A Mutual Security Authentication Method for RFID-PUF Circuit Based on Deep Learning

A mutual authentication scheme and secret key exchange based on combined secret key method is proposed. Use hardware including smart card, encryption cards or encryption machine to perform encryption and decryption. Hash function, symmetric algorithm and combined secret key method are applied at client and server. The authentication security is guaranteed due to the properties of hash function, combined secret key method and one-time mutual authentication token generation method. Mutual authentication based on smart card and one-time combined secret key can avoid guessing attack and replay attack. The mutual authentication method can be applied to cloud based application systems to realize mutual authentication and enhance security.

Fog paradigm is a new and emerging technology that extends the services of cloud computing near to edge network. This paradigm aims to provide rich resources near to edge devices and remove the deficiencies of cloud computing for example, latency. However, this paradigm is distributed in nature and does not guarantee the trustworthiness and good behavior of edge devices. Thus, authentication and key exchange are significant challenges in front of this new paradigm. The researchers have worked on different authentication and key exchange protocols. Recently Maged Hamada Ibrahim proposed an authentication scheme that permits fog user to authenticate mutually with fog server under the authority of a cloud service provider. Alongside, Amor et al proposed an anonymous mutual authentication scheme. In this scheme, the fog user and fog server authenticate each other without disclosing the user real identity, using public-key cryptosystem. But, we demonstrated that Maged Hamada Ibrahim does not preserve the user anonymity, hence, it was exposed to man in the middle attack. Amor et al. scheme is computationally complex as it is using public key cryptosystem that has low throughputs and requires large memory, which not suitable to employ for fog computing that connecting internet of things with small memory, and requires high throughputs. Therefore, to overcome the above-aforementioned security problems internet of things constraints, an improved mutual authentication security scheme based on advanced encryption standard and hashed message authentication code in fog computing has been proposed. Our scheme provides mutual authentication between internet of things devices and fog servers. We proved that the proposed improved scheme provides secure mutual authentication using the widely accepted Burrows Abdi Needham logic. In this study, the properties i.e. performance, security, and functionality are analyzed and compared with existing and related mutual authentication schemes. Our scheme provides better in security, functionalities, communication and computation cost as compared with the existing schemes.

This paper presents a novel mutual identity authentication scheme which can be applied securely in Internet of Things. Based on secure hash algorithm(SHA), feature extraction and elliptic curve cryptography(ECC), we propose an asymmetric mutual authentication scheme between the platform and the terminal node, which imposes light computation and communication cost, through security analysis it is also shown that the proposed scheme is secure and feasible for applications in the Internet of Things.

The E-health care systems allow patients to gain the health monitoring facility and access medical services remotely. A secure mechanism for mutual authentication and session key agreement is the most important requirements for E-Health Care Systems. Recently, Amin et al.’s proposed a mutual authentication and session key agreement protocol and claimed that their scheme is secure against all possible attacks. In this paper, we show that not only their scheme is vulnerable to privileged-insider attack, replay attack, session key disclosure attack, but also does not provide patient untraceability and backward secrecy. In order to withstand the mentioned security weaknesses, we propose an efficient remote mutual authentication scheme for the systems which are using ECC and Fuzzy Extractor. The proposed scheme not only resists against different security attacks, but it also provides an efficient registration, login, mutual authentication, session key agreement, and password and biometric update phases. During the experimentation, it has been observed that the proposed scheme is secure against various known attacks. Beside, our scheme is robust against privileged-insider attack that it rarely checked in security analysis. The informal analysis will ensure that our scheme provides well security protection against the different security attacks. Furthermore, we analyzed the security of the scheme using AVISPA software and Random Oracle Model. The formal analysis results and performance evaluation vouch that our scheme is also secure and efficient in computation and communication cost.

The fast development of mobile networks and compact mobile devices bring attention to the users for wireless mobile communication. But providing security and protecting the privacy of users are the main challenges of wireless mobile communication. Recently, Authenticated Key Agreement protocols are used for secure and reliable communication in wireless mobile communication. However, the User-to-User Mutual Authentication and Key Agreement scheme is based on bilinear pairings, which involves relatively high computation cost when compared to elliptic curve scalar point multiplication. Hence, in this paper, we propose a Pairing-Free Identity-Based Mutual Authentication and Key Agreement protocol for wireless mobile communications. It consists of the following phases: Setup and Key generation, Mobility Management Entity authentication and Proxy Signature generation, Proxy Signature verification and User-to-User authentication. Experimental results show that Pairing-Free Identity-Based Mutual Authentication and Key Agreement attains significantly less computational and communication cost when compared to User-to-User Mutual Authentication and Key Agreement scheme.

In hierarchical wireless sensor networks (H-WSNs), adaptive user authentication scheme has attracted significantly for the purposes of mutual authentication, session key establishment and resiliency to the attacks, like impersonation, parallel-session and password guessing. Several user authentication schemes have been proposed recently; though the schemes have had many potential vulnerabilities, such as key-impersonation, user anonymity, eavesdropping and masquerade. Thus, this paper proposes secure-cum-efficient mutual adaptive user authentication (S-Cum-EMAUA) scheme for practical use in H-WSNs. The scheme of S-Cum-EMAUA) is not only resilient to the most of the potential attacks, but also provides mutual authentication, user anonymity and session-key establishment. In addition, the proposed scheme is well secured, since it has the usage of the hash-function and X-OR operation.

With the development of wireless communication technology and sensor technology, the wireless sensor network (WSN) has been widely used in various applications, such as military surveillance, environment monitoring industry control, medical monitoring, and so on. In most of the cases, WSNs are deployed in unattended environment. So, these are more vulnerable to various attacks than traditional networks. To protect communications in WSNs, mutual authentication and key agreement schemes for WSNs have been studied widely. Recently, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs and claimed their scheme could withstand various attacks. However, in this paper, we will point out that their scheme is vulnerable to the off-line password guessing attack, the user impersonation attack, the sensor node impersonation attack and the modification attack. To overcome weaknesses in Xue et al.'s scheme, we also propose a new temporal-credential-based mutual authentication and key agreement scheme for WSNs. Security analysis shows our scheme could overcome weaknesses in Xue et al.'s scheme. Performance analysis shows our scheme also has better performance. Therefore, our scheme is more suitable for providing secure communication in WSNs.

With the widespread use of several mobile gadgets, privacy and anonymity of the mobile subscriber becomes a major issue in mobile communication. Through the roaming technology of the global mobility networks, a legitimate subscriber can enjoy the ubiquitous services. Where, the mutual authentication and key agreement between the mobile subscriber and roaming network (VLR/SGSN) is the primary security aspect of many commercial mobile networks. For personal privacy perspective, it is important to develop a mutual authentication and key agreement scheme with several security features including the user anonymity. In this article, we come up with a novel authentication and key agreement scheme, which can assure privacy against eavesdroppers (PAE) with the subscriber anonymity. Simultaneously, here we argue that the proposed scheme can also withstand several other security vulnerabilities like redirection attack, forging-mobile-user attack and location privacy etc. with the less communication cost.

Cyber attackers are shifting their attention from traditional computers to IoT devices for malignant activities like exposing smart homeowner private information and/or to launch botnet attacks. Like for conventional networks, the security of IoT networks rests on how properly the authentication process is done. However, unlike conventional networks, IoT infrastructure faces an uphill battle in deploying and operating strong authentication schemes because of inherent limitations on the underlying storage and computation capability. In this paper, we propose a new anonymous mutual Inter-device authentication protocol based on transient identities, incremental counter and temporary secret keys for IoT. The proposed protocol is based on symmetric cryptography and somehow follows the ZigBee protocol. It allows IoT devices to anonymously and mutually authenticate in an unlinkable and untraceable manner, and implements essential security requirements for IoT devices. By analyzing the protocol, we evaluate and demonstrate its efficiency and its relatively limited computational and storage overhead. Furthermore, the security of the protocol is assured through informal security analysis and formally by using the automated validation of Internet security protocols and applications (AVISPA) toolkit.

Anonymous mutual IoT interdevice authentication and key agreement scheme based on the ZigBee technique

Authentic experiences of intangible cultural heritage (ICH) are popular as tourist attractions, particularly in developing countries. However, how the authenticity of ICH is conceptualized in the context of tourism and how ICH relates to community empowerment is unexplored in recent literature. This study aims to investigate how hosts and guests (in this case domestic tourists) at a traditional cultural festival perceived the role of ICH in community empowerment. The study also sought to identify the factors influencing how hosts and guests perceive the authenticity of ICH, and how the effect of mutual (host-guest) authentication of ICH can build on community empowerment. A qualitative case study approach was utilised to understand host and guest perceptions and experiences of the traditional Rush Mela Festival (as an example of ICH) in the Sundarbans forest region, specifically at the sites of Dublar Char (inside the forest) and Chila (on the periphery of the forest), in Bangladesh. The study was based on a conceptual model for understanding mutual (host-guest) authentication of ICH and its relationship to community empowerment. This model was developed based on prior literature. The study revealed that the major elements of the Rush Mela Festival comprised of religious rituals, cultural programmes, economic activities, tourism, and community institutions. The majority of hosts and guests perceived that these elements play an important role in four dimensions of community empowerment (psychological, economic, social and political). However, there was some variation in the perceptions depending on the locality of the festival (i.e., Dublar Char or Chila) and the tourism opportunities available. The study found that factors such as the hosts’ attitudes, motivations, economic benefits, emotional benefits, individual participation, and institutional involvement influenced their perceptions of authenticity (both objective and existential) of the Rush Mela Festival. Also, the study found that factors such as guests’ attitudes, motivations, authenticity of objects, and authentic experiences also play a significant role in building guests’ perceptions of authenticity of the Rush Mela Festival. Despite some differences, most of the hosts and guests have perceived that some of the objects (e.g. the statues of the God and Goddess, the temple, the dried fish and local foods (sweets)) and experiences (e.g. worship ceremony, the holy bath, cultural programmes, and meeting family and friends) during the Rush Mela Festival were authentic, and these support the objective and existential authenticity of the festival. Mutual authentication of the festival has led to host support and guest loyalty towards Rush Mela tourism. Few hosts were concerned about excessive tourism and commodification of cultural practices, whereas some guests were not satisfied as they expected improved tourist facilities and more authentic local products. Moreover, the research also suggests that the mutual authentication of the festival and support for tourism have ultimately influenced the community’s psychological empowerment (i.e. strengthens spiritual belief), economic empowerment (i.e. increasing economic benefits), social empowerment (i.e. increasing social cohesion and consensus for preserving cultural tradition and natural resources), and political empowerment (i.e. development of community institutions). Finally, the study suggests that empowerment of the community could influence host and guest factors for authenticating the Rush Mela Festival and increasing loyalty and support for tourism, which could contribute to the development of sustainable ICH tourism. Further research should be carried out to test and validate the conceptual mutual (host-guest) authentication model in various ICH-based tourism contexts. Also, further study could explore the potential for a community-based ICH tourism programme that can facilitate the preservation of authenticity of ICH and enhance community empowerment.

Wireless medical sensor networks (WMSNs) are used in remote medical service environments to provide patients with convenient healthcare services. In a WMSN environment, patients wear a device that collects their health information and transmits the information via a gateway. Then, doctors make a diagnosis regarding the patient, utilizing the health information. However, this information can be vulnerable to various security attacks because the information is exchanged via an insecure channel. Therefore, a secure authentication scheme is necessary for WMSNs. In 2021, Masud et al. proposed a lightweight and anonymity-preserving user authentication scheme for healthcare environments. We discover that Masud et al.’s scheme is insecure against offline password guessing, user impersonation, and privileged insider attacks. Furthermore, we find that Masud et al.’s scheme cannot ensure user anonymity. To address the security vulnerabilities of Masud et al.’s scheme, we propose a three-factor-based mutual authentication scheme with a physical unclonable function (PUF). The proposed scheme is secure against various security attacks and provides anonymity, perfect forward secrecy, and mutual authentication utilizing biometrics and PUF. To prove the security features of our scheme, we analyze the scheme using informal analysis, Burrows–Abadi–Needham (BAN) logic, the Real-or-Random (RoR) model, and Automated Verification of Internet Security Protocols and Applications (AVISPA) simulation. Furthermore, we estimate our scheme’s security features, computation costs, communication costs, and energy consumption compared with the other related schemes. Consequently, we demonstrate that our scheme is suitable for WMSNs.

Performing mutual device authentication before providing services is a critical step for ensuring that the services are only accessible to legitimate users. This paper proposed a new form of biometric authentication, the Multiple Fingers Synchronization (MuFS) mutual authentication scheme which can be used for device mutual authentication. MuFS achieves comparable performance as traditional biometric authentication schemes such as fingerprint or face recognition in terms of False Rejection Rate (FRR), False Acceptance Rate (FAR) and Equal Error Rate (EER) under convenient user experience configurations. Additionally, the performance of MuFS is easily tuned by configuring the operation parameters. Unlike classic biometric authentication schemes, no user sensitive information such as fingerprint templates is disclosed to the verifier. The proposed scheme can be integrated with existing key agreement protocols to frustrate man-in-the-middle attacks.

In a client-server network environment, a mutual authentication and key exchange scheme is an important security mechanism to provide two parties with the property that they can authenticate each other's identity while they may construct a common session key. With rapid growth of mobile wireless networks, the computational cost on the client side with low power computing devices is a critical factor of the security scheme design. This paper presents a mutual authentication and key exchange scheme using bilinear pairings. Based on the computational Diffie-Hellman assumption and the random oracle model, we show that the proposed scheme is secure against passive attack, forgery attack and ID attack while it provides mutual authentication, implicit key confirmation and partial forward secrecy. A performance analysis demonstrates that our scheme is well suited for smart cards with limited computing capability.

A Wireless Body Area Networks (WBANs) is a wireless network in which sensors are embedded inside the body of a human, to monitor the health of patient continuously without any constraint in his normal daily life activities. As the information from the embed sensor is transmitted through wireless network and device has a limited battery power, therefore, the assurance of security in such tiny devices related to medical patients is highly recommended. Thus, the shared information must be maintained in terms of integrity, confidentiality, non-repudiation, untraceable key establishment, and mutual authentication in WBAN. In this context, to achieve high security and efficiency in WBAN, an efficient mutual authentication and secret key agreement scheme have been proposed in this paper and also listed out some drawbacks of an existing mutual authentication and key agreement of Li et al.’s scheme. To confirm the efficiency and security, the proposed scheme has been verified using formal security analysis tool namely, ProVerif and BAN logic. The low communication and computation costs indicate that our scheme is more suitable for practical application in healthcare as compared to other existing schemes.