Secure User Identification Research Articles

Sharing Local Resources Within a Community by Enhancing the Potential of Eduroam and EduVPN with Mobile Application for Remote and Local Resources and Through Secure User Identification Over the Network (MARLIN)

Sharing Local Resources Within a Community by Enhancing the Potential of Eduroam and EduVPN with Mobile Application for Remote and Local Resources and Through Secure User Identification Over the Network (MARLIN)

PASS-Encrypt: a public key cryptosystem based on partial evaluation of polynomials

A new hard problem in number theory, based on partial evaluation of certain classes of constrained polynomials, was introduced in Hoffstein et al. (Secure user identification based on constrained polynomials, 2000) and further refined in Hoffstein et al. (Polynomial rings and efficient public key authentication, 1999; Practical signatures from the partial Fourier recovery problem, 2013), Hoffstein and Silverman (Polynomial rings and efficient public key authentication. II, 2001) to create an efficient authentication and digital signature scheme called PASS. In this paper we present a public key cryptosystem called PASS-Encrypt that is based on the same underlying hard problem. We also provide an alternative description in terms of partial knowledge of discrete Fourier transforms.

Secure user identification for consumer electronics devices

With the evolution of consumer electronics technologies, personal information in consumer devices is becoming increasingly valuable. To protect private information from misuses due to loss or theft, secure user identification mechanisms should be equipped into the consumer devices. This paper develops a secure user identification system for consumer electronics devices based on fingerprint identification. The fingerprint identification system is one of the biometric sensor technologies, which provides high accuracy and convenience than other identification techniques. Specifically, the proposed system uses the orientation map and the edit-distance for immediate and accurate identification of users. Experimental results show that the proposed system achieves good performance in terms of the false rejection rate and the false acceptance rate.

An identity‐based single‐sign‐on scheme for computer networks

AbstractConventionally, no user identification is required for a user to log into a security‐protected system. User authentication is based on what the user knows, or what the user has, which can be easily shared among others. Moreover, when multiple systems are involved, the user is then required to authenticate to each system individually and repeatedly. In this paper, we present a scheme to achieve secure user identification and authentication to multiple security‐protected systems simultaneously through a single operation. The proposed scheme is based on the well‐known RSA cryptosystem, the discrete logarithm problem, and the subset‐sum NP‐complete problem. Security analysis shows that the proposed scheme is secure to all known security attacks and can be easily implemented in various environments including very resource constrained environment such as Smart Cards. Copyright © 2008 John Wiley & Sons, Ltd.

Secure user-identification and key distribution scheme preserving anonymity

User-identification and key distribution with preserving anonymity is an important issue for remote access. Yang et al. proposed an efficient user identification and key distribution scheme preserving user anonymity. In this paper, we show the vulnerabilities of Yang's scheme against forgery and impersonation attacks. Further, we propose a highly secured protocol upholding the same properties.

Two-tier authentication for cluster and individual sets in mobile ad hoc networks

Mobile ad hoc networks (MANETs) have been proposed as an extremely flexible technology for establishing wireless communications. In comparison with fixed networks or traditional mobile cellular networks, some new security issues have arisen with the introduction of MANETs. Routing security, in particular, is an important and complicated issue. In this work, we propose a two-tier authentication scheme for cluster and individual sets, in MANETs. The first tier, based on a hash function and the MAC concept, provides fast message verification and group identification. The second tier, based on secret sharing technology, provides secure user identification. The scenario of two-tier authentication can prevent internal and external attacks, including black holes, impersonation, routing table overflows and energy consummation attacks.

ID-based threshold digital signature schemes on the elliptic curve discrete logarithm problem

We present three identification group-oriented ( t, n) threshold digital signature schemes based on the elliptic curve discrete logarithm problem, with a view to optimizing these techniques for implementation within a network. By employing these schemes, any t out of n users in a group can represent this group to sign the group signature. This paper has the following five notable advantages: (1) This work demonstrates the feasibility of constructing a fast and extremely secure user identification system. (2) Any group signature can be mutually generated by at least t-group member. (3) The signature verification process is simplified because there is only one group public key required. (4) The group signature can be verified by any outsider. (5) These schemes offer higher speeds, lower power consumption, smaller bandwidth requirements, and smaller certificate sizes than other existing public-key schemes.

Transaction protection by “antennas”

This paper describes new protocols for implementation of some security services for cooperation of mutually suspicious users. Such services may be: secure user identification and authentication, disclosure protocol, certified mail, contract signing, decision protocol (coin flipping), secure computing and secure group communications (teleconferencing). Those special security services may be implemented in a computer network or in OSI system in principle in two ways. If a trusted third party is used, called “beacon” by Rabin, then it must perform special protocols, which assist two (or more) mutually suspicious users to exchange confidential information. Without the third party, two suspicious users may exchange such information by a special randomized protocol, described, for instance, by Even et al. or by protocols (Blum). In this paper some modifications of Rabin's protocols are suggested, so that new versions of protocols may be used to implement the same security services, but with better operational efficiency.