE protocol with the same advantages. Further, we use the pi calculus-based formal verification tool ProVerif to show that our AKE protocol achieves authentication, security and anonymity, and an acceptable efficiency. Project supported by the Natural Science Foundation of Zhejiang Province, China (Grant No. LZ12F02005), the Major State Basic Research Development Program of China (Grant No. 2013CB834205), and the National Natural Science Foundation of China (Grant No. 61070153).

  5. Two-Factor User Authentication with Key Agreement Scheme Based on Elliptic Curve Cryptosystem

    Directory of Open Access Journals (Sweden)

    Juan Qu

    2014-01-01

    Full Text Available A password authentication scheme using smart card is called two-factor authentication scheme. Two-factor authentication scheme is the most accepted and commonly used mechanism that provides the authorized users a secure and efficient method for accessing resources over insecure communication channel. Up to now, various two-factor user authentication schemes have been proposed. However, most of them are vulnerable to smart card loss attack, offline password guessing attack, impersonation attack, and so on. In this paper, we design a password remote user authentication with key agreement scheme using elliptic curve cryptosystem. Security analysis shows that the proposed scheme has high level of security. Moreover, the proposed scheme is more practical and secure in contrast to some related schemes.

  6. Biometrics based authentication scheme for session initiation protocol.

    Science.gov (United States)

    Xie, Qi; Tang, Zhixiong

    2016-01-01

    Many two-factor challenge-response based session initiation protocol (SIP) has been proposed, but most of them are vulnerable to smart card stolen attacks and password guessing attacks. In this paper, we propose a novel three-factor SIP authentication scheme using biometrics, password and smart card, and utilize the pi calculus-based formal verification tool ProVerif to prove that the proposed protocol achieves security and authentication. Furthermore, our protocol is highly efficient when compared to other related protocols.

  7. Secure authentication system that generates seed from biometric information.

    Science.gov (United States)

    Kim, Yeojin; Ahn, Jung-Ho; Byun, Hyeran

    2005-02-10

    As biometric recognition techniques are gradually improved, the stability of biometric authentication systems are enhanced. Although bioinformation has properties that make it resistant to fraud, biometric authentication systems are not immune to hacking. We show a secure biometric authentication system (1) to guarantee the integrity of biometric information by mixing data by use of a biometric key and (2) to raise recognition rates by use of bimodal biometrics.

  8. Using SIM for strong end-to-end Application Authentication

    OpenAIRE

    Lunde, Lars; Wangensteen, Audun

    2006-01-01

    Today the Internet is mostly used for services that require low or none security. The commercial and governmental applications have started to emerge but met problems since they require strong authentication, which is both difficult and costly to realize. The SIM card used in mobile phones is a tamper resistant device that contains strong authentication mechanisms. It would be very convenient and cost-efficient if Internet services could use authentication methods based on the SIM. This mast...

  9. A User Authentication Scheme Based on Elliptic Curves Cryptography for Wireless Ad Hoc Networks.

    Science.gov (United States)

    Chen, Huifang; Ge, Linlin; Xie, Lei

    2015-07-14

    The feature of non-infrastructure support in a wireless ad hoc network (WANET) makes it suffer from various attacks. Moreover, user authentication is the first safety barrier in a network. A mutual trust is achieved by a protocol which enables communicating parties to authenticate each other at the same time and to exchange session keys. For the resource-constrained WANET, an efficient and lightweight user authentication scheme is necessary. In this paper, we propose a user authentication scheme based on the self-certified public key system and elliptic curves cryptography for a WANET. Using the proposed scheme, an efficient two-way user authentication and secure session key agreement can be achieved. Security analysis shows that our proposed scheme is resilient to common known attacks. In addition, the performance analysis shows that our proposed scheme performs similar or better compared with some existing user authentication schemes.

  10. Design of a mutual authentication based on NTRUsign with a perturbation and inherent multipoint control protocol frames in an Ethernet-based passive optical network

    Science.gov (United States)

    Yin, Aihan; Ding, Yisheng

    2014-11-01

    Identity-related security issues inherently present in passive optical networks (PON) still exist in the current (1G) and next-generation (10G) Ethernet-based passive optical network (EPON) systems. We propose a mutual authentication scheme that integrates an NTRUsign digital signature algorithm with inherent multipoint control protocol (MPCP) frames over an EPON system between the optical line terminal (OLT) and optical network unit (ONU). Here, a primitive NTRUsign algorithm is significantly modified through the use of a new perturbation so that it can be effectively used for simultaneously completing signature and authentication functions on the OLT and the ONU sides. Also, in order to transmit their individual sensitive messages, which include public key, signature, and random value and so forth, to each other, we redefine three unique frames according to MPCP format frame. These generated messages can be added into the frames and delivered to each other, allowing the OLT and the ONU to go ahead with a mutual identity authentication process to verify their legal identities. Our simulation results show that this proposed scheme performs very well in resisting security attacks and has low influence on the registration efficiency to to-be-registered ONUs. A performance comparison with traditional authentication algorithms is also presented. To the best of our knowledge, no detailed design of mutual authentication in EPON can be found in the literature up to now.

  11. OPERATION COBRA. Deliberate Attack, Exploitation

    Science.gov (United States)

    1984-05-25

    to attack Sens, then continue to Troyes , on the Seine River. CCA was in the north, crossing the Loing River at Souppes against light resistance and...advanced from Troyes and prepared positions close to Sens. Under strong artillery support, a task force from CCA (TF Oden) attacked the enemy frontally...movement towards the Seine River on 24 August with an advance toward Troyes . Facing the combat command were what remained of the 51st SS Brigade, light

  12. An Improved Timestamp-Based Password Authentication Scheme Using Smart Cards

    OpenAIRE

    Pathan, Al-Sakib Khan; Hong, Choong Seon

    2007-01-01

    With the recent proliferation of distributed systems and networking, remote authentication has become a crucial task in many networking applications. Various schemes have been proposed so far for the two-party remote authentication; however, some of them have been proved to be insecure. In this paper, we propose an efficient timestamp-based password authentication scheme using smart cards. We show various types of forgery attacks against a previously proposed timestamp-based password authenti...

  13. Cryptanalysis of Quantum Secure Direct Communication and Authentication Scheme via Bell States

    International Nuclear Information System (INIS)

    Gao Fei; Qin Su-Juan; Guo Fen-Zhuo; Wen Qiao-Yan

    2011-01-01

    The security of the quantum secure direct communication (QSDC) and authentication protocol based on Bell states is analyzed. It is shown that an eavesdropper can invalidate the authentication function, and implement a successful man-in-the-middle attack, where he/she can obtain or even modify the transmitted secret without introducing any error. The particular attack strategy is demonstrated and an improved protocol is presented. (general)

  14. Efficient Protection of Android Applications through User Authentication Using Peripheral Devices

    OpenAIRE

    Jinseong Kim; Im Y. Jung

    2018-01-01

    Android applications store large amounts of sensitive information that may be exposed and exploited. To prevent this security risk, some applications such as Syrup and KakaoTalk use physical device values to authenticate or encrypt application data. However, by manipulating these physical device values, an attacker can circumvent the authentication by executing a Same Identifier Attack and obtain the same application privileges as the user. In our work, WhatsApp, KakaoTalk, Facebook, Amazon, ...

  15. Authentication: Hot and cool

    OpenAIRE

    Cohen, E; Cohen, SA

    2012-01-01

    Seeking to shift the discussion of the concept of authenticity in tourism scholarship from the dominant concern with tourist experiences to the more sociological problem of the processes of authentication of tourist attractions, we conceptualize two analytically distinct, but practically often intersecting, modes of authentication of attractions, “cool” and “hot”. Through a range of examples, we demonstrate the implications of the two modes for the dynamics of the constitution of tourist attr...

  16. Elliptic Curve Cryptography-Based Authentication with Identity Protection for Smart Grids.

    Directory of Open Access Journals (Sweden)

    Liping Zhang

    Full Text Available In a smart grid, the power service provider enables the expected power generation amount to be measured according to current power consumption, thus stabilizing the power system. However, the data transmitted over smart grids are not protected, and then suffer from several types of security threats and attacks. Thus, a robust and efficient authentication protocol should be provided to strength the security of smart grid networks. As the Supervisory Control and Data Acquisition system provides the security protection between the control center and substations in most smart grid environments, we focus on how to secure the communications between the substations and smart appliances. Existing security approaches fail to address the performance-security balance. In this study, we suggest a mitigation authentication protocol based on Elliptic Curve Cryptography with privacy protection by using a tamper-resistant device at the smart appliance side to achieve a delicate balance between performance and security of smart grids. The proposed protocol provides some attractive features such as identity protection, mutual authentication and key agreement. Finally, we demonstrate the completeness of the proposed protocol using the Gong-Needham-Yahalom logic.

  17. Elliptic Curve Cryptography-Based Authentication with Identity Protection for Smart Grids.

    Science.gov (United States)

    Zhang, Liping; Tang, Shanyu; Luo, He

    2016-01-01

    In a smart grid, the power service provider enables the expected power generation amount to be measured according to current power consumption, thus stabilizing the power system. However, the data transmitted over smart grids are not protected, and then suffer from several types of security threats and attacks. Thus, a robust and efficient authentication protocol should be provided to strength the security of smart grid networks. As the Supervisory Control and Data Acquisition system provides the security protection between the control center and substations in most smart grid environments, we focus on how to secure the communications between the substations and smart appliances. Existing security approaches fail to address the performance-security balance. In this study, we suggest a mitigation authentication protocol based on Elliptic Curve Cryptography with privacy protection by using a tamper-resistant device at the smart appliance side to achieve a delicate balance between performance and security of smart grids. The proposed protocol provides some attractive features such as identity protection, mutual authentication and key agreement. Finally, we demonstrate the completeness of the proposed protocol using the Gong-Needham-Yahalom logic.

  18. Multimodal Authentication - Biometric Password And Steganography

    Directory of Open Access Journals (Sweden)

    Alvin Prasad

    2017-06-01

    Full Text Available Security is a major concern for everyone be it individuals or organizations. As the nature of information systems is becoming distributed securing them is becoming difficult as well. New applications are developed by researchers and developers to counter security issues but as soon as the application is released new attacks are formed to bypass the application. Kerberos is an authentication protocol which helps in to verify and validate a user to a server. As it is a widely used protocol minimizing or preventing the password attack is important. In this research we have analyzed the Kerberos protocol and suggested some ideas which can be considered while updating Kerberos to prevent the password attack. In the proposed solution we are suggesting to use password and biometric technique while registering on the network to enjoy the services and a combination of cryptography and steganography technique while communicating back to the user.

  19. A Novel Video Data-Source Authentication Model Based on Digital Watermarking and MAC in Multicast

    Institute of Scientific and Technical Information of China (English)

    ZHAO Anjun; LU Xiangli; GUO Lei

    2006-01-01

    A novel video data authentication model based on digital video watermarking and MAC (message authentication code) in multicast protocol is proposed in this paper. The digital watermarking which composes of the MAC of the significant video content, the key and instant authentication data is embedded into the insignificant video component by the MLUT (modified look-up table) video watermarking technology. We explain a method that does not require storage of each data packet for a time, thus making receiver not vulnerable to DOS (denial of service) attack. So the video packets can be authenticated instantly without large volume buffer in the receivers. TESLA(timed efficient stream loss-tolerant authentication) does not explain how to select the suitable value for d, which is an important parameter in multicast source authentication. So we give a method to calculate the key disclosure delay (number of intervals). Simulation results show that the proposed algorithms improve the performance of data source authentication in multicast.

  20. Attack strategies on quantum cryptographic protocols

    International Nuclear Information System (INIS)

    Schauer, S.; Suda, M.

    2006-01-01

    Full text: Quantum key distribution (QKD) and quantum authentication (QA) have been a topic of extensive research in the last 20 years. In course of that many attacks on QKD and QA protocols have been studied. Among these, Zhang, Lee and Guo presented an attack on a QKD protocol using entanglement swapping. Based on that strategy we take a look at other protocols to inspect how much information an adversary may get if he shares entanglement with either one or both parties. We will present some protocols where an adversary can even get full information about the key using entanglement. (author)

  1. CLAS: A Novel Communications Latency Based Authentication Scheme

    Directory of Open Access Journals (Sweden)

    Zuochao Dou

    2017-01-01

    Full Text Available We design and implement a novel communications latency based authentication scheme, dubbed CLAS, that strengthens the security of state-of-the-art web authentication approaches by leveraging the round trip network communications latency (RTL between clients and authenticators. In addition to the traditional credentials, CLAS profiles RTL values of clients and uses them to defend against password compromise. The key challenges are (i to prevent RTL manipulation, (ii to alleviate network instabilities, and (iii to address mobile clients. CLAS addresses the first challenge by introducing a novel network architecture, which makes it extremely difficult for attackers to simulate legitimate RTL values. The second challenge is addressed by outlier removal and multiple temporal profiling, while the last challenge is addressed by augmenting CLAS with out-of-band-channels or other authentication schemes. CLAS restricts login to profiled locations while demanding additional information for nonprofiled ones, which highly reduces the attack surface even when the legitimate credentials are compromised. Additionally, unlike many state-of-the-art authentication mechanisms, CLAS is resilient to phishing, pharming, man-in-the-middle, and social engineering attacks. Furthermore, CLAS is transparent to users and incurs negligible overhead. The experimental results show that CLAS can achieve very low false positive and false negative rates.

  2. Sensing pressure for authentication

    NARCIS (Netherlands)

    Henderson, N.J.; White, N.M.; Veldhuis, Raymond N.J.; Hartel, Pieter H.; Slump, Cornelis H.

    The use of signals resulting from tapping a rhythm on a pressure sensor is explored for authentication. The features used for authentication can be divided into rhythm and waveform features. This paper studies the use of waveform features. A verification scheme based on prototype waveforms is

  3. Authenticity at work

    NARCIS (Netherlands)

    van den Bosch, Ralph

    2016-01-01

    Authenticity at work, loosely defined as the degree to which an individual stays true to their core self, has impact on workers in the workplace. This thesis shows that authenticity at work can be measured with a reliable and valid instrument: the IAM Work. Furthermore, results of this thesis show

  4. AUTHENTICITY IN THE BLOGOSPHERE

    Directory of Open Access Journals (Sweden)

    Waclaw Branicki

    2010-01-01

    Full Text Available The primary purpose of this article is to answer the question of whether writing a blog defined as a personal diary can help to better understand himself. Self-awareness is a prerequisite for authentic existence. In the first part analyzed the concept of authenticity. Pointed out the relationship of authenticity to the categories of freedom, truth and responsibility. The second part presents the relationship between authentic existence and the process of self-disclosure, which may take place in the blogosphere. In the third part presents the question whether a writing blog affects the level authenticity of existence. It was recognized that a key element of this phenomenon is the sense of responsibility.

  5. Photon-counting multifactor optical encryption and authentication

    International Nuclear Information System (INIS)

    Pérez-Cabré, E; Millán, M S; Mohammed, E A; Saadon, H L

    2015-01-01

    The multifactor optical encryption authentication method [Opt. Lett., 31 721-3 (2006)] reinforces optical security by allowing the simultaneous authentication of up to four factors. In this work, the photon-counting imaging technique is applied to the multifactor encrypted function so that a sparse phase-only distribution is generated for the encrypted data. The integration of both techniques permits an increased capacity for signal hiding with simultaneous data reduction for better fulfilling the general requirements of protection, storage and transmission. Cryptanalysis of the proposed method is carried out in terms of chosen-plaintext and chosen-ciphertext attacks. Although the multifactor authentication process is not substantially altered by those attacks, its integration with the photon-counting imaging technique prevents from possible partial disclosure of any encrypted factor, thus increasing the security level of the overall process. Numerical experiments and results are provided and discussed. (paper)

  6. Robust anonymous authentication scheme for telecare medical information systems.

    Science.gov (United States)

    Xie, Qi; Zhang, Jun; Dong, Na

    2013-04-01

    Patient can obtain sorts of health-care delivery services via Telecare Medical Information Systems (TMIS). Authentication, security, patient's privacy protection and data confidentiality are important for patient or doctor accessing to Electronic Medical Records (EMR). In 2012, Chen et al. showed that Khan et al.'s dynamic ID-based authentication scheme has some weaknesses and proposed an improved scheme, and they claimed that their scheme is more suitable for TMIS. However, we show that Chen et al.'s scheme also has some weaknesses. In particular, Chen et al.'s scheme does not provide user's privacy protection and perfect forward secrecy, is vulnerable to off-line password guessing attack and impersonation attack once user's smart card is compromised. Further, we propose a secure anonymity authentication scheme to overcome their weaknesses even an adversary can know all information stored in smart card.

  7. A Data-origin Authentication Protocol Based on ONOS Cluster

    Directory of Open Access Journals (Sweden)

    Qin Hua

    2016-01-01

    Full Text Available This paper is aim to propose a data-origin authentication protocol based on ONOS cluster. ONOS is a SDN controller which can work under a distributed environment. However, the security of an ONOS cluster is seldom considered, and the communication in an ONOS cluster may suffer from lots of security threats. In this paper, we used a two-tier self-renewable hash chain for identity authentication and data-origin authentication. We analyse the security and overhead of our proposal and made a comparison with current security measure. It showed that with the help of our proposal, communication in an ONOS cluster could be protected from identity forging, replay attacks, data tampering, MITM attacks and repudiation, also the computational overhead would decrease apparently.

  8. A Protocol for Provably Secure Authentication of a Tiny Entity to a High Performance Computing One

    Directory of Open Access Journals (Sweden)

    Siniša Tomović

    2016-01-01

    Full Text Available The problem of developing authentication protocols dedicated to a specific scenario where an entity with limited computational capabilities should prove the identity to a computationally powerful Verifier is addressed. An authentication protocol suitable for the considered scenario which jointly employs the learning parity with noise (LPN problem and a paradigm of random selection is proposed. It is shown that the proposed protocol is secure against active attacking scenarios and so called GRS man-in-the-middle (MIM attacking scenarios. In comparison with the related previously reported authentication protocols the proposed one provides reduction of the implementation complexity and at least the same level of the cryptographic security.

  9. A robust anonymous biometric-based remote user authentication scheme using smart cards

    Directory of Open Access Journals (Sweden)

    Ashok Kumar Das

    2015-04-01

    Full Text Available Several biometric-based remote user authentication schemes using smart cards have been proposed in the literature in order to improve the security weaknesses in user authentication system. In 2012, An proposed an enhanced biometric-based remote user authentication scheme using smart cards. It was claimed that the proposed scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server. In this paper, we first analyze the security of An’s scheme and we show that this scheme has three serious security flaws in the design of the scheme: (i flaw in user’s biometric verification during the login phase, (ii flaw in user’s password verification during the login and authentication phases, and (iii flaw in user’s password change locally at any time by the user. Due to these security flaws, An’s scheme cannot support mutual authentication between the user and the server. Further, we show that An’s scheme cannot prevent insider attack. In order to remedy the security weaknesses found in An’s scheme, we propose a new robust and secure anonymous biometric-based remote user authentication scheme using smart cards. Through the informal and formal security analysis, we show that our scheme is secure against all possible known attacks including the attacks found in An’s scheme. The simulation results of our scheme using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications tool ensure that our scheme is secure against passive and active attacks. In addition, our scheme is also comparable in terms of the communication and computational overheads with An’s scheme and other related existing schemes. As a result, our scheme is more appropriate for practical applications compared to other approaches.

  10. Deletion of Crry and DAF on murine platelets stimulates thrombopoiesis and increases factor H-dependent resistance of peripheral platelets to complement attack.

    Science.gov (United States)

    Barata, Lidia; Miwa, Takashi; Sato, Sayaka; Kim, David; Mohammed, Imran; Song, Wen-Chao

    2013-03-15

    Complement receptor 1-related gene/protein y (Crry) and decay-accelerating factor (DAF) are two murine membrane C3 complement regulators with overlapping functions. Crry deletion is embryonically lethal whereas DAF-deficient mice are generally healthy. Crry(-/-)DAF(-/-) mice were viable on a C3(-/-) background, but platelets from such mice were rapidly destroyed when transfused into C3-sufficient mice. In this study, we used the cre-lox system to delete platelet Crry in DAF(-/-) mice and studied Crry/DAF-deficient platelet development in vivo. Rather than displaying thrombocytopenia, Pf4-Cre(+)-Crry(flox/flox) mice had normal platelet counts and their peripheral platelets were resistant to complement attack. However, chimera mice generated with Pf4-Cre(+)-Crry(flox/flox) bone marrows showed platelets from C3(-/-) but not C3(+/+) recipients to be sensitive to complement activation, suggesting that circulating platelets in Pf4-Cre(+)-Crry(flox/flox) mice were naturally selected in a complement-sufficient environment. Notably, Pf4-Cre(+)-Crry(flox/flox) mouse platelets became complement susceptible when factor H function was blocked. Examination of Pf4-Cre(+)-Crry(flox/flox) mouse bone marrows revealed exceedingly active thrombopoiesis. Thus, under in vivo conditions, Crry/DAF deficiency on platelets led to abnormal platelet turnover, but peripheral platelet count was compensated for by increased thrombopoiesis. Selective survival of Crry/DAF-deficient platelets aided by factor H protection and compensatory thrombopoiesis demonstrates the cooperation between membrane and fluid phase complement inhibitors and the body's ability to adaptively respond to complement regulator deficiencies.

  11. A digital memories based user authentication scheme with privacy preservation.

    Directory of Open Access Journals (Sweden)

    JunLiang Liu

    Full Text Available The traditional username/password or PIN based authentication scheme, which still remains the most popular form of authentication, has been proved insecure, unmemorable and vulnerable to guessing, dictionary attack, key-logger, shoulder-surfing and social engineering. Based on this, a large number of new alternative methods have recently been proposed. However, most of them rely on users being able to accurately recall complex and unmemorable information or using extra hardware (such as a USB Key, which makes authentication more difficult and confusing. In this paper, we propose a Digital Memories based user authentication scheme adopting homomorphic encryption and a public key encryption design which can protect users' privacy effectively, prevent tracking and provide multi-level security in an Internet & IoT environment. Also, we prove the superior reliability and security of our scheme compared to other schemes and present a performance analysis and promising evaluation results.

  12. Strong Authentication Scheme Based on Hand Geometry and Smart Card Factors

    Directory of Open Access Journals (Sweden)

    Ali A. Yassin

    2016-07-01

    Full Text Available In 2009, Xu et al. presented a safe, dynamic, id-based on remote user authentication method that has several advantages such as freely chosen passwords and mutual authentication. In this paper, we review the Xu–Zhu–Feng scheme and indicate many shortcomings in their scheme. Impersonation attacks and insider attacks could be effective. To overcome these drawbacks, we propose a secure biometric-based remote authentication scheme using biometric characteristics of hand-geometry, which is aimed at withstanding well-known attacks and achieving good performance. Furthermore, our work contains many crucial merits such as mutual authentication, user anonymity, freely chosen passwords, secure password changes, session key agreements, revocation by using personal biometrics, and does not need extra device or software for hand geometry in the login phase. Additionally, our scheme is highly efficient and withstands existing known attacks like password guessing, server impersonation, insider attacks, denial of service (DOS attacks, replay attacks, and parallel-session attacks. Compared with the other related schemes, our work is powerful both in communications and computation costs.

  13. Improving an Anonymous and Provably Secure Authentication Protocol for a Mobile User

    Directory of Open Access Journals (Sweden)

    Jongho Moon

    2017-01-01

    Full Text Available Recently many authentication protocols using an extended chaotic map were suggested for a mobile user. Many researchers demonstrated that authentication protocol needs to provide key agreement, mutual authentication, and user anonymity between mobile user and server and resilience to many possible attacks. In this paper, we cautiously analyzed chaotic-map-based authentication scheme and proved that it is still insecure to off-line identity guessing, user and server impersonation, and on-line identity guessing attacks. To address these vulnerabilities, we proposed an improved protocol based on an extended chaotic map and a fuzzy extractor. We proved the security of the proposed protocol using a random oracle and AVISPA (Automated Validation of Internet Security Protocols and Applications tool. Furthermore, we present an informal security analysis to make sure that the improved protocol is invulnerable to possible attacks. The proposed protocol is also computationally efficient when compared to other previous protocols.

  14. LMIP/AAA: Local Authentication, Authorization and Accounting (AAA) Protocol for Mobile IP

    Science.gov (United States)

    Chenait, Manel

    Mobile IP represents a simple and scalable global mobility solution. However, it inhibits various vulnerabilities to malicious attacks and, therefore, requires the integration of appropriate security services. In this paper, we discuss two authentication schemes suggested for Mobile IP: standard authentication and Mobile IP/AAA authentication. In order to provide Mobile IP roaming services including identity verication, we propose an improvement to Mobile/AAA authentication scheme by applying a local politic key management in each domain, hence we reduce hando latency by avoiding the involvement of AAA infrastructure during mobile node roaming.

  15. Discovering your authentic leadership.

    Science.gov (United States)

    George, Bill; Sims, Peter; McLean, Andrew N; Mayer, Diana

    2007-02-01

    The ongoing problems in business leadership over the past five years have underscored the need for a new kind of leader in the twenty-first century: the authentic leader. Author Bill George, a Harvard Business School professor and the former chairman and CEO of Medtronic, and his colleagues, conducted the largest leadership development study ever undertaken. They interviewed 125 business leaders from different racial, religious, national, and socioeconomic backgrounds to understand how leaders become and remain authentic. Their interviews showed that you do not have to be born with any particular characteristics or traits to lead. You also do not have to be at the top of your organization. Anyone can learn to be an authentic leader. The journey begins with leaders understanding their life stories. Authentic leaders frame their stories in ways that allow them to see themselves not as passive observers but as individuals who learn from their experiences. These leaders make time to examine their experiences and to reflect on them, and in doing so they grow as individuals and as leaders. Authentic leaders also work hard at developing self-awareness through persistent and often courageous self-exploration. Denial can be the greatest hurdle that leaders face in becoming self-aware, but authentic leaders ask for, and listen to, honest feedback. They also use formal and informal support networks to help them stay grounded and lead integrated lives. The authors argue that achieving business results over a sustained period of time is the ultimate mark of authentic leadership. It may be possible to drive short-term outcomes without being authentic, but authentic leadership is the only way to create long-term results.

  16. Network Protection Against DDoS Attacks

    Directory of Open Access Journals (Sweden)

    Petr Dzurenda

    2015-03-01

    Full Text Available The paper deals with possibilities of the network protection against Distributed Denial of Service attacks (DDoS. The basic types of DDoS attacks and their impact on the protected network are presented here. Furthermore, we present basic detection and defense techniques thanks to which it is possible to increase resistance of the protected network or device against DDoS attacks. Moreover, we tested the ability of current commercial Intrusion Prevention Systems (IPS, especially Radware DefensePro 6.10.00 product against the most common types of DDoS attacks. We create five scenarios that are varied in type and strength of the DDoS attacks. The attacks intensity was much greater than the normal intensity of the current DDoS attacks.

  17. A Review Of Authentication Methods

    OpenAIRE

    Nilesh A. Lal; Salendra Prasad; Mohammed Farik

    2015-01-01

    Authentication is process of granting a user access to an information system. There are three main types of authentication mechanisms password entry smart card and biometric. Each authentication mechanism functions differently and has their strengths and weakness. In this paper we review different types of authentication mechanisms their vulnerabilities and recommend novel solutions.

  18. A Review Of Authentication Methods

    Directory of Open Access Journals (Sweden)

    Nilesh A. Lal

    2015-08-01

    Full Text Available Authentication is process of granting a user access to an information system. There are three main types of authentication mechanisms password entry smart card and biometric. Each authentication mechanism functions differently and has their strengths and weakness. In this paper we review different types of authentication mechanisms their vulnerabilities and recommend novel solutions.

  19. Richard Peters and Valuing Authenticity

    Science.gov (United States)

    Degenhardt, M. A. B.

    2009-01-01

    Richard Peters has been praised for the authenticity of his philosophy, and inquiry into aspects of the development of his philosophy reveals a profound authenticity. Yet authenticity is something he seems not to favour. The apparent paradox is resolved by observing historical changes in the understanding of authenticity as an important value.…

  20. Comparative Study on Various Authentication Protocols in Wireless Sensor Networks.

    Science.gov (United States)

    Rajeswari, S Raja; Seenivasagam, V

    2016-01-01

    Wireless sensor networks (WSNs) consist of lightweight devices with low cost, low power, and short-ranged wireless communication. The sensors can communicate with each other to form a network. In WSNs, broadcast transmission is widely used along with the maximum usage of wireless networks and their applications. Hence, it has become crucial to authenticate broadcast messages. Key management is also an active research topic in WSNs. Several key management schemes have been introduced, and their benefits are not recognized in a specific WSN application. Security services are vital for ensuring the integrity, authenticity, and confidentiality of the critical information. Therefore, the authentication mechanisms are required to support these security services and to be resilient to distinct attacks. Various authentication protocols such as key management protocols, lightweight authentication protocols, and broadcast authentication protocols are compared and analyzed for all secure transmission applications. The major goal of this survey is to compare and find out the appropriate protocol for further research. Moreover, the comparisons between various authentication techniques are also illustrated.

  1. A Remote User Authentication Scheme with Anonymity for Mobile Devices

    Directory of Open Access Journals (Sweden)

    Soobok Shin

    2012-04-01

    Full Text Available With the rapid growth of information technologies, mobile devices have been utilized in a variety of services such as e-commerce. When a remote server provides such e-commerce services to a user, it must verify the legitimacy of the user over an insecure communication channel. Therefore, remote user authentication has been widely deployed to verify the legitimacy of remote user login requests using mobile devices like smart cards. In this paper we propose a smart card-based authentication scheme that provides both user anonymity and mutual authentication between a remote server and a user. The proposed authentication scheme is a simple and efficient system applicable to the limited resource and low computing performance of the smart card. The proposed scheme provides not only resilience to potential attacks in the smart card-based authentication scheme, but also secure authentication functions. A smart card performs a simple one-way hash function, the operations of exclusive-or and concatenation in the authentication phase of the proposed scheme. The proposed scheme also provides user anonymity using a dynamic identity and key agreement, and secure password change.

  2. Comparative Study on Various Authentication Protocols in Wireless Sensor Networks

    Science.gov (United States)

    Rajeswari, S. Raja; Seenivasagam, V.

    2016-01-01

    Wireless sensor networks (WSNs) consist of lightweight devices with low cost, low power, and short-ranged wireless communication. The sensors can communicate with each other to form a network. In WSNs, broadcast transmission is widely used along with the maximum usage of wireless networks and their applications. Hence, it has become crucial to authenticate broadcast messages. Key management is also an active research topic in WSNs. Several key management schemes have been introduced, and their benefits are not recognized in a specific WSN application. Security services are vital for ensuring the integrity, authenticity, and confidentiality of the critical information. Therefore, the authentication mechanisms are required to support these security services and to be resilient to distinct attacks. Various authentication protocols such as key management protocols, lightweight authentication protocols, and broadcast authentication protocols are compared and analyzed for all secure transmission applications. The major goal of this survey is to compare and find out the appropriate protocol for further research. Moreover, the comparisons between various authentication techniques are also illustrated. PMID:26881272

  3. Heart Attack Recovery FAQs

    Science.gov (United States)

    ... recommendations to make a full recovery. View an animation of a heart attack . Heart Attack Recovery Questions ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

  4. Cryptanalysis of quantum broadcast communication and authentication protocol with a one-time pad

    International Nuclear Information System (INIS)

    Cao Ya; Gao Fei

    2016-01-01

    Chang et al . [ Chin. Phys. B 23 010305 (2014)] have proposed a quantum broadcast communication and authentication protocol. However, we find that an intercept-resend attack can be preformed successfully by a potential eavesdropper, who will be able to destroy the authentication function. Afterwards, he or she can acquire the secret transmitted message or even modify it while escaping detection, by implementing an efficient man-in-the-middle attack. Furthermore, we show a simple scheme to defend this attack, that is, applying non-reusable identity strings. (paper)

  5. A Scenario-Based Protocol Checker for Public-Key Authentication Scheme

    Science.gov (United States)

    Saito, Takamichi

    Security protocol provides communication security for the internet. One of the important features of it is authentication with key exchange. Its correctness is a requirement of the whole of the communication security. In this paper, we introduce three attack models realized as their attack scenarios, and provide an authentication-protocol checker for applying three attack-scenarios based on the models. We also utilize it to check two popular security protocols: Secure SHell (SSH) and Secure Socket Layer/Transport Layer Security (SSL/TLS).

  6. STUDENTS’ POTENTIAL FOR AUTHENTIC LEADERSHIP

    OpenAIRE

    Djurdja Solesa-Grijak; Dragan Solesa; Nedjo Kojic

    2015-01-01

    To know yourself and to act accordingly has been seen as a moral imperative throughout history. The aim of this research was to determine potential of students for authentic leadership and relation between their authentic personality and potential for authentic leadership. The sample consisted of students (N=133) from Serbia (male – 59% and female – 41%). The average age of students was M=21.9. Instruments used were Authenticity Scale (Wood et al., 2008) and Authentic Leadership Self-Assessme...

  7. Identification and Authentication Policy

    National Research Council Canada - National Science Library

    Gimble, Thomas

    1999-01-01

    .... We will accomplish the audit objective in two phases. In this phase, we reviewed current DoD Component policies on the use of identification and authentication controls to access information systems...

  8. Distributed authentication for randomly compromised networks

    International Nuclear Information System (INIS)

    Beals, Travis R; Hynes, Kevin P; Sanders, Barry C

    2009-01-01

    We introduce a simple, practical approach with probabilistic information-theoretic security to solve one of quantum key distribution's major security weaknesses: the requirement of an authenticated classical channel to prevent man-in-the-middle attacks. Our scheme employs classical secret sharing and partially trusted intermediaries to provide arbitrarily high confidence in the security of the protocol. Although certain failures elude detection, we discuss preemptive strategies to reduce the probability of failure to an arbitrarily small level: the probability of such failures is exponentially suppressed with increases in connectivity (i.e. connections per node).

  9. Security for 4G and 5G Cellular Networks: A Survey of Existing Authentication and Privacy-preserving Schemes

    OpenAIRE

    Ferrag, Mohamed Amine; Maglaras, Leandros; Argyriou, Antonios; Kosmanos, Dimitrios; Janicke, Helge

    2017-01-01

    This paper presents a comprehensive survey of existing authentication and privacy-preserving schemes for 4G and 5G cellular networks. We start by providing an overview of existing surveys that deal with 4G and 5G communications, applications, standardization, and security. Then, we give a classification of threat models in 4G and 5G cellular networks in four categories, including, attacks against privacy, attacks against integrity, attacks against availability, and attacks against authenticat...

  10. Biometric Authentication Systems Attacks: Liveness Detection to the ...

    African Journals Online (AJOL)

    PROF. OLIVER OSUAGWA

    2014-12-01

    Dec 1, 2014 ... 1Department of Computer Science, Imo State University, Owerri ... potential to provide security for a variety of applications. BAS are nowadays ... access control, sensitive data protection and on-line tracking systems. Like any ...

  11. A Survey of Authentication Schemes in Telecare Medicine Information Systems.

    Science.gov (United States)

    Aslam, Muhammad Umair; Derhab, Abdelouahid; Saleem, Kashif; Abbas, Haider; Orgun, Mehmet; Iqbal, Waseem; Aslam, Baber

    2017-01-01

    E-Healthcare is an emerging field that provides mobility to its users. The protected health information of the users are stored at a remote server (Telecare Medical Information System) and can be accessed by the users at anytime. Many authentication protocols have been proposed to ensure the secure authenticated access to the Telecare Medical Information System. These protocols are designed to provide certain properties such as: anonymity, untraceability, unlinkability, privacy, confidentiality, availability and integrity. They also aim to build a key exchange mechanism, which provides security against some attacks such as: identity theft, password guessing, denial of service, impersonation and insider attacks. This paper reviews these proposed authentication protocols and discusses their strengths and weaknesses in terms of ensured security and privacy properties, and computation cost. The schemes are divided in three broad categories of one-factor, two-factor and three-factor authentication schemes. Inter-category and intra-category comparison has been performed for these schemes and based on the derived results we propose future directions and recommendations that can be very helpful to the researchers who work on the design and implementation of authentication protocols.

  12. Research on Quantum Authentication Methods for the Secure Access Control Among Three Elements of Cloud Computing

    Science.gov (United States)

    Dong, Yumin; Xiao, Shufen; Ma, Hongyang; Chen, Libo

    2016-12-01

    Cloud computing and big data have become the developing engine of current information technology (IT) as a result of the rapid development of IT. However, security protection has become increasingly important for cloud computing and big data, and has become a problem that must be solved to develop cloud computing. The theft of identity authentication information remains a serious threat to the security of cloud computing. In this process, attackers intrude into cloud computing services through identity authentication information, thereby threatening the security of data from multiple perspectives. Therefore, this study proposes a model for cloud computing protection and management based on quantum authentication, introduces the principle of quantum authentication, and deduces the quantum authentication process. In theory, quantum authentication technology can be applied in cloud computing for security protection. This technology cannot be cloned; thus, it is more secure and reliable than classical methods.

  13. The role of a positive trigger event in actioning authentic leadership development

    Directory of Open Access Journals (Sweden)

    S. Puente

    2007-11-01

    Full Text Available Authenticity can best be understood in context, and context implies action (Payne, 1996. For the purpose of this study, leadership in general, and authentic leadership in particular, were explored in terms of the actions of former mayor of New York City, Rudolph Giuliani, who displayed authentic leadership in action during the tragic aftermath of the World Trade Centre attacks. Authentic leadership development tends to be triggered by a negative event (as in the case of 9/11 for Giuliani, for example. Since there is limited knowledge of how a positive event may trigger authentic leadership development, the aim of this study was to explore the potential of Appreciative Inquiry (AI - an affirmative mode of action research - as a positive trigger event for authentic leadership development. The results indicated that this positive approach to change could indeed be implemented for this purpose.

  14. Quantum authentication based on the randomness of measurement bases in BB84

    International Nuclear Information System (INIS)

    Dang Minh Dung; Bellot, P.; Alleaume, R.

    2005-01-01

    Full text: The establishment of a secret key between two legitimate end points of a communication link, let us name them Alice and Bob, using Quantum key distribution (QKD) is unconditionally secure thanks to Quantum Physics laws.However, the various QKD protocols do not intend to provide the authentication of the end points: Alice cannot be sure that she is communicating with Bob and reciprocally. Therefore, these protocols are subjects to various attacks. The most obvious attack is the man-in-the-middle attack in which an eavesdropper, let us name her Eve, stands in the middle of the communication link. Alice communicates with Eve meanwhile she thinks she communicate with Bob. And Bob communicates with Eve meanwhile he thinks he is communicating with Alice. Eve, acting as a relay, can read all the communications between Alice and Bob and retransmit them. To prevent this kind of attack, the solution is to authenticate the two end points of the communication link. One solution is that Alice and Bob share an authentication key prior to the communication. In order to improve the security, Alice and Bob must share a set of authentication one-time keys. One-time key means that the key has to be used only once because each time a key is used, the eavesdropper Eve can gain a few information on the key. Re-using the same key many times would finally reveal the key to Eve. However, Eve can simulate many times the authentication process with Alice. Each time Eve simulates the authentication process, one of the pre-positioned keys is depleted leading to the exhaustion of the set of pre-positioned keys. This type of attack is named Denial of Service attack. In this work, we propose to use the randomness of the measurement bases in BB84 to build an authentication scheme based on the existence of a prepositioned authentication key. This authentication scheme can be used with BB84 but also with any other Quantum Key Distribution protocols. It is protected against the Denial of

  15. An Approach for Prevention of MitM Attack Based on Rogue AP in Wireless Network

    Directory of Open Access Journals (Sweden)

    Zhendong Wu

    2014-12-01

    Full Text Available With the rapid development of WLAN, more and more schools and businesses have begun to provide the WLAN for users. However, WLAN is considerably more susceptible to MitM (man- in-the-middle attack. To overcome it, we propose a dynamic password technology named Two-way Dynamic Authentication Technology (TDAT. It uses two-factor during the initial authentication, and uses a two-way hash chain during the cross-domain authentication. TDAT effectively protects users' authentication credentials and improves users' experience. In an actual wireless network environment, we implement a MitM attack framework based on Rogue AP. Then we effectively prevent this MitM attack by using TDAT. Moreover we analyze the security of TDAT by using BAN logic.

  16. Security enhanced anonymous multiserver authenticated key agreement scheme using smart cards and biometrics.

    Science.gov (United States)

    Choi, Younsung; Nam, Junghyun; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Won, Dongho

    2014-01-01

    An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user's biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen's scheme.

  17. A Two-Factor RSA-Based Robust Authentication System for Multiserver Environments

    Directory of Open Access Journals (Sweden)

    Ruhul Amin

    2017-01-01

    Full Text Available The concept of two-factor multiserver authentication protocol was developed to avoid multiple number of registrations using multiple smart-cards and passwords. Recently, a variety of two-factor multiserver authentication protocols have been developed. It is observed that the existing RSA-based multiserver authentication protocols are not suitable in terms of computation complexities and security attacks. To provide lower complexities and security resilience against known attacks, this article proposes a two-factor (password and smart-card user authentication protocol with the RSA cryptosystem for multiserver environments. The comprehensive security discussion proved that the known security attacks are eliminated in our protocol. Besides, our protocol supports session key agreement and mutual authentication between the application server and the user. We analyze the proof of correctness of the mutual authentication and freshness of session key using the BAN logic model. The experimental outcomes obtained through simulation of the Automated Validation of Internet Security Protocols and Applications (AVISPA S/W show that our protocol is secured. We consider the computation, communication, and storage costs and the comparative explanations show that our protocol is flexible and efficient compared with protocols. In addition, our protocol offers security resilience against known attacks and provides lower computation complexities than existing protocols. Additionally, the protocol offers password change facility to the authorized user.

  18. Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

    Directory of Open Access Journals (Sweden)

    Younsung Choi

    2014-01-01

    Full Text Available An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

  19. Diffie-Hellman Key Based Authentication in Proxy Mobile IPv6

    Directory of Open Access Journals (Sweden)

    HyunGon Kim

    2010-01-01

    Full Text Available Wireless communication service providers have been showing strong interest in Proxy Mobile IPv6 for providing network-based IP mobility management. This could be a prominent way to support IP mobility to mobile nodes, because Proxy Mobile IPv6 requires minimal functionalities on the mobile node. While several extensions for Proxy Mobile IPv6 are being developed in the Internet Engineering Task Force, there has been little attentions paid to developing efficient authentication mechanisms. An authentication scheme for a mobility protocol must protect signaling messages against various security threats, e.g., session stealing attack, intercept attack by redirection, replay attack, and key exposure, while minimizing authentication latency. In this paper, we propose a Diffie-Hellman key based authentication scheme that utilizes the low layer signaling to exchange Diffie-Hellman variables and allows mobility service provisioning entities to exchange mobile node's profile and ongoing sessions securely. By utilizing the low layer signaling and context transfer between relevant nodes, the proposed authentication scheme minimizes authentication latency when the mobile node moves across different networks. In addition, thanks to the use of the Diffie-Hellman key agreement, pre-established security associations between mobility service provisioning entities are not required in the proposed authentication scheme so that network scalability in an operationally efficient manner is ensured. To ascertain its feasibility, security analysis and performance analysis are presented.

  20. Authentication Without Secrets

    Energy Technology Data Exchange (ETDEWEB)

    Pierson, Lyndon G. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Robertson, Perry J. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2015-11-01

    This work examines a new approach to authentication, which is the most fundamental security primitive that underpins all cyber security protections. Current Internet authentication techniques require the protection of one or more secret keys along with the integrity protection of the algorithms/computations designed to prove possession of the secret without actually revealing it. Protecting a secret requires physical barriers or encryption with yet another secret key. The reason to strive for "Authentication without Secret Keys" is that protecting secrets (even small ones only kept in a small corner of a component or device) is much harder than protecting the integrity of information that is not secret. Promising methods are examined for authentication of components, data, programs, network transactions, and/or individuals. The successful development of authentication without secret keys will enable far more tractable system security engineering for high exposure, high consequence systems by eliminating the need for brittle protection mechanisms to protect secret keys (such as are now protected in smart cards, etc.). This paper is a re-release of SAND2009-7032 with new figures numerous edits.

  1. Information barriers and authentication

    International Nuclear Information System (INIS)

    MacArthur, D.W.; Wolford, J.K.

    2001-01-01

    Acceptance of nuclear materials into a monitoring regime is complicated if the materials are in classified shapes or have classified composition. An attribute measurement system with an information barrier can be emplo,yed to generate an unclassified display from classified measurements. This information barrier must meet two criteria: (1) classified information cannot be released to the monitoring party, and (2) the monitoring party must be convinced that the unclassified output accurately represents the classified input. Criterion 1 is critical to the host country to protect the classified information. Criterion 2 is critical to the monitoring party and is often termed the 'authentication problem.' Thus, the necessity for authentication of a measurement system with an information barrier stems directly from the description of a useful information barrier. Authentication issues must be continually addressed during the entire development lifecycle of the measurement system as opposed to being applied only after the system is built.

  2. Brand new authentic places

    DEFF Research Database (Denmark)

    Stender, Marie

    the relation and interplay between the two. This study strives to fill this gap by ethnographically tracing the process from design to occupancy including the role of branding as a means to create authenticity. The concept of authenticity is often associated with old houses and neighbourhoods, but also in new......How are places and material surroundings ascribed with meaning when new residential neighbourhoods are designed, branded and taken into use? Existing research on housing, neighbourhoods and urban design tends to take the perspective of either the architect or the user rather than to explore...... neighbourhoods stories of authenticity seems to be of great importance giving value and identity to place and people. By way of design and branding new places are implied with notions of the real, the original and the unique referring to e.g. its historical past, architectural uniqueness, sustainability or sense...

  3. Improved Message Authentication and Confidentiality Checking

    International Nuclear Information System (INIS)

    Ismail Jabiullah, M.; Abdullah Al-Shamim, M.; Lutfar Rahman, M.

    2005-01-01

    The most confusing areas of the secured network communications are the message authentication and confidentiality checking. The attacks and the counter measures have become so convoluted that the users in this area begin to account for all contingencies. Two session-key generation techniques are used here to generate two separate session keys K 1 and K 2 ; and both the sender and the reveiver share these keys for higher degree of authentication and confidentiality. For this, the message is first encrypted by the key K 1 , and then the intermediary message authenticatin code (MAC) is generated by encrypting the encrypted message using the key K 2 . Then, the encrypted message and the intermediary MAC is again encrypted by using the K 2 and concatenated with the encrypted message and sent to the destination. At the receiving end, first, the received ciphertext is encrypted by using key K 2 and compared to the received MAC. The received ciphertext again is decrypted by the key K 2 and compared with the first decrypted MAC twice by the key K 2 . The plaintext is obtained by decrypting the received ciphertext first by K 2 and then by K 1 , using the corresponding decryption techniques respectively. The encryption techniques with key K 2 provides the authentication and with key K 1 provides the confidentiality checking of the transmitted message. The developed technique can be applied to both academic and commercial applications in online or offline electronic transactions for security.(authors)

  4. Design and Analysis of an Enhanced Patient-Server Mutual Authentication Protocol for Telecare Medical Information System.

    Science.gov (United States)

    Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Obaidat, Mohammad S

    2015-11-01

    In order to access remote medical server, generally the patients utilize smart card to login to the server. It has been observed that most of the user (patient) authentication protocols suffer from smart card stolen attack that means the attacker can mount several common attacks after extracting smart card information. Recently, Lu et al.'s proposes a session key agreement protocol between the patient and remote medical server and claims that the same protocol is secure against relevant security attacks. However, this paper presents several security attacks on Lu et al.'s protocol such as identity trace attack, new smart card issue attack, patient impersonation attack and medical server impersonation attack. In order to fix the mentioned security pitfalls including smart card stolen attack, this paper proposes an efficient remote mutual authentication protocol using smart card. We have then simulated the proposed protocol using widely-accepted AVISPA simulation tool whose results make certain that the same protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. Moreover, the rigorous security analysis proves that the proposed protocol provides strong security protection on the relevant security attacks including smart card stolen attack. We compare the proposed scheme with several related schemes in terms of computation cost and communication cost as well as security functionalities. It has been observed that the proposed scheme is comparatively better than related existing schemes.

  5. What Happens When "Germs Don't Get Killed and They Attack Again and Again": Perceptions of Antimicrobial Resistance in the Context of Diarrheal Disease Treatment Among Laypersons and Health-Care Providers in Karachi, Pakistan.

    Science.gov (United States)

    Joseph, Heather A; Agboatwalla, Mubina; Hurd, Jacqueline; Jacobs-Slifka, Kara; Pitz, Adam; Bowen, Anna

    2016-07-06

    In south Asia, where diarrhea is common and antibiotics are accessible without prescription, antimicrobial resistance is an emerging and serious problem. However, beliefs and behaviors related to antimicrobial resistance are poorly understood. We explored laypersons' and health-care providers' (HCP) awareness and perceptions of antimicrobial resistance in the context of treatment of adult diarrheal disease in Karachi, Pakistan. In-depth, open-ended interviews were conducted with 40 laypersons and 45 HCPs in a lower-middle-class urban neighborhood. Interviews conducted in Urdu were audiotaped, transcribed, translated, and coded using applied thematic analysis. Slightly over half of laypersons and two-thirds of HCPs were aware that antimicrobial medication could lose effectiveness, but misperceptions were common. Laypersons and HCPs often believed that "the body becomes immune" or "bacteria attack more strongly" if medications are taken "improperly." Another prevalent theme was that causes and effects of antimicrobial resistance are limited to the individual taking the antimicrobial medication and to the specific diarrheal episode. Participants often attributed antimicrobial resistance to patient behaviors; HCP behavior was rarely discussed. Less than half of the HCPs were aware of treatment guidelines. To combat antimicrobial resistance in urban Pakistan, a health systems strategy and community-supported outreach campaigns on appropriate antimicrobial use are needed. © The American Society of Tropical Medicine and Hygiene.

  6. Authentic leadership to the future

    Directory of Open Access Journals (Sweden)

    Dimovski Vlado

    2012-01-01

    Full Text Available Authentic leadership is the latest evolutionary stage in leadership development and emphasizes the leader's authenticity. The construct of authenticity was researched by ancient Greek philosophers as 'know thy-self ', and 'thy true self '. Authentic leadership began to develop after 2004. The main reason why the researchers place so much attention to authentic leadership is fact that authentic leadership reaches all of the employees in organizations. Authentic leaders must identify the strengths of their followers and help them with their development and integration towards a common goal, purpose, vision and identity of the organization. Authentic leadership is seen as the final stage in the development of leadership styles, properties of this leadership style, and the consequences of this style have not been fully explored. In our paper we will explore this new style of leadership and its implications.

  7. Two-factor authentication

    CERN Document Server

    Stanislav, Mark

    2015-01-01

    During the book, readers will learn about the various technical methods by which two-factor authentication is implemented, security concerns with each type of implementation, and contextual details to frame why and when these technologies should be used. Readers will also be provided with insight about the reasons that two-factor authentication is a critical security control, events in history that have been important to prove why organization and individual would want to use two factor, and core milestones in the progress of growing the market.

  8. Authentication via wavefront-shaped optical responses

    Science.gov (United States)

    Eilers, Hergen; Anderson, Benjamin R.; Gunawidjaja, Ray

    2018-02-01

    Authentication/tamper-indication is required in a wide range of applications, including nuclear materials management and product counterfeit detection. State-of-the-art techniques include reflective particle tags, laser speckle authentication, and birefringent seals. Each of these passive techniques has its own advantages and disadvantages, including the need for complex image comparisons, limited flexibility, sensitivity to environmental conditions, limited functionality, etc. We have developed a new active approach to address some of these short-comings. The use of an active characterization technique adds more flexibility and additional layers of security over current techniques. Our approach uses randomly-distributed nanoparticles embedded in a polymer matrix (tag/seal) which is attached to the item to be secured. A spatial light modulator is used to adjust the wavefront of a laser which interacts with the tag/seal, and a detector is used to monitor this interaction. The interaction can occur in various ways, including transmittance, reflectance, fluorescence, random lasing, etc. For example, at the time of origination, the wavefront-shaped reflectance from a tag/seal can be adjusted to result in a specific pattern (symbol, words, etc.) Any tampering with the tag/seal would results in a disturbance of the random orientation of the nanoparticles and thus distort the reflectance pattern. A holographic waveplate could be inserted into the laser beam for verification. The absence/distortion of the original pattern would then indicate that tampering has occurred. We have tested the tag/seal's and authentication method's tamper-indicating ability using various attack methods, including mechanical, thermal, and chemical attacks, and have verified our material/method's robust tamper-indicating ability.

  9. Converse PUF-based authentication

    NARCIS (Netherlands)

    Kocabas, U.; Peter, Andreas; Katzenbeisser, S.; Sadeghi, A.

    Physically Unclonable Functions (PUFs) are key tools in the construction of lightweight authentication and key exchange protocols. So far, all existing PUF-based authentication protocols follow the same paradigm: A resource-constrained prover, holding a PUF, wants to authenticate to a resource-rich

  10. Topic Map for Authentic Travel

    OpenAIRE

    Wandsvik, Atle; Zare, Mehdi

    2007-01-01

    E-business is a new trend in Internet use. Authentic travel is an approach to travel and travel business which helps the traveler experience what is authentic in the travel destination. But how can the traveler find those small authentic spots and organize them together to compose a vacation? E-business techniques, combined withTopic Maps, can help.

  11. Trace Attack against Biometric Mobile Applications

    Directory of Open Access Journals (Sweden)

    Sanaa Ghouzali

    2016-01-01

    Full Text Available With the exponential increase in the dependence on mobile devices in everyday life, there is a growing concern related to privacy and security issues in the Gulf countries; therefore, it is imperative that security threats should be analyzed in detail. Mobile devices store enormous amounts of personal and financial information, unfortunately without any security. In order to secure mobile devices against different threats, biometrics has been applied and shown to be effective. However, biometric mobile applications are also vulnerable to several types of attacks that can decrease their security. Biometric information itself is considered sensitive data; for example, fingerprints can leave traces in touched objects and facial images can be captured everywhere or accessed by the attacker if the facial image is stored in the mobile device (lost or stolen. Hence, an attacker can easily forge the identity of a legitimate user and access data on a device. In this paper, the effects of a trace attack on the sensitivity of biometric mobile applications are investigated in terms of security and user privacy. Experimental results carried out on facial and fingerprint mobile authentication applications using different databases have shown that these mobile applications are vulnerable to the proposed attack, which poses a serious threat to the overall system security and user privacy.

  12. A video authentication technique

    International Nuclear Information System (INIS)

    Johnson, C.S.

    1987-01-01

    Unattended video surveillance systems are particularly vulnerable to the substitution of false video images into the cable that connects the camera to the video recorder. New technology has made it practical to insert a solid state video memory into the video cable, freeze a video image from the camera, and hold this image as long as desired. Various techniques, such as line supervision and sync detection, have been used to detect video cable tampering. The video authentication technique described in this paper uses the actual video image from the camera as the basis for detecting any image substitution made during the transmission of the video image to the recorder. The technique, designed for unattended video systems, can be used for any video transmission system where a two-way digital data link can be established. The technique uses similar microprocessor circuitry at the video camera and at the video recorder to select sample points in the video image for comparison. The gray scale value of these points is compared at the recorder controller and if the values agree within limits, the image is authenticated. If a significantly different image was substituted, the comparison would fail at a number of points and the video image would not be authenticated. The video authentication system can run as a stand-alone system or at the request of another system

  13. Tools for Authentication

    International Nuclear Information System (INIS)

    White, G.

    2008-01-01

    Many recent Non-proliferation and Arms Control software projects include a software authentication component. In this context, 'authentication' is defined as determining that a software package performs only its intended purpose and performs that purpose correctly and reliably over many years. In addition to visual inspection by knowledgeable computer scientists, automated tools are needed to highlight suspicious code constructs both to aid the visual inspection and to guide program development. While many commercial tools are available for portions of the authentication task, they are proprietary, and have limited extensibility. An open-source, extensible tool can be customized to the unique needs of each project (projects can have both common and custom rules to detect flaws and security holes). Any such extensible tool must be based on a complete language compiler infrastructure, that is, one that can parse and digest the full language through its standard grammar. ROSE is precisely such a compiler infrastructure developed within DOE. ROSE is a robust source-to-source analysis and optimization infrastructure currently addressing large, million-line DOE applications in C, C++, and FORTRAN. This year, it has been extended to support the automated analysis of binaries. We continue to extend ROSE to address a number of security-specific requirements and apply it to software authentication for Non-proliferation and Arms Control projects. We will give an update on the status of our work

  14. Learners' Perspectives on Authenticity.

    Science.gov (United States)

    Chavez, Monika M. Th.

    A survey investigated the attitudes of second language learners about authentic texts, written and oral, used for language instruction. Respondents were 186 randomly-selected university students of German. The students were administered a 212-item questionnaire (the items are appended) that requested information concerning student demographic…

  15. Tools for Authentication

    Energy Technology Data Exchange (ETDEWEB)

    White, G

    2008-07-09

    Many recent Non-proliferation and Arms Control software projects include a software authentication component. In this context, 'authentication' is defined as determining that a software package performs only its intended purpose and performs that purpose correctly and reliably over many years. In addition to visual inspection by knowledgeable computer scientists, automated tools are needed to highlight suspicious code constructs both to aid the visual inspection and to guide program development. While many commercial tools are available for portions of the authentication task, they are proprietary, and have limited extensibility. An open-source, extensible tool can be customized to the unique needs of each project (projects can have both common and custom rules to detect flaws and security holes). Any such extensible tool must be based on a complete language compiler infrastructure, that is, one that can parse and digest the full language through its standard grammar. ROSE is precisely such a compiler infrastructure developed within DOE. ROSE is a robust source-to-source analysis and optimization infrastructure currently addressing large, million-line DOE applications in C, C++, and FORTRAN. This year, it has been extended to support the automated analysis of binaries. We continue to extend ROSE to address a number of security-specific requirements and apply it to software authentication for Non-proliferation and Arms Control projects. We will give an update on the status of our work.

  16. Facilitating Authentic Becoming

    Science.gov (United States)

    Eriksen, Matthew

    2012-01-01

    A "Model of Authentic Becoming" that conceptualizes learning as a continuous and ongoing embodied and relational process, and uses social constructionism assumptions as well as Kolb's experiential learning model as its point of departure, is presented. Through a focus on the subjective, embodied, and relational nature of organizational life, the…

  17. Authenticity in Employment Relations

    DEFF Research Database (Denmark)

    Tackney, Charles Thomas

    This research takes up the concept of authenticity as a criterion variable for theology of the workplace analysis, a domain which explores employment parameters in light of religious teaching on the social question at national, organizational or firm-specific levels. Following a review of the con......This research takes up the concept of authenticity as a criterion variable for theology of the workplace analysis, a domain which explores employment parameters in light of religious teaching on the social question at national, organizational or firm-specific levels. Following a review...... of the concept in Western culture, philosophy, and management studies, Religious Society of Friends (Quaker) and Roman Catholic social teachings are investigated for positively correlative data to help develop the criterion variable. From the literature review of concept and historical data in both traditions...... analysis should complement and support corporate social responsibility, management spirituality, authentic leadership / authentic follower, and other secular research by offering a research methods bridge between empirically grounded theology and secular studies, with the common goal of improving workplace...

  18. Terrorists and Suicide Attacks

    National Research Council Canada - National Science Library

    Cronin, Audrey K

    2003-01-01

    Suicide attacks by terrorist organizations have become more prevalent globally, and assessing the threat of suicide attacks against the United States and its interests at home and abroad has therefore...

  19. Solidarity under Attack

    DEFF Research Database (Denmark)

    Meret, Susi; Goffredo, Sergio

    2017-01-01

    https://www.opendemocracy.net/can-europe-make-it/susi-meret-sergio-goffredo/solidarity-under-attack......https://www.opendemocracy.net/can-europe-make-it/susi-meret-sergio-goffredo/solidarity-under-attack...

  20. Pericarditis - after heart attack

    Science.gov (United States)

    ... include: A previous heart attack Open heart surgery Chest trauma A heart attack that has affected the thickness of your heart muscle Symptoms Symptoms include: Anxiety Chest pain from the swollen pericardium rubbing on the ...

  1. Heart attack first aid

    Science.gov (United States)

    First aid - heart attack; First aid - cardiopulmonary arrest; First aid - cardiac arrest ... A heart attack occurs when the blood flow that carries oxygen to the heart is blocked. The heart muscle ...

  2. A dynamic identity based authentication scheme using chaotic maps for telecare medicine information systems.

    Science.gov (United States)

    Wang, Zhiheng; Huo, Zhanqiang; Shi, Wenbo

    2015-01-01

    With rapid development of computer technology and wide use of mobile devices, the telecare medicine information system has become universal in the field of medical care. To protect patients' privacy and medial data's security, many authentication schemes for the telecare medicine information system have been proposed. Due to its better performance, chaotic maps have been used in the design of authentication schemes for the telecare medicine information system. However, most of them cannot provide user's anonymity. Recently, Lin proposed a dynamic identity based authentication scheme using chaotic maps for the telecare medicine information system and claimed that their scheme was secure against existential active attacks. In this paper, we will demonstrate that their scheme cannot provide user anonymity and is vulnerable to the impersonation attack. Further, we propose an improved scheme to fix security flaws in Lin's scheme and demonstrate the proposed scheme could withstand various attacks.

  3. MULTIMODAL BIOMETRIC AUTHENTICATION USING PARTICLE SWARM OPTIMIZATION ALGORITHM WITH FINGERPRINT AND IRIS

    Directory of Open Access Journals (Sweden)

    A. Muthukumar

    2012-02-01

    Full Text Available In general, the identification and verification are done by passwords, pin number, etc., which is easily cracked by others. In order to overcome this issue biometrics is a unique tool for authenticate an individual person. Nevertheless, unimodal biometric is suffered due to noise, intra class variations, spoof attacks, non-universality and some other attacks. In order to avoid these attacks, the multimodal biometrics i.e. combining of more modalities is adapted. In a biometric authentication system, the acceptance or rejection of an entity is dependent on the similarity score falling above or below the threshold. Hence this paper has focused on the security of the biometric system, because compromised biometric templates cannot be revoked or reissued and also this paper has proposed a multimodal system based on an evolutionary algorithm, Particle Swarm Optimization that adapts for varying security environments. With these two concerns, this paper had developed a design incorporating adaptability, authenticity and security.

  4. Chaotic maps-based password-authenticated key agreement using smart cards

    Science.gov (United States)

    Guo, Cheng; Chang, Chin-Chen

    2013-06-01

    Password-based authenticated key agreement using smart cards has been widely and intensively researched. Inspired by the semi-group property of Chebyshev maps and key agreement protocols based on chaotic maps, we proposed a novel chaotic maps-based password-authenticated key agreement protocol with smart cards. In our protocol, we avoid modular exponential computing or scalar multiplication on elliptic curve used in traditional authenticated key agreement protocols using smart cards. Our analysis shows that our protocol has comprehensive characteristics and can withstand attacks, including the insider attack, replay attack, and others, satisfying essential security requirements. Performance analysis shows that our protocol can refrain from consuming modular exponential computing and scalar multiplication on an elliptic curve. The computational cost of our protocol compared with related protocols is acceptable.

  5. Towards the Security Evaluation of Biometric Authentication Systems

    OpenAIRE

    El-Abed , Mohamad; Giot , Romain; Hemery , Baptiste; Rosenberger , Christophe; Schwartzmann , Jean-Jacques

    2011-01-01

    International audience; Despite the obvious advantages of biometric authentication systems over traditional security ones (based on tokens or passwords), they are vulnerable to attacks which may considerably decrease their security. In order to contribute in resolving such problematic, we propose a modality-independent evaluation methodology for the security evaluation of biometric systems. It is based on the use of a database of common threats and vulnerabilities of biometric systems, and th...

  6. Biometric Authentication System using Non-Linear Chaos

    OpenAIRE

    Dr.N.Krishnan; A.Senthil Arumugam,

    2010-01-01

    A major concern nowadays for any Biometric Credential Management System is its potential vulnerability to protect its information sources; i.e. protecting a genuine user’s template from both internal and external threats. These days’ biometric authentication systems face various risks. One of the most serious threats is the ulnerability of the template's database. An attacker with access to a reference template could try to impersonate a legitimate user by reconstructing the biometric sample...

  7. RUASN: A Robust User Authentication Framework for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Hoon-Jae Lee

    2011-05-01

    Full Text Available In recent years, wireless sensor networks (WSNs have been considered as a potential solution for real-time monitoring applications and these WSNs have potential practical impact on next generation technology too. However, WSNs could become a threat if suitable security is not considered before the deployment and if there are any loopholes in their security, which might open the door for an attacker and hence, endanger the application. User authentication is one of the most important security services to protect WSN data access from unauthorized users; it should provide both mutual authentication and session key establishment services. This paper proposes a robust user authentication framework for wireless sensor networks, based on a two-factor (password and smart card concept. This scheme facilitates many services to the users such as user anonymity, mutual authentication, secure session key establishment and it allows users to choose/update their password regularly, whenever needed. Furthermore, we have provided the formal verification using Rubin logic and compare RUASN with many existing schemes. As a result, we found that the proposed scheme possesses many advantages against popular attacks, and achieves better efficiency at low computation cost.

  8. An authentication scheme for secure access to healthcare services.

    Science.gov (United States)

    Khan, Muhammad Khurram; Kumari, Saru

    2013-08-01

    Last few decades have witnessed boom in the development of information and communication technologies. Health-sector has also been benefitted with this advancement. To ensure secure access to healthcare services some user authentication mechanisms have been proposed. In 2012, Wei et al. proposed a user authentication scheme for telecare medical information system (TMIS). Recently, Zhu pointed out offline password guessing attack on Wei et al.'s scheme and proposed an improved scheme. In this article, we analyze both of these schemes for their effectiveness in TMIS. We show that Wei et al.'s scheme and its improvement proposed by Zhu fail to achieve some important characteristics necessary for secure user authentication. We find that security problems of Wei et al.'s scheme stick with Zhu's scheme; like undetectable online password guessing attack, inefficacy of password change phase, traceability of user's stolen/lost smart card and denial-of-service threat. We also identify that Wei et al.'s scheme lacks forward secrecy and Zhu's scheme lacks session key between user and healthcare server. We therefore propose an authentication scheme for TMIS with forward secrecy which preserves the confidentiality of air messages even if master secret key of healthcare server is compromised. Our scheme retains advantages of Wei et al.'s scheme and Zhu's scheme, and offers additional security. The security analysis and comparison results show the enhanced suitability of our scheme for TMIS.

  9. Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks.

    Science.gov (United States)

    Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

    2017-03-21

    At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al's method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration.

  10. Authentic feminist? Authenticity and feminist identity in teenage feminists' talk.

    Science.gov (United States)

    Calder-Dawe, Octavia; Gavey, Nicola

    2017-12-01

    This article explores how young people's feminist identities take shape in conjunction with a contemporary ideal of personal authenticity: to know and to express the 'real me'. Drawing from interviews with 18 teenagers living in Auckland, New Zealand, we examine a novel convergence of authenticity and feminism in participants' identity talk. For social psychologists interested in identity and politics, this convergence is intriguing: individualizing values such as authenticity are generally associated with disengagement with structural critique and with a repudiation of politicized and activist identities. Rather than seeking to categorize authentic feminism as an instance of either 'good/collective' or 'bad/individualized' feminist politics, we use discourse analysis to examine how the identity position of authentic feminist was constructed and to explore implications for feminist politics. On one hand, interviewees mobilized authentic feminism to affirm their commitment to normative liberal values of authenticity and self-expression. At the same time, the position of authentic feminist appeared to authorize risky feminist identifications and to justify counter-normative feelings, desires, and actions. To conclude, we explore how encountering others' intolerance of authentic feminism exposed interviewees to the limits of authenticity discourse, propelling some towards new understandings of the social world and their space for action within it. © 2017 The British Psychological Society.

  11. A New Key-lock Method for User Authentication and Access Control

    Institute of Scientific and Technical Information of China (English)

    JI Dongyao; ZHANG Futai; WANG Yumin

    2001-01-01

    We propose a new key-lock methodfor user authentication and access control based onChinese remainder theorem, the concepts of the ac-cess control matrix, key-lock-pair, time stamp, and the NS public key protocol. Our method is dynamicand needs a minimum amount of computation in thesense that it only updates at most one key/lock foreach access request. We also demonstrate how an au-thentication protocol can be integrated into the ac-cess control method. By applying a time stamp, themethod can not only withstand replay attack, butalso strengthen the authenticating mechanism, whichcould not be achieved simultaneously in previous key-lock methods.

  12. An efficient deterministic secure quantum communication scheme based on cluster states and identity authentication

    International Nuclear Information System (INIS)

    Wen-Jie, Liu; Han-Wu, Chen; Zhi-Qiang, Li; Zhi-Hao, Liu; Wen-Bo, Hu; Ting-Huai, Ma

    2009-01-01

    A novel efficient deterministic secure quantum communication scheme based on four-qubit cluster states and single-photon identity authentication is proposed. In this scheme, the two authenticated users can transmit two bits of classical information per cluster state, and its efficiency of the quantum communication is 1/3, which is approximately 1.67 times that of the previous protocol presented by Wang et al [Chin. Phys. Lett. 23 (2006) 2658]. Security analysis shows the present scheme is secure against intercept-resend attack and the impersonator's attack. Furthermore, it is more economic with present-day techniques and easily processed by a one-way quantum computer. (general)

  13. Composite Dos Attack Model

    Directory of Open Access Journals (Sweden)

    Simona Ramanauskaitė

    2012-04-01

    Full Text Available Preparation for potential threats is one of the most important phases ensuring system security. It allows evaluating possible losses, changes in the attack process, the effectiveness of used countermeasures, optimal system settings, etc. In cyber-attack cases, executing real experiments can be difficult for many reasons. However, mathematical or programming models can be used instead of conducting experiments in a real environment. This work proposes a composite denial of service attack model that combines bandwidth exhaustion, filtering and memory depletion models for a more real representation of similar cyber-attacks. On the basis of the introduced model, different experiments were done. They showed the main dependencies of the influence of attacker and victim’s properties on the success probability of denial of service attack. In the future, this model can be used for the denial of service attack or countermeasure optimization.

  14. Blind quantum computation with identity authentication

    Science.gov (United States)

    Li, Qin; Li, Zhulin; Chan, Wai Hong; Zhang, Shengyu; Liu, Chengdong

    2018-04-01

    Blind quantum computation (BQC) allows a client with relatively few quantum resources or poor quantum technologies to delegate his computational problem to a quantum server such that the client's input, output, and algorithm are kept private. However, all existing BQC protocols focus on correctness verification of quantum computation but neglect authentication of participants' identity which probably leads to man-in-the-middle attacks or denial-of-service attacks. In this work, we use quantum identification to overcome such two kinds of attack for BQC, which will be called QI-BQC. We propose two QI-BQC protocols based on a typical single-server BQC protocol and a double-server BQC protocol. The two protocols can ensure both data integrity and mutual identification between participants with the help of a third trusted party (TTP). In addition, an unjammable public channel between a client and a server which is indispensable in previous BQC protocols is unnecessary, although it is required between TTP and each participant at some instant. Furthermore, the method to achieve identity verification in the presented protocols is general and it can be applied to other similar BQC protocols.

  15. Haunted by the authentic

    DEFF Research Database (Denmark)

    d'Ambrosio, Luigi

    2013-01-01

    and individual interviews with relevant guests at the Italian restaurant Sticchi’s in Aalborg, Denmark. Guests have been selected for qualitative interviews on the basis of the quantitative questionnaire that random guests have filled out in February 2013. Moreover, netnographic observation of the restaurant......Research description and purpose: The purpose of this investigation is to explore Danish guests’ experience when consuming ‘authentic’ Italian food in Italian restaurants in Denmark. In this context, the aim of the research is to engage in a discussion of the concept of authenticity in ethnic food...... consumption, and the guests’ experience with and reaction to the authentic culinary experience in ethnic restaurants in the consumers’ home country. Design/Methodology: The paper methodology is based on the use of mixed methods. A collection of primary quantitative and qualitative data through a questionnaire...

  16. Challenge Measurements For Authentication

    International Nuclear Information System (INIS)

    Pitts, W. Karl

    2009-01-01

    Authentication of systems with an information barrier that protects sensitive information is difficult; in particular, the information barrier can allow a hidden switch to be implemented by the system fabricator and operator. The hidden switch is the operator's ability to subvert the measurement system and force it to produce a desired and false result. It is usually discussed in the context of an attribute measurement in which a faked item is presented in place of a real item regulated by an agreement, with the driving motivation being the ability to preserve a stock of valuable items. In simple terms, the hidden switch enables a shell game with assets, and the information barrier protects the switch. This presentation outlines challenge measurements that could be used to detect the implementation of a hidden switch and assist the authentication process.

  17. Anonymous Authentication for Smartcards

    Directory of Open Access Journals (Sweden)

    J. Hajny

    2010-06-01

    Full Text Available The paper presents an innovative solution in the field of RFID (Radio-Frequency IDentification smartcard authentication. Currently the smartcards are used for many purposes - e.g. employee identification, library cards, student cards or even identity credentials. Personal identity is revealed to untrustworthy entities every time we use these cards. Such information could later be used without our knowledge and for harmful reasons like shopping pattern scanning or even movement tracking. We present a communication scheme for keeping one’s identity private in this paper. Although our system provides anonymity, it does not allow users to abuse this feature. The system is based on strong cryptographic primitives that provide features never available before. Besides theoretical design of the anonymous authentication scheme and its analysis we also provide implementation results.

  18. Authenticity in Employment Relations

    DEFF Research Database (Denmark)

    Tackney, Charles Thomas

    2018-01-01

    Authenticity is developed and deployed as a criterion variable for a theology of the workplace inquiry that combines theory and methodological development with data analysis. The goal is to show that social science method can offer an empirically valid, prophetic dimension to the study of employm......Authenticity is developed and deployed as a criterion variable for a theology of the workplace inquiry that combines theory and methodological development with data analysis. The goal is to show that social science method can offer an empirically valid, prophetic dimension to the study...... of employment and work parameters in light of religious teachings on the social question at national, organizational, or firm-specific levels. The function of a criterion variable is described, noting that the switch from a dependent variable approach introduces an open-system dynamism to social science...

  19. FPGA Authentication Methods.

    Energy Technology Data Exchange (ETDEWEB)

    Brotz, Jay Kristoffer [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Hymel, Ross W [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Punnoose, Ratish J. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Mannos, Tom [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Grant, Neil [Atomic Weapons Establishment (AWE), Berkshire (United Kingdom); Evans, Neil [Atomic Weapons Establishment (AWE), Berkshire (United Kingdom)

    2017-05-01

    One of the greatest challenges facing designers of equipment to be used in a nuclear arms control treaty is how to convince the other party in the treaty to trust its results and functionality. Whether the host provides equipment meant to prove treaty obligations and the inspector needs to gain that trust (commonly referred to as authentication), or the inspector provides this equipment and the host needs to gain this trust (commonly considered to be included in certification), one party generally has higher confidence in the equipment at the start of a treaty regime and the other party needs to gain that confidence prior to use. While we focus on authentication in this document—that is, the inspector gaining confidence in host-provided equipment—our conclusions will likely apply to host certification of inspector-provided equipment.

  20. LDPC and SHA based iris recognition for image authentication

    Directory of Open Access Journals (Sweden)

    K. Seetharaman

    2012-11-01

    Full Text Available We introduce a novel way to authenticate an image using Low Density Parity Check (LDPC and Secure Hash Algorithm (SHA based iris recognition method with reversible watermarking scheme, which is based on Integer Wavelet Transform (IWT and threshold embedding technique. The parity checks and parity matrix of LDPC encoding and cancellable biometrics i.e., hash string of unique iris code from SHA-512 are embedded into an image for authentication purpose using reversible watermarking scheme based on IWT and threshold embedding technique. Simply by reversing the embedding process, the original image, parity checks, parity matrix and SHA-512 hash are extracted back from watermarked-image. For authentication, the new hash string produced by employing SHA-512 on error corrected iris code from live person is compared with hash string extracted from watermarked-image. The LDPC code reduces the hamming distance for genuine comparisons by a larger amount than for the impostor comparisons. This results in better separation between genuine and impostor users which improves the authentication performance. Security of this scheme is very high due to the security complexity of SHA-512, which is 2256 under birthday attack. Experimental results show that this approach can assure more accurate authentication with a low false rejection or false acceptance rate and outperforms the prior arts in terms of PSNR.

  1. Authenticity in Employment Relations

    OpenAIRE

    Tackney, Charles T.

    2014-01-01

    This research takes up the concept of authenticity as a criterion variable for theology of the workplace analysis, a domain which explores employment parameters in light of religious teaching on the social question at national, organizational or firm-specific levels. Following a review of the concept in Western culture, philosophy, and management studies, Religious Society of Friends (Quaker) and Roman Catholic social teachings are investigated for positively correlative data to help develop ...

  2. A Mutual Authentication Framework for Wireless Medical Sensor Networks.

    Science.gov (United States)

    Srinivas, Jangirala; Mishra, Dheerendra; Mukhopadhyay, Sourav

    2017-05-01

    Wireless medical sensor networks (WMSN) comprise of distributed sensors, which can sense human physiological signs and monitor the health condition of the patient. It is observed that providing privacy to the patient's data is an important issue and can be challenging. The information passing is done via the public channel in WMSN. Thus, the patient, sensitive information can be obtained by eavesdropping or by unauthorized use of handheld devices which the health professionals use in monitoring the patient. Therefore, there is an essential need of restricting the unauthorized access to the patient's medical information. Hence, the efficient authentication scheme for the healthcare applications is needed to preserve the privacy of the patients' vital signs. To ensure secure and authorized communication in WMSN, we design a symmetric key based authentication protocol for WMSN environment. The proposed protocol uses only computationally efficient operations to achieve lightweight attribute. We analyze the security of the proposed protocol. We use a formal security proof algorithm to show the scheme security against known attacks. We also use the Automated Validation of Internet Security Protocols and Applications (AVISPA) simulator to show protocol secure against man-in-the-middle attack and replay attack. Additionally, we adopt an informal analysis to discuss the key attributes of the proposed scheme. From the formal proof of security, we can see that an attacker has a negligible probability of breaking the protocol security. AVISPA simulator also demonstrates the proposed scheme security against active attacks, namely, man-in-the-middle attack and replay attack. Additionally, through the comparison of computational efficiency and security attributes with several recent results, proposed scheme seems to be battered.

  3. Security analysis of a chaotic map-based authentication scheme for telecare medicine information systems.

    Science.gov (United States)

    Yau, Wei-Chuen; Phan, Raphael C-W

    2013-12-01

    Many authentication schemes have been proposed for telecare medicine information systems (TMIS) to ensure the privacy, integrity, and availability of patient records. These schemes are crucial for TMIS systems because otherwise patients' medical records become susceptible to tampering thus hampering diagnosis or private medical conditions of patients could be disclosed to parties who do not have a right to access such information. Very recently, Hao et al. proposed a chaotic map-based authentication scheme for telecare medicine information systems in a recent issue of Journal of Medical Systems. They claimed that the authentication scheme can withstand various attacks and it is secure to be used in TMIS. In this paper, we show that this authentication scheme is vulnerable to key-compromise impersonation attacks, off-line password guessing attacks upon compromising of a smart card, and parallel session attacks. We also exploit weaknesses in the password change phase of the scheme to mount a denial-of-service attack. Our results show that this scheme cannot be used to provide security in a telecare medicine information system.

  4. An Identity-Based Anti-Quantum Privacy-Preserving Blind Authentication in Wireless Sensor Networks.

    Science.gov (United States)

    Zhu, Hongfei; Tan, Yu-An; Zhu, Liehuang; Wang, Xianmin; Zhang, Quanxin; Li, Yuanzhang

    2018-05-22

    With the development of wireless sensor networks, IoT devices are crucial for the Smart City; these devices change people's lives such as e-payment and e-voting systems. However, in these two systems, the state-of-art authentication protocols based on traditional number theory cannot defeat a quantum computer attack. In order to protect user privacy and guarantee trustworthy of big data, we propose a new identity-based blind signature scheme based on number theorem research unit lattice, this scheme mainly uses a rejection sampling theorem instead of constructing a trapdoor. Meanwhile, this scheme does not depend on complex public key infrastructure and can resist quantum computer attack. Then we design an e-payment protocol using the proposed scheme. Furthermore, we prove our scheme is secure in the random oracle, and satisfies confidentiality, integrity, and non-repudiation. Finally, we demonstrate that the proposed scheme outperforms the other traditional existing identity-based blind signature schemes in signing speed and verification speed, outperforms the other lattice-based blind signature in signing speed, verification speed, and signing secret key size.

  5. An Identity-Based Anti-Quantum Privacy-Preserving Blind Authentication in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Hongfei Zhu

    2018-05-01

    Full Text Available With the development of wireless sensor networks, IoT devices are crucial for the Smart City; these devices change people’s lives such as e-payment and e-voting systems. However, in these two systems, the state-of-art authentication protocols based on traditional number theory cannot defeat a quantum computer attack. In order to protect user privacy and guarantee trustworthy of big data, we propose a new identity-based blind signature scheme based on number theorem research unit lattice, this scheme mainly uses a rejection sampling theorem instead of constructing a trapdoor. Meanwhile, this scheme does not depend on complex public key infrastructure and can resist quantum computer attack. Then we design an e-payment protocol using the proposed scheme. Furthermore, we prove our scheme is secure in the random oracle, and satisfies confidentiality, integrity, and non-repudiation. Finally, we demonstrate that the proposed scheme outperforms the other traditional existing identity-based blind signature schemes in signing speed and verification speed, outperforms the other lattice-based blind signature in signing speed, verification speed, and signing secret key size.

  6. Improvement of a uniqueness-and-anonymity-preserving user authentication scheme for connected health care.

    Science.gov (United States)

    Xie, Qi; Liu, Wenhao; Wang, Shengbao; Han, Lidong; Hu, Bin; Wu, Ting

    2014-09-01

    Patient's privacy-preserving, security and mutual authentication between patient and the medical server are the important mechanism in connected health care applications, such as telecare medical information systems and personally controlled health records systems. In 2013, Wen showed that Das et al.'s scheme is vulnerable to the replay attack, user impersonation attacks and off-line guessing attacks, and then proposed an improved scheme using biometrics, password and smart card to overcome these weaknesses. However, we show that Wen's scheme is still vulnerable to off-line password guessing attacks, does not provide user's anonymity and perfect forward secrecy. Further, we propose an improved scheme to fix these weaknesses, and use the applied pi calculus based formal verification tool ProVerif to prove the security and authentication.

  7. k-Times Anonymous Authentication

    Science.gov (United States)

    Teranishi, Isamu; Furukawa, Jun; Sako, Kazue

    We propose an authentication scheme in which users can be authenticated anonymously so long as times that they are authenticated is within an allowable number. The proposed scheme has two features: 1) no one, not even an authority, can identify users who have been authenticated within the allowable number, 2) anyone can trace, without help from the authority, dishonest users who have been authenticated beyond the allowable number by using the records of these authentications. Our scheme can be applied to e-voting, e-cash, electronic coupons, and trial browsing of content. In these applications, our scheme, unlike the previous one, conceals users' participation from protocols and guarantees that they will remain anonymous to everyone.

  8. BIOMETRIC AUTHENTICATION USING NONPARAMETRIC METHODS

    OpenAIRE

    S V Sheela; K R Radhika

    2010-01-01

    The physiological and behavioral trait is employed to develop biometric authentication systems. The proposed work deals with the authentication of iris and signature based on minimum variance criteria. The iris patterns are preprocessed based on area of the connected components. The segmented image used for authentication consists of the region with large variations in the gray level values. The image region is split into quadtree components. The components with minimum variance are determine...

  9. Authentication method for authenticating a first party to a second party

    NARCIS (Netherlands)

    2014-01-01

    An authentication system and method is presented for authenticating a first party to a second party, where an operation is performed on condition that the authentication succeeds. The authentication method verifies whether the first party is authenticated. If the first party is not authenticated,

  10. Authenticity and its Contemporary Challenges

    DEFF Research Database (Denmark)

    Petersen, Franziska Bork

    2013-01-01

    ' was understood in the Enlightenment and what techniques were used to stage the body when the concept gained currency, for instance in the writings of Rousseau. My analysis makes clear that 'bodily authenticity' on the two TV shows is achieved by strictly following gender-normative codes of beauty...... the 'authentic' ideal in a total of seven pieces. These strategies are hyperbole which exaggerates the beauty code implicit in 'authentic appearance'; multiplicity which undermines 'authenticity's' essentialism and estrangement which denies the notion of individual authorship. In conclusion, I place the staging...

  11. Web server attack analyzer

    OpenAIRE

    Mižišin, Michal

    2013-01-01

    Web server attack analyzer - Abstract The goal of this work was to create prototype of analyzer of injection flaws attacks on web server. Proposed solution combines capabilities of web application firewall and web server log analyzer. Analysis is based on configurable signatures defined by regular expressions. This paper begins with summary of web attacks, followed by detection techniques analysis on web servers, description and justification of selected implementation. In the end are charact...

  12. 78 FR 38240 - Authentication of Electronic Signatures on Electronically Filed Statements of Account

    Science.gov (United States)

    2013-06-26

    ... system characteristics paired with the standard username and password. Virtual tokens work by sharing the... computer communicates directly with the authenticating Web site, virtual tokens are resistant to ``man-in... LIBRARY OF CONGRESS Copyright Office 37 CFR Part 201 [Docket No. 2013-5] Authentication of...

  13. Seven Deadliest Microsoft Attacks

    CERN Document Server

    Kraus, Rob; Borkin, Mike; Alpern, Naomi

    2010-01-01

    Do you need to keep up with the latest hacks, attacks, and exploits effecting Microsoft products? Then you need Seven Deadliest Microsoft Attacks. This book pinpoints the most dangerous hacks and exploits specific to Microsoft applications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Windows Operating System-Password AttacksActive Directory-Escalat

  14. Transient Ischemic Attack

    Medline Plus

    Full Text Available ... stroke symptoms. Popular Topics TIA Cardiac Catheter Cholesterol Heart Attack Stent © 2018, American Heart Association, Inc. All rights reserved. Unauthorized use prohibited. ...

  15. Seven deadliest USB attacks

    CERN Document Server

    Anderson, Brian

    2010-01-01

    Do you need to keep up with the latest hacks, attacks, and exploits effecting USB technology? Then you need Seven Deadliest USB Attacks. This book pinpoints the most dangerous hacks and exploits specific to USB, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: USB Hacksaw USB Switchblade USB Based Virus/Malicous Code Launch USB Device Overflow RAMdum

  16. Authentic leadership: becoming and remaining an authentic nurse leader.

    Science.gov (United States)

    Murphy, Lin G

    2012-11-01

    This article explores how chief nurse executives became and remained authentic leaders. Using narrative inquiry, this qualitative study focused on the life stories of participants. Results demonstrate the importance of reframing, reflection in alignment with values, and the courage needed as nurse leaders progress to authenticity.

  17. Reading Authentic Texts

    DEFF Research Database (Denmark)

    Balling, Laura Winther

    2013-01-01

    Most research on cognates has focused on words presented in isolation that are easily defined as cognate between L1 and L2. In contrast, this study investigates what counts as cognate in authentic texts and how such cognates are read. Participants with L1 Danish read news articles in their highly...... proficient L2, English, while their eye-movements were monitored. The experiment shows a cognate advantage for morphologically simple words, but only when cognateness is defined relative to translation equivalents that are appropriate in the context. For morphologically complex words, a cognate disadvantage...... word predictability indexed by the conditional probability of each word....

  18. Authentic, Original, and Valuable

    DEFF Research Database (Denmark)

    Tupasela, Aaro Mikael; Tamminen, Sakari

    2015-01-01

    The idea of genetic authenticity and origin has been an important issue within genetics for decades for scientific, political, and economic reasons. The question of where species and populations come from, as well as the linking of genetic traits to particular geographical locations, has resurfaced....... Using the case of human and non-human genetics to compare and contrast the various facets associated with genetic identity, we seek to develop a broader picture of the ways in which genetics plays an important role in stabilizing categories of origin....

  19. The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network

    Science.gov (United States)

    2014-02-01

    attack is also similar to those that rely on misbehaving receivers and optimistic ACKs to bypass flow control protocol mechanisms [40]–[42]. In particular...thank the anonymous reviewers for their feedback and suggestions, Damon McCoy for discussions about misbehaving receivers and authenticated signals...ping-o-death. html. [40] S. Savage, N. Cardwell, D. Wetherall, and T. Anderson, “TCP Con- gestion Control with a Misbehaving Receiver,” ACM SIGCOMM CCR

  20. A Forward Authentication Key Management Scheme for Heterogeneous Sensor Networks

    Directory of Open Access Journals (Sweden)

    Huang Jen-Yan

    2011-01-01

    Full Text Available Key encryption technology is a basic technique for protecting the secrecy of transmitted data among sensor nodes in wireless sensor networks. However, sensor nodes are inherently limited by insufficient hardware resources such as memory capacity and battery lifetime. As a result, few current key management schemes are appropriate for wireless sensor networks. This paper proposes a new key management method that uses dynamic key management schemes for heterogeneous sensor networks. The proposed scheme loads a hash function into the base station, cluster heads, and sensor nodes. The cluster heads and sensor nodes then generate their own keychains to provide forward authentication in case of key changes, security breaches, key changes due to security breaches. The cluster heads and sensor nodes establish pairwise keys to ensure transmission secrecy. The proposed scheme decreases the number of keys required for sensor nodes and cluster heads and is robust to the following attacks: guessing attacks, replay attacks, man-in-the-middle attacks, node capture attacks, and denial-of-service attacks.

  1. Security Enhanced User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography

    Directory of Open Access Journals (Sweden)

    Younsung Choi

    2014-06-01

    Full Text Available Wireless sensor networks (WSNs consist of sensors, gateways and users. Sensors are widely distributed to monitor various conditions, such as temperature, sound, speed and pressure but they have limited computational ability and energy. To reduce the resource use of sensors and enhance the security of WSNs, various user authentication protocols have been proposed. In 2011, Yeh et al. first proposed a user authentication protocol based on elliptic curve cryptography (ECC for WSNs. However, it turned out that Yeh et al.’s protocol does not provide mutual authentication, perfect forward secrecy, and key agreement between the user and sensor. Later in 2013, Shi et al. proposed a new user authentication protocol that improves both security and efficiency of Yeh et al.’s protocol. However, Shi et al.’s improvement introduces other security weaknesses. In this paper, we show that Shi et al.’s improved protocol is vulnerable to session key attack, stolen smart card attack, and sensor energy exhausting attack. In addition, we propose a new, security-enhanced user authentication protocol using ECC for WSNs.

  2. Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’

    Directory of Open Access Journals (Sweden)

    Muhammad Khurram Khan

    2010-03-01

    Full Text Available User authentication in wireless sensor networks (WSN is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules; authenticating remote users in such resource-constrained environments is a paramount security concern. Recently, M.L. Das proposed a two-factor user authentication scheme in WSNs and claimed that his scheme is secure against different kinds of attack. However, in this paper, we show that the M.L. Das-scheme has some critical security pitfalls and cannot be recommended for real applications. We point out that in his scheme: users cannot change/update their passwords, it does not provide mutual authentication between gateway node and sensor node, and is vulnerable to gateway node bypassing attack and privileged-insider attack. To overcome the inherent security weaknesses of the M.L. Das-scheme, we propose improvements and security patches that attempt to fix the susceptibilities of his scheme. The proposed security improvements can be incorporated in the M.L. Das-scheme for achieving a more secure and robust two-factor user authentication in WSNs.

  3. Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography.

    Science.gov (United States)

    Choi, Younsung; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Nam, Junghyun; Won, Dongho

    2014-06-10

    Wireless sensor networks (WSNs) consist of sensors, gateways and users. Sensors are widely distributed to monitor various conditions, such as temperature, sound, speed and pressure but they have limited computational ability and energy. To reduce the resource use of sensors and enhance the security of WSNs, various user authentication protocols have been proposed. In 2011, Yeh et al. first proposed a user authentication protocol based on elliptic curve cryptography (ECC) for WSNs. However, it turned out that Yeh et al.'s protocol does not provide mutual authentication, perfect forward secrecy, and key agreement between the user and sensor. Later in 2013, Shi et al. proposed a new user authentication protocol that improves both security and efficiency of Yeh et al.'s protocol. However, Shi et al.'s improvement introduces other security weaknesses. In this paper, we show that Shi et al.'s improved protocol is vulnerable to session key attack, stolen smart card attack, and sensor energy exhausting attack. In addition, we propose a new, security-enhanced user authentication protocol using ECC for WSNs.

  4. Cryptanalysis and security improvements of 'two-factor user authentication in wireless sensor networks'.

    Science.gov (United States)

    Khan, Muhammad Khurram; Alghathbar, Khaled

    2010-01-01

    User authentication in wireless sensor networks (WSN) is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules; authenticating remote users in such resource-constrained environments is a paramount security concern. Recently, M.L. Das proposed a two-factor user authentication scheme in WSNs and claimed that his scheme is secure against different kinds of attack. However, in this paper, we show that the M.L. Das-scheme has some critical security pitfalls and cannot be recommended for real applications. We point out that in his scheme: users cannot change/update their passwords, it does not provide mutual authentication between gateway node and sensor node, and is vulnerable to gateway node bypassing attack and privileged-insider attack. To overcome the inherent security weaknesses of the M.L. Das-scheme, we propose improvements and security patches that attempt to fix the susceptibilities of his scheme. The proposed security improvements can be incorporated in the M.L. Das-scheme for achieving a more secure and robust two-factor user authentication in WSNs.

  5. Plants under dual attack

    NARCIS (Netherlands)

    Ponzio, C.A.M.

    2016-01-01

    Though immobile, plants are members of complex environments, and are under constant threat from a wide range of attackers, which includes organisms such as insect herbivores or plant pathogens. Plants have developed sophisticated defenses against these attackers, and include chemical responses

  6. Heart attack - discharge

    Science.gov (United States)

    ... and lifestyle Cholesterol - drug treatment Controlling your high blood pressure Deep vein thrombosis - discharge Dietary fats explained Fast food tips Heart attack - discharge Heart attack - what to ask your doctor Heart bypass ... pacemaker - discharge High blood pressure - what to ask your doctor How to read ...

  7. Induced resistance: an enhancement of basal resistance?

    NARCIS (Netherlands)

    Vos, M. de; Robben, C.; Pelt, J.A. van; Loon, L.C. van; Pieterse, C.M.J.

    2002-01-01

    Upon primary pathogen attack, plants activate resistance mechanisms at the site of infection. Besides this so-called basal resistance, plants have also the ability to enhance their defensive capacity against future pathogen attack. There are at least two types of biologically induced resistance.

  8. Picturing the authenticity of emotions

    NARCIS (Netherlands)

    Kraemer, U.A.F.; Salmela, M.; Mayer, V.

    2009-01-01

    In our everyday lives, we talk about authentic and inauthentic emotions. Is this just a façon de parler that does not have any reference in the "real world?" I will support the thesis that it makes sense to talk about the authenticity of emotions in our everyday practice, disregarding the question

  9. Authenticity and Empathy in Education

    Science.gov (United States)

    Bialystok, Lauren; Kukar, Polina

    2018-01-01

    The educational enthusiasm for both authenticity and empathy makes a number of assumptions about universal virtues, self-hood, the role of emotion in education, and the role of the teacher. In this article, we argue that authenticity and empathy are both nebulous virtues that teachers and students are called to embody with little reflection on how…

  10. AVNG authentication features

    Energy Technology Data Exchange (ETDEWEB)

    Thron, Jonathan Louis [Los Alamos National Laboratory; Mac Arthur, Duncan W [Los Alamos National Laboratory; White, Greg [LLNL; Razinkov, Sergey [VNIIEF; Livke, Alexander [VNIIEF

    2010-01-01

    Any verification measurement performed on potentially classified nuclear material must satisfy two seemingly contradictory constraints. First and foremost, no classified information can be released. At the same time, the monitoring party must have confidence in the veracity of the measurement (called authentication). An information barrier (IB) is included in the measurement system to protect the potentially classified information. To achieve both goals, the IB allows only very limited, previously agreed-on information to be displayed to the monitoring party. In addition to this limited information from the potentially classified measurement, other measurements are performed and procedures are put in place for the monitoring party to gain confidence that the material being measured is consistent with the host's declarations concerning that material. In this presentation, we will discuss the techniques used in the AVNG attribute measuring system to facilitate authentication of the verification measurements by the monitors. These techniques include measuring unclassified items while allowing more information to be displayed; having the monitor understand the system function, design, and implementation; and randomly selecting the order of measurements.

  11. Authenticity and commoditization at home

    DEFF Research Database (Denmark)

    Stender, Marie

    This paper investigates how interest and affect are entangled in the built environment of new Danish homes. The paper unfolds tensions and conflicts in the process from design through branding to occupancy of the house, and the relationship between authenticity and commoditization is explored....... In Denmark, the concept of authenticity is often associated with old houses. By way of design and branding, though, new neighbourhoods are made authentic, referring to their historical past, architectural uniqueness or sense of community. Based on a fieldwork in three new residential buildings in Copenhagen......, the paper explores the inherent paradox of the staging of authenticity. Rather than viewing the house solely from the perspective of the resident, the study ethnographically traces the entire process from design to occupancy in order to investigate how notions of value and authenticity are negotiated...

  12. I Sensed It Was You: Authenticating Mobile Users with Sensor-enhanced Keystroke Dynamics

    NARCIS (Netherlands)

    Giuffrida, C.; Majdanik, K.; Conti, M.; Bos, H.J.

    2014-01-01

    Mobile devices have become an important part of our everyday life, harvesting more and more confidential user information. Their portable nature and the great exposure to security attacks, however, call out for stronger authentication mechanisms than simple password-based identification. Biometric

  13. A Secure Three-Factor User Authentication and Key Agreement Protocol for TMIS With User Anonymity.

    Science.gov (United States)

    Amin, Ruhul; Biswas, G P

    2015-08-01

    Telecare medical information system (TMIS) makes an efficient and convenient connection between patient(s)/user(s) and doctor(s) over the insecure internet. Therefore, data security, privacy and user authentication are enormously important for accessing important medical data over insecure communication. Recently, many user authentication protocols for TMIS have been proposed in the literature and it has been observed that most of the protocols cannot achieve complete security requirements. In this paper, we have scrutinized two (Mishra et al., Xu et al.) remote user authentication protocols using smart card and explained that both the protocols are suffering against several security weaknesses. We have then presented three-factor user authentication and key agreement protocol usable for TMIS, which fix the security pitfalls of the above mentioned schemes. The informal cryptanalysis makes certain that the proposed protocol provides well security protection on the relevant security attacks. Furthermore, the simulator AVISPA tool confirms that the protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. The security functionalities and performance comparison analysis confirm that our protocol not only provide strong protection on security attacks, but it also achieves better complexities along with efficient login and password change phase as well as session key verification property.

  14. Robust general N user authentication scheme in a centralized quantum communication network via generalized GHZ states

    Science.gov (United States)

    Farouk, Ahmed; Batle, J.; Elhoseny, M.; Naseri, Mosayeb; Lone, Muzaffar; Fedorov, Alex; Alkhambashi, Majid; Ahmed, Syed Hassan; Abdel-Aty, M.

    2018-04-01

    Quantum communication provides an enormous advantage over its classical counterpart: security of communications based on the very principles of quantum mechanics. Researchers have proposed several approaches for user identity authentication via entanglement. Unfortunately, these protocols fail because an attacker can capture some of the particles in a transmitted sequence and send what is left to the receiver through a quantum channel. Subsequently, the attacker can restore some of the confidential messages, giving rise to the possibility of information leakage. Here we present a new robust General N user authentication protocol based on N-particle Greenberger-Horne-Zeilinger (GHZ) states, which makes eavesdropping detection more effective and secure, as compared to some current authentication protocols. The security analysis of our protocol for various kinds of attacks verifies that it is unconditionally secure, and that an attacker will not obtain any information about the transmitted key. Moreover, as the number of transferred key bits N becomes larger, while the number of users for transmitting the information is increased, the probability of effectively obtaining the transmitted authentication keys is reduced to zero.

  15. A network identity authentication protocol of bank account system based on fingerprint identification and mixed encryption

    Science.gov (United States)

    Zhu, Lijuan; Liu, Jingao

    2013-07-01

    This paper describes a network identity authentication protocol of bank account system based on fingerprint identification and mixed encryption. This protocol can provide every bank user a safe and effective way to manage his own bank account, and also can effectively prevent the hacker attacks and bank clerk crime, so that it is absolute to guarantee the legitimate rights and interests of bank users.

  16. Three-factor anonymous authentication and key agreement scheme for Telecare Medicine Information Systems.

    Science.gov (United States)

    Arshad, Hamed; Nikooghadam, Morteza

    2014-12-01

    Nowadays, with comprehensive employment of the internet, healthcare delivery services is provided remotely by telecare medicine information systems (TMISs). A secure mechanism for authentication and key agreement is one of the most important security requirements for TMISs. Recently, Tan proposed a user anonymity preserving three-factor authentication scheme for TMIS. The present paper shows that Tan's scheme is vulnerable to replay attacks and Denial-of-Service attacks. In order to overcome these security flaws, a new and efficient three-factor anonymous authentication and key agreement scheme for TMIS is proposed. Security and performance analysis shows superiority of the proposed scheme in comparison with previously proposed schemes that are related to security of TMISs.

  17. Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services

    Directory of Open Access Journals (Sweden)

    Youngsook Lee

    2014-01-01

    Full Text Available An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1 it fails to provide user anonymity against any third party as well as the foreign agent, (2 it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3 it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.’s scheme can be addressed without degrading the efficiency of the scheme.

  18. Fuzzy Extractor and Elliptic Curve Based Efficient User Authentication Protocol for Wireless Sensor Networks and Internet of Things

    Directory of Open Access Journals (Sweden)

    Anup Kumar Maurya

    2017-10-01

    Full Text Available To improve the quality of service and reduce the possibility of security attacks, a secure and efficient user authentication mechanism is required for Wireless Sensor Networks (WSNs and the Internet of Things (IoT. Session key establishment between the sensor node and the user is also required for secure communication. In this paper, we perform the security analysis of A.K.Das’s user authentication scheme (given in 2015, Choi et al.’s scheme (given in 2016, and Park et al.’s scheme (given in 2016. The security analysis shows that their schemes are vulnerable to various attacks like user impersonation attack, sensor node impersonation attack and attacks based on legitimate users. Based on the cryptanalysis of these existing protocols, we propose a secure and efficient authenticated session key establishment protocol which ensures various security features and overcomes the drawbacks of existing protocols. The formal and informal security analysis indicates that the proposed protocol withstands the various security vulnerabilities involved in WSNs. The automated validation using AVISPA and Scyther tool ensures the absence of security attacks in our scheme. The logical verification using the Burrows-Abadi-Needham (BAN logic confirms the correctness of the proposed protocol. Finally, the comparative analysis based on computational overhead and security features of other existing protocol indicate that the proposed user authentication system is secure and efficient. In future, we intend to implement the proposed protocol in real-world applications of WSNs and IoT.

  19. Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks"

    Science.gov (United States)

    Alizadeh, Mojtaba; Zamani, Mazdak; Baharun, Sabariah; Abdul Manaf, Azizah; Sakurai, Kouichi; Anada, Hiroki; Keshavarz, Hassan; Ashraf Chaudhry, Shehzad; Khurram Khan, Muhammad

    2015-01-01

    Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes’ participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.’s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.’s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic. PMID:26580963

  20. Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks".

    Science.gov (United States)

    Alizadeh, Mojtaba; Zamani, Mazdak; Baharun, Sabariah; Abdul Manaf, Azizah; Sakurai, Kouichi; Anada, Hiroaki; Anada, Hiroki; Keshavarz, Hassan; Ashraf Chaudhry, Shehzad; Khurram Khan, Muhammad

    2015-01-01

    Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

  1. Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks".

    Directory of Open Access Journals (Sweden)

    Mojtaba Alizadeh

    Full Text Available Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

  2. A prototype TV-link for authentication of video information

    International Nuclear Information System (INIS)

    Richter, B.; Stein, G.; Neumann, G.; Gartner, K.J.

    1987-01-01

    In the frame of the Programme of the Federal Republic of Germany in Support of the International Atomic Energy Agency a prototype TV-link with high tamper resistance has been developed. The paper describes the technical realization of the authentication method for the transmission of video information

  3. Low Complexity Signed Response Based Sybil Attack Detection Mechanism in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    M. Saud Khan

    2016-01-01

    Full Text Available Security is always a major concern in wireless sensor networks (WSNs. Identity based attacks such as spoofing and sybil not only compromise the network but also slow down its performance. This paper proposes a low complexity sybil attack detection scheme, that is, based on signed response (SRES authentication mechanism developed for Global System for Mobile (GSM communications. A probabilistic model is presented which analyzes the proposed authentication mechanism for its probability of sybil attack. The paper also presents a simulation based comparative analysis of the existing sybil attack schemes with respect to the proposed scheme. It is observed that the proposed sybil detection scheme exhibits lesser computational cost and power consumption as compared to the existing schemes for the same sybil detection performance.

  4. An improved anonymous authentication scheme for roaming in ubiquitous networks.

    Science.gov (United States)

    Lee, Hakjun; Lee, Donghoon; Moon, Jongho; Jung, Jaewook; Kang, Dongwoo; Kim, Hyoungshick; Won, Dongho

    2018-01-01

    With the evolution of communication technology and the exponential increase of mobile devices, the ubiquitous networking allows people to use our data and computing resources anytime and everywhere. However, numerous security concerns and complicated requirements arise as these ubiquitous networks are deployed throughout people's lives. To meet the challenge, the user authentication schemes in ubiquitous networks should ensure the essential security properties for the preservation of the privacy with low computational cost. In 2017, Chaudhry et al. proposed a password-based authentication scheme for the roaming in ubiquitous networks to enhance the security. Unfortunately, we found that their scheme remains insecure in its protection of the user privacy. In this paper, we prove that Chaudhry et al.'s scheme is vulnerable to the stolen-mobile device and user impersonation attacks, and its drawbacks comprise the absence of the incorrect login-input detection, the incorrectness of the password change phase, and the absence of the revocation provision. Moreover, we suggest a possible way to fix the security flaw in Chaudhry et al's scheme by using the biometric-based authentication for which the bio-hash is applied in the implementation of a three-factor authentication. We prove the security of the proposed scheme with the random oracle model and formally verify its security properties using a tool named ProVerif, and analyze it in terms of the computational and communication cost. The analysis result shows that the proposed scheme is suitable for resource-constrained ubiquitous environments.

  5. An improved anonymous authentication scheme for roaming in ubiquitous networks.

    Directory of Open Access Journals (Sweden)

    Hakjun Lee

    Full Text Available With the evolution of communication technology and the exponential increase of mobile devices, the ubiquitous networking allows people to use our data and computing resources anytime and everywhere. However, numerous security concerns and complicated requirements arise as these ubiquitous networks are deployed throughout people's lives. To meet the challenge, the user authentication schemes in ubiquitous networks should ensure the essential security properties for the preservation of the privacy with low computational cost. In 2017, Chaudhry et al. proposed a password-based authentication scheme for the roaming in ubiquitous networks to enhance the security. Unfortunately, we found that their scheme remains insecure in its protection of the user privacy. In this paper, we prove that Chaudhry et al.'s scheme is vulnerable to the stolen-mobile device and user impersonation attacks, and its drawbacks comprise the absence of the incorrect login-input detection, the incorrectness of the password change phase, and the absence of the revocation provision. Moreover, we suggest a possible way to fix the security flaw in Chaudhry et al's scheme by using the biometric-based authentication for which the bio-hash is applied in the implementation of a three-factor authentication. We prove the security of the proposed scheme with the random oracle model and formally verify its security properties using a tool named ProVerif, and analyze it in terms of the computational and communication cost. The analysis result shows that the proposed scheme is suitable for resource-constrained ubiquitous environments.

  6. Authentication Method for Privacy Protection in Smart Grid Environment

    Directory of Open Access Journals (Sweden)

    Do-Eun Cho

    2014-01-01

    Full Text Available Recently, the interest in green energy is increasing as a means to resolve problems including the exhaustion of the energy source and, effective management of energy through the convergence of various fields. Therefore, the projects of smart grid which is called intelligent electrical grid for the accomplishment of low carbon green growth are being carried out in a rush. However, as the IT is centered upon the electrical grid, the shortage of IT also appears in smart grid and the complexity of convergence is aggravating the problem. Also, various personal information and payment information within the smart grid are gradually becoming big data and target for external invasion and attack; thus, there is increase in concerns for this matter. The purpose of this study is to analyze the security vulnerabilities and security requirement within smart grid and the authentication and access control method for privacy protection within home network. Therefore, we propose a secure access authentication and remote control method for user’s home device within home network environment, and we present their security analysis. The proposed access authentication method blocks the unauthorized external access and enables secure remote access to home network and its devices with a secure message authentication protocol.

  7. Security analysis and improvements of two-factor mutual authentication with key agreement in wireless sensor networks.

    Science.gov (United States)

    Kim, Jiye; Lee, Donghoon; Jeon, Woongryul; Lee, Youngsook; Won, Dongho

    2014-04-09

    User authentication and key management are two important security issues in WSNs (Wireless Sensor Networks). In WSNs, for some applications, the user needs to obtain real-time data directly from sensors and several user authentication schemes have been recently proposed for this case. We found that a two-factor mutual authentication scheme with key agreement in WSNs is vulnerable to gateway node bypassing attacks and user impersonation attacks using secret data stored in sensor nodes or an attacker's own smart card. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in unique ciphertext form in each node. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in a WSN operate with resource constraints such as limited power, computation, and storage space. Therefore, we also analyze the performance of the proposed scheme by comparing its computation and communication costs with those of other schemes.

  8. Security analysis and enhanced user authentication in proxy mobile IPv6 networks.

    Directory of Open Access Journals (Sweden)

    Dongwoo Kang

    Full Text Available The Proxy Mobile IPv6 (PMIPv6 is a network-based mobility management protocol that allows a Mobile Node(MN connected to the PMIPv6 domain to move from one network to another without changing the assigned IPv6 address. The user authentication procedure in this protocol is not standardized, but many smartcard based authentication schemes have been proposed. Recently, Alizadeh et al. proposed an authentication scheme for the PMIPv6. However, it could allow an attacker to derive an encryption key that must be securely shared between MN and the Mobile Access Gate(MAG. As a result, outsider adversary can derive MN's identity, password and session key. In this paper, we analyze Alizadeh et al.'s scheme regarding security and propose an enhanced authentication scheme that uses a dynamic identity to satisfy anonymity. Furthermore, we use BAN logic to show that our scheme can successfully generate and communicate with the inter-entity session key.

  9. Security analysis and enhanced user authentication in proxy mobile IPv6 networks.

    Science.gov (United States)

    Kang, Dongwoo; Jung, Jaewook; Lee, Donghoon; Kim, Hyoungshick; Won, Dongho

    2017-01-01

    The Proxy Mobile IPv6 (PMIPv6) is a network-based mobility management protocol that allows a Mobile Node(MN) connected to the PMIPv6 domain to move from one network to another without changing the assigned IPv6 address. The user authentication procedure in this protocol is not standardized, but many smartcard based authentication schemes have been proposed. Recently, Alizadeh et al. proposed an authentication scheme for the PMIPv6. However, it could allow an attacker to derive an encryption key that must be securely shared between MN and the Mobile Access Gate(MAG). As a result, outsider adversary can derive MN's identity, password and session key. In this paper, we analyze Alizadeh et al.'s scheme regarding security and propose an enhanced authentication scheme that uses a dynamic identity to satisfy anonymity. Furthermore, we use BAN logic to show that our scheme can successfully generate and communicate with the inter-entity session key.

  10. Physiological Biometric Authentication Systems Advantages Disadvantages And Future Development A Review

    Directory of Open Access Journals (Sweden)

    Israa M. Alsaadi

    2015-08-01

    Full Text Available Abstract With the fast increasing of the electronic crimes and their related issues deploying a reliable user authentication system became a significant task for both of access control and securing users private data. Human biometric characteristics such as face finger iris scanning voice signature and other features provide a dependable security level for both of the personal and the public use. Many biometric authentication systems have been approached for long time. Due to the uniqueness of human biometrics witch played a master role in degrading imposters attacks. Such authentication models have overcome other traditional security methods like passwords and PIN. This paper aims to briefly address the psychological biometric authentication techniques. Also a brief summary to the advantages disadvantages and future developments of each method is provided in this paper.

  11. [Problems of food authenticity].

    Science.gov (United States)

    Czerwiecki, Ludwik

    2004-01-01

    In this review the several data concerning food authenticity were presented. Typical examples of food adulteration were described. The most known are adulteration of vegetable and fruit products, adulteration of wine, honeys, olive oil etc. The modern analytical techniques for detection of food adulteration were discussed. Among physicochemical methods isotopic techniques (SCIRA, IRMS, SNIF-NMR) were cited. The main spectral methods are: IACPAES, PyMs, FTIR, NIR. The chromatographic techniques (GC, HPLC, HPAEC, HPTLC) with several kinds of detectors were described and the ELISA and PCR techniques are mentioned, too. The role of chemometrics as a way of several analytical data processing was highlighted. It was pointed out at the necessity of more rigorous control of food to support of all activity in area of fight with fraud in food industry.

  12. AUTHENTIC LEADERSHIP IN EDUCATIONAL INSTITUTIONS

    Directory of Open Access Journals (Sweden)

    Nebojsa Pavlovic

    2015-06-01

    Full Text Available This work investigates authentic leadership models in the organizational culture of a school. The aim of this quantitative research is to define the factors of authentic leadership in educational institutions in order to provide answers to the questions related to the existence of specific authentic leadership in a school. The sample included 227 randomly selected directors of secondary and primary schools in the former Yugoslav republics: Serbia, Montenegro, and the Republic Srpska. The research included the use of an ALQ questionnaire for the estimation of leadership behavior. The components of authentic leadership are defined using factor analysis and other statistics techniques. The findings developed in this research indicated the fact that directors in educational institutions have a specific authentic leadership style. We suggest the concept of authentic leadership based on the four following factors: Communication-conformist, self-consciousness, self-discovery, and self-concept. Supporting these factors provides the directors with the possibility of obtaining a high level of authentic leadership.

  13. Cryptanalysis and Enhancement of Anonymity Preserving Remote User Mutual Authentication and Session Key Agreement Scheme for E-Health Care Systems.

    Science.gov (United States)

    Amin, Ruhul; Islam, S K Hafizul; Biswas, G P; Khan, Muhammad Khurram; Li, Xiong

    2015-11-01

    The E-health care systems employ IT infrastructure for maximizing health care resources utilization as well as providing flexible opportunities to the remote patient. Therefore, transmission of medical data over any public networks is necessary in health care system. Note that patient authentication including secure data transmission in e-health care system is critical issue. Although several user authentication schemes for accessing remote services are available, their security analysis show that none of them are free from relevant security attacks. We reviewed Das et al.'s scheme and demonstrated their scheme lacks proper protection against several security attacks such as user anonymity, off-line password guessing attack, smart card theft attack, user impersonation attack, server impersonation attack, session key discloser attack. In order to overcome the mentioned security pitfalls, this paper proposes an anonymity preserving remote patient authentication scheme usable in E-health care systems. We then validated the security of the proposed scheme using BAN logic that ensures secure mutual authentication and session key agreement. We also presented the experimental results of the proposed scheme using AVISPA software and the results ensure that our scheme is secure under OFMC and CL-AtSe models. Moreover, resilience of relevant security attacks has been proved through both formal and informal security analysis. The performance analysis and comparison with other schemes are also made, and it has been found that the proposed scheme overcomes the security drawbacks of the Das et al.'s scheme and additionally achieves extra security requirements.

  14. An efficient and adaptive mutual authentication framework for heterogeneous wireless sensor network-based applications.

    Science.gov (United States)

    Kumar, Pardeep; Ylianttila, Mika; Gurtov, Andrei; Lee, Sang-Gon; Lee, Hoon-Jae

    2014-02-11

    Robust security is highly coveted in real wireless sensor network (WSN) applications since wireless sensors' sense critical data from the application environment. This article presents an efficient and adaptive mutual authentication framework that suits real heterogeneous WSN-based applications (such as smart homes, industrial environments, smart grids, and healthcare monitoring). The proposed framework offers: (i) key initialization; (ii) secure network (cluster) formation (i.e., mutual authentication and dynamic key establishment); (iii) key revocation; and (iv) new node addition into the network. The correctness of the proposed scheme is formally verified. An extensive analysis shows the proposed scheme coupled with message confidentiality, mutual authentication and dynamic session key establishment, node privacy, and message freshness. Moreover, the preliminary study also reveals the proposed framework is secure against popular types of attacks, such as impersonation attacks, man-in-the-middle attacks, replay attacks, and information-leakage attacks. As a result, we believe the proposed framework achieves efficiency at reasonable computation and communication costs and it can be a safeguard to real heterogeneous WSN applications.

  15. An Efficient and Adaptive Mutual Authentication Framework for Heterogeneous Wireless Sensor Network-Based Applications

    Directory of Open Access Journals (Sweden)

    Pardeep Kumar

    2014-02-01

    Full Text Available Robust security is highly coveted in real wireless sensor network (WSN applications since wireless sensors’ sense critical data from the application environment. This article presents an efficient and adaptive mutual authentication framework that suits real heterogeneous WSN-based applications (such as smart homes, industrial environments, smart grids, and healthcare monitoring. The proposed framework offers: (i key initialization; (ii secure network (cluster formation (i.e., mutual authentication and dynamic key establishment; (iii key revocation; and (iv new node addition into the network. The correctness of the proposed scheme is formally verified. An extensive analysis shows the proposed scheme coupled with message confidentiality, mutual authentication and dynamic session key establishment, node privacy, and message freshness. Moreover, the preliminary study also reveals the proposed framework is secure against popular types of attacks, such as impersonation attacks, man-in-the-middle attacks, replay attacks, and information-leakage attacks. As a result, we believe the proposed framework achieves efficiency at reasonable computation and communication costs and it can be a safeguard to real heterogeneous WSN applications.

  16. An Efficient and Adaptive Mutual Authentication Framework for Heterogeneous Wireless Sensor Network-Based Applications

    Science.gov (United States)

    Kumar, Pardeep; Ylianttila, Mika; Gurtov, Andrei; Lee, Sang-Gon; Lee, Hoon-Jae

    2014-01-01

    Robust security is highly coveted in real wireless sensor network (WSN) applications since wireless sensors' sense critical data from the application environment. This article presents an efficient and adaptive mutual authentication framework that suits real heterogeneous WSN-based applications (such as smart homes, industrial environments, smart grids, and healthcare monitoring). The proposed framework offers: (i) key initialization; (ii) secure network (cluster) formation (i.e., mutual authentication and dynamic key establishment); (iii) key revocation; and (iv) new node addition into the network. The correctness of the proposed scheme is formally verified. An extensive analysis shows the proposed scheme coupled with message confidentiality, mutual authentication and dynamic session key establishment, node privacy, and message freshness. Moreover, the preliminary study also reveals the proposed framework is secure against popular types of attacks, such as impersonation attacks, man-in-the-middle attacks, replay attacks, and information-leakage attacks. As a result, we believe the proposed framework achieves efficiency at reasonable computation and communication costs and it can be a safeguard to real heterogeneous WSN applications. PMID:24521942

  17. Heart Attack Payment - National

    Data.gov (United States)

    U.S. Department of Health & Human Services — Payment for heart attack patients measure – national data. This data set includes national-level data for payments associated with a 30-day episode of care for heart...

  18. Heart Attack Payment - Hospital

    Data.gov (United States)

    U.S. Department of Health & Human Services — Payment for heart attack patients measure – provider data. This data set includes provider data for payments associated with a 30-day episode of care for heart...

  19. Heart Attack Payment - State

    Data.gov (United States)

    U.S. Department of Health & Human Services — Payment for heart attack patients measure – state data. This data set includes state-level data for payments associated with a 30-day episode of care for heart...

  20. Authenticated quantum secret sharing with quantum dialogue based on Bell states

    International Nuclear Information System (INIS)

    Abulkasim, Hussein; Hamad, Safwat; El Bahnasy, Khalid; Rida, Saad Z

    2016-01-01

    This work proposes a scheme that combines the advantages of a quantum secret sharing procedure and quantum dialogue. The proposed scheme enables the participants to simultaneously make mutual identity authentications, in a simulated scenario where the boss, Alice, shares a secret with her two agents Bob and Charlie. The secret is protected by checking photons to keep untrustworthy agents and outer attacks from getting useful information. Before the two agents cooperate to recover Alice’s secret, they must authenticate their identity using parts of a pre-shared key. In addition, the whole pre-shared key is reused as part of recovering the secret data to avoid any leaks of information. In comparison with previous schemes, the proposed method can efficiently detect eavesdropping and it is free from information leaks. Furthermore, the proposed scheme proved to be secure against man-in-the-middle attacks, impersonation attacks, entangled-and-measure attacks, participant attacks, modification attacks and Trojan-horse attacks. (paper)

  1. Cooperating attackers in neural cryptography.

    Science.gov (United States)

    Shacham, Lanir N; Klein, Einat; Mislovaty, Rachel; Kanter, Ido; Kinzel, Wolfgang

    2004-06-01

    A successful attack strategy in neural cryptography is presented. The neural cryptosystem, based on synchronization of neural networks by mutual learning, has been recently shown to be secure under different attack strategies. The success of the advanced attacker presented here, called the "majority-flipping attacker," does not decay with the parameters of the model. This attacker's outstanding success is due to its using a group of attackers which cooperate throughout the synchronization process, unlike any other attack strategy known. An analytical description of this attack is also presented, and fits the results of simulations.

  2. 22 CFR 92.36 - Authentication defined.

    Science.gov (United States)

    2010-04-01

    ... 22 Foreign Relations 1 2010-04-01 2010-04-01 false Authentication defined. 92.36 Section 92.36... Notarial Acts § 92.36 Authentication defined. An authentication is a certification of the genuineness of... recognized in another jurisdiction. Documents which may require authentication include legal instruments...

  3. Authentic leadership: application to women leaders.

    Science.gov (United States)

    Hopkins, Margaret M; O'Neil, Deborah A

    2015-01-01

    The purpose of this perspective article is to present the argument that authentic leadership is a gendered representation of leadership. We first provide a brief history of leadership theories and definitions of authentic leadership. We then critique authentic leadership and offer arguments to support the premise that authentic leadership is not gender-neutral and is especially challenging for women.

  4. Authentic leadership: application to women leaders

    OpenAIRE

    Hopkins, Margaret M.; O?Neil, Deborah A.

    2015-01-01

    The purpose of this perspective article is to present the argument that authentic leadership is a gendered representation of leadership. We first provide a brief history of leadership theories and definitions of authentic leadership. We then critique authentic leadership and offer arguments to support the premise that authentic leadership is not gender-neutral and is especially challenging for women.

  5. An SDN-Based Fingerprint Hopping Method to Prevent Fingerprinting Attacks

    Directory of Open Access Journals (Sweden)

    Zheng Zhao

    2017-01-01

    Full Text Available Fingerprinting attacks are one of the most severe threats to the security of networks. Fingerprinting attack aims to obtain the operating system information of target hosts to make preparations for future attacks. In this paper, a fingerprint hopping method (FPH is proposed based on software-defined networks to defend against fingerprinting attacks. FPH introduces the idea of moving target defense to show a hopping fingerprint toward the fingerprinting attackers. The interaction of the fingerprinting attack and its defense is modeled as a signal game, and the equilibriums of the game are analyzed to develop an optimal defense strategy. Experiments show that FPH can resist fingerprinting attacks effectively.

  6. A privacy preserving secure and efficient authentication scheme for telecare medical information systems.

    Science.gov (United States)

    Mishra, Raghavendra; Barnwal, Amit Kumar

    2015-05-01

    The Telecare medical information system (TMIS) presents effective healthcare delivery services by employing information and communication technologies. The emerging privacy and security are always a matter of great concern in TMIS. Recently, Chen at al. presented a password based authentication schemes to address the privacy and security. Later on, it is proved insecure against various active and passive attacks. To erase the drawbacks of Chen et al.'s anonymous authentication scheme, several password based authentication schemes have been proposed using public key cryptosystem. However, most of them do not present pre-smart card authentication which leads to inefficient login and password change phases. To present an authentication scheme with pre-smart card authentication, we present an improved anonymous smart card based authentication scheme for TMIS. The proposed scheme protects user anonymity and satisfies all the desirable security attributes. Moreover, the proposed scheme presents efficient login and password change phases where incorrect input can be quickly detected and a user can freely change his password without server assistance. Moreover, we demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham) logic. The proposed scheme is also comparable in terms of computational overheads with relevant schemes.

  7. Fault attacks, injection techniques and tools for simulation

    NARCIS (Netherlands)

    Piscitelli, R.; Bhasin, S.; Regazzoni, F.

    2015-01-01

    Faults attacks are a serious threat to secure devices, because they are powerful and they can be performed with extremely cheap equipment. Resistance against fault attacks is often evaluated directly on the manufactured devices, as commercial tools supporting fault evaluation do not usually provide

  8. A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting.

    Science.gov (United States)

    Lin, Tsung-Hung; Tsung, Chen-Kun; Lee, Tian-Fu; Wang, Zeng-Bo

    2017-12-03

    The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA). PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE) proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie-Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions.

  9. A Round-Efficient Authenticated Key Agreement Scheme Based on Extended Chaotic Maps for Group Cloud Meeting

    Directory of Open Access Journals (Sweden)

    Tsung-Hung Lin

    2017-12-01

    Full Text Available The security is a critical issue for business purposes. For example, the cloud meeting must consider strong security to maintain the communication privacy. Considering the scenario with cloud meeting, we apply extended chaotic map to present passwordless group authentication key agreement, termed as Passwordless Group Authentication Key Agreement (PL-GAKA. PL-GAKA improves the computation efficiency for the simple group password-based authenticated key agreement (SGPAKE proposed by Lee et al. in terms of computing the session key. Since the extended chaotic map has equivalent security level to the Diffie–Hellman key exchange scheme applied by SGPAKE, the security of PL-GAKA is not sacrificed when improving the computation efficiency. Moreover, PL-GAKA is a passwordless scheme, so the password maintenance is not necessary. Short-term authentication is considered, hence the communication security is stronger than other protocols by dynamically generating session key in each cloud meeting. In our analysis, we first prove that each meeting member can get the correct information during the meeting. We analyze common security issues for the proposed PL-GAKA in terms of session key security, mutual authentication, perfect forward security, and data integrity. Moreover, we also demonstrate that communicating in PL-GAKA is secure when suffering replay attacks, impersonation attacks, privileged insider attacks, and stolen-verifier attacks. Eventually, an overall comparison is given to show the performance between PL-GAKA, SGPAKE and related solutions.

  10. Security Gaps In Authentication Factor Credentials

    Directory of Open Access Journals (Sweden)

    Neeraj A. Sharma

    2015-08-01

    Full Text Available Authentication factors refer to user login credentials that a user supplies to an authentication process for it to decide whether to grant or deny access. While two-factor and three-factor authentication generally provides better security than one-factor authentication the aim of this paper is to review security in individual authentication factor credentials that are in use nowadays. These credentials will be discussed in factor categories knowledge factor possession factor and inherence factor. The paper details current security gaps and some novel approaches to diminish the gaps in these authentication factors. We believe that our recommendations will inspire development of better authentication credentials and systems.

  11. Practical security and privacy attacks against biometric hashing using sparse recovery

    Science.gov (United States)

    Topcu, Berkay; Karabat, Cagatay; Azadmanesh, Matin; Erdogan, Hakan

    2016-12-01

    Biometric hashing is a cancelable biometric verification method that has received research interest recently. This method can be considered as a two-factor authentication method which combines a personal password (or secret key) with a biometric to obtain a secure binary template which is used for authentication. We present novel practical security and privacy attacks against biometric hashing when the attacker is assumed to know the user's password in order to quantify the additional protection due to biometrics when the password is compromised. We present four methods that can reconstruct a biometric feature and/or the image from a hash and one method which can find the closest biometric data (i.e., face image) from a database. Two of the reconstruction methods are based on 1-bit compressed sensing signal reconstruction for which the data acquisition scenario is very similar to biometric hashing. Previous literature introduced simple attack methods, but we show that we can achieve higher level of security threats using compressed sensing recovery techniques. In addition, we present privacy attacks which reconstruct a biometric image which resembles the original image. We quantify the performance of the attacks using detection error tradeoff curves and equal error rates under advanced attack scenarios. We show that conventional biometric hashing methods suffer from high security and privacy leaks under practical attacks, and we believe more advanced hash generation methods are necessary to avoid these attacks.

  12. Robustness of digital artist authentication

    DEFF Research Database (Denmark)

    Jacobsen, Robert; Nielsen, Morten

    In many cases it is possible to determine the authenticity of a painting from digital reproductions of the paintings; this has been demonstrated for a variety of artists and with different approaches. Common to all these methods in digital artist authentication is that the potential of the method...... is in focus, while the robustness has not been considered, i.e. the degree to which the data collection process influences the decision of the method. However, in order for an authentication method to be successful in practice, it needs to be robust to plausible error sources from the data collection....... In this paper we investigate the robustness of the newly proposed authenticity method introduced by the authors based on second generation multiresolution analysis. This is done by modelling a number of realistic factors that can occur in the data collection....

  13. HERMA-Heartbeat Microwave Authentication

    Science.gov (United States)

    Lux, James Paul (Inventor); Chow, Edward (Inventor); McKee, Michael Ray (Inventor); Haque, Salman-ul Mohammed (Inventor); Tkacenko, Andre (Inventor)

    2018-01-01

    Systems and methods for identifying and/or authenticating individuals utilizing microwave sensing modules are disclosed. A HEaRtbeat Microwave Authentication (HERMA) system can enable the active identification and/or authentication of a user by analyzing reflected RF signals that contain a person's unique characteristics related to their heartbeats. An illumination signal is transmitted towards a person where a reflected signal captures the motion of the skin and tissue (i.e. displacement) due to the person's heartbeats. The HERMA system can utilize existing transmitters in a mobile device (e.g. Wi-Fi, Bluetooth, Cellphone signals) as the illumination source with at least one external receive antenna. The received reflected signals can be pre-processed and analyzed to identify and/or authenticate a user.

  14. GRAS: A Group Reliant Authentication Scheme for V2V Communication in VANET

    Directory of Open Access Journals (Sweden)

    Auxeeliya Jesudoss

    2013-08-01

    Full Text Available Unlike fixed or wired networks, mobile ad-hoc networks pose a number of challenges for peer-to-peer communication due to their dynamic nature. This paper presents a novel framework for vehicleto- vehicle communication controlled and facilitated by a group leader within a group of vehicles. A communication model for a pure ad-hoc network is developed with much concern about the privacy and security of the system, for the ease of effective communication between vehicles with a reduced communication and computational overhead when no fixed infrastructure is present in the roadsides. In the proposed protocol, vehicles within a radio frequency form a group. They elect their leader based on some criteria who is then responsible for generating a group public and private key pair. Each vehicle is equipped with a tamper resistant OBU which is capable of generating public/private keys pairs and also self-certifies the generated keys based on one way hash chaining technique. Any vehicle joins the group communicates the group leader, authenticates itself to obtain the group key. Later, the vehicle uses the group key to send traffic related messages to the group leader who is responsible for batch verifying the authenticity of the message from different sources and one hop broadcast them to reduce the computation overhead on message verification in each vehicle. In addition, our scheme adopts the k-anonymity approach to protect user identity privacy, where an attacker cannot associate a message with the sending vehicle. Extensive analysis and simulations show that the proposed architecture provides an efficient and fully self organized system management for car-to-car communication without the need of any external infrastructure.

  15. Quantum direct communication with authentication

    International Nuclear Information System (INIS)

    Lee, Hwayean; Lim, Jongin; Yang, HyungJin

    2006-01-01

    We propose two quantum direct communication (QDC) protocols with user authentication. Users can identify each other by checking the correlation of Greenberger-Horne-Zeilinger (GHZ) states. Alice can directly send a secret message to Bob without any previously shared secret using the remaining GHZ states after authentication. Our second QDC protocol can be used even though there is no quantum link between Alice and Bob. The security of the transmitted message is guaranteed by properties of entanglement of GHZ states

  16. Biometric authentication and authorisation infrastructures

    OpenAIRE

    Olden, Matthias

    2010-01-01

    Nowadays, replacing traditional authentication methods with authentication and authorization infrastructures (AAIs) comes down to trading several passwords for one master password, which allows users to access all services in a federation. Having only one password may be comfortable for the user, but it also raises the interest of potential impostors, who may try to overcome the weak security that a single password provides. A solution to this issue would be a more-factor AAI, combining the p...

  17. TCPL: A Defense against wormhole attacks in wireless sensor networks

    International Nuclear Information System (INIS)

    Kumar, K. E. Naresh; Waheed, Mohd. Abdul; Basappa, K. Kari

    2010-01-01

    Do In this paper presents recent advances in technology have made low-cost, low-power wireless sensors with efficient energy consumption. A network of such nodes can coordinate among themselves for distributed sensing and processing of certain data. For which, we propose an architecture to provide a stateless solution in sensor networks for efficient routing in wireless sensor networks. This type of architecture is known as Tree Cast. We propose a unique method of address allocation, building up multiple disjoint trees which are geographically inter-twined and rooted at the data sink. Using these trees, routing messages to and from the sink node without maintaining any routing state in the sensor nodes is possible. In this paper, we introduce the wormhole attack, a severe attack in ad hoc networks that is particularly challenging to defend against. The wormhole attack is possible even if the attacker has not compromised any hosts and even if all communication provides authenticity and confidentiality. In the wormhole attack, an attacker records packets (or bits) at one location in the network, tunnels them to another location, and retransmits them there into the network. The wormhole attack can form a serious threat in wireless networks, especially against many sensor network routing protocols and location-based wireless security systems. For example, most existing ad hoc network routing protocols, without some mechanism to defend against the wormhole attack, would be unable to find routes longer than one or two hops, severely disrupting communication. We present a new, general mechanism, called packet leashes, for detecting and thus defending against wormhole attacks, and we present a specific protocol, called TIK, that implements leashes.

  18. Authentication techniques for smart cards

    International Nuclear Information System (INIS)

    Nelson, R.A.

    1994-02-01

    Smart card systems are most cost efficient when implemented as a distributed system, which is a system without central host interaction or a local database of card numbers for verifying transaction approval. A distributed system, as such, presents special card and user authentication problems. Fortunately, smart cards offer processing capabilities that provide solutions to authentication problems, provided the system is designed with proper data integrity measures. Smart card systems maintain data integrity through a security design that controls data sources and limits data changes. A good security design is usually a result of a system analysis that provides a thorough understanding of the application needs. Once designers understand the application, they may specify authentication techniques that mitigate the risk of system compromise or failure. Current authentication techniques include cryptography, passwords, challenge/response protocols, and biometrics. The security design includes these techniques to help prevent counterfeit cards, unauthorized use, or information compromise. This paper discusses card authentication and user identity techniques that enhance security for microprocessor card systems. It also describes the analysis process used for determining proper authentication techniques for a system

  19. Invertible chaotic fragile watermarking for robust image authentication

    International Nuclear Information System (INIS)

    Sidiropoulos, Panagiotis; Nikolaidis, Nikos; Pitas, Ioannis

    2009-01-01

    Fragile watermarking is a popular method for image authentication. In such schemes, a fragile signal that is sensitive to manipulations is embedded in the image, so that it becomes undetectable after any modification of the original work. Most algorithms focus either on the ability to retrieve the original work after watermark detection (invertibility) or on detecting which image parts have been altered (localization). Furthermore, the majority of fragile watermarking schemes suffer from robustness flaws. We propose a new technique that combines localization and invertibility. Moreover, watermark dependency on the original image and the non-linear watermark embedding procedure guarantees that no malicious attacks will manage to create information leaks.

  20. Cyber Attacks, Information Attacks, and Postmodern Warfare

    Directory of Open Access Journals (Sweden)

    Valuch Jozef

    2017-06-01

    Full Text Available The aim of this paper is to evaluate and differentiate between the phenomena of cyberwarfare and information warfare, as manifestations of what we perceive as postmodern warfare. We describe and analyse the current examples of the use the postmodern warfare and the reactions of states and international bodies to these phenomena. The subject matter of this paper is the relationship between new types of postmodern conflicts and the law of armed conflicts (law of war. Based on ICJ case law, it is clear that under current legal rules of international law of war, cyber attacks as well as information attacks (often performed in the cyberspace as well can only be perceived as “war” if executed in addition to classical kinetic warfare, which is often not the case. In most cases perceived “only” as a non-linear warfare (postmodern conflict, this practice nevertheless must be condemned as conduct contrary to the principles of international law and (possibly a crime under national laws, unless this type of conduct will be recognized by the international community as a “war” proper, in its new, postmodern sense.

  1. Authenticity in art

    International Nuclear Information System (INIS)

    Fleming, S.J.

    1975-01-01

    After a general introductory chapter, the subject is treated under three headings: paintings, ceramics and metals. The scientific tests for authenticity are described in their application to one or more of these branches of art. The traditional method of visual stylistic judgement is compared with and supplemented by scientific methods which (as well as 'wet' chemical analysis, optical microscopy, ultraviolet, infrared, electron and X-ray microscopy, X-ray crystallography and X-ray fluorescence, and direct age determination) include the following or more direct 'nuclear' interest: neutron (or proton, deuteron and high-energy photon) activation analysis for determining impurity and trace element content, gamma radiography for bronzes, neutron autoradiography or examining paintings, radiocarbon dating, other isotope dating (e.g. with lead isotopes and the radium-lead ratio), high temperature thermoluminescence for ceramics, and mass spectroscopy to determine isotope ratios indicative of particular sources of materials. As well as the reference in each chapter there is an additional bibliography. (U.K.)

  2. A robust ECC based mutual authentication protocol with anonymity for session initiation protocol.

    Science.gov (United States)

    Mehmood, Zahid; Chen, Gongliang; Li, Jianhua; Li, Linsen; Alzahrani, Bander

    2017-01-01

    Over the past few years, Session Initiation Protocol (SIP) is found as a substantial application-layer protocol for the multimedia services. It is extensively used for managing, altering, terminating and distributing the multimedia sessions. Authentication plays a pivotal role in SIP environment. Currently, Lu et al. presented an authentication protocol for SIP and profess that newly proposed protocol is protected against all the familiar attacks. However, the detailed analysis describes that the Lu et al.'s protocol is exposed against server masquerading attack and user's masquerading attack. Moreover, it also fails to protect the user's identity as well as it possesses incorrect login and authentication phase. In order to establish a suitable and efficient protocol, having ability to overcome all these discrepancies, a robust ECC-based novel mutual authentication mechanism with anonymity for SIP is presented in this manuscript. The improved protocol contains an explicit parameter for user to cope the issues of security and correctness and is found to be more secure and relatively effective to protect the user's privacy, user's masquerading and server masquerading as it is verified through the comprehensive formal and informal security analysis.

  3. A robust ECC based mutual authentication protocol with anonymity for session initiation protocol.

    Directory of Open Access Journals (Sweden)

    Zahid Mehmood

    Full Text Available Over the past few years, Session Initiation Protocol (SIP is found as a substantial application-layer protocol for the multimedia services. It is extensively used for managing, altering, terminating and distributing the multimedia sessions. Authentication plays a pivotal role in SIP environment. Currently, Lu et al. presented an authentication protocol for SIP and profess that newly proposed protocol is protected against all the familiar attacks. However, the detailed analysis describes that the Lu et al.'s protocol is exposed against server masquerading attack and user's masquerading attack. Moreover, it also fails to protect the user's identity as well as it possesses incorrect login and authentication phase. In order to establish a suitable and efficient protocol, having ability to overcome all these discrepancies, a robust ECC-based novel mutual authentication mechanism with anonymity for SIP is presented in this manuscript. The improved protocol contains an explicit parameter for user to cope the issues of security and correctness and is found to be more secure and relatively effective to protect the user's privacy, user's masquerading and server masquerading as it is verified through the comprehensive formal and informal security analysis.

  4. A Robust and Effective Smart-Card-Based Remote User Authentication Mechanism Using Hash Function

    Science.gov (United States)

    Odelu, Vanga; Goswami, Adrijit

    2014-01-01

    In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme. PMID:24892078

  5. A Robust and Effective Smart-Card-Based Remote User Authentication Mechanism Using Hash Function

    Directory of Open Access Journals (Sweden)

    Ashok Kumar Das

    2014-01-01

    Full Text Available In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme.

  6. A robust and effective smart-card-based remote user authentication mechanism using hash function.

    Science.gov (United States)

    Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

    2014-01-01

    In a remote user authentication scheme, a remote server verifies whether a login user is genuine and trustworthy, and also for mutual authentication purpose a login user validates whether the remote server is genuine and trustworthy. Several remote user authentication schemes using the password, the biometrics, and the smart card have been proposed in the literature. However, most schemes proposed in the literature are either computationally expensive or insecure against several known attacks. In this paper, we aim to propose a new robust and effective password-based remote user authentication scheme using smart card. Our scheme is efficient, because our scheme uses only efficient one-way hash function and bitwise XOR operations. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. We perform the simulation for the formal security analysis using the widely accepted AVISPA (Automated Validation Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. Furthermore, our scheme supports efficiently the password change phase always locally without contacting the remote server and correctly. In addition, our scheme performs significantly better than other existing schemes in terms of communication, computational overheads, security, and features provided by our scheme.

  7. Seven Deadliest Wireless Technologies Attacks

    CERN Document Server

    Haines, Brad

    2010-01-01

    How can an information security professional keep up with all of the hacks, attacks, and exploits? One way to find out what the worst of the worst are is to read the seven books in our Seven Deadliest Attacks Series. Not only do we let you in on the anatomy of these attacks but we also tell you how to get rid of them and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve. Attacks featured in this book include:Bluetooth AttacksCredit Card, Access Card, and Passport AttacksBad Encryption

  8. Understanding security failures of two authentication and key agreement schemes for telecare medicine information systems.

    Science.gov (United States)

    Mishra, Dheerendra

    2015-03-01

    Smart card based authentication and key agreement schemes for telecare medicine information systems (TMIS) enable doctors, nurses, patients and health visitors to use smart cards for secure login to medical information systems. In recent years, several authentication and key agreement schemes have been proposed to present secure and efficient solution for TMIS. Most of the existing authentication schemes for TMIS have either higher computation overhead or are vulnerable to attacks. To reduce the computational overhead and enhance the security, Lee recently proposed an authentication and key agreement scheme using chaotic maps for TMIS. Xu et al. also proposed a password based authentication and key agreement scheme for TMIS using elliptic curve cryptography. Both the schemes provide better efficiency from the conventional public key cryptography based schemes. These schemes are important as they present an efficient solution for TMIS. We analyze the security of both Lee's scheme and Xu et al.'s schemes. Unfortunately, we identify that both the schemes are vulnerable to denial of service attack. To understand the security failures of these cryptographic schemes which are the key of patching existing schemes and designing future schemes, we demonstrate the security loopholes of Lee's scheme and Xu et al.'s scheme in this paper.

  9. Key Based Mutual Authentication (KBMA Mechanism for Secured Access in MobiCloud Environment

    Directory of Open Access Journals (Sweden)

    Donald A. Cecil

    2016-01-01

    Full Text Available Mobile Cloud Computing (MCC fuels innovation in Mobile Computing and opens new pathways between mobile devices and infrastructures. There are several issues in MCC environment as it integrates various technologies. Among all issues, security lies on the top where many users are not willing to adopt the cloud services. This paper focuses on the authentication. The objective of this paper is to provide a mechanism for authenticating all the entities involved in accessing the cloud services. A mechanism called Key Based Mutual Authentication (KBMA is proposed which is divided into two processes namely registration and authentication. Registration is a one-time process where the users are registered for accessing the cloud services by giving the desired unique information. Authentication process is carried out mutually to verify the identities of Device and Cloud Service Provider (CSP. Scyther tool is used for analysing the vulnerability in terms of attacks. The result claims show that the proposed mechanism is resilient against various attacks.

  10. E-SAP: efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks.

    Science.gov (United States)

    Kumar, Pardeep; Lee, Sang-Gon; Lee, Hoon-Jae

    2012-01-01

    A wireless medical sensor network (WMSN) can sense humans' physiological signs without sacrificing patient comfort and transmit patient vital signs to health professionals' hand-held devices. The patient physiological data are highly sensitive and WMSNs are extremely vulnerable to many attacks. Therefore, it must be ensured that patients' medical signs are not exposed to unauthorized users. Consequently, strong user authentication is the main concern for the success and large scale deployment of WMSNs. In this regard, this paper presents an efficient, strong authentication protocol, named E-SAP, for healthcare application using WMSNs. The proposed E-SAP includes: (1) a two-factor (i.e., password and smartcard) professional authentication; (2) mutual authentication between the professional and the medical sensor; (3) symmetric encryption/decryption for providing message confidentiality; (4) establishment of a secure session key at the end of authentication; and (5) professionals can change their password. Further, the proposed protocol requires three message exchanges between the professional, medical sensor node and gateway node, and achieves efficiency (i.e., low computation and communication cost). Through the formal analysis, security analysis and performance analysis, we demonstrate that E-SAP is more secure against many practical attacks, and allows a tradeoff between the security and the performance cost for healthcare application using WMSNs.

  11. E-SAP: Efficient-Strong Authentication Protocol for Healthcare Applications Using Wireless Medical Sensor Networks

    Directory of Open Access Journals (Sweden)

    Hoon-Jae Lee

    2012-02-01

    Full Text Available A wireless medical sensor network (WMSN can sense humans’ physiological signs without sacrificing patient comfort and transmit patient vital signs to health professionals’ hand-held devices. The patient physiological data are highly sensitive and WMSNs are extremely vulnerable to many attacks. Therefore, it must be ensured that patients’ medical signs are not exposed to unauthorized users. Consequently, strong user authentication is the main concern for the success and large scale deployment of WMSNs. In this regard, this paper presents an efficient, strong authentication protocol, named E-SAP, for healthcare application using WMSNs. The proposed E-SAP includes: (1 a two-factor (i.e., password and smartcard professional authentication; (2 mutual authentication between the professional and the medical sensor; (3 symmetric encryption/decryption for providing message confidentiality; (4 establishment of a secure session key at the end of authentication; and (5 professionals can change their password. Further, the proposed protocol requires three message exchanges between the professional, medical sensor node and gateway node, and achieves efficiency (i.e., low computation and communication cost. Through the formal analysis, security analysis and performance analysis, we demonstrate that E-SAP is more secure against many practical attacks, and allows a tradeoff between the security and the performance cost for healthcare application using WMSNs.

  12. Network resilience against intelligent attacks constrained by the degree-dependent node removal cost

    International Nuclear Information System (INIS)

    Annibale, A; Coolen, A C C; Bianconi, G

    2010-01-01

    We study the resilience of complex networks against attacks in which nodes are targeted intelligently, but where disabling a node has a cost to the attacker which depends on its degree. Attackers have to meet these costs with limited resources, which constrains their actions. A network's integrity is quantified in terms of the efficacy of the process that it supports. We calculate how the optimal attack strategy and the most attack-resistant network degree statistics depend on the node removal cost function and the attack resources. The resilience of networks against intelligent attacks is found to depend strongly on the node removal cost function faced by the attacker. In particular, if node removal costs increase sufficiently fast with the node degree, power law networks are found to be more resilient than Poissonian ones, even against optimized intelligent attacks. For cost functions increasing quadratically in the node degrees, intelligent attackers cannot damage the network more than random damages would.

  13. An Efficient V2I Authentication Scheme for VANETs

    Directory of Open Access Journals (Sweden)

    Yousheng Zhou

    2018-01-01

    Full Text Available The advent of intelligent transportation system has a crucial impact on the traffic safety and efficiency. To cope with security issues such as spoofing attack and forgery attack, many authentication schemes for vehicular ad hoc networks (VANETs have been developed, which are based on the hypothesis that secret keys are kept perfectly secure. However, key exposure is inevitable on account of the openness of VANET environment. To address this problem, key insulation is introduced in our proposed scheme. With a helper device, vehicles could periodically update their own secret keys. In this way, the forward and backward secrecy has been achieved. In addition, the elliptic curve operations have been integrated to improve the performance. The random oracle model is adopted to prove the security of the proposed scheme, and the experiment has been conducted to demonstrate the comparison between our scheme and the existing similar schemes.

  14. Cloud-assisted mutual authentication and privacy preservation protocol for telecare medical information systems.

    Science.gov (United States)

    Li, Chun-Ta; Shih, Dong-Her; Wang, Chun-Cheng

    2018-04-01

     With the rapid development of wireless communication technologies and the growing prevalence of smart devices, telecare medical information system (TMIS) allows patients to receive medical treatments from the doctors via Internet technology without visiting hospitals in person. By adopting mobile device, cloud-assisted platform and wireless body area network, the patients can collect their physiological conditions and upload them to medical cloud via their mobile devices, enabling caregivers or doctors to provide patients with appropriate treatments at anytime and anywhere. In order to protect the medical privacy of the patient and guarantee reliability of the system, before accessing the TMIS, all system participants must be authenticated.  Mohit et al. recently suggested a lightweight authentication protocol for cloud-based health care system. They claimed their protocol ensures resilience of all well-known security attacks and has several important features such as mutual authentication and patient anonymity. In this paper, we demonstrate that Mohit et al.'s authentication protocol has various security flaws and we further introduce an enhanced version of their protocol for cloud-assisted TMIS, which can ensure patient anonymity and patient unlinkability and prevent the security threats of report revelation and report forgery attacks.  The security analysis proves that our enhanced protocol is secure against various known attacks as well as found in Mohit et al.'s protocol. Compared with existing related protocols, our enhanced protocol keeps the merits of all desirable security requirements and also maintains the efficiency in terms of computation costs for cloud-assisted TMIS.  We propose a more secure mutual authentication and privacy preservation protocol for cloud-assisted TMIS, which fixes the mentioned security weaknesses found in Mohit et al.'s protocol. According to our analysis, our authentication protocol satisfies most functionality features

  15. The political attack ad

    Directory of Open Access Journals (Sweden)

    Palma Peña-Jiménez, Ph.D.

    2011-01-01

    Full Text Available During election campaigns the political spot has a clear objective: to win votes. This message is communicated to the electorate through television and Internet, and usually presents a negative approach, which includes a direct critical message against the opponent, rather than an exposition of proposals. This article is focused on the analysis of the campaign attack video ad purposely created to encourage the disapproval of the political opponent among voters. These ads focus on discrediting the opponent, many times, through the transmission of ad hominem messages, instead of disseminating the potential of the political party and the virtues and manifesto of its candidate. The article reviews the development of the attack ad since its first appearance, which in Spain dates back to 1996, when the famous Doberman ad was broadcast, and examines the most memorable campaign attack ads.

  16. A fatal elephant attack.

    Science.gov (United States)

    Hejna, Petr; Zátopková, Lenka; Safr, Miroslav

    2012-01-01

    A rare case of an elephant attack is presented. A 44-year-old man working as an elephant keeper was attacked by a cow elephant when he tripped over a foot chain while the animal was being medically treated. The man fell down and was consequently repeatedly attacked with elephant tusks. The man sustained multiple stab injuries to both groin regions, a penetrating injury to the abdominal wall with traumatic prolapse of the loops of the small bowel, multiple defects of the mesentery, and incomplete laceration of the abdominal aorta with massive bleeding into the abdominal cavity. In addition to the penetrating injuries, the man sustained multiple rib fractures with contusion of both lungs and laceration of the right lobe of the liver, and comminuted fractures of the pelvic arch and left femoral body. The man died shortly after he had been received at the hospital. The cause of death was attributed to traumatic shock. © 2011 American Academy of Forensic Sciences.

  17. A Composed Protocol of Quantum Identity Authentication Plus Quantum Key Distribution Based on Squeezed States

    International Nuclear Information System (INIS)

    Zhang Sheng; Wang Jian; Tang Chaojing; Zhang Quan

    2011-01-01

    It is established that a single quantum cryptography protocol usually cooperates with other cryptographic systems, such as an authentication system, in the real world. However, few protocols have been proposed on how to combine two or more quantum protocols. To fill this gap, we propose a composed quantum protocol, containing both quantum identity authentication and quantum key distribution, using squeezed states. Hence, not only the identity can be verified, but also a new private key can be generated by our new protocol. We also analyze the security under an optimal attack, and the efficiency, which is defined by the threshold of the tolerant error rate, using Gaussian error function. (general)

  18. High Efficiency of Two Efficient QSDC with Authentication Is at the Cost of Their Security

    International Nuclear Information System (INIS)

    Su-Juan, Qin; Qiao-Yan, Wen; Luo-Ming, Meng; Fu-Chen, Zhu

    2009-01-01

    Two efficient protocols of quantum secure direct communication with authentication [Chin. Phys. Lett. 25 (2008) 2354] were recently proposed by Liu et al. to improve the efficiency of two protocols presented in [Phys. Rev. A 75 (2007) 026301] by four Pauli operations. We show that the high efficiency of the two protocols is at the expense of their security. The authenticator Trent can reach half the secret by a particular attack strategy in the first protocol. In the second protocol, not only Trent but also an eavesdropper outside can elicit half-information about the secret from the public declaration

  19. A Novel Mobile Communications Authentication Scheme with Roaming Service and User Anonymity

    Directory of Open Access Journals (Sweden)

    Kai Chain

    2016-11-01

    Full Text Available Many novel, effective, and efficient applications and networking services are being developed for the Social Internet of Things. Recently, Li proposed a more secure and efficient authentication scheme with roaming service and user anonymity for mobile communications. The security analysis and discussion of the agreement phase is sufficiently safe; however, an attacker can intercept the identity of a mobile user’s home agent in the authentication phase. By using this information, the attacker can mount distributed denial-of-service attacks in the roaming phase through replay attacks targeting the network’s foreign agent and mobile user’s home agent by using their corresponding session keys. Li’s method also has some shortcomings regarding anonymity that we aim to address. To overcome these issues, this study proposes an elliptic curve–based wireless roaming anonymous login method for the authentication phase. The problems faced in the roaming phase are resolved, and this approach provides balanced session key computation between senders and receivers. Burrows-Abadi-Needham logic (BAN-logic is used to verify the security of the proposed scheme. The proposed scheme affords good security, efficiency, and integrity and maintains anonymity.

  20. Efficient Protection of Android Applications through User Authentication Using Peripheral Devices

    Directory of Open Access Journals (Sweden)

    Jinseong Kim

    2018-04-01

    Full Text Available Android applications store large amounts of sensitive information that may be exposed and exploited. To prevent this security risk, some applications such as Syrup and KakaoTalk use physical device values to authenticate or encrypt application data. However, by manipulating these physical device values, an attacker can circumvent the authentication by executing a Same Identifier Attack and obtain the same application privileges as the user. In our work, WhatsApp, KakaoTalk, Facebook, Amazon, and Syrup were subjected to the Same Identifier Attack, and it was found that an attacker could gain the same privileges as the user, in all five applications. To solve such a problem, we propose a technical scheme—User Authentication using Peripheral Devices. We applied the proposed scheme to a Nexus 5X smartphone running Android version 7.1 and confirmed that the average execution time was 0.005 s, which does not affect the other applications’ execution significantly. We also describe the security aspects of the proposed scheme and its compatibility with the Android platform and other applications. The proposed scheme is practical and efficient in terms of resource usage; therefore, it will be useful for Android users to improve Android application security.

  1. An enhanced biometric authentication scheme for telecare medicine information systems with nonce using chaotic hash function.

    Science.gov (United States)

    Das, Ashok Kumar; Goswami, Adrijit

    2014-06-01

    Recently, Awasthi and Srivastava proposed a novel biometric remote user authentication scheme for the telecare medicine information system (TMIS) with nonce. Their scheme is very efficient as it is based on efficient chaotic one-way hash function and bitwise XOR operations. In this paper, we first analyze Awasthi-Srivastava's scheme and then show that their scheme has several drawbacks: (1) incorrect password change phase, (2) fails to preserve user anonymity property, (3) fails to establish a secret session key beween a legal user and the server, (4) fails to protect strong replay attack, and (5) lacks rigorous formal security analysis. We then a propose a novel and secure biometric-based remote user authentication scheme in order to withstand the security flaw found in Awasthi-Srivastava's scheme and enhance the features required for an idle user authentication scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against passive and active attacks, including the replay and man-in-the-middle attacks. Our scheme is also efficient as compared to Awasthi-Srivastava's scheme.

  2. An Improved and Secure Biometric Authentication Scheme for Telecare Medicine Information Systems Based on Elliptic Curve Cryptography.

    Science.gov (United States)

    Chaudhry, Shehzad Ashraf; Mahmood, Khalid; Naqvi, Husnain; Khan, Muhammad Khurram

    2015-11-01

    Telecare medicine information system (TMIS) offers the patients convenient and expedite healthcare services remotely anywhere. Patient security and privacy has emerged as key issues during remote access because of underlying open architecture. An authentication scheme can verify patient's as well as TMIS server's legitimacy during remote healthcare services. To achieve security and privacy a number of authentication schemes have been proposed. Very recently Lu et al. (J. Med. Syst. 39(3):1-8, 2015) proposed a biometric based three factor authentication scheme for TMIS to confiscate the vulnerabilities of Arshad et al.'s (J. Med. Syst. 38(12):136, 2014) scheme. Further, they emphasized the robustness of their scheme against several attacks. However, in this paper we establish that Lu et al.'s scheme is vulnerable to numerous attacks including (1) Patient anonymity violation attack, (2) Patient impersonation attack, and (3) TMIS server impersonation attack. Furthermore, their scheme does not provide patient untraceability. We then, propose an improvement of Lu et al.'s scheme. We have analyzed the security of improved scheme using popular automated tool ProVerif. The proposed scheme while retaining the plusses of Lu et al.'s scheme is also robust against known attacks.

  3. Attacker Model Lab

    OpenAIRE

    2006-01-01

    tut quiz present Tutorial Quiz Presentation Interactive Media Element This interactive tutorial the two sub-classes of computer attackers: amateurs and professionals. It provides valuable insight into the nature of necessary protection measure for information assets. CS3600 Information Assurance: Introduction to Computer Security Course

  4. Transient Ischemic Attack

    Medline Plus

    Full Text Available ... major stroke. It's important to call 9-1-1 immediately for any stroke symptoms. Popular Topics TIA Cardiac Catheter Cholesterol Heart Attack Stent © 2018, American Heart Association, Inc. All rights reserved. Unauthorized use prohibited. The content in this ...

  5. Temporal Cyber Attack Detection.

    Energy Technology Data Exchange (ETDEWEB)

    Ingram, Joey Burton [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Draelos, Timothy J. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Galiardi, Meghan [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Doak, Justin E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

    2017-11-01

    Rigorous characterization of the performance and generalization ability of cyber defense systems is extremely difficult, making it hard to gauge uncertainty, and thus, confidence. This difficulty largely stems from a lack of labeled attack data that fully explores the potential adversarial space. Currently, performance of cyber defense systems is typically evaluated in a qualitative manner by manually inspecting the results of the system on live data and adjusting as needed. Additionally, machine learning has shown promise in deriving models that automatically learn indicators of compromise that are more robust than analyst-derived detectors. However, to generate these models, most algorithms require large amounts of labeled data (i.e., examples of attacks). Algorithms that do not require annotated data to derive models are similarly at a disadvantage, because labeled data is still necessary when evaluating performance. In this work, we explore the use of temporal generative models to learn cyber attack graph representations and automatically generate data for experimentation and evaluation. Training and evaluating cyber systems and machine learning models requires significant, annotated data, which is typically collected and labeled by hand for one-off experiments. Automatically generating such data helps derive/evaluate detection models and ensures reproducibility of results. Experimentally, we demonstrate the efficacy of generative sequence analysis techniques on learning the structure of attack graphs, based on a realistic example. These derived models can then be used to generate more data. Additionally, we provide a roadmap for future research efforts in this area.

  6. Authenticity, Best Interest, and Clinical Nudging.

    Science.gov (United States)

    Holm, Søren

    2017-03-01

    In this issue of the Hastings Center Report, Moti Gorin, Steven Joffe, Neal Dickert, and Scott Halpern offer a comprehensive defense of the use of nudging techniques in the clinical context, with the aim of promoting the best interests of patients. Their argument is built on three important claims: Nudging is ubiquitous and inescapable in clinical choice situations, and there is no neutral way of informing patients about their treatment choices; many patients do not have authentic (preexisting) preferences concerning their treatment choices, and those that do can easily resist nudging; and, finally, since many people lack authentic preferences and those that do can still act on their preferences, nudging in the patients' best interest is justified. I agree with the authors that if these three claims stand up to scrutiny, then they will provide a justification for many types of clinical nudging. I am, however, skeptical as to whether the claims can be sustained, despite the valiant efforts of Gorin and colleagues. © 2017 The Hastings Center.

  7. Designing Pu600 for Authentication

    International Nuclear Information System (INIS)

    White, G.

    2008-01-01

    Many recent Non-proliferation and Arms Control software projects include an authentication component. Demonstrating assurance that software and hardware performs as expected without hidden 'back-doors' is crucial to a project's success. In this context, 'authentication' is defined as determining that the system performs only its intended purpose and performs that purpose correctly and reliably over many years. Pu600 is a mature software solution for determining the presence of Pu and the ratio of Pu240 to Pu239 by analyzing the gamma ray spectra in the 600 KeV region. The project's goals are to explore hardware and software technologies which can by applied to Pu600 which ease the authentication of a complete, end-to-end solution. We will discuss alternatives and give the current status of our work

  8. Designing Pu600 for Authentication

    Energy Technology Data Exchange (ETDEWEB)

    White, G

    2008-07-10

    Many recent Non-proliferation and Arms Control software projects include an authentication component. Demonstrating assurance that software and hardware performs as expected without hidden 'back-doors' is crucial to a project's success. In this context, 'authentication' is defined as determining that the system performs only its intended purpose and performs that purpose correctly and reliably over many years. Pu600 is a mature software solution for determining the presence of Pu and the ratio of Pu240 to Pu239 by analyzing the gamma ray spectra in the 600 KeV region. The project's goals are to explore hardware and software technologies which can by applied to Pu600 which ease the authentication of a complete, end-to-end solution. We will discuss alternatives and give the current status of our work.

  9. Designing assignment using authentic assessment

    Science.gov (United States)

    Arlianty, Widinda Normalia; Febriana, Beta Wulan; Diniaty, Artina; Fauzi'ah, Lina

    2017-12-01

    This research is conducted to get an overview of the use of authentic assessment in the department of chemistry education, Islamic University of Indonesia. This research was conducted on the students of semester five, odd semester of academic year 2016/2017. Authentic assessment is an assessment process that is capable of measuring the knowledge, attitudes and skills of learners. Chemistry teacher candidates are required to be equipped with teaching and judging skills. Teachers were required can design and carry out assessment of the process and learning outcomes of students in an objective, accountable, and informative. Teacher creativity is required in the assessment. Therefore, authentic assessment is very appropriate used to improve the competence of students in education department as teachers candidates in the preparation of learning assessments.

  10. Efficient and Anonymous Authentication Scheme for Wireless Body Area Networks.

    Science.gov (United States)

    Wu, Libing; Zhang, Yubo; Li, Li; Shen, Jian

    2016-06-01

    As a significant part of the Internet of Things (IoT), Wireless Body Area Network (WBAN) has attract much attention in this years. In WBANs, sensors placed in or around the human body collect the sensitive data of the body and transmit it through an open wireless channel in which the messages may be intercepted, modified, etc. Recently, Wang et al. presented a new anonymous authentication scheme for WBANs and claimed that their scheme can solve the security problems in the previous schemes. Unfortunately, we demonstrate that their scheme cannot withstand impersonation attack. Either an adversary or a malicious legal client could impersonate another legal client to the application provider. In this paper, we give the detailed weakness analysis of Wang et al.'s scheme at first. Then we present a novel anonymous authentication scheme for WBANs and prove that it's secure under a random oracle model. At last, we demonstrate that our presented anonymous authentication scheme for WBANs is more suitable for practical application than Wang et al.'s scheme due to better security and performance. Compared with Wang et al.'s scheme, the computation cost of our scheme in WBANs has reduced by about 31.58%.

  11. Improving the Authentication Scheme and Access Control Protocol for VANETs

    Directory of Open Access Journals (Sweden)

    Wei-Chen Wu

    2014-11-01

    Full Text Available Privacy and security are very important in vehicular ad hoc networks (VANETs. VANETs are negatively affected by any malicious user’s behaviors, such as bogus information and replay attacks on the disseminated messages. Among various security threats, privacy preservation is one of the new challenges of protecting users’ private information. Existing authentication protocols to secure VANETs raise challenges, such as certificate distribution and reduction of the strong reliance on tamper-proof devices. In 2011, Yeh et al. proposed a PAACP: a portable privacy-preserving authentication and access control protocol in vehicular ad hoc networks. However, PAACP in the authorization phase is breakable and cannot maintain privacy in VANETs. In this paper, we present a cryptanalysis of an attachable blind signature and demonstrate that the PAACP’s authorized credential (AC is not secure and private, even if the AC is secretly stored in a tamper-proof device. An eavesdropper can construct an AC from an intercepted blind document. Any eavesdropper can determine who has which access privileges to access which service. For this reason, this paper copes with these challenges and proposes an efficient scheme. We conclude that an improving authentication scheme and access control protocol for VANETs not only resolves the problems that have appeared, but also is more secure and efficient.

  12. Robust and efficient biometrics based password authentication scheme for telecare medicine information systems using extended chaotic maps.

    Science.gov (United States)

    Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Xie, Dong; Yang, Yixian

    2015-06-01

    The Telecare Medicine Information Systems (TMISs) provide an efficient communicating platform supporting the patients access health-care delivery services via internet or mobile networks. Authentication becomes an essential need when a remote patient logins into the telecare server. Recently, many extended chaotic maps based authentication schemes using smart cards for TMISs have been proposed. Li et al. proposed a secure smart cards based authentication scheme for TMISs using extended chaotic maps based on Lee's and Jiang et al.'s scheme. In this study, we show that Li et al.'s scheme has still some weaknesses such as violation the session key security, vulnerability to user impersonation attack and lack of local verification. To conquer these flaws, we propose a chaotic maps and smart cards based password authentication scheme by applying biometrics technique and hash function operations. Through the informal and formal security analyses, we demonstrate that our scheme is resilient possible known attacks including the attacks found in Li et al.'s scheme. As compared with the previous authentication schemes, the proposed scheme is more secure and efficient and hence more practical for telemedical environments.

  13. Bluetooth security attacks comparative analysis, attacks, and countermeasures

    CERN Document Server

    Haataja, Keijo; Pasanen, Sanna; Toivanen, Pekka

    2013-01-01

    This overview of Bluetooth security examines network vulnerabilities and offers a comparative analysis of recent security attacks. It also examines related countermeasures and proposes a novel attack that works against all existing Bluetooth versions.

  14. Attacks on IEEE 802.11 wireless networks

    Directory of Open Access Journals (Sweden)

    Dejan Milan Tepšić

    2013-06-01

    Full Text Available Security of wireless computer networks was initially secured with the WEP security protocol, which relies on the RC4 encryption algorithm and the CRC algorithm to check the integrity. The basic problems of the WEP are a short initialization vector, unsafe data integrity checking, using a common key, the lack of mechanisms for management and exchange of keys, the lack of protection from the endless insertion of the same package into the network, the lack of authentication of access points and the like. The consequences of these failures are easy attacks against the WEP network, namely their complete insecurity. Therefore, the work began on the IEEE 802.11i protocol, which should radically improve the security of wireless networks. Since the development of a protocol lasted, the WPA standard was released to offset the security gap caused by the WEP. The WPA also relies on RC4 and CRC algorithms, but brings temporary keys and the MIC algorithm for data integrity. The 802.1X authentication was introduced and common keys are no longer needed, since it is possible to use an authentication server. The length of the initialization vector was increased and the vector is obtained based on the packet serial number, in order to prevent the insertion of the same packet into the network. The weakness of the WPA security mechanism is the use of a common key. WPA2 (802.11i later appeared. Unlike the WPA mechanism that worked on old devices with the replacement of software, WPA2 requires new network devices that can perform AES encryption. AES replaces the RC4 algorithm and delivers much greater security. Data integrity is protected by encryption. Despite progress, there are still weaknesses in wireless networks. Attacks for denial of service are possible as well as spoofing package headers attacks. For now, it is not advisable to use wireless networks in environments where unreliability and unavailability are not tolerated. Introduction In the entire history of

  15. Introduction to Methods Demonstrations for Authentication

    International Nuclear Information System (INIS)

    Kouzes, Richard T.; Hansen, Randy R.; Pitts, W. K.

    2002-01-01

    During the Trilateral Initiative Technical Workshop on Authentication and Certification, PNNL will demonstrate some authentication technologies. This paper briefly describes the motivation for these demonstrations and provide background on them

  16. Remote Biometrics for Robust Persistent Authentication

    DEFF Research Database (Denmark)

    Ingwar, Mads Ingerslew; Jensen, Christian D.

    2014-01-01

    This paper examines the problem of providing a robust non-invasive authentication service for mobile users in a smart environment. We base our work on the persistent authentication model (PAISE), which relies on available sensors to track principals from the location where they authenticate, e.......g., through a smart card based access control system, to the location where the authentication is required by a location-based service. The PAISE model is extended with remote biometrics to prevent the decay of authentication confidence when authenticated users encounter and interact with other users...... in the environment. The result is a calm approach to authentication, where mobile users are transparently authenticated towards the system, which allows the provision of location-based services. The output of the remote biometrics are fused using error-rate-based fusion to solve a common problem that occurs in score...

  17. Authentic Leadership: Application to Women Leaders

    Directory of Open Access Journals (Sweden)

    Margaret M. Hopkins

    2015-07-01

    Full Text Available This article provides an overview and critique of authentic leadership, with particular arguments given to support the premise that authentic leadership is a gendered representation of leadership.

  18. Polymeric self-authenticating banknotes

    Science.gov (United States)

    Zientek, Paul

    1998-04-01

    This paper discusses a new concept in overt security called the self-authenticating banknote. The self-authenticating banknote concept is built around the transparent window feature of the polymer banknote. This feature allows the incorporation of transmission based optical devices on a banknote so that the user, by folding the note over on itself and looking through an optical device which is a part of the note itself, can visually inspect and verify certain security features on the banknote. This paper presents a number of examples of optical devices which are presently being developed for this purpose.

  19. The Authentic Personality: A Theoretical and Empirical Conceptualization and the Development of the Authenticity Scale

    Science.gov (United States)

    Wood, Alex M.; Linley, P. Alex; Maltby, John; Baliousis, Michael; Joseph, Stephen

    2008-01-01

    This article describes the development of a measure of dispositional authenticity and tests whether authenticity is related to well-being, as predicted by several counseling psychology perspectives. Scales were designed to measure a tripartite conception of authenticity, comprising self-alienation, authentic living, and accepting external…

  20. An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks.

    Science.gov (United States)

    Jung, Jaewook; Kim, Jiye; Choi, Younsung; Won, Dongho

    2016-08-16

    In wireless sensor networks (WSNs), a registered user can login to the network and use a user authentication protocol to access data collected from the sensor nodes. Since WSNs are typically deployed in unattended environments and sensor nodes have limited resources, many researchers have made considerable efforts to design a secure and efficient user authentication process. Recently, Chen et al. proposed a secure user authentication scheme using symmetric key techniques for WSNs. They claim that their scheme assures high efficiency and security against different types of attacks. After careful analysis, however, we find that Chen et al.'s scheme is still vulnerable to smart card loss attack and is susceptible to denial of service attack, since it is invalid for verification to simply compare an entered ID and a stored ID in smart card. In addition, we also observe that their scheme cannot preserve user anonymity. Furthermore, their scheme cannot quickly detect an incorrect password during login phase, and this flaw wastes both communication and computational overheads. In this paper, we describe how these attacks work, and propose an enhanced anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in WSNs to address all of the aforementioned vulnerabilities in Chen et al.'s scheme. Our analysis shows that the proposed scheme improves the level of security, and is also more efficient relative to other related schemes.

  1. An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Jaewook Jung

    2016-08-01

    Full Text Available In wireless sensor networks (WSNs, a registered user can login to the network and use a user authentication protocol to access data collected from the sensor nodes. Since WSNs are typically deployed in unattended environments and sensor nodes have limited resources, many researchers have made considerable efforts to design a secure and efficient user authentication process. Recently, Chen et al. proposed a secure user authentication scheme using symmetric key techniques for WSNs. They claim that their scheme assures high efficiency and security against different types of attacks. After careful analysis, however, we find that Chen et al.’s scheme is still vulnerable to smart card loss attack and is susceptible to denial of service attack, since it is invalid for verification to simply compare an entered ID and a stored ID in smart card. In addition, we also observe that their scheme cannot preserve user anonymity. Furthermore, their scheme cannot quickly detect an incorrect password during login phase, and this flaw wastes both communication and computational overheads. In this paper, we describe how these attacks work, and propose an enhanced anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in WSNs to address all of the aforementioned vulnerabilities in Chen et al.’s scheme. Our analysis shows that the proposed scheme improves the level of security, and is also more efficient relative to other related schemes.

  2. Are blockchains immune to all malicious attacks?

    OpenAIRE

    Xu, Jennifer J.

    2016-01-01

    Background: In recent years, blockchain technology has attracted considerable attention. It records cryptographic transactions in a public ledger that is difficult to alter and compromise because of the distributed consensus. As a result, blockchain is believed to resist fraud and hacking. Results: This work explores the types of fraud and malicious activities that can be prevented by blockchain technology and identifies attacks to which blockchain remains vulnerable. Conclusions: This study ...

  3. Automated Discovery of Mimicry Attacks

    National Research Council Canada - National Science Library

    Giffin, Jonathon T; Jha, Somesh; Miller, Barton P

    2006-01-01

    .... These systems are useful only if they detect actual attacks. Previous research developed manually-constructed mimicry and evasion attacks that avoided detection by hiding a malicious series of system calls within a valid sequence allowed by the model...

  4. Heart Attack Symptoms in Women

    Science.gov (United States)

    ... fat, cholesterol and other substances (plaque). Watch an animation of a heart attack . Many women think the ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

  5. Physical trust-based persistent authentication

    DEFF Research Database (Denmark)

    Fujita, Masahiro; Jensen, Christian D.; Arimura, Shiori

    2015-01-01

    propose a new type of persistent authentication, called Persistent Authentication Based On physical Trust (PABOT). PABOT uses a context of “physical trust relationship” that is built by visual contact between users, and thus can offer a persistent authentication mechanism with better usability and higher...

  6. Authentic Montessori: The Teacher Makes the Difference

    Science.gov (United States)

    Huxel, Alexa C.

    2013-01-01

    What are the elements that make up authentic Montessori? Is Montessori something concrete or abstract? Are there intangibles that make Montessori what it is? Many classrooms today have Montessori materials and small tables and chairs. Are they authentic Montessori? When examining areas that traditionally make defining authentic Montessori…

  7. Developmental Changes in Judgments of Authentic Objects

    Science.gov (United States)

    Frazier, Brandy N.; Gelman, Susan A.

    2009-01-01

    This study examined the development of an understanding of authenticity among 112 children (preschoolers, kindergarten, 1st graders, and 4th graders) and 119 college students. Participants were presented with pairs of photographs depicting authentic and non-authentic objects and asked to pick which one belongs in a museum and which one they would…

  8. 7 CFR 1.22 - Authentication.

    Science.gov (United States)

    2010-01-01

    ... 7 Agriculture 1 2010-01-01 2010-01-01 false Authentication. 1.22 Section 1.22 Agriculture Office of the Secretary of Agriculture ADMINISTRATIVE REGULATIONS Official Records § 1.22 Authentication. When a request is received for an authenticated copy of a document that the agency determines to make...

  9. 22 CFR 92.37 - Authentication procedure.

    Science.gov (United States)

    2010-04-01

    ... 22 Foreign Relations 1 2010-04-01 2010-04-01 false Authentication procedure. 92.37 Section 92.37... Notarial Acts § 92.37 Authentication procedure. (a) The consular officer must compare the foreign official...) Where the State law requires the consular officer's certificate of authentication to show that the...

  10. Evaluation of biometric data and theire usage in authentication system

    OpenAIRE

    Peroutka, Tomáš

    2009-01-01

    The goal of this thesis is to introduce the main aspects of biometry, explain particular methods of biometric analysis and determine suitable methods for using in particular authentication system by multicriterial analysis. Our criteria for method analysis are: uniqueness, universality, public acceptability and policy consideration, resistence of fraud, accuracy, speed of comparison, template storage requirements, constancy of human biometric characters. The thesis deals with the effective us...

  11. Attack Trees with Sequential Conjunction

    NARCIS (Netherlands)

    Jhawar, Ravi; Kordy, Barbara; Mauw, Sjouke; Radomirović, Sasa; Trujillo-Rasua, Rolando

    2015-01-01

    We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND at- tack tree formalism increases the expressivity of attack trees by intro- ducing the sequential conjunctive operator SAND. This operator enables the modeling of

  12. Key Management Strategies for Safeguards Authentication and Encryption

    International Nuclear Information System (INIS)

    Coram, M.; Hymel, R.; McDaniel, M.; Brotz, J.

    2015-01-01

    Management of cryptographic keys for the authentication and encryption of safeguards data can be the critical weak link in the practical implementation of information security. Within the safeguards community, there is the need to validate that data has not been modified at any point since generation and that it was generated by the monitoring node and not an imposter. In addition, there is the need for that data to be transmitted securely between the monitoring node and the monitoring party such that it cannot be intercepted and read while in transit. Encryption and digital signatures support the required confidentiality and authenticity but challenges exist in managing the cryptographic keys they require. Technologies developed at Sandia National Laboratories have evolved in their use of an associated key management strategy. The first generation system utilized a shared secret key for digital signatures. While fast and efficient, it required that a list of keys be maintained and protected. If control of the key was lost, fraudulent data could be made to look authentic. The second generation changed to support public key / private key cryptography. The key pair is generated by the system, the public key shared, and the private key held internally. This approach eliminated the need to maintain the list of keys. It also allows the public key to be provided to anyone needing to authenticate the data without allowing them to spoof data. A third generation system, currently under development, improves upon the public key / private key approach to address a potential man-in-the-middle attack related to the sharing of the public key. In a planned fourth generation system, secure key exchange protocols will distribute session keys for encryption, eliminating another fixed set of keys utilized by the technology and allowing for periodic renegotiation of keys for enhanced security. (author)

  13. An improved anonymous authentication scheme for roaming in ubiquitous networks

    Science.gov (United States)

    Lee, Hakjun; Lee, Donghoon; Moon, Jongho; Jung, Jaewook; Kang, Dongwoo; Kim, Hyoungshick

    2018-01-01

    With the evolution of communication technology and the exponential increase of mobile devices, the ubiquitous networking allows people to use our data and computing resources anytime and everywhere. However, numerous security concerns and complicated requirements arise as these ubiquitous networks are deployed throughout people’s lives. To meet the challenge, the user authentication schemes in ubiquitous networks should ensure the essential security properties for the preservation of the privacy with low computational cost. In 2017, Chaudhry et al. proposed a password-based authentication scheme for the roaming in ubiquitous networks to enhance the security. Unfortunately, we found that their scheme remains insecure in its protection of the user privacy. In this paper, we prove that Chaudhry et al.’s scheme is vulnerable to the stolen-mobile device and user impersonation attacks, and its drawbacks comprise the absence of the incorrect login-input detection, the incorrectness of the password change phase, and the absence of the revocation provision. Moreover, we suggest a possible way to fix the security flaw in Chaudhry et al’s scheme by using the biometric-based authentication for which the bio-hash is applied in the implementation of a three-factor authentication. We prove the security of the proposed scheme with the random oracle model and formally verify its security properties using a tool named ProVerif, and analyze it in terms of the computational and communication cost. The analysis result shows that the proposed scheme is suitable for resource-constrained ubiquitous environments. PMID:29505575

  14. Countermeasures for unintentional and intentional video watermarking attacks

    Science.gov (United States)

    Deguillaume, Frederic; Csurka, Gabriela; Pun, Thierry

    2000-05-01

    These last years, the rapidly growing digital multimedia market has revealed an urgent need for effective copyright protection mechanisms. Therefore, digital audio, image and video watermarking has recently become a very active area of research, as a solution to this problem. Many important issues have been pointed out, one of them being the robustness to non-intentional and intentional attacks. This paper studies some attacks and proposes countermeasures applied to videos. General attacks are lossy copying/transcoding such as MPEG compression and digital/analog (D/A) conversion, changes of frame-rate, changes of display format, and geometrical distortions. More specific attacks are sequence edition, and statistical attacks such as averaging or collusion. Averaging attack consists of averaging locally consecutive frames to cancel the watermark. This attack works well for schemes which embed random independent marks into frames. In the collusion attack the watermark is estimated from single frames (based on image denoising), and averaged over different scenes for better accuracy. The estimated watermark is then subtracted from each frame. Collusion requires that the same mark is embedded into all frames. The proposed countermeasures first ensures robustness to general attacks by spread spectrum encoding in the frequency domain and by the use of an additional template. Secondly, a Bayesian criterion, evaluating the probability of a correctly decoded watermark, is used for rejection of outliers, and to implement an algorithm against statistical attacks. The idea is to embed randomly chosen marks among a finite set of marks, into subsequences of videos which are long enough to resist averaging attacks, but short enough to avoid collusion attacks. The Bayesian criterion is needed to select the correct mark at the decoding step. Finally, the paper presents experimental results showing the robustness of the proposed method.

  15. The embodiment of authentic leadership.

    Science.gov (United States)

    Waite, Roberta; McKinney, Nicole; Smith-Glasgow, Mary Ellen; Meloy, Faye A

    2014-01-01

    Development of student leadership capacity and efficacy is critical to the nursing profession, and vital to this process is a strong foundation in critical thinking that includes a depth of understanding of self (i.e., authentic leadership development). This article will (a) present a theoretical overview of authentic leadership as compared with other popular leadership theories, (b) provide an overview of development/implementation of an authentic leadership course, the first in a series of six one-credit courses as an integral component of the Macy Undergraduate Leadership Fellows Program for upper-level nursing students, and (c) discuss related implications for nursing education. Findings from an investigator-developed quantitative pre-post survey and qualitative evaluation questions are provided. Student feedback regarding the comprehensive nature of the course was extremely positive and affirmed the value of introspection associated with authentic leadership in ongoing personal and professional development. Critical pedagogy and action-oriented learning strategies also proved beneficial to student engagement. Copyright © 2014 Elsevier Inc. All rights reserved.

  16. Authentic Instruction and Technology Literacy

    Science.gov (United States)

    Cydis, Susan

    2015-01-01

    Technology integration is an important aspect of student competence in the 21st century. The use of technology in teaching and learning is a valuable practice for supporting student learning and engagement. Modelling the pedagogical practices that integrate authentic, performance-based opportunities for technology integration was the focus of a…

  17. An Authentic Interpretation of Laws

    Directory of Open Access Journals (Sweden)

    Teodor Antić

    2015-01-01

    Full Text Available Authentic interpretation of laws is a legal institute whereby a legislator gives the authentic meaning to a specific legal norm in case of its incorrect or diversified interpretation in practice. It has the same legal force as the law. Retroactivity and influence on pending cases are its inherent characteristics. Due to these characteristics and their relation to the principles of the rule of law, legal certainty and separation of powers, it is subjected to severe criticism not only by legal theory but also legal practice. The author analyses the institute of authentic interpretation from historical and comparative point of view and through the Croatian normative regulation, practice of the Croatian Parliament and academic debate, including opinions in favour as well as against it. On these grounds the author concludes that higher quality of law making procedure could make the authentic interpretation dispensable. On the other hand, should this institute be kept in the legal order it is essential to receive more effective constitutional control.

  18. Symmetric Key Authentication Services Revisited

    NARCIS (Netherlands)

    Crispo, B.; Popescu, B.C.; Tanenbaum, A.S.

    2004-01-01

    Most of the symmetric key authentication schemes deployed today are based on principles introduced by Needham and Schroeder [15] more than twenty years ago. However, since then, the computing environment has evolved from a LAN-based client-server world to include new paradigms, including wide area

  19. Immersive Learning: Realism, Authenticity & Audience

    OpenAIRE

    Livingstone, Daniel

    2016-01-01

    For almost 20 years the Digital Design Studio has been exploring and applying virtual reality for a wide range of industrial, commercial and educational applications. Drawing from a range of recent projects, we explore the complex relationships between realism, authenticity and audience for effective engagement and education in immersive learning.

  20. Improving Usability of Passphrase Authentication

    DEFF Research Database (Denmark)

    Nielsen, Glen; Vedel, Michael; Jensen, Christian D.

    2014-01-01

    . This is done to ensure an appropriate degree of security, but instead, it makes it difficult for users to remember their password, which results in passwords that are either insecure, but easy to remember, or written down on paper. In this paper we address the problem of usability in user authentication...

  1. Literacy Cafe: Making Writing Authentic

    Science.gov (United States)

    Daniels, Erika

    2007-01-01

    The "Literacy Cafe," a celebration of genre study and student writing, offers students (and visitors!) a positive environment in which to engage in reading and discussion of writing without self-consciousness or fear of criticism. It works because students learn to recognize writing as a learning tool and a relevant, authentic skill in the real…

  2. A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.

    Science.gov (United States)

    Das, Ashok Kumar; Goswami, Adrijit

    2013-06-01

    Connected health care has several applications including telecare medicine information system, personally controlled health records system, and patient monitoring. In such applications, user authentication can ensure the legality of patients. In user authentication for such applications, only the legal user/patient himself/herself is allowed to access the remote server, and no one can trace him/her according to transmitted data. Chang et al. proposed a uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care (Chang et al., J Med Syst 37:9902, 2013). Their scheme uses the user's personal biometrics along with his/her password with the help of the smart card. The user's biometrics is verified using BioHashing. Their scheme is efficient due to usage of one-way hash function and exclusive-or (XOR) operations. In this paper, we show that though their scheme is very efficient, their scheme has several security weaknesses such as (1) it has design flaws in login and authentication phases, (2) it has design flaws in password change phase, (3) it fails to protect privileged insider attack, (4) it fails to protect the man-in-the middle attack, and (5) it fails to provide proper authentication. In order to remedy these security weaknesses in Chang et al.'s scheme, we propose an improvement of their scheme while retaining the original merit of their scheme. We show that our scheme is efficient as compared to Chang et al.'s scheme. Through the security analysis, we show that our scheme is secure against possible attacks. Further, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to ensure that our scheme is secure against passive and active attacks. In addition, after successful authentication between the user and the server, they establish a secret session key shared between them for future secure communication.

  3. A Secure ECC-based RFID Mutual Authentication Protocol to Enhance Patient Medication Safety.

    Science.gov (United States)

    Jin, Chunhua; Xu, Chunxiang; Zhang, Xiaojun; Li, Fagen

    2016-01-01

    Patient medication safety is an important issue in patient medication systems. In order to prevent medication errors, integrating Radio Frequency Identification (RFID) technology into automated patient medication systems is required in hospitals. Based on RFID technology, such systems can provide medical evidence for patients' prescriptions and medicine doses, etc. Due to the mutual authentication between the medication server and the tag, RFID authentication scheme is the best choice for automated patient medication systems. In this paper, we present a RFID mutual authentication scheme based on elliptic curve cryptography (ECC) to enhance patient medication safety. Our scheme can achieve security requirements and overcome various attacks existing in other schemes. In addition, our scheme has better performance in terms of computational cost and communication overhead. Therefore, the proposed scheme is well suitable for patient medication systems.

  4. A Lightweight Authentication and Key Management Scheme for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Danyang Qin

    2016-01-01

    Full Text Available Security problem is one of the most popular research fields in wireless sensor networks for both the application requirement and the resource-constrained essence. An effective and lightweight Authentication and Key Management Scheme (AKMS is proposed in this paper to solve the problem of malicious nodes occurring in the process of networking and to offer a high level of security with low cost. For the condition that the mobile sensor nodes need to be authenticated, the keys in AKMS will be dynamically generated and adopted for security protection. Even when the keys are being compromised or captured, the attackers can neither use the previous keys nor misuse the authenticated nodes to cheat. Simulation results show that the proposed scheme provides more efficient security with less energy consumption for wireless sensor networks especially with mobile sensors.

  5. A Standard Mutual Authentication Protocol for Cloud Computing Based Health Care System.

    Science.gov (United States)

    Mohit, Prerna; Amin, Ruhul; Karati, Arijit; Biswas, G P; Khan, Muhammad Khurram

    2017-04-01

    Telecare Medical Information System (TMIS) supports a standard platform to the patient for getting necessary medical treatment from the doctor(s) via Internet communication. Security protection is important for medical records (data) of the patients because of very sensitive information. Besides, patient anonymity is another most important property, which must be protected. Most recently, Chiou et al. suggested an authentication protocol for TMIS by utilizing the concept of cloud environment. They claimed that their protocol is patient anonymous and well security protected. We reviewed their protocol and found that it is completely insecure against patient anonymity. Further, the same protocol is not protected against mobile device stolen attack. In order to improve security level and complexity, we design a light weight authentication protocol for the same environment. Our security analysis ensures resilience of all possible security attacks. The performance of our protocol is relatively standard in comparison with the related previous research.

  6. On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems.

    Science.gov (United States)

    Arshad, Hamed; Teymoori, Vahid; Nikooghadam, Morteza; Abbassi, Hassan

    2015-08-01

    Telecare medicine information systems (TMISs) aim to deliver appropriate healthcare services in an efficient and secure manner to patients. A secure mechanism for authentication and key agreement is required to provide proper security in these systems. Recently, Bin Muhaya demonstrated some security weaknesses of Zhu's authentication and key agreement scheme and proposed a security enhanced authentication and key agreement scheme for TMISs. However, we show that Bin Muhaya's scheme is vulnerable to off-line password guessing attacks and does not provide perfect forward secrecy. Furthermore, in order to overcome the mentioned weaknesses, we propose a new two-factor anonymous authentication and key agreement scheme using the elliptic curve cryptosystem. Security and performance analyses demonstrate that the proposed scheme not only overcomes the weaknesses of Bin Muhaya's scheme, but also is about 2.73 times faster than Bin Muhaya's scheme.

  7. Image authentication using distributed source coding.

    Science.gov (United States)

    Lin, Yao-Chung; Varodayan, David; Girod, Bernd

    2012-01-01

    We present a novel approach using distributed source coding for image authentication. The key idea is to provide a Slepian-Wolf encoded quantized image projection as authentication data. This version can be correctly decoded with the help of an authentic image as side information. Distributed source coding provides the desired robustness against legitimate variations while detecting illegitimate modification. The decoder incorporating expectation maximization algorithms can authenticate images which have undergone contrast, brightness, and affine warping adjustments. Our authentication system also offers tampering localization by using the sum-product algorithm.

  8. Staging constructions of authenticity in organizational change

    DEFF Research Database (Denmark)

    Dupret, Katia

    2018-01-01

    Authenticity in organizations has gained increased focus in recent years. Authentic management and leadership are ways to motivate and make sustainable changes in the organization. But authenticity is also strategically worked with in order to serve social and political functions...... that are emotionally charged. Through a socio-material perspective this paper seeks to explore how change processes in organizations challenges the idea of authentic leadership as a merely individual ability or personality trait and suggest that the authentic leader is distributed into the practices of change...

  9. Multi-factor challenge/response approach for remote biometric authentication

    Science.gov (United States)

    Al-Assam, Hisham; Jassim, Sabah A.

    2011-06-01

    Although biometric authentication is perceived to be more reliable than traditional authentication schemes, it becomes vulnerable to many attacks when it comes to remote authentication over open networks and raises serious privacy concerns. This paper proposes a biometric-based challenge-response approach to be used for remote authentication between two parties A and B over open networks. In the proposed approach, a remote authenticator system B (e.g. a bank) challenges its client A who wants to authenticate his/her self to the system by sending a one-time public random challenge. The client A responds by employing the random challenge along with secret information obtained from a password and a token to produce a one-time cancellable representation of his freshly captured biometric sample. The one-time biometric representation, which is based on multi-factor, is then sent back to B for matching. Here, we argue that eavesdropping of the one-time random challenge and/or the resulting one-time biometric representation does not compromise the security of the system, and no information about the original biometric data is leaked. In addition to securing biometric templates, the proposed protocol offers a practical solution for the replay attack on biometric systems. Moreover, we propose a new scheme for generating a password-based pseudo random numbers/permutation to be used as a building block in the proposed approach. The proposed scheme is also designed to provide protection against repudiation. We illustrate the viability and effectiveness of the proposed approach by experimental results based on two biometric modalities: fingerprint and face biometrics.

  10. Seven Deadliest Unified Communications Attacks

    CERN Document Server

    York, Dan

    2010-01-01

    Do you need to keep up with the latest hacks, attacks, and exploits effecting Unified Communications technology? Then you need Seven Deadliest Unified Communication Attacks. This book pinpoints the most dangerous hacks and exploits specific to Unified Communications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks featured in this book include: UC Ecosystem Attacks Insecure Endpo

  11. Security Analysis of a Remote User Authentication Scheme with Smart Cards

    OpenAIRE

    Kumar, Manoj

    2007-01-01

    Yoon et al. proposed a new efficient remote user authentication scheme using smart cards to solve the security problems of W. C. Ku and S. M. Chen scheme. This paper reviews Yoon et al. scheme and then proves that the password change phase of Yoon et al. scheme is still insecure. This paper also proves that the Yoon et al. is still vulnerable to parallel session attack.

  12. An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks

    Science.gov (United States)

    Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

    2018-01-01

    Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes. PMID:29324719

  13. An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks.

    Science.gov (United States)

    Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

    2018-01-11

    Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.

  14. An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem.

    Science.gov (United States)

    Lu, Yanrong; Li, Lixiang; Peng, Haipeng; Yang, Yixian

    2015-03-01

    The telecare medical information systems (TMISs) enable patients to conveniently enjoy telecare services at home. The protection of patient's privacy is a key issue due to the openness of communication environment. Authentication as a typical approach is adopted to guarantee confidential and authorized interaction between the patient and remote server. In order to achieve the goals, numerous remote authentication schemes based on cryptography have been presented. Recently, Arshad et al. (J Med Syst 38(12): 2014) presented a secure and efficient three-factor authenticated key exchange scheme to remedy the weaknesses of Tan et al.'s scheme (J Med Syst 38(3): 2014). In this paper, we found that once a successful off-line password attack that results in an adversary could impersonate any user of the system in Arshad et al.'s scheme. In order to thwart these security attacks, an enhanced biometric and smart card based remote authentication scheme for TMISs is proposed. In addition, the BAN logic is applied to demonstrate the completeness of the enhanced scheme. Security and performance analyses show that our enhanced scheme satisfies more security properties and less computational cost compared with previously proposed schemes.

  15. User-Authentication on Wearable Devices Based on Punch Gesture Biometrics

    Directory of Open Access Journals (Sweden)

    Liang Guan-Cheng

    2017-01-01

    Full Text Available Due to commoditization and convenience, wearable technology are interwoven with our daily life. However, privacy sensitive data stored on those devices such as personal email, message can be easily stolen. Most devices require a PIN input to unlock. However, this mechanism is vulnerable to shoulder surfing attack. Thus many novel authentication approaches have been proposed to solve this problem. And biometric-based methods have been adopted by many researchers because of the efficiency and excellent performance. In this paper, we propose a new biometric-based authentication system. We focus on how the user performs a straight punch gesture subconsciously. By analysis the acceleration data from the smartwatch when user performing the gesture, we are able to profile the user. And we authenticate the user according to the biometrics of this action. This mechanism is light-weighted and do not require user to remember any secret code. We develop an authentication system on Samsung Gear Fit 2 and conducted a real-world experiment on 20 volunteers. And we collected 13000 gesture samples to evaluate our system. Results show that our system can achieve a classification accuracy of at least 95.45%. In attacking scenario, our system can achieve an equal error rate lower than 4%. The maximum number of samples required by a well-trained classifier is 25.

  16. Increasing Trustworthiness of Face Authentication in Mobile Devices by Modeling Gesture Behavior and Location Using Neural Networks

    Directory of Open Access Journals (Sweden)

    Blerim Rexha

    2018-02-01

    Full Text Available Personal mobile devices currently have access to a significant portion of their user’s private sensitive data and are increasingly used for processing mobile payments. Consequently, securing access to these mobile devices is a requirement for securing access to the sensitive data and potentially costly services. Face authentication is one of the promising biometrics-based user authentication mechanisms that has been widely available in this era of mobile computing. With a built-in camera capability on smartphones, tablets, and laptops, face authentication provides an attractive alternative of legacy passwords for its memory-less authentication process, which is so sophisticated that it can unlock the device faster than a fingerprint. Nevertheless, face authentication in the context of smartphones has proven to be vulnerable to attacks. In most current implementations, a sufficiently high-resolution face image displayed on another mobile device will be enough to circumvent security measures and bypass the authentication process. In order to prevent such bypass attacks, gesture recognition together with location is proposed to be additionally modeled. Gestures provide a faster and more convenient method of authentication compared to a complex password. The focus of this paper is to build a secure authentication system with face, location and gesture recognition as components. User gestures and location data are a sequence of time series; therefore, in this paper we propose to use unsupervised learning in the long short-term memory recurrent neural network to actively learn to recognize, group and discriminate user gestures and location. Moreover, a clustering-based technique is also implemented for recognizing gestures and location.

  17. A Framework for Federated Two-Factor Authentication Enabling Cost-Effective Secure Access to Distributed Cyberinfrastructure

    Energy Technology Data Exchange (ETDEWEB)

    Ezell, Matthew A [ORNL; Rogers, Gary L [University of Tennessee, Knoxville (UTK); Peterson, Gregory D. [University of Tennessee, Knoxville (UTK)

    2012-01-01

    As cyber attacks become increasingly sophisticated, the security measures used to mitigate the risks must also increase in sophistication. One time password (OTP) systems provide strong authentication because security credentials are not reusable, thus thwarting credential replay attacks. The credential changes regularly, making brute-force attacks significantly more difficult. In high performance computing, end users may require access to resources housed at several different service provider locations. The ability to share a strong token between multiple computing resources reduces cost and complexity. The National Science Foundation (NSF) Extreme Science and Engineering Discovery Environment (XSEDE) provides access to digital resources, including supercomputers, data resources, and software tools. XSEDE will offer centralized strong authentication for services amongst service providers that leverage their own user databases and security profiles. This work implements a scalable framework built on standards to provide federated secure access to distributed cyberinfrastructure.

  18. An Authentication Protocol for Future Sensor Networks.

    Science.gov (United States)

    Bilal, Muhammad; Kang, Shin-Gak

    2017-04-28

    Authentication is one of the essential security services in Wireless Sensor Networks (WSNs) for ensuring secure data sessions. Sensor node authentication ensures the confidentiality and validity of data collected by the sensor node, whereas user authentication guarantees that only legitimate users can access the sensor data. In a mobile WSN, sensor and user nodes move across the network and exchange data with multiple nodes, thus experiencing the authentication process multiple times. The integration of WSNs with Internet of Things (IoT) brings forth a new kind of WSN architecture along with stricter security requirements; for instance, a sensor node or a user node may need to establish multiple concurrent secure data sessions. With concurrent data sessions, the frequency of the re-authentication process increases in proportion to the number of concurrent connections. Moreover, to establish multiple data sessions, it is essential that a protocol participant have the capability of running multiple instances of the protocol run, which makes the security issue even more challenging. The currently available authentication protocols were designed for the autonomous WSN and do not account for the above requirements. Hence, ensuring a lightweight and efficient authentication protocol has become more crucial. In this paper, we present a novel, lightweight and efficient key exchange and authentication protocol suite called the Secure Mobile Sensor Network (SMSN) Authentication Protocol. In the SMSN a mobile node goes through an initial authentication procedure and receives a re-authentication ticket from the base station. Later a mobile node can use this re-authentication ticket when establishing multiple data exchange sessions and/or when moving across the network. This scheme reduces the communication and computational complexity of the authentication process. We proved the strength of our protocol with rigorous security analysis (including formal analysis using the BAN

  19. Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment

    Directory of Open Access Journals (Sweden)

    Yan Zhao

    2018-01-01

    Full Text Available The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, cloud computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To ensure these services can only be accessed conveniently by authorized users, many password and smart card based authentication schemes for multiserver architecture have been proposed. Recently, Truong et al. introduced an identity based user authentication scheme on elliptic curve cryptography in multiserver environment and claimed that their scheme is secure against popular attacks. However, in this paper, we point out that their scheme suffers from offline password guessing and impersonation attack and fails to achieve security requirements of this kind of authentication scheme. Moreover, we put forward a new scheme to conquer security pitfalls in the above scheme. Security analysis indicates that the proposed scheme can be free from well-known attacks. Performance discussion demonstrates that our scheme has advantages in terms of both security property and computation efficiency and thus is more desirable for practical applications in multiserver environment.

  20. A generalized architecture of quantum secure direct communication for N disjointed users with authentication

    Science.gov (United States)

    Farouk, Ahmed; Zakaria, Magdy; Megahed, Adel; Omara, Fatma A.

    2015-11-01

    In this paper, we generalize a secured direct communication process between N users with partial and full cooperation of quantum server. So, N - 1 disjointed users u1, u2, …, uN-1 can transmit a secret message of classical bits to a remote user uN by utilizing the property of dense coding and Pauli unitary transformations. The authentication process between the quantum server and the users are validated by EPR entangled pair and CNOT gate. Afterwards, the remained EPR will generate shared GHZ states which are used for directly transmitting the secret message. The partial cooperation process indicates that N - 1 users can transmit a secret message directly to a remote user uN through a quantum channel. Furthermore, N - 1 users and a remote user uN can communicate without an established quantum channel among them by a full cooperation process. The security analysis of authentication and communication processes against many types of attacks proved that the attacker cannot gain any information during intercepting either authentication or communication processes. Hence, the security of transmitted message among N users is ensured as the attacker introduces an error probability irrespective of the sequence of measurement.

  1. On the security flaws in ID-based password authentication schemes for telecare medical information systems.

    Science.gov (United States)

    Mishra, Dheerendra

    2015-01-01

    Telecare medical information systems (TMIS) enable healthcare delivery services. However, access of these services via public channel raises security and privacy issues. In recent years, several smart card based authentication schemes have been introduced to ensure secure and authorized communication between remote entities over the public channel for the (TMIS). We analyze the security of some of the recently proposed authentication schemes of Lin, Xie et al., Cao and Zhai, and Wu and Xu's for TMIS. Unfortunately, we identify that these schemes failed to satisfy desirable security attributes. In this article we briefly discuss four dynamic ID-based authentication schemes and demonstrate their failure to satisfy desirable security attributes. The study is aimed to demonstrate how inefficient password change phase can lead to denial of server scenario for an authorized user, and how an inefficient login phase causes the communication and computational overhead and decrease the performance of the system. Moreover, we show the vulnerability of Cao and Zhai's scheme to known session specific temporary information attack, vulnerability of Wu and Xu's scheme to off-line password guessing attack, and vulnerability of Xie et al.'s scheme to untraceable on-line password guessing attack.

  2. A provably-secure ECC-based authentication scheme for wireless sensor networks.

    Science.gov (United States)

    Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

    2014-11-06

    A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes.

  3. Group Authentication Scheme for Neighbourhood Area Networks (NANs in Smart Grids

    Directory of Open Access Journals (Sweden)

    Bashar Alohali

    2016-05-01

    Full Text Available A Neighbourhood Area Network is a functional component of the Smart Grid that interconnects the end user domain with the Energy Services Provider (ESP domain. It forms the “edge” of the provider network, interconnecting homes instrumented with Smart Meters (SM with the ESP. The SM is a dual interface, wireless communication device through which information is transacted across the user (a home and ESP domains. The security risk to the ESP increases since the components within the home, interconnected to the ESP via the SM, are not managed by the ESP. Secure operation of the SM is a necessary requirement. The SM should be resilient to attacks, which might be targeted either directly or via the network in the home. This paper presents and discusses a security scheme for groups of SMs in a Neighbourhood Area Network that enable entire groups to authenticate themselves, rather than one at a time. The results show that a significant improvement in terms of resilience against node capture attacks, replay attacks, confidentiality, authentication for groups of SMs in a NAN that enable entire groups to authenticate themselves, rather than one at a time.

  4. Mutual Authentication Scheme in Secure Internet of Things Technology for Comfortable Lifestyle.

    Science.gov (United States)

    Park, Namje; Kang, Namhi

    2015-12-24

    The Internet of Things (IoT), which can be regarded as an enhanced version of machine-to-machine communication technology, was proposed to realize intelligent thing-to-thing communications by utilizing the Internet connectivity. In the IoT, "things" are generally heterogeneous and resource constrained. In addition, such things are connected to each other over low-power and lossy networks. In this paper, we propose an inter-device authentication and session-key distribution system for devices with only encryption modules. In the proposed system, unlike existing sensor-network environments where the key distribution center distributes the key, each sensor node is involved with the generation of session keys. In addition, in the proposed scheme, the performance is improved so that the authenticated device can calculate the session key in advance. The proposed mutual authentication and session-key distribution system can withstand replay attacks, man-in-the-middle attacks, and wiretapped secret-key attacks.

  5. A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

    Science.gov (United States)

    Nam, Junghyun; Kim, Moonseong; Paik, Juryon; Lee, Youngsook; Won, Dongho

    2014-01-01

    A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes. PMID:25384009

  6. A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

    Directory of Open Access Journals (Sweden)

    Junghyun Nam

    2014-11-01

    Full Text Available A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000. Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC, and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure schemes.

  7. Mutual Authentication Scheme in Secure Internet of Things Technology for Comfortable Lifestyle

    Directory of Open Access Journals (Sweden)

    Namje Park

    2015-12-01

    Full Text Available The Internet of Things (IoT, which can be regarded as an enhanced version of machine-to-machine communication technology, was proposed to realize intelligent thing-to-thing communications by utilizing the Internet connectivity. In the IoT, “things” are generally heterogeneous and resource constrained. In addition, such things are connected to each other over low-power and lossy networks. In this paper, we propose an inter-device authentication and session-key distribution system for devices with only encryption modules. In the proposed system, unlike existing sensor-network environments where the key distribution center distributes the key, each sensor node is involved with the generation of session keys. In addition, in the proposed scheme, the performance is improved so that the authenticated device can calculate the session key in advance. The proposed mutual authentication and session-key distribution system can withstand replay attacks, man-in-the-middle attacks, and wiretapped secret-key attacks.

  8. The attack navigator

    DEFF Research Database (Denmark)

    Probst, Christian W.; Willemson, Jan; Pieters, Wolter

    2016-01-01

    The need to assess security and take protection decisions is at least as old as our civilisation. However, the complexity and development speed of our interconnected technical systems have surpassed our capacity to imagine and evaluate risk scenarios. This holds in particular for risks...... that are caused by the strategic behaviour of adversaries. Therefore, technology-supported methods are needed to help us identify and manage these risks. In this paper, we describe the attack navigator: a graph-based approach to security risk assessment inspired by navigation systems. Based on maps of a socio...

  9. Attacks on computer systems

    Directory of Open Access Journals (Sweden)

    Dejan V. Vuletić

    2012-01-01

    Full Text Available Computer systems are a critical component of the human society in the 21st century. Economic sector, defense, security, energy, telecommunications, industrial production, finance and other vital infrastructure depend on computer systems that operate at local, national or global scales. A particular problem is that, due to the rapid development of ICT and the unstoppable growth of its application in all spheres of the human society, their vulnerability and exposure to very serious potential dangers increase. This paper analyzes some typical attacks on computer systems.

  10. AMC Model for Denial of Sleep Attack Detection

    OpenAIRE

    Bhattasali, Tapalina; Chaki, Rituparna

    2012-01-01

    Due to deployment in hostile environment, wireless sensor network is vulnerable to various attacks. Exhausted sensor nodes in sensor network become a challenging issue because it disrupts the normal connectivity of the network. Affected nodes give rise to denial of service that resists to get the objective of sensor network in real life. A mathematical model based on Absorbing Markov Chain (AMC)is proposed for Denial of Sleep attack detection in sensor network. In this mechanism, whether sens...

  11. Infusing Authentic Inquiry into Biotechnology

    Science.gov (United States)

    Hanegan, Nikki L.; Bigler, Amber

    2009-10-01

    Societal benefit depends on the general public's understandings of biotechnology (Betsch in World J Microbiol Biotechnol 12:439-443, 1996; Dawson and Cowan in Int J Sci Educ 25(1):57-69, 2003; Schiller in Business Review: Federal Reserve Bank of Philadelphia (Fourth Quarter), 2002; Smith and Emmeluth in Am Biol Teach 64(2):93-99, 2002). A National Science Foundation funded survey of high school biology teachers reported that hands-on biotechnology education exists in advanced high school biology in the United States, but is non-existent in mainstream biology coursework (Micklos et al. in Biotechnology labs in American high schools, 1998). The majority of pre-service teacher content preparation courses do not teach students appropriate content knowledge through the process of inquiry. A broad continuum exists when discussing inquiry-oriented student investigations (Hanegan et al. in School Sci Math J 109(2):110-134, 2009). Depending on the amount of structure in teacher lessons, inquiries can often be categorized as guided or open. The lesson can be further categorized as simple or authentic (Chinn and Malhotra in Sci Educ 86(2):175-218, 2002). Although authentic inquiries provide the best opportunities for cognitive development and scientific reasoning, guided and simple inquiries are more often employed in the classroom (Crawford in J Res Sci Teach 37(9):916-937, 2000; NRC in Inquiry and the national science education standards: a guide for teaching and learning, 2000). For the purposes of this study we defined inquiry as "authentic" if original research problems were resolved (Hanegan et al. in School Sci Math J 109(2):110-134, 2009; Chinn and Malhotra in Sci Educ 86(2):175-218, 2002; Roth in Authentic school science: knowing and learning in open-inquiry science laboratories, 1995). The research question to guide this study through naturalistic inquiry research methods was: How will participants express whether or not an authentic inquiry experience enhanced

  12. Treatment-resistant hypertension and the incidence of cardiovascular disease and end-stage renal disease: results from the Antihypertensive and Lipid-Lowering Treatment to Prevent Heart Attack Trial (ALLHAT).

    Science.gov (United States)

    Muntner, Paul; Davis, Barry R; Cushman, William C; Bangalore, Sripal; Calhoun, David A; Pressel, Sara L; Black, Henry R; Kostis, John B; Probstfield, Jeffrey L; Whelton, Paul K; Rahman, Mahboob

    2014-11-01

    Apparent treatment-resistant hypertension (aTRH) is defined as uncontrolled hypertension despite the use of ≥3 antihypertensive medication classes or controlled hypertension while treated with ≥4 antihypertensive medication classes. Although a high prevalence of aTRH has been reported, few data are available on its association with cardiovascular and renal outcomes. We analyzed data on 14 684 Antihypertensive and Lipid-Lowering Treatment to Prevent Heart Attack Trial (ALLHAT) participants to determine the association between aTRH (n=1870) with coronary heart disease, stroke, all-cause mortality, heart failure, peripheral artery disease, and end-stage renal disease. We defined aTRH as blood pressure not at goal (systolic/diastolic blood pressure ≥140/90 mm Hg) while taking ≥3 classes of antihypertensive medication or taking ≥4 classes of antihypertensive medication with blood pressure at goal during the year 2 ALLHAT study visit (1996-2000). Use of a diuretic was not required to meet the definition of aTRH. Follow-up occurred through 2002. The multivariable adjusted hazard ratios (95% confidence intervals) comparing participants with versus without aTRH were as follows: coronary heart disease (1.44 [1.18-1.76]), stroke (1.57 [1.18-2.08]), all-cause mortality (1.30 [1.11-1.52]), heart failure (1.88 [1.52-2.34]), peripheral artery disease (1.23 [0.85-1.79]), and end-stage renal disease (1.95 [1.11-3.41]). aTRH was also associated with the pooled outcomes of combined coronary heart disease (hazard ratio, 1.47; 95% confidence interval, 1.26-1.71) and combined cardiovascular disease (hazard ratio, 1.46; 95% confidence interval, 1.29-1.64). These results demonstrate that aTRH increases the risk for cardiovascular disease and end-stage renal disease. Studies are needed to identify approaches to prevent aTRH and reduce risk for adverse outcomes among individuals with aTRH. © 2014 American Heart Association, Inc.

  13. A secure user anonymity-preserving three-factor remote user authentication scheme for the telecare medicine information systems.

    Science.gov (United States)

    Das, Ashok Kumar

    2015-03-01

    Recent advanced technology enables the telecare medicine information system (TMIS) for the patients to gain the health monitoring facility at home and also to access medical services over the Internet of mobile networks. Several remote user authentication schemes have been proposed in the literature for TMIS. However, most of them are either insecure against various known attacks or they are inefficient. Recently, Tan proposed an efficient user anonymity preserving three-factor authentication scheme for TMIS. In this paper, we show that though Tan's scheme is efficient, it has several security drawbacks such as (1) it fails to provide proper authentication during the login phase, (2) it fails to provide correct updation of password and biometric of a user during the password and biometric update phase, and (3) it fails to protect against replay attack. In addition, Tan's scheme lacks the formal security analysis and verification. Later, Arshad and Nikooghadam also pointed out some security flaws in Tan's scheme and then presented an improvement on Tan's s scheme. However, we show that Arshad and Nikooghadam's scheme is still insecure against the privileged-insider attack through the stolen smart-card attack, and it also lacks the formal security analysis and verification. In order to withstand those security loopholes found in both Tan's scheme, and Arshad and Nikooghadam's scheme, we aim to propose an effective and more secure three-factor remote user authentication scheme for TMIS. Our scheme provides the user anonymity property. Through the rigorous informal and formal security analysis using random oracle models and the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, we show that our scheme is secure against various known attacks, including the replay and man-in-the-middle attacks. Furthermore, our scheme is also efficient as compared to other related schemes.

  14. A model to authenticate requests for online banking transactions

    Directory of Open Access Journals (Sweden)

    Saad M. Darwish

    2012-09-01

    Full Text Available As the number of clients using online banking increases, online banking systems are becoming more desirable targets for attacks. To maintain the clients trust and confidence in the security of their online banking services; financial institutions must identify how attackers compromise accounts and develop methods to protect them. Towards this purpose, this paper presents a modified model to authenticate clients for online banking transactions through utilizing Identity-Based mediated RSA(IB-mRSA technique in conjunction with the one-time ID concept for the purpose of increasing security, avoiding swallow’s sorties and preventing reply attacks. The introduced system exploits a method for splitting private keys between the client and the Certification Authority (CA server. Neither the client nor the CA can cheat one another since one-time ID can be used only once and each signature must involve both parties. The resulting model seems to be practical from both computational as well as storage point of view. The experimental results show the effectiveness of the proposed model.

  15. Recent "phishing" attacks

    CERN Multimedia

    IT Department

    2009-01-01

    Over the last few weeks there has been a marked increase in the number of attacks on CERN made by cybercriminals. Typical attacks arrive in the form of e-mail messages purporting to come from the CERN Help Desk, Mail Service, or some similarly official-sounding entity and suggest that there is a problem with your account, such as it being over-quota. They then ask you to click on a link or to reply and give your password. Please don’t! Be cautious of any unexpected messages containing web links even if they appear to come from known contacts. If you happen to click on such a link and if your permission is requested to run or install software, always decline it. NEVER provide your password or other details if these are requested. These messages try to trick you into clicking on Web links which will help them to install malicious software on your computer, and anti-virus software cannot be relied on to detect all cases. In case of questions on this topic, you may contact mailto:helpdesk@cern.ch. CERN Comput...

  16. Authenticated Secure Container System (ASCS)

    International Nuclear Information System (INIS)

    1991-01-01

    Sandia National Laboratories developed an Authenticated Secure Container System (ASCS) for the International Atomic Energy Agency (IAEA). Agency standard weights and safeguards samples can be stored in the ASCS to provide continuity of knowledge. The ASCS consists of an optically clear cover, a base containing the Authenticated Item Monitoring System (AIMS) transmitter, and the AIMS receiver unit for data collection. The ASCS will provide the Inspector with information concerning the status of the system, during a surveillance period, such as state of health, tampering attempts, and movement of the container system. The secure container is located inside a Glove Box with the receiver located remotely from the Glove Box. AIMS technology uses rf transmission from the secure container to the receiver to provide a record of state of health and tampering. The data is stored in the receiver for analysis by the Inspector during a future inspection visit. 2 refs

  17. Authenticity and its Contemporary Challenges

    DEFF Research Database (Denmark)

    Bork Petersen, Franziska

    2013-01-01

    In this thesis I investigate what ‘authenticity’ means in a contemporary popular context and how it is used in the staging of bodies. Furthermore, I analyse works of dance and fashion from the past fifteen years with a focus on their strategies of challenging the notion of ‘bodily authenticity...... self’. I scrutinise the staging techniques and the codes of appearance that bodies have to comply with in order to be deemed ‘authentic’ on the shows. To define them and place them in the history of the idea of ‘bodily authenticity’, I complement my study with an outline of how ‘authenticity...... and by a depiction of 'working hard'. But various techniques also mask the hard work, for example by showing a participant ‘having fun’ performing it. Contemporary works of dance and fashion challenge the problematic implications in the notion of ‘bodily authenticity’. I analyse three strategies of undermining...

  18. Vulnerabilities in GSM technology and feasibility of selected attacks

    Science.gov (United States)

    Voznak, M.; Prokes, M.; Sevcik, L.; Frnda, J.; Toral-Cruz, Homer; Jakovlev, Sergej; Fazio, Peppino; Mehic, M.; Mikulec, M.

    2015-05-01

    Global System for Mobile communication (GSM) is the most widespread technology for mobile communications in the world and serving over 7 billion users. Since first publication of system documentation there has been notified a potential safety problem's occurrence. Selected types of attacks, based on the analysis of the technical feasibility and the degree of risk of these weaknesses, were implemented and demonstrated in laboratory of the VSB-Technical University of Ostrava, Czech Republic. These vulnerabilities were analyzed and afterwards possible attacks were described. These attacks were implemented using open-source tools, software programmable radio USRP (Universal Software RadioPeripheral) and DVB-T (Digital Video Broadcasting - Terrestrial) receiver. GSM security architecture is being scrutinized since first public releases of its specification mainly pointing out weaknesses in authentication and ciphering mechanisms. This contribution also summarizes practically proofed and used scenarios that are performed using opensource software tools and variety of scripts mostly written in Python. Main goal of this paper is in analyzing security issues in GSM network and practical demonstration of selected attacks.

  19. A secure RFID authentication protocol for healthcare environments using elliptic curve cryptosystem.

    Science.gov (United States)

    Zhao, Zhenguo

    2014-05-01

    With the fast advancement of the wireless communication technology and the widespread use of medical systems, the radio frequency identification (RFID) technology has been widely used in healthcare environments. As the first important protocol for ensuring secure communication in healthcare environment, the RFID authentication protocols derive more and more attentions. Most of RFID authentication protocols are based on hash function or symmetric cryptography. To get more security properties, elliptic curve cryptosystem (ECC) has been used in the design of RFID authentication protocol. Recently, Liao and Hsiao proposed a new RFID authentication protocol using ECC and claimed their protocol could withstand various attacks. In this paper, we will show that their protocol suffers from the key compromise problem, i.e. an adversary could get the private key stored in the tag. To enhance the security, we propose a new RFID authentication protocol using ECC. Detailed analysis shows the proposed protocol not only could overcome weaknesses in Liao and Hsiao's protocol but also has the same performance. Therefore, it is more suitable for healthcare environments.

  20. Multicast Delayed Authentication For Streaming Synchrophasor Data in the Smart Grid.

    Science.gov (United States)

    Câmara, Sérgio; Anand, Dhananjay; Pillitteri, Victoria; Carmo, Luiz

    2016-01-01

    Multicast authentication of synchrophasor data is challenging due to the design requirements of Smart Grid monitoring systems such as low security overhead, tolerance of lossy networks, time-criticality and high data rates. In this work, we propose inf -TESLA, Infinite Timed Efficient Stream Loss-tolerant Authentication, a multicast delayed authentication protocol for communication links used to stream synchrophasor data for wide area control of electric power networks. Our approach is based on the authentication protocol TESLA but is augmented to accommodate high frequency transmissions of unbounded length. inf TESLA protocol utilizes the Dual Offset Key Chains mechanism to reduce authentication delay and computational cost associated with key chain commitment. We provide a description of the mechanism using two different modes for disclosing keys and demonstrate its security against a man-in-the-middle attack attempt. We compare our approach against the TESLA protocol in a 2-day simulation scenario, showing a reduction of 15.82% and 47.29% in computational cost, sender and receiver respectively, and a cumulative reduction in the communication overhead.

  1. A study on the integrity and authentication of weather observation data using Identity Based Encryption.

    Science.gov (United States)

    Seo, Jung Woo; Lee, Sang Jin

    2016-01-01

    Weather information provides a safe working environment by contributing to the economic activity of the nation, and plays role of the prevention of natural disasters, which can cause large scaled casualties and damage of property. Especially during times of war, weather information plays a more important role than strategy, tactics and information about trends of the enemy. Also, it plays an essential role for the taking off and landing of fighter jet and the sailing of warships. If weather information, which plays a major role in national security and economy, gets misused for cyber terrorism resulting false weather information, it could be a huge threat for national security and the economy. We propose a plan to safely transmit the measured value from meteorological sensors through a meteorological telecommunication network in order to guarantee the confidentiality and integrity of the data despite cyber-attacks. Also, such a plan allows one to produce reliable weather forecasts by performing mutual authentication through authentication devices. To make sure of this, one can apply an Identity Based Signature to ensure the integrity of measured data, and transmit the encrypted weather information with mutual authentication about the authentication devices. There are merits of this research: It is not necessary to manage authentication certificates unlike the Public Key Infrastructure methodology, and it provides a powerful security measure with the capability to be realized in a small scale computing environment, such as the meteorological observation system due to the low burden on managing keys.

  2. Multi-Factor Authentication: A Survey

    Directory of Open Access Journals (Sweden)

    Aleksandr Ometov

    2018-01-01

    Full Text Available Today, digitalization decisively penetrates all the sides of the modern society. One of the key enablers to maintain this process secure is authentication. It covers many different areas of a hyper-connected world, including online payments, communications, access right management, etc. This work sheds light on the evolution of authentication systems towards Multi-Factor Authentication (MFA starting from Single-Factor Authentication (SFA and through Two-Factor Authentication (2FA. Particularly, MFA is expected to be utilized for human-to-everything interactions by enabling fast, user-friendly, and reliable authentication when accessing a service. This paper surveys the already available and emerging sensors (factor providers that allow for authenticating a user with the system directly or by involving the cloud. The corresponding challenges from the user as well as the service provider perspective are also reviewed. The MFA system based on reversed Lagrange polynomial within Shamir’s Secret Sharing (SSS scheme is further proposed to enable more flexible authentication. This solution covers the cases of authenticating the user even if some of the factors are mismatched or absent. Our framework allows for qualifying the missing factors by authenticating the user without disclosing sensitive biometric data to the verification entity. Finally, a vision of the future trends in MFA is discussed.

  3. Signature-based User Authentication

    OpenAIRE

    Hámorník, Juraj

    2015-01-01

    This work aims on missing handwritten signature authentication in Windows. Result of this work is standalone software that allow users to log into Windows by writing signature. We focus on security of signature authentification and best overall user experience. We implemented signature authentification service that accept signature and return user access token if signature is genuine. Signature authentification is done by comparing given signature to signature patterns by their similarity. Si...

  4. BIOMETRIC AUTHENTICATION SYSTEM USING RPI

    OpenAIRE

    Fatema A. Shaikh*; Prof.S.O.Rajankar

    2016-01-01

    A biometric authentication system acquires biometric sample such as fingerprint. The fingerprint signifies physiological features of an individual.This is a system which maintains the attendance records of students automatically. In this designing of an efficient module that comprises of a fingerprint sensor to manage the attendance records of students. This module enrolls the student’s as well as staff’s fingerprints. This enrolling is a onetime process and their fingerprints will be stored...

  5. Persistent Authentication in Smart Environments

    DEFF Research Database (Denmark)

    Hansen, Mads Syska; Kirschmeyer, Martin; Jensen, Christian D.

    2008-01-01

    present a proof-of-concept implementation of the proposed mechanism, which employs camera based tracking with a single stationary 3D camera that uses the "time of flight" principle. A preliminary evaluation of the proposed mechanism indicates that persistent authentication is technically possible...... with the proposed hardware. The proposed model is sufficiently general to allow the addition of more cameras or supplemental tracking technologies, which will improve the robustness and scalability of the proposed mechanism....

  6. Survey of user authentication mechanisms

    OpenAIRE

    Magno, Marianna B.

    1996-01-01

    Approved for public release; distribution is unlimited The use of a password as the only traditional user authentication mechanism has been criticized for its weakness in computer security. One problem is for the user to select short, easy to remember passwords. Another problem is the selection of a password that is too long which the user tends to forget. Long passwords tend to be written down carelessly somewhere in the work space. Such practices can create serious security loopholes. Co...

  7. Authentic subjectivity and social transformation

    Directory of Open Access Journals (Sweden)

    Michael O'Sullivan

    2016-10-01

    Full Text Available Holiness in the Christian tradition has often been understood in a way that devalues embodiment and practical engagement with the world of one’s time. The latter understanding, for example, led to Marx’s critique and repudiation of Christianity. Both interpretations of holiness can be understood as mistaken efforts to express the dynamism for authenticity in contextualised human subjectivity. Vatican 2 opposed both views by addressing itself to all people of good will, declaring that everyone was called to holiness, and that authentic Christian identity involved solidarity with the world of one’s time, especially those who are poor. Vatican 2, therefore, provided an authoritative faith foundation for holiness expressed through social commitment and for viewing social commitment on the part of people of good will in whatever state of life as a form of holiness. This vision was also the conviction of leading spirituality writers of the period, like Thomas Merton, and inspired liberation theologians and the Latin American Catholic bishops at their conference in Medellín a few years after the Council. The argument of this article is that the emergence and development of a non-dualist Christian spirituality is grounded methodologically in the correct appropriation of the common innate dynamism for authenticity in concrete human persons and lived spiritual experiences consistent with and capable of enhancing this dynamism.

  8. Authentic subjectivity and social transformation

    Directory of Open Access Journals (Sweden)

    Michael O'Sullivan

    2016-05-01

    Full Text Available Holiness in the Christian tradition has often been understood in a way that devalues embodiment and practical engagement with the world of one’s time. The latter understanding, for example, led to Marx’s critique and repudiation of Christianity. Both interpretations of holiness can be understood as mistaken efforts to express the dynamism for authenticity in contextualised human subjectivity. Vatican 2 opposed both views by addressing itself to all people of good will, declaring that everyone was called to holiness, and that authentic Christian identity involved solidarity with the world of one’s time, especially those who are poor. Vatican 2, therefore, provided an authoritative faith foundation for holiness expressed through social commitment and for viewing social commitment on the part of people of good will in whatever state of life as a form of holiness. This vision was also the conviction of leading spirituality writers of the period, like Thomas Merton, and inspired liberation theologians and the Latin American Catholic bishops at their conference in Medellín a few years after the Council. The argument of this article is that the emergence and development of a non-dualist Christian spirituality is grounded methodologically in the correct appropriation of the common innate dynamism for authenticity in concrete human persons and lived spiritual experiences consistent with and capable of enhancing this dynamism.

  9. Cyber Attacks and Combat Behavior

    Directory of Open Access Journals (Sweden)

    Carataș Maria Alina

    2017-01-01

    Full Text Available Cyber terrorism is an intangible danger, a real over the corner threat in the life of individuals,organizations, and governments and is getting harder to deal with its damages. The motivations forthe cyber-attacks are different, depending on the terrorist group, from cybercrime to hacktivism,attacks over the authorities’ servers. Organizations constantly need to find new ways ofstrengthening protection against cyber-attacks, assess their cyber readiness, expand the resiliencecapacity and adopts international security regulations.

  10. An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards.

    Science.gov (United States)

    Moon, Jongho; Choi, Younsung; Jung, Jaewook; Won, Dongho

    2015-01-01

    In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user's management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.'s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.'s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.'s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties.

  11. An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards

    Science.gov (United States)

    Moon, Jongho; Choi, Younsung; Jung, Jaewook; Won, Dongho

    2015-01-01

    In multi-server environments, user authentication is a very important issue because it provides the authorization that enables users to access their data and services; furthermore, remote user authentication schemes for multi-server environments have solved the problem that has arisen from user’s management of different identities and passwords. For this reason, numerous user authentication schemes that are designed for multi-server environments have been proposed over recent years. In 2015, Lu et al. improved upon Mishra et al.’s scheme, claiming that their remote user authentication scheme is more secure and practical; however, we found that Lu et al.’s scheme is still insecure and incorrect. In this paper, we demonstrate that Lu et al.’s scheme is vulnerable to outsider attack and user impersonation attack, and we propose a new biometrics-based scheme for authentication and key agreement that can be used in multi-server environments; then, we show that our proposed scheme is more secure and supports the required security properties. PMID:26709702

  12. IPTV Service Framework Based on Secure Authentication and Lightweight Content Encryption for Screen-Migration in Cloud Computing

    Directory of Open Access Journals (Sweden)

    Aymen Abdullah Alsaffar

    2015-01-01

    Full Text Available These days, the advancing of smart devices (e.g. smart phones, tablets, PC, etc. capabilities and the increase of internet bandwidth enables IPTV service provider to extend their services to smart mobile devices. User can just receive their IPTV service using any smart devices by accessing the internet via wireless network from anywhere anytime in the world which is convenience for users. However, wireless network communication has well a known critical security threats and vulnerabilities to user smart devices and IPTV service such as user identity theft, reply attack, MIM attack, and so forth. A secure authentication for user devices and multimedia protection mechanism is necessary to protect both user devices and IPTV services. As result, we proposed framework of IPTV service based on secure authentication mechanism and lightweight content encryption method for screen-migration in Cloud computing. We used cryptographic nonce combined with user ID and password to authenticate user device in any mobile terminal they passes by. In addition we used Lightweight content encryption to protect and reduce the content decode overload at mobile terminals. Our proposed authentication mechanism reduces the computational processing by 30% comparing to other authentication mechanism and our lightweight content encryption reduces encryption delay to 0.259 second.

  13. Seven Deadliest Social Network Attacks

    CERN Document Server

    Timm, Carl

    2010-01-01

    Do you need to keep up with the latest hacks, attacks, and exploits effecting social networks? Then you need Seven Deadliest Social Network Attacks. This book pinpoints the most dangerous hacks and exploits specific to social networks like Facebook, Twitter, and MySpace, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: Social Networking Infrastruct

  14. Heidegger's Concept of Authenticity and Sport Experience

    OpenAIRE

    Higuchi, Satoshi

    1991-01-01

    Carolyne Thomas regarded the aesthetic experience in sport as authentic in the meaning from Martin Heidegger's Being and Time. To examine the adequacy of the interpretation, the comparison between Thomas' concept of authenticity and the Heidegger's was attempted in this paper. Thomas' concept of authenticity is opposite to accidentality. It is also positive realization of a self, positive movement toward a capable being, a unique self, a unique experience, and honesty in a sport situation...

  15. Obfuscated authentication systems, devices, and methods

    Science.gov (United States)

    Armstrong, Robert C; Hutchinson, Robert L

    2013-10-22

    Embodiments of the present invention are directed toward authentication systems, devices, and methods. Obfuscated executable instructions may encode an authentication procedure and protect an authentication key. The obfuscated executable instructions may require communication with a remote certifying authority for operation. In this manner, security may be controlled by the certifying authority without regard to the security of the electronic device running the obfuscated executable instructions.

  16. Quantum Secure Direct Communication Based on Authentication

    International Nuclear Information System (INIS)

    Min-Jie, Wang; Wei, Pan

    2008-01-01

    We propose two schemes of quantum secure direct communication (QSDC) combined ideas of user authentication [Phys. Rev. A 73 (2006) 042305] and direct communication with dense coding [Phys. Rev. A. 68 (2003) 042317]. In these protocols, the privacy of authentication keys and the properties of the EPR pairs not only ensure the realization of identity authentication but also further improve the security of communication, and no secret messages are leaked even if the messages were broken. (general)

  17. Authentic leadership: What's in the construct?

    OpenAIRE

    Endrissat, Nada; Müller, Werner R.

    2006-01-01

    In a qualitative leadership study conducted in the German-speaking part of Switzerland the quest to be oneself i.e., to be authentic was found to be central for leadership. We will present the results in detail and highlight the difficulties leaders experience when trying to be authentic in their daily interaction. By providing a contextually rich description of authentic leadership from practitioners' point of views, our study contributes to the current endeavor to understand and define auth...

  18. Managing authenticity: the paradox of great leadership.

    Science.gov (United States)

    Goffee, Rob; Jones, Gareth

    2005-12-01

    Leaders and followers both associate authenticity with sincerity, honesty, and integrity. It's the real thing--the attribute that uniquely defines great managers. But while the expression of a genuine self is necessary for great leadership, the concept of authenticity is often misunderstood, not least by leaders themselves. They often assume that authenticity is an innate quality--that a person is either genuine or not. In fact, the authors say, authenticity is largely defined by what other people see in you and, as such, can to a great extent be controlled by you. In this article, the authors explore the qualities of authentic leadership. To illustrate their points, they recount the experiences of some of the authentic leaders they have known and studied, including the BBC's Greg Dyke, Nestlé's Peter Brabeck-Letmathe, and Marks & Spencer's Jean Tomlin. Establishing your authenticity as a leader is a two-part challenge. You have to consistently match your words and deeds; otherwise, followers will never accept you as authentic. But it is not enough just to practice what you preach. To get people to follow you, you also have to get them to relate to you. This means presenting different faces to different audiences--a requirement that many people find hard to square with authenticity. But authenticity is not the product of manipulation. It accurately reflects aspects of the leader's inner self, so it can't be an act. Authentic leaders seem to know which personality traits they should reveal to whom, and when. Highly attuned to their environments, authentic leaders rely on an intuition born of formative, sometimes harsh experiences to understand the expectations and concerns of the people they seek to influence. They retain their distinctiveness as individuals, yet they know how to win acceptance in strong corporate and social cultures and how to use elements of those cultures as a basis for radical change.

  19. Password-only authenticated three-party key exchange with provable security in the standard model.

    Science.gov (United States)

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon; Won, Dongho

    2014-01-01

    Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.

  20. Password-Only Authenticated Three-Party Key Exchange with Provable Security in the Standard Model

    Directory of Open Access Journals (Sweden)

    Junghyun Nam

    2014-01-01

    Full Text Available Protocols for password-only authenticated key exchange (PAKE in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000, which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.

  1. Using a Personal Device to Strengthen Password Authentication from an Untrusted Computer

    Science.gov (United States)

    Mannan, Mohammad; van Oorschot, P. C.

    Keylogging and phishing attacks can extract user identity and sensitive account information for unauthorized access to users' financial accounts. Most existing or proposed solutions are vulnerable to session hijacking attacks. We propose a simple approach to counter these attacks, which cryptographically separates a user's long-term secret input from (typically untrusted) client PCs; a client PC performs most computations but has access only to temporary secrets. The user's long-term secret (typically short and low-entropy) is input through an independent personal trusted device such as a cellphone. The personal device provides a user's long-term secrets to a client PC only after encrypting the secrets using a pre-installed, "correct" public key of a remote service (the intended recipient of the secrets). The proposed protocol (MP-Auth) realizes such an approach, and is intended to safeguard passwords from keyloggers, other malware (including rootkits), phishing attacks and pharming, as well as to provide transaction security to foil session hijacking. We report on a prototype implementation of MP-Auth, and provide a comparison of web authentication techniques that use an additional factor of authentication (e.g. a cellphone, PDA or hardware token).

  2. Crony Attack: Strategic Attack’s Silver Bullet

    Science.gov (United States)

    2006-11-01

    physical assets or financial assets. The form of crony attack that most closely resembles classic strategic attack is to deny, degrade, or destroy a money...February 1951. Reprinted in Airpower Studies Coursebook , Air Command and Staff College, Maxwell AFB, AL, 2002, 152–58. Hirsch, Michael. “NATO’s Game of

  3. Authentic leadership, authentic followership, basic need satisfaction, and work role performance: A cross-level study

    OpenAIRE

    Leroy, Hannes; Anseel, F.; Gardner, W.; Sels, Luc

    2015-01-01

    Authentic leadership occurs when individuals enact their true selves in their role as a leader. This article examines the role of authentic followership in the previously established relationship between authentic leadership and follower in-role and extrarole performance behaviors. Consideration of followers who enact their true selves is important to understand how authentic leadership fosters follower self-determined work motivation and thus work role performance. Using self-determination t...

  4. ARE AUTHENTIC LEADERS SATISFIED WITH THEIR JOB?

    Directory of Open Access Journals (Sweden)

    Nebojsa Pavlovic

    2016-06-01

    Full Text Available A crisis in management has led to the appearance of Authentic leadership. The aim of this work is to determine the characteristics of Authentic leadership in educational institutions and to respond to the question as to whether authentic leaders are satisfied with their job. The third aim is to determine differences among the researched regions. The sample included 227 randomly selected directors from primary and secondary schools in Serbia, Montenegro and the Republika Srpska. The research used an ALQ questionnaire for the estimation of leadership behaviour. Descriptions for the results prediction and multiple linear regressions were used. A multivariance analysis of variance was used to compare the groups. The research results showed that every fourth director is an authentic leader. Authentic leadership has a significant influence on job satisfaction through two aspects: internalised perspective and balanced processing. There are no differences in Authentic leadership in the researched areas. The results could be useful for educational institutions in countries where the research was conducted. Further research could be carried out in other countries while cultural differences should be taken into account. One limiting factor consists of the fact that the analysed data are obtained only from school directors. Leaders of educational institutions should provide management through the development of their own authenticity and the authenticity of their followers. The characteristics of Authentic leadership were reviewed and tested practically in the West-Balkan environment.

  5. User Authentication based on Continuous Touch Biometrics

    Directory of Open Access Journals (Sweden)

    Christina J Kroeze

    2016-12-01

    Full Text Available Mobile devices such as smartphones have until now been protected by traditional authentication methods, including passwords or pattern locks. These authentication mechanisms are difficult to remember and are often disabled, leaving the device vulnerable if stolen. This paper investigates the possibility of unobtrusive, continuous authentication for smartphones based on biometric data collected using a touchscreen. The possibility of authenticating users on a smartphone was evaluated by conducting an experiment simulating real-world touch interaction. Touch data was collected from 30 participants during normal phone use. The touch features were analysed in terms of the information provided for authentication. It was found that features such as finger pressure, location of touch interaction and shape of the finger were important discriminators for authentication. The touch data was also analysed using two classification algorithms to measure the authentication accuracy. The results show that touch data is sufficiently distinct between users to be used in authentication without disrupting normal touch interaction. It is also shown that the raw touch data was more effective in authentication than the aggregated gesture data.

  6. Authentic Leadership and Spiritual Capital Development: Agenda ...

    African Journals Online (AJOL)

    Authentic Leadership and Spiritual Capital Development: Agenda for Building ... indicate that many business companies and government organizations which ... for the successful building of quality management and effective organizations.

  7. Identification and authentication. Common biometric methods review

    OpenAIRE

    Lysak, A.

    2012-01-01

    Major biometric methods used for identification and authentication purposes in modern computing systems are considered in the article. Basic classification, application areas and key differences are given.

  8. Authentic leadership: develop the leader within.

    Science.gov (United States)

    Yasinski, Lesia

    2014-03-01

    Great leadership usually starts with a willing heart, a positive attitude, and a desire to make a difference. Strong leadership is important, in today's health care climate, to ensure optimal patient outcomes and the fostering of future generations of knowledgeable, motivated and enthusiastic perioperative nurses. This article will explore key elements necessary for the development of authentic leadership. While highlighting the role that personal development plays in leadership skills, this article will also discuss ways to cultivate authenticity in leadership. The following questions will be addressed: What is authentic leadership? How does one become an authentic leader?

  9. Authenticity Lies in the Eye of the Beholder The Perception of Teachers' Authenticity by their Students

    NARCIS (Netherlands)

    De Bruyckere, Pedro

    2018-01-01

    Everything and everybody is urged to be authentic. Brands now need to create authentic experiences in music, artists survive if they are perceived as being real and nowadays, even in political elections, the perception of authenticity is an issue, certainly in the 2016 elections in the United

  10. Computer Security: Cryptography and authentication (2/4)

    CERN Multimedia

    CERN. Geneva

    2012-01-01

    Remi Mollon studied computer security at University and he first worked on Grids, with the EGEE project, for a French Bioinformatics institute. Information security being crucial in that field, he developed an encrypted file management system on top of Grid middleware, and he contributed in integrating legacy applications with Grids. Then, he was hired by CERN as a Grid Data Management developer, and he joined the Grid Operational Security Coordination Team. Remi has now moved to CERN Computer Security Team. Remi is involved in the daily security operations, in addition to be responsible to design Team's computer infrastructure, and to participate to several projects, like multi-factor authentication at CERN. With the prevalence of modern information technologies and its increasing integration into our daily live, digital systems become more and more playground for evil people. While in the past, attacks were driven by fame& kudos, nowadays money is the motivating factor. Just the recent months have s...

  11. Analysis Of Default Passwords In Routers Against Brute-Force Attack

    OpenAIRE

    Mohammed Farik; ABM Shawkat Ali

    2015-01-01

    Abstract Password authentication is the main means of access control on network routers and router manufacturers provide a default password for initial login to the router. While there has been many publications regarding the minimum requirements of a good password how widely the manufacturers themselves are adhering to the minimum standards and whether these passwords can withstand brute-force attack are not widely known. The novelty of this research is that this is the first time default...

  12. Studies on sulfate attack: Mechanisms, test methods, and modeling

    Science.gov (United States)

    Santhanam, Manu

    The objective of this research study was to investigate various issues pertaining to the mechanism, testing methods, and modeling of sulfate attack in concrete. The study was divided into the following segments: (1) effect of gypsum formation on the expansion of mortars, (2) attack by the magnesium ion, (3) sulfate attack in the presence of chloride ions---differentiating seawater and groundwater attack, (4) use of admixtures to mitigate sulfate attack---entrained air, sodium citrate, silica fume, and metakaolin, (5) effects of temperature and concentration of the attack solution, (6) development of new test methods using concrete specimens, and (7) modeling of the sulfate attack phenomenon. Mortar specimens using portland cement (PC) and tricalcium silicate (C 3S), with or without mineral admixtures, were prepared and immersed in different sulfate solutions. In addition to this, portland cement concrete specimens were also prepared and subjected to complete and partial immersion in sulfate solutions. Physical measurements, chemical analyses and microstructural studies were performed periodically on the specimens. Gypsum formation was seen to cause expansion of the C3S mortar specimens. Statistical analyses of the data also indicated that the quantity of gypsum was the most significant factor controlling the expansion of mortar bars. The attack by magnesium ion was found to drive the reaction towards the formation of brucite. Decalcification of the C-S-H and its subsequent conversion to the non-cementitious M-S-H was identified as the mechanism of destruction in magnesium sulfate attack. Mineral admixtures were beneficial in combating sodium sulfate attack, while reducing the resistance to magnesium sulfate attack. Air entrainment did not change the measured physical properties, but reduced the visible distress of the mortars. Sodium citrate caused a substantial reduction in the rate of damage of the mortars due to its retarding effect. Temperature and

  13. Secure Authentication and Prescription Safety Protocol for Telecare Health Services Using Ubiquitous IoT

    Directory of Open Access Journals (Sweden)

    Zahid Mahmood

    2017-10-01

    Full Text Available Internet-of-Things (IoT include a large number of devices that can communicate across different networks. Cyber-Physical Systems (CPS also includes a number of devices connected to the internet where wearable devices are also included. Both systems enable researchers to develop healthcare systems with additional intelligence as well as prediction capabilities both for lifestyle and in hospitals. It offers as much persistence as a platform to ubiquitous healthcare by using wearable sensors to transfer the information over servers, smartphones, and other smart devices in the Telecare Medical Information System (TMIS. Security is a challenging issue in TMIS, and resourceful access to health care services requires user verification and confidentiality. Existing schemes lack in ensuring reliable prescription safety along with authentication. This research presents a Secure Authentication and Prescription Safety (SAPS protocol to ensure secure communication between the patient, doctor/nurse, and the trusted server. The proposed procedure relies upon the efficient elliptic curve cryptosystem which can generate a symmetric secure key to ensure secure data exchange between patients and physicians after successful authentication of participants individually. A trusted server is involved for mutual authentication between parties and then generates a common key after completing the validation process. Moreover, the scheme is verified by doing formal modeling using Rubin Logic and validated using simulations in NS-2.35. We have analyzed the SAPS against security attacks, and then performance analysis is elucidated. Results prove the dominance of SAPS over preliminaries regarding mutual authentication, message integrity, freshness, and session key management and attack prevention.

  14. Invisible Trojan-horse attack

    DEFF Research Database (Denmark)

    Sajeed, Shihan; Minshull, Carter; Jain, Nitin

    2017-01-01

    We demonstrate the experimental feasibility of a Trojan-horse attack that remains nearly invisible to the single-photon detectors employed in practical quantum key distribution (QKD) systems, such as Clavis2 from ID Quantique. We perform a detailed numerical comparison of the attack performance...

  15. When Sinuses Attack! (For Kids)

    Science.gov (United States)

    ... First Aid & Safety Doctors & Hospitals Videos Recipes for Kids Kids site Sitio para niños How the Body Works ... Search English Español When Sinuses Attack! KidsHealth / For Kids / When Sinuses Attack! What's in this article? What ...

  16. Email authentication using symmetric and asymmetric key algorithm encryption

    Science.gov (United States)

    Halim, Mohamad Azhar Abdul; Wen, Chuah Chai; Rahmi, Isredza; Abdullah, Nurul Azma; Rahman, Nurul Hidayah Ab.

    2017-10-01

    Protection of sensitive or classified data from unauthorized access, hackers and other personals is virtue. Storage of data is done in devices such as USB, external hard disk, laptops, I-Pad or at cloud. Cloud computing presents with both ups and downs. However, storing information elsewhere increases risk of being attacked by hackers. Besides, the risk of losing the device or being stolen is increased in case of storage in portable devices. There are array of mediums of communications and even emails used to send data or information but these technologies come along with severe weaknesses such as absence of confidentiality where the message sent can be altered and sent to the recipient. No proofs are shown to the recipient that the message received is altered. The recipient would not find out unless he or she checks with the sender. Without encrypted of data or message, sniffing tools and software can be used to hack and read the information since it is in plaintext. Therefore, an electronic mail authentication is proposed, namely Hybrid Encryption System (HES). The security of HES is protected using asymmetric and symmetric key algorithms. The asymmetric algorithm is RSA and symmetric algorithm is Advance Encryption Standard. With the combination for both algorithms in the HES may provide the confidentiality and authenticity to the electronic documents send from the sender to the recipient. In a nutshell, the HES will help users to protect their valuable documentation and data from illegal third party user.

  17. Medical Image Tamper Detection Based on Passive Image Authentication.

    Science.gov (United States)

    Ulutas, Guzin; Ustubioglu, Arda; Ustubioglu, Beste; V Nabiyev, Vasif; Ulutas, Mustafa

    2017-12-01

    Telemedicine has gained popularity in recent years. Medical images can be transferred over the Internet to enable the telediagnosis between medical staffs and to make the patient's history accessible to medical staff from anywhere. Therefore, integrity protection of the medical image is a serious concern due to the broadcast nature of the Internet. Some watermarking techniques are proposed to control the integrity of medical images. However, they require embedding of extra information (watermark) into image before transmission. It decreases visual quality of the medical image and can cause false diagnosis. The proposed method uses passive image authentication mechanism to detect the tampered regions on medical images. Structural texture information is obtained from the medical image by using local binary pattern rotation invariant (LBPROT) to make the keypoint extraction techniques more successful. Keypoints on the texture image are obtained with scale invariant feature transform (SIFT). Tampered regions are detected by the method by matching the keypoints. The method improves the keypoint-based passive image authentication mechanism (they do not detect tampering when the smooth region is used for covering an object) by using LBPROT before keypoint extraction because smooth regions also have texture information. Experimental results show that the method detects tampered regions on the medical images even if the forged image has undergone some attacks (Gaussian blurring/additive white Gaussian noise) or the forged regions are scaled/rotated before pasting.

  18. Privacy preservation and authentication on secure geographical routing in VANET

    Science.gov (United States)

    Punitha, A.; Manickam, J. Martin Leo

    2017-05-01

    Vehicular Ad hoc Networks (VANETs) play an important role in vehicle-to-vehicle communication as it offers a high level of safety and convenience to drivers. In order to increase the level of security and safety in VANETs, in this paper, we propose a Privacy Preservation and Authentication on Secure Geographical Routing Protocol (PPASGR) for VANET. It provides security by detecting and preventing malicious nodes through two directional antennas such as forward (f-antenna) and backward (b-antenna). The malicious nodes are detected by direction detection, consistency detection and conflict detection. The location of the trusted neighbour is identified using TNT-based location verification scheme after the implementation of the Vehicle Tamper Proof Device (VTPD), Trusted Authority (TA) is generated that produces the anonymous credentials. Finally, VTPD generates pseudo-identity using TA which retrieves the real identity of the sender. Through this approach, the authentication, integrity and confidentiality for routing packets can be achieved. The simulation results show that the proposed approach reduces the packet drop due to attack and improves the packet delivery ratio.

  19. Secure Rateless Deluge: Pollution-Resistant Reprogramming and Data Dissemination for Wireless Sensor Networks

    NARCIS (Netherlands)

    Law, Y.W.; Zhang, Yu; Jin meifang, J.; Palaniswami, Marimuthu; Havinga, Paul J.M.

    A network reprogramming protocol is made for updating the firmware of a wireless sensor network (WSN) in situ. For security reasons, every firmware update must be authenticated to prevent an attacker from installing its code in the network. While existing schemes can provide authentication services,

  20. Alienation, authenticity and the self.

    Science.gov (United States)

    Rae, Gavin

    2010-01-01

    While many commentators have held that the concept "alienation" is of crucial importance when attempting to understand human existence, others have held that it is an inherently empty concept that we should abandon. In this article, I refute the latters' charge by showing that each conception of "alienation" is underpinned by a normative ontological conception of the preferable, or authentic, self and show that the concept "alienation" has ethical, existential and socio-political uses. From this I conclude that, when properly understood, the concept "alienation" can provide us with vital insights into human existence.