Search results for: authentication mechanisms
2709 Adaptive Auth - Adaptive Authentication Based on User Attributes for Web Application
Authors: Senthuran Manoharan, Rathesan Sivagananalingam
Abstract:
One of the main issues in system security is Authentication. Authentication can be defined as the process of recognizing the user's identity and it is the most important step in the access control process to safeguard data/resources from being accessed by unauthorized users. The static method of authentication cannot ensure the genuineness of the user. Due to this reason, more innovative authentication mechanisms came into play. At first two factor authentication was introduced and later, multi-factor authentication was introduced to enhance the security of the system. It also had some issues and later, adaptive authentication was introduced. In this research paper, the design of an adaptive authentication engine was put forward. The user risk profile was calculated based on the user parameters and then the user was challenged with a suitable authentication method.Keywords: authentication, adaptive authentication, machine learning, security
Procedia PDF Downloads 2482708 Cryptography Based Authentication Methods
Authors: Mohammad A. Alia, Abdelfatah Aref Tamimi, Omaima N. A. Al-Allaf
Abstract:
This paper reviews a comparison study on the most common used authentication methods. Some of these methods are actually based on cryptography. In this study, we show the main cryptographic services. Also, this study presents a specific discussion about authentication service, since the authentication service is classified into several categorizes according to their methods. However, this study gives more about the real life example for each of the authentication methods. It talks about the simplest authentication methods as well about the available biometric authentication methods such as voice, iris, fingerprint, and face authentication.Keywords: information security, cryptography, system access control, authentication, network security
Procedia PDF Downloads 4702707 The Internet of Things Ecosystem: Survey of the Current Landscape, Identity Relationship Management, Multifactor Authentication Mechanisms, and Underlying Protocols
Authors: Nazli W. Hardy
Abstract:
A critical component in the Internet of Things (IoT) ecosystem is the need for secure and appropriate transmission, processing, and storage of the data. Our current forms of authentication, and identity and access management do not suffice because they are not designed to service cohesive, integrated, interconnected devices, and service applications. The seemingly endless opportunities of IoT are in fact circumscribed on multiple levels by concerns such as trust, privacy, security, loss of control, and related issues. This paper considers multi-factor authentication (MFA) mechanisms and cohesive identity relationship management (IRM) standards. It also surveys messaging protocols that are appropriate for the IoT ecosystem.Keywords: identity relation management, multifactor authentication, protocols, survey of internet of things ecosystem
Procedia PDF Downloads 3542706 ACBM: Attention-Based CNN and Bi-LSTM Model for Continuous Identity Authentication
Authors: Rui Mao, Heming Ji, Xiaoyu Wang
Abstract:
Keystroke dynamics are widely used in identity recognition. It has the advantage that the individual typing rhythm is difficult to imitate. It also supports continuous authentication through the keyboard without extra devices. The existing keystroke dynamics authentication methods based on machine learning have a drawback in supporting relatively complex scenarios with massive data. There are drawbacks to both feature extraction and model optimization in these methods. To overcome the above weakness, an authentication model of keystroke dynamics based on deep learning is proposed. The model uses feature vectors formed by keystroke content and keystroke time. It ensures efficient continuous authentication by cooperating attention mechanisms with the combination of CNN and Bi-LSTM. The model has been tested with Open Data Buffalo dataset, and the result shows that the FRR is 3.09%, FAR is 3.03%, and EER is 4.23%. This proves that the model is efficient and accurate on continuous authentication.Keywords: keystroke dynamics, identity authentication, deep learning, CNN, LSTM
Procedia PDF Downloads 1552705 A Study on User Authentication Method Using Haptic Actuator and Security Evaluation
Authors: Yo Han Choi, Hee Suk Seo, Seung Hwan Ju, Sung Hyu Han
Abstract:
As currently various portable devices were launched, smart business conducted using them became common. Since smart business can use company-internal resources in an external remote place, user authentication that can identify authentic users is an important factor. Commonly used user authentication is a method of using user ID and Password. In the user authentication using ID and Password, the user should see and enter authentication information him or herself. In this user authentication system depending on the user’s vision, there is the threat of password leaks through snooping in the process which the user enters his or her authentication information. This study designed and produced a user authentication module using an actuator to respond to the snooping threat.Keywords: actuator, user authentication, security evaluation, haptic actuator
Procedia PDF Downloads 3462704 Post-Quantum Resistant Edge Authentication in Large Scale Industrial Internet of Things Environments Using Aggregated Local Knowledge and Consistent Triangulation
Authors: C. P. Autry, A. W. Roscoe, Mykhailo Magal
Abstract:
We discuss the theoretical model underlying 2BPA (two-band peer authentication), a practical alternative to conventional authentication of entities and data in IoT. In essence, this involves assembling a virtual map of authentication assets in the network, typically leading to many paths of confirmation between any pair of entities. This map is continuously updated, confirmed, and evaluated. The value of authentication along multiple disjoint paths becomes very clear, and we require analogues of triangulation to extend authentication along extended paths and deliver it along all possible paths. We discover that if an attacker wants to make an honest node falsely believe she has authenticated another, then the length of the authentication paths is of little importance. This is because optimal attack strategies correspond to minimal cuts in the authentication graph and do not contain multiple edges on the same path. The authentication provided by disjoint paths normally is additive (in entropy).Keywords: authentication, edge computing, industrial IoT, post-quantum resistance
Procedia PDF Downloads 1972703 BAN Logic Proof of E-passport Authentication Protocol
Authors: Safa Saoudi, Souheib Yousfi, Riadh Robbana
Abstract:
E-passport is a relatively new electronic document which maintains the passport features and provides better security. It deploys new technologies such as biometrics and Radio Frequency identification (RFID). The international civil aviation organization (ICAO) and the European union define mechanisms and protocols to provide security but their solutions present many threats. In this paper, a new mechanism is presented to strengthen e-passport security and authentication process. We propose a new protocol based on Elliptic curve, identity based encryption and shared secret between entities. Authentication in our contribution is formally proved with BAN Logic verification language. This proposal aims to provide a secure data storage and authentication.Keywords: e-passport, elliptic curve cryptography, identity based encryption, shared secret, BAN Logic
Procedia PDF Downloads 4352702 NFC Communications with Mutual Authentication Based on Limited-Use Session Keys
Authors: Chalee Thammarat
Abstract:
Mobile phones are equipped with increased short-range communication functionality called Near Field Communication (or NFC for short). NFC needs no pairing between devices but suitable for little amounts of data in a very restricted area. A number of researchers presented authentication techniques for NFC communications, however, they still lack necessary authentication, particularly mutual authentication and security qualifications. This paper suggests a new authentication protocol for NFC communication that gives mutual authentication between devices. The mutual authentication is a one of property, of security that protects replay and man-in-the-middle (MitM) attack. The proposed protocols deploy a limited-use offline session key generation and use of distribution technique to increase security and make our protocol lightweight. There are four sub-protocols: NFCAuthv1 is suitable for identification and access control and NFCAuthv2 is suitable for the NFC-enhanced phone by a POS terminal for digital and physical goods and services.Keywords: cryptographic protocols, NFC, near field communications, security protocols, mutual authentication, network security
Procedia PDF Downloads 4302701 Cryptanalysis of ID-Based Deniable Authentication Protocol Based On Diffie-Hellman Problem on Elliptic Curve
Authors: Eun-Jun Yoon
Abstract:
Deniable authentication protocol is a new security authentication mechanism which can enable a receiver to identify the true source of a given message, but not to prove the identity of the sender to a third party. In 2013, Kar proposed a secure ID-based deniable authentication protocol whose security is based on computational infeasibility of solving Elliptic Curve Diffie-Hellman Problem (ECDHP). Kar claimed that the proposed protocol achieves properties of deniable authentication, mutual authentication, and message confidentiality. However, this paper points out that Kar's protocol still suffers from sender spoofing attack and message modification attack unlike its claims.Keywords: deniable authentication, elliptic curve cryptography, Diffie-Hellman problem, cryptanalysis
Procedia PDF Downloads 3312700 Decentralised Edge Authentication in the Industrial Enterprise IoT Space
Authors: C. P. Autry, A.W. Roscoe
Abstract:
Authentication protocols based on public key infrastructure (PKI) and trusted third party (TTP) are no longer adequate for industrial scale IoT networks thanks to issues such as low compute and power availability, the use of widely distributed and commercial off-the-shelf (COTS) systems, and the increasingly sophisticated attackers and attacks we now have to counter. For example, there is increasing concern about nation-state-based interference and future quantum computing capability. We have examined this space from first principles and have developed several approaches to group and point-to-point authentication for IoT that do not depend on the use of a centralised client-server model. We emphasise the use of quantum resistant primitives such as strong cryptographic hashing and the use multi-factor authentication.Keywords: authentication, enterprise IoT cybersecurity, PKI/TTP, IoT space
Procedia PDF Downloads 1692699 A Lightweight Authentication and Key Exchange Protocol Design for Smart Homes
Authors: Zhifu Li, Lei Li, Wanting Zhou, Yuanhang He
Abstract:
This paper proposed a lightweight certificate-less authentication and key exchange protocol (Light-CL-PKC) based on elliptic curve cryptography and the Chinese Remainder Theorem for smart home scenarios. Light-CL-PKC can efficiently reduce the computational cost of both sides of authentication by forgoing time-consuming bilinear pair operations and making full use of point-addition and point-multiplication operations on elliptic curves. The authentication and key exchange processes in this system are also completed in a a single round of communication between the two parties. The analysis result demonstrates that it can significantly minimize the communication overhead of more than 32.14% compared with the referenced protocols, while the runtime for both authentication and key exchange have also been significantly reduced.Keywords: authentication, key exchange, certificateless public key cryptography, elliptic curve cryptography
Procedia PDF Downloads 982698 Mutual Authentication for Sensor-to-Sensor Communications in IoT Infrastructure
Authors: Shadi Janbabaei, Hossein Gharaee Garakani, Naser Mohammadzadeh
Abstract:
Internet of things is a new concept that its emergence has caused ubiquity of sensors in human life, so that at any time, all data are collected, processed and transmitted by these sensors. In order to establish a secure connection, the first challenge is authentication between sensors. However, this challenge also requires some features so that the authentication is done properly. Anonymity, untraceability, and being lightweight are among the issues that need to be considered. In this paper, we have evaluated the authentication protocols and have analyzed the security vulnerabilities found in them. Then an improved light weight authentication protocol for sensor-to-sensor communications is presented which uses the hash function and logical operators. The analysis of protocol shows that security requirements have been met and the protocol is resistant against various attacks. In the end, by decreasing the number of computational cost functions, it is argued that the protocol is lighter than before.Keywords: anonymity, authentication, Internet of Things, lightweight, un-traceability
Procedia PDF Downloads 2922697 Evaluation and Analysis of the Secure E-Voting Authentication Preparation Scheme
Authors: Nidal F. Shilbayeh, Reem A. Al-Saidi, Ahmed H. Alsswey
Abstract:
In this paper, we presented an evaluation and analysis of E-Voting Authentication Preparation Scheme (EV-APS). EV-APS applies some modified security aspects that enhance the security measures and adds a strong wall of protection, confidentiality, non-repudiation and authentication requirements. Some of these modified security aspects are Kerberos authentication protocol, PVID scheme, responder certificate validation, and the converted Ferguson e-cash protocol. Authentication and privacy requirements have been evaluated and proved. Authentication guaranteed only eligible and authorized voters were permitted to vote. Also, the privacy guaranteed that all votes will be kept secret. Evaluation and analysis of some of these security requirements have been given. These modified aspects will help in filtering the counter buffer from unauthorized votes by ensuring that only authorized voters are permitted to vote.Keywords: e-voting preparation stage, blind signature protocol, Nonce based authentication scheme, Kerberos Authentication Protocol, pseudo voter identity scheme PVID
Procedia PDF Downloads 2982696 Fast Authentication Using User Path Prediction in Wireless Broadband Networks
Authors: Gunasekaran Raja, Rajakumar Arul, Kottilingam Kottursamy, Ramkumar Jayaraman, Sathya Pavithra, Swaminathan Venkatraman
Abstract:
Wireless Interoperability for Microwave Access (WiMAX) utilizes the IEEE 802.1X mechanism for authentication. However, this mechanism incurs considerable delay during handoffs. This delay during handoffs results in service disruption which becomes a severe bottleneck. To overcome this delay, our article proposes a key caching mechanism based on user path prediction. If the user mobility follows that path, the user bypasses the normal IEEE 802.1X mechanism and establishes the necessary authentication keys directly. Through analytical and simulation modeling, we have proved that our mechanism effectively decreases the handoff delay thereby achieving fast authentication.Keywords: authentication, authorization, and accounting (AAA), handoff, mobile, user path prediction (UPP) and user pattern
Procedia PDF Downloads 4042695 A User Identification Technique to Access Big Data Using Cloud Services
Authors: A. R. Manu, V. K. Agrawal, K. N. Balasubramanya Murthy
Abstract:
Authentication is required in stored database systems so that only authorized users can access the data and related cloud infrastructures. This paper proposes an authentication technique using multi-factor and multi-dimensional authentication system with multi-level security. The proposed technique is likely to be more robust as the probability of breaking the password is extremely low. This framework uses a multi-modal biometric approach and SMS to enforce additional security measures with the conventional Login/password system. The robustness of the technique is demonstrated mathematically using a statistical analysis. This work presents the authentication system along with the user authentication architecture diagram, activity diagrams, data flow diagrams, sequence diagrams, and algorithms.Keywords: design, implementation algorithms, performance, biometric approach
Procedia PDF Downloads 4752694 Modulation of the Europay, MasterCard, and VisaCard Authentications by Using Avispa Tool
Authors: Ossama Al-Maliki
Abstract:
The Europay, MasterCard, and Visa (EMV) is the transaction protocol for most of the world and especially in Europe and the UK. EMV protocol consists of three main stages which are: card authentication, cardholder verification methods, and transaction authorization. This paper details in full the EMV card authentications. We have used AVISPA and SPAN tools to do our modulization for the EMV card authentications. The code for each type of the card authentication was written by using CAS+ language. The results showed that our modulations were successfully addressed all the steps of the EMV card authentications and the entire process of the EMV card authentication are secured. Also, our modulations were successfully addressed all the main goals behind the EMV card authentications according to the EMV specifications.Keywords: EMV, card authentication, contactless card, SDA, DDA, CDA AVISPA
Procedia PDF Downloads 1782693 A Method and System for Secure Authentication Using One Time QR Code
Authors: Divyans Mahansaria
Abstract:
User authentication is an important security measure for protecting confidential data and systems. However, the vulnerability while authenticating into a system has significantly increased. Thus, necessary mechanisms must be deployed during the process of authenticating a user to safeguard him/her from the vulnerable attacks. The proposed solution implements a novel authentication mechanism to counter various forms of security breach attacks including phishing, Trojan horse, replay, key logging, Asterisk logging, shoulder surfing, brute force search and others. QR code (Quick Response Code) is a type of matrix barcode or two-dimensional barcode that can be used for storing URLs, text, images and other information. In the proposed solution, during each new authentication request, a QR code is dynamically generated and presented to the user. A piece of generic information is mapped to plurality of elements and stored within the QR code. The mapping of generic information with plurality of elements, randomizes in each new login, and thus the QR code generated for each new authentication request is for one-time use only. In order to authenticate into the system, the user needs to decode the QR code using any QR code decoding software. The QR code decoding software needs to be installed on handheld mobile devices such as smartphones, personal digital assistant (PDA), etc. On decoding the QR code, the user will be presented a mapping between the generic piece of information and plurality of elements using which the user needs to derive cipher secret information corresponding to his/her actual password. Now, in place of the actual password, the user will use this cipher secret information to authenticate into the system. The authentication terminal will receive the cipher secret information and use a validation engine that will decipher the cipher secret information. If the entered secret information is correct, the user will be provided access to the system. Usability study has been carried out on the proposed solution, and the new authentication mechanism was found to be easy to learn and adapt. Mathematical analysis of the time taken to carry out brute force attack on the proposed solution has been carried out. The result of mathematical analysis showed that the solution is almost completely resistant to brute force attack. Today’s standard methods for authentication are subject to a wide variety of software, hardware, and human attacks. The proposed scheme can be very useful in controlling the various types of authentication related attacks especially in a networked computer environment where the use of username and password for authentication is common.Keywords: authentication, QR code, cipher / decipher text, one time password, secret information
Procedia PDF Downloads 2682692 The Internet of Things: A Survey of Authentication Mechanisms, and Protocols, for the Shifting Paradigm of Communicating, Entities
Authors: Nazli Hardy
Abstract:
Multidisciplinary application of computer science, interactive database-driven web application, the Internet of Things (IoT) represents a digital ecosystem that has pervasive technological, social, and economic, impact on the human population. It is a long-term technology, and its development is built around the connection of everyday objects, to the Internet. It is estimated that by 2020, with billions of people connected to the Internet, the number of connected devices will exceed 50 billion, and thus IoT represents a paradigm shift in in our current interconnected ecosystem, a communication shift that will unavoidably affect people, businesses, consumers, clients, employees. By nature, in order to provide a cohesive and integrated service, connected devices need to collect, aggregate, store, mine, process personal and personalized data on individuals and corporations in a variety of contexts and environments. A significant factor in this paradigm shift is the necessity for secure and appropriate transmission, processing and storage of the data. Thus, while benefits of the applications appear to be boundless, these same opportunities are bounded by concerns such as trust, privacy, security, loss of control, and related issues. This poster and presentation look at a multi-factor authentication (MFA) mechanisms that need to change from the login-password tuple to an Identity and Access Management (IAM) model, to the more cohesive to Identity Relationship Management (IRM) standard. It also compares and contrasts messaging protocols that are appropriate for the IoT ecosystem.Keywords: Internet of Things (IoT), authentication, protocols, survey
Procedia PDF Downloads 2992691 Efficient Position Based Operation Code Authentication
Authors: Hashim Ali, Sheheryar Khan
Abstract:
Security for applications is always been a keen issue of concern. In general, security is to allow access of grant to legal user or to deny non-authorized access to the system. Shoulder surfing is an observation technique to hack an account or to enter into a system. When a malicious observer is capturing or recording the fingers of a user while he is entering sensitive inputs (PIN, Passwords etc.) and may be able to observe user’s password credential. It is very rigorous for a novice user to prevent himself from shoulder surfing or unaided observer in a public place while accessing his account. In order to secure the user account, there are five factors of authentication; they are: “(i) something you have, (ii) something you are, (iii) something you know, (iv) somebody you know, (v) something you process”. A technique has been developed of fifth-factor authentication “something you process” to provide novel approach to the user. In this paper, we have applied position based operational code authentication in such a way to more easy and user friendly to the user.Keywords: shoulder surfing, malicious observer, sensitive inputs, authentication
Procedia PDF Downloads 2722690 Secure Authentication Scheme Based on Numerical Series Cryptography for Internet of Things
Authors: Maha Aladdin, Khaled Nagaty, Abeer Hamdy
Abstract:
The rapid advancement cellular networks and wireless networks have laid a solid basis for the Internet of Things. IoT has evolved into a unique standard that allows diverse physical devices to collaborate with one another. A service provider gives a variety of services that may be accessed via smart apps anywhere, at any time, and from any location over the Internet. Because of the public environment of mobile communication and the Internet, these services are highly vulnerable to a several malicious attacks, such as unauthorized disclosure by hostile attackers. As a result, the best option for overcoming these vulnerabilities is a strong authentication method. In this paper, a lightweight authentication scheme that is based on numerical series cryptography is proposed for the IoT environments. It allows mutual authentication between IoT devices Parametric study and formal proofs are utilized to illustrate that the pro-posed approach is resistant to a variety of security threats.Keywords: internet of things, authentication, cryptography, security protocol
Procedia PDF Downloads 1202689 A Multilevel Authentication Protocol: MAP in VANET for Human Safety
Authors: N. Meddeb, A. M. Makhlouf, M. A. Ben Ayed
Abstract:
Due to the real-time requirement of message in Vehicular Ad hoc NETworks (VANET), it is necessary to authenticate vehicles to achieve security, efficiency, and conditional privacy-preserving. Privacy is of utmost relevance in VANETs. For this reason, we have proposed a new protocol called ‘Multilevel Authentication Protocol’ (MAP) that considers different vehicle categories. The proposed protocol is based on our Multilevel Authentication protocol for Vehicular networks (MAVnet). But the MAP leads to human safety, where the priority is given to the ambulance vehicles. For evaluation, we used the Java language to develop a demo application and deployed it on the Network Security Simulation (Nessi2). Compared with existing authentication protocols, MAP markedly enhance the communication overhead and decreases the delay of exchanging messages while preserving conditional privacy.Keywords: Vehicular Ad hoc NETworks (VANET), vehicle categories, safety, databases, privacy, authentication, throughput, delay
Procedia PDF Downloads 2962688 Adaptive Certificate-Based Mutual Authentication Protocol for Mobile Grid Infrastructure
Authors: H. Parveen Begam, M. A. Maluk Mohamed
Abstract:
Mobile Grid Computing is an environment that allows sharing and coordinated use of diverse resources in dynamic, heterogeneous and distributed environment using different types of electronic portable devices. In a grid environment the security issues are like authentication, authorization, message protection and delegation handled by GSI (Grid Security Infrastructure). Proving better security between mobile devices and grid infrastructure is a major issue, because of the open nature of wireless networks, heterogeneous and distributed environments. In a mobile grid environment, the individual computing devices may be resource-limited in isolation, as an aggregated sum, they have the potential to play a vital role within the mobile grid environment. Some adaptive methodology or solution is needed to solve the issues like authentication of a base station, security of information flowing between a mobile user and a base station, prevention of attacks within a base station, hand-over of authentication information, communication cost of establishing a session key between mobile user and base station, computing complexity of achieving authenticity and security. The sharing of resources of the devices can be achieved only through the trusted relationships between the mobile hosts (MHs). Before accessing the grid service, the mobile devices should be proven authentic. This paper proposes the dynamic certificate based mutual authentication protocol between two mobile hosts in a mobile grid environment. The certificate generation process is done by CA (Certificate Authority) for all the authenticated MHs. Security (because of validity period of the certificate) and dynamicity (transmission time) can be achieved through the secure service certificates. Authentication protocol is built on communication services to provide cryptographically secured mechanisms for verifying the identity of users and resources.Keywords: mobile grid computing, certificate authority (CA), SSL/TLS protocol, secured service certificates
Procedia PDF Downloads 3052687 An Efficient and Provably Secure Three-Factor Authentication Scheme with Key Agreement
Authors: Mohan Ramasundaram, Amutha Prabakar Muniyandi
Abstract:
Remote user authentication is one of the important tasks for any kind of remote server applications. Several remote authentication schemes are proposed by the researcher for Telecare Medicine Information System (TMIS). Most of the existing techniques have limitations, vulnerable to various kind attacks, lack of functionalities, information leakage, no perfect forward security and ineffectiveness. Authentication is a process of user verification mechanism for allows him to access the resources of a server. Nowadays, most of the remote authentication protocols are using two-factor authentications. We have made a survey of several remote authentication schemes using three factors and this survey shows that the most of the schemes are inefficient and subject to several attacks. We observed from the experimental evaluation; the proposed scheme is very secure against various known attacks that include replay attack, man-in-the-middle attack. Furthermore, the analysis based on the communication cost and computational cost estimation of the proposed scheme with related schemes shows that our proposed scheme is efficient.Keywords: Telecare Medicine Information System, elliptic curve cryptography, three-factor, biometric, random oracle
Procedia PDF Downloads 2192686 To Study the New Invocation of Biometric Authentication Technique
Authors: Aparna Gulhane
Abstract:
Biometrics is the science and technology of measuring and analyzing biological data form the basis of research in biological measuring techniques for the purpose of people identification and recognition. In information technology, biometrics refers to technologies that measure and analyze human body characteristics, such as DNA, fingerprints, eye retinas and irises, voice patterns, facial patterns and hand measurements. Biometric systems are used to authenticate the person's identity. The idea is to use the special characteristics of a person to identify him. These papers present a biometric authentication techniques and actual deployment of potential by overall invocation of biometrics recognition, with an independent testing of various biometric authentication products and technology.Keywords: types of biometrics, importance of biometric, review for biometrics and getting a new implementation, biometric authentication technique
Procedia PDF Downloads 3212685 Tag Impersonation Attack on Ultra-lightweight Radio Frequency Identification Authentication Scheme (ESRAS)
Authors: Reham Al-Zahrani, Noura Aleisa
Abstract:
The proliferation of Radio Frequency Identification (RFID) technology has raised concerns about system security, particularly regarding tag impersonation attacks. Regarding RFID systems, an appropriate authentication protocol must resist active and passive attacks. A tag impersonation occurs when an adversary's tag is used to fool an authenticating reader into believing it is a legitimate tag. This paper analyzed the security of the efficient, secure, and practical ultra-lightweight RFID Authentication Scheme (ESRAS). Then, the paper presents a comprehensive analysis of the Efficient, Secure, and Practical Ultra-Lightweight RFID Authentication Scheme (ESRAS) in the context of radio frequency identification (RFID) systems that employed the Scyther tool to examine the protocol's security against a tag impersonation attack.Keywords: RFID, impersonation attack, authentication, ultra-lightweight protocols
Procedia PDF Downloads 652684 Meta Root ID Passwordless Authentication Using ZKP Bitcoin Protocol
Authors: Saransh Sharma, Atharv Dekhne
Abstract:
Passwords stored on central services and hashed are prone to cyberattacks and hacks. Hence, given all these nuisances, there’s a need to eliminate character-based authentication protocols, which would ultimately benefit all developers as well as end-users.To replace this conventional but antiquated protocol with a secure alternative would be Passwordless Authentication. The meta root.id system creates a public and private key, of which the user is only able to access the private key. Further, after signing the key, the user sends the information over the API to the server, which checks its validity with the public key and grants access accordingly.Keywords: passwordless, OAuth, bitcoin, ZKP, SIN, BIP
Procedia PDF Downloads 952683 A Proposal to Mobile Payment Implementing 2AF+
Authors: Nael Hirzallah, Sana Nseir
Abstract:
Merchants are competing to offer the use of mobile payment to encourage shopping. many mobile payment systems were made available in various locations worldwide; however, they have various drawbacks. This paper proposes a new mobile payment system that discusses the main drawbacks of these systems, namely security and speed of transaction. The proposal is featured by being simple to use by customers and merchants. Furthermore, the proposed system depends on a new authentication factor that is introduced in this paper and called by Two-Factors Authentication Plus, (2FA+).Keywords: electronic commerce, payment schemes, mobile payment, authentication factors, mobile applications
Procedia PDF Downloads 2862682 Password Cracking on Graphics Processing Unit Based Systems
Authors: N. Gopalakrishna Kini, Ranjana Paleppady, Akshata K. Naik
Abstract:
Password authentication is one of the widely used methods to achieve authentication for legal users of computers and defense against attackers. There are many different ways to authenticate users of a system and there are many password cracking methods also developed. This paper is mainly to propose how best password cracking can be performed on a CPU-GPGPU based system. The main objective of this work is to project how quickly a password can be cracked with some knowledge about the computer security and password cracking if sufficient security is not incorporated to the system.Keywords: GPGPU, password cracking, secret key, user authentication
Procedia PDF Downloads 2902681 Multi Criteria Authentication Method in Cognitive Radio Networks
Authors: Shokoufeh Monjezi Kouchak
Abstract:
Cognitive radio network (CRN) is future network .Without this network wireless devices can’t work appropriately in the next decades. Today, wireless devices use static spectrum access methods and these methods don’t use spectrums optimum so we need use dynamic spectrum access methods to solve shortage spectrum challenge and CR is a great device for DSA but first of all its challenges should be solved .security is one of these challenges .In this paper we provided a survey about CR security. You can see this survey in tables 1 to 7 .After that we proposed a multi criteria authentication method in CRN. Our criteria in this method are: sensing results, following sending data rules, position of secondary users and no talk zone. Finally we compared our method with other authentication methods.Keywords: authentication, cognitive radio, security, radio networks
Procedia PDF Downloads 3922680 An Authentication Protocol for Quantum Enabled Mobile Devices
Authors: Natarajan Venkatachalam, Subrahmanya V. R. K. Rao, Vijay Karthikeyan Dhandapani, Swaminathan Saravanavel
Abstract:
The quantum communication technology is an evolving design which connects multiple quantum enabled devices to internet for secret communication or sensitive information exchange. In future, the number of these compact quantum enabled devices will increase immensely making them an integral part of present communication systems. Therefore, safety and security of such devices is also a major concern for us. To ensure the customer sensitive information will not be eavesdropped or deciphered, we need a strong authentications and encryption mechanism. In this paper, we propose a mutual authentication scheme between these smart quantum devices and server based on the secure exchange of information through quantum channel which gives better solutions for symmetric key exchange issues. An important part of this work is to propose a secure mutual authentication protocol over the quantum channel. We show that our approach offers robust authentication protocol and further our solution is lightweight, scalable, cost-effective with optimized computational processing overheads.Keywords: quantum cryptography, quantum key distribution, wireless quantum communication, authentication protocol, quantum enabled device, trusted third party
Procedia PDF Downloads 172