An Efficient ID Based Security Algorithm for Mutual Node Authentication and Key Management: An Elliptic Curve Cryptography Based Approach (original) (raw)
Related papers
Elliptic curve Cryptosystem a b s t r a c t Recently, remote user authentication schemes are implemented on elliptic curve cryptosystem (ECC) to reduce the computation loads for mobile devices. However, most remote user authentication schemes on ECC are based on public-key cryptosystem, in which the public key in the system requires the associated certificate to prove its validity. Thus, the user needs to perform additional computations to verify the certificate in these schemes. In addition, we find these schemes do not provide mutual authentication or a session key agreement between the user and the remote server. Therefore, we propose an ID-based remote mutual authentication with key agreement scheme on ECC in this paper. Based upon the ID-based concept, the proposed scheme does not require public keys for users such that the additional computations for certificates can be reduced. Moreover, the proposed scheme not only provides mutual authentication but also supports a session key agreement between the user and the server. Compared with the related works, the proposed scheme is more efficient and practical for mobile devices.
Fully distributed ECC-based key management for mobile ad hoc networks
Computer Networks, 2017
Dynamic nature of mobile ad hoc networks combined with their lack of centralized infrastructure make security problem the most challenging issue in such networks. The main contribution of this paper is to propose a secure and efficient key management algorithm, able to satisfying the requirement of such networks and facing their specific characteristics. The proposed algorithm is a fully distributed ID-based system which is built based on elliptic curve cryptography. The main advantage of the proposed algorithm, that gives it the superiority in its field of research, is the improvement of the performance and the security strength together. The proposed algorithm is implemented with much lower communication and computation overhead in comparison with its literature works. It is also able to update the keys while it solves the key escrowing problem. It is analyzed analytically and compared with several recently proposed key management algorithms. The analysis shows the superiority of the proposed algorithm in comparison with others. Furthermore, NS2 simulator is used to do exhaustive simulations. Simulation scenarios are done for large scale networks, to evaluate the performance of the proposed algorithm and also validate the analytical results. Results show that our algorithm could provide confidentiality, integrity, authentication and nonrepudiation with order of magnitude less computation and communication overhead in comparison with former works.
International Journal of Network Security and …, 2010
The existing authenticated session key establishment protocols are either vulnerable to dictionary attack on identity privacy of a client or the methods adopted to resist this attack are found to be computationally inefficient. This paper proposes a new authenticated key establishment protocol which uses elliptic curve based DDH problem. The protocol provides identity privacy of the client in addition to the other security properties needed for a session key establishment protocol. In comparison with the existing protocols, the proposed protocol offers equivalent security with less parameters resulting in lower computational load, communication bandwidth cost, power consumption and memory requirement.
Elliptic Curve for Secure Group Key Management in Distributed Network
With the sudden growth in technology and network, group communication has become an increased concern in terms of security. A secure group communication can be defined as a situation where a set of users communicate with each other through messages in such a way that anyone outside the set will be unable to gather any information even if they can obstruct the message. Confidentiality, integrity and authentication are the basic security services provided by any trustworthy group communication system. Group key management lay the basis for these services. So it is very necessary to ensure these services for efficient group communication. Generally group key management protocol are classified into following three schemes: 1) Centralized: A centralized group key server take the responsibility of distributing and updating the group key to all the members in the network. But, a breakdown of key server will affect all the group application system. This is a major limitation of this scheme. 2) Decentralized: The groups are divided into different subgroups and a group key is shared between all group members. Every subgroup share a common subgroup key. Every group have a group key server (GK) which server all members in group and every subgroup have a subgroup key sever (SGK) which serve the subgroup members. 3) Distributed: In the distributed group management protocols, each individual member in the group is responsible for new group key generation and distribution. It is the most complex and difficult protocol. But, it is the best option for networks such as MANET. 4) Here we design an application of elliptic curve cryptography in a distributed network such as MANET. A MANET is a continuously self organizing and self configuring network. It is an application for distributed system with no particular infrastructure and base station. For confidentiality, members of the network exchange group keys for every membership change. This causes high computation overhead in the network.
SECURITY AND PRIVACY, 2019
Session initiation protocol (SIP) is known as multimedia communication protocol based on IP, which is leveraged to provide signaling as well as instant messaging services. Since SIP services are widely used by Internet users, an important challenge is to supply mutual authentication between the SIP server and the user. Recently, Qui et al have presented an authentication and key agreement protocol for SIP and mentioned that their protocol is efficient and secure. In this article, we demonstrate that the protocol proposed by Qui et al is not able to provide mutual authentication and is prone to various attacks including Denning‐Sacco and denial of service attacks. We then propose a secure and efficient two‐factor authentication and key agreement protocol for SIP using elliptic curve cryptography (ECC). We analyze the security of the proposed scheme and show that it is able to satisfy various security features and resist different types of attacks. We also compare the computation and ...
V International Enformatika …, 2005
In this paper the authors propose a protocol, which uses Elliptic Curve Cryptography (ECC) based on the ElGamal's algorithm, for sending small amounts of data via an authentication server. The innovation of this approach is that there is no need for a symmetric algorithm or a safe communication channel such as SSL. The reason that ECC has been chosen instead of RSA is that it provides a methodology for obtaining high-speed implementations of authentication protocols and encrypted mail techniques while using fewer bits for the keys. This means that ECC systems require smaller chip size and less power consumption. The proposed protocol has been implemented in Java to analyse its features and vulnerabilities in the real world.
An ID-based key agreement protocol based on ECC among users of separate networks
2012 9th International ISC Conference on Information Security and Cryptology, 2012
In this article we propose an identity based key agreement protocol based on elliptic curve cryptography (ECC) between users of different networks with independent private key generations (PKGs). Our protocol is based on Cao et al.'s protocol ,proposed in 2010, in which instead of bilinear pairings, elliptic curves are used for constructing an ID-based key agreement protocol. Our protocol develops Cao et al's protocol for situations that two users of independent organizations or networks with separate servers (that in this article, are named PKGs, because their main duty is generating private keys for the users) want to share a secret key via an insecure link. We also prove the security of the protocol in the random oracle model.
An ECC Based Secure Authentication and Key Exchange Scheme in Multi-server Environment
Wireless Personal Communications, 2019
For providing strong mutual authentication in a multi-server environment many algorithms have been proposed. Most of the algorithms provide mutual authentication between client and multiple servers by using single control server for registration. In this paper, we consider a scenario, in which client and server belong to the different control server. We have proposed a protocol for providing authentication in the multi-control server environment. In our scheme, for strong authentication, we use user's biometric and registered password value in the authentication process. We also use the concept of elliptic curve cryptography to provide security features in our scheme. Furthermore, Burrows-Abadi-Needham logic has been used for formal security analysis in our work. With informal security analysis, we prove that our scheme is secure against popular security attacks like-denial of service attack, man-in-the-middle attack, replay attack and stolen smart card attack.
Elliptic Curve Based Server Authentication System for Multi-Server Infrastructure
Research & Development in Material Science
A server authentication scheme for a multi-server infrastructure has been proposed. In this scheme, each member involved in communication has to prove its authentication before any information is exchanged. This scheme secures the servers against phishing and other such attacks. Dynamic properties of the group are handled with ease, making the scheme suitable for real-life applications.
This paper introduces a Single sign on (SSO) mechanism that uses Elliptic Curve Cryptography (ECC) to avoid the communication overheads as well as the workload of both the users and the service providers in the network. Single sign on mechanism allow users to sign on using single credential and to enjoy the services provided by the multiple service providers in a distributed computer network. This mechanism includes, after obtaining a credential from a trusted authority, each legal user's authentication agent can use that credential to complete authentication on behalf of the user and can then access multiple service providers. A detailed up-to-date discussion and various techniques on Single Sign-On mechanism in distributed computer networks have been done. ECC is an alternative mechanism for implementing public-key cryptography. Public-key algorithms create a mechanism for sharing keys among large numbers of participants in a complex information system. Since ECC helps to establish equivalent security with smaller key size, lower computing power and battery resource usage, it can also be widely used for mobile applications. Unlike other popular algorithms such as RSA, ECC is based on discrete logarithms that are much more difficult to challenge.