Project description:Qiu et al. made a security analysis about the protocols of Chaudhry et al. and Kumari et al. in 2018, and they pointed out that there are many security weaknesses in the protocols. To improve the security, Qiu et al. proposed an advanced authentication scheme for Session Initiation Protocol on the basis of the previous protocols and claimed that their own protocol was very secure and practical. However, we demonstrate that the protocol of Qiu et al. has a serious mistake which causes their protocol cannot be executed normally. Beyond that, we also find out that their protocol cannot withstand insider attack and denial service attack. In order to remove these weaknesses, we propose an efficient provably secure mutual authentication scheme. Furthermore, our scheme provides security analysis with the help of Burrows-Abadi-Needham (BAN) logic. Compared with their protocol, ours has greater security and better performance.

Project description:Wireless sensor networks (WSNs), which consist of a large number of sensor nodes, have become among the most important technologies in numerous fields, such as environmental monitoring, military surveillance, control systems in nuclear reactors, vehicle safety systems, and medical monitoring. The most serious drawback for the widespread application of WSNs is the lack of security. Given the resource limitation of WSNs, traditional security schemes are unsuitable. Approaches toward withstanding related attacks with small overhead have thus recently been studied by many researchers. Numerous studies have focused on the authentication scheme for WSNs, but most of these works cannot achieve the security performance and overhead perfectly. Nam et al. proposed a two-factor authentication scheme with lightweight sensor computation for WSNs. In this paper, we review this scheme, emphasize its drawbacks, and propose a temporal credential-based mutual authentication with a multiple-password scheme for WSNs. Our scheme uses multiple passwords to achieve three-factor security performance and generate a session key between user and sensor nodes. The security analysis phase shows that our scheme can withstand related attacks, including a lost password threat, and the comparison phase shows that our scheme involves a relatively small overhead. In the comparison of the overhead phase, the result indicates that more than 95% of the overhead is composed of communication and not computation overhead. Therefore, the result motivates us to pay further attention to communication overhead than computation overhead in future research.

Project description:Protecting confidential data is a major worldwide challenge. Classical cryptography is fast and scalable, but is broken by quantum algorithms. Quantum cryptography is unclonable, but requires quantum installations that are more expensive, slower, and less scalable than classical optical networks. Here we show a perfect secrecy cryptography in classical optical channels. The system exploits correlated chaotic wavepackets, which are mixed in inexpensive and CMOS compatible silicon chips. The chips can generate 0.1 Tbit of different keys for every mm of length of the input channel, and require the transmission of an amount of data that can be as small as 1/1000 of the message's length. We discuss the security of this protocol for an attacker with unlimited technological power, and who can access the system copying any of its part, including the chips. The second law of thermodynamics and the exponential sensitivity of chaos unconditionally protect this scheme against any possible attack.

Project description:The Internet of Things (IoT) has been integrated into legacy healthcare systems for the purpose of improving healthcare processes. As one of the key technologies of IoT, radio frequency identification (RFID) technology has been applied to offer services like patient monitoring, drug administration, and medical asset tracking. However, people have concerns about the security and privacy of RFID-based healthcare systems, which require a proper solution. To solve the problem, recently in 2019, Fan et al. proposed a lightweight RFID authentication scheme in the IEEE Network. They claimed that their scheme can resist various attacks in RFID systems with low implementation cost, and thus is suitable for RFID-based healthcare systems. In this article, our contributions mainly consist of two parts. First, we analyze the security of Fan et al.'s scheme and find out its security vulnerabilities. Second, we propose a novel lightweight authentication scheme to overcome these security weaknesses. The security analysis shows that our scheme can satisfy the necessary security requirements. Besides, the performance evaluation demonstrates that our scheme is of low cost. Thus, our scheme is well-suited for practical RFID-based healthcare systems.

Project description:The traditional username/password or PIN based authentication scheme, which still remains the most popular form of authentication, has been proved insecure, unmemorable and vulnerable to guessing, dictionary attack, key-logger, shoulder-surfing and social engineering. Based on this, a large number of new alternative methods have recently been proposed. However, most of them rely on users being able to accurately recall complex and unmemorable information or using extra hardware (such as a USB Key), which makes authentication more difficult and confusing. In this paper, we propose a Digital Memories based user authentication scheme adopting homomorphic encryption and a public key encryption design which can protect users' privacy effectively, prevent tracking and provide multi-level security in an Internet & IoT environment. Also, we prove the superior reliability and security of our scheme compared to other schemes and present a performance analysis and promising evaluation results.

Project description:In recent years, ubiquitous computing has been rapidly emerged in our lives and extensive studies have been conducted in a variety of areas related to smart devices, such as tablets, smartphones, smart TVs, smart refrigerators, and smart media devices, as a measure for realizing the ubiquitous computing. In particular, smartphones have significantly evolved from the traditional feature phones. Increasingly higher-end smartphone models that can perform a range of functions are now available. Smart devices have become widely popular since they provide high efficiency and great convenience for not only private daily activities but also business endeavors. Rapid advancements have been achieved in smart device technologies to improve the end users' convenience. Consequently, many people increasingly rely on smart devices to store their valuable and important data. With this increasing dependence, an important aspect that must be addressed is security issues. Leaking of private information or sensitive business data due to loss or theft of smart devices could result in exorbitant damage. To mitigate these security threats, basic embedded locking features are provided in smart devices. However, these locking features are vulnerable. In this paper, an original security-locking scheme using a rhythm-based locking system (RLS) is proposed to overcome the existing security problems of smart devices. RLS is a user-authenticated system that addresses vulnerability issues in the existing locking features and provides secure confidentiality in addition to convenience.

Project description:Text-based passwords are a fundamental and popular means of authentication. Password authentication can be simply implemented because it does not require any equipment, unlike biometric authentication, and it relies only on the users' memory. This reliance on memory is a weakness of passwords, and people therefore usually use easy-to-remember passwords, such as "iloveyou1234". However, these sample passwords are not difficult to crack. The default passwords of IoT also are text-based passwords and are easy to crack. This weakness enables free password cracking tools such as Hashcat and JtR to execute millions of cracking attempts per second. Finally, this weakness creates a security hole in networks by giving hackers access to an IoT device easily. Research has been conducted to better exploit weak passwords to improve password-cracking performance. The Markov model and probabilistic context-free-grammar (PCFG) are representative research results, and PassGAN, which uses generative adversarial networks (GANs), was recently introduced. These advanced password cracking techniques contribute to the development of better password strength checkers. We studied some methods of improving the performance of PassGAN, and developed two approaches for better password cracking: the first was changing the convolutional neural network (CNN)-based improved Wasserstein GAN (IWGAN) cost function to an RNN-based cost function; the second was employing the dual-discriminator GAN structure. In the password cracking performance experiments, our models showed 10%-15% better performance than PassGAN. Through additional performance experiments with PCFG, we identified the cracking performance advantages of PassGAN and our models over PCFG. Finally, we prove that our models enhanced password strength estimation through a comparison with zxcvbn.

Project description:Smart meters have ensured effective end-user energy consumption data management and helping the power companies towards network operation efficiency. However, recent studies highlighted that cyber adversaries may launch attacks on smart meters that can cause data availability, integrity, and confidentiality issues both at the consumer side or at a network operator's end. Therefore, research on smart meter data security has been attributed as one of the top priorities to ensure the safety and reliability of the critical energy system infrastructure. Authentication is one of the basic building blocks of any secure system. Numerous authentication schemes have been proposed for the smart grid, but most of these methods are applicable for two party communication. In this article, we propose a distributed, dynamic multistage authenticated key agreement scheme for smart meter communication. The proposed scheme provides secure authentication between smart meter, NAN gateway, and SCADA energy center in a distributed manner. Through rigorous cryptanalysis we have proved that the proposed scheme resist replay attack, insider attack, impersonation attack and man-in-the-middle attack. Also, it provides perfect forward secrecy, device anonymity and data confidentiality. The proposed scheme security is formally proved in the CK-model and, using BAN logic, it is proved that the scheme creates a secure session between the communication participants. The proposed scheme is simulated using the AVISPA tool and verified the safety against all active attacks. Further, efficiency analysis of the scheme has been made by considering its computation, communication, and functional costs. The computed results are compared with other related schemes. From these analysis results, it is proved that the proposed scheme is robust and secure when compared to other schemes.

Project description:Time-delayed, narrow-band echoes generated by forward Bragg diffraction of an X-ray pulse by a perfect thin crystal are exploited for self-seeding at hard X-ray free-electron lasers. Theoretical predictions indicate that the retardation is strictly correlated to a transverse displacement of the echo pulses. This article reports the first experimental observation of the displaced echoes. The displacements are in good agreement with simulations relying on the dynamical diffraction theory. The echo signals are characteristic for a given Bragg reflection, the structure factor and the probed interplane distance. The reported results pave the way to exploiting the signals as an online diagnostic tool for hard X-ray free-electron laser seeding and for dynamical diffraction investigations of strain at the femtosecond timescale.

Project description:A practical scheme for the demonstration of perfect one-sided device-independent quantum secret sharing is proposed. The scheme involves a three-mode optomechanical system in which a pair of independent cavity modes is driven by short laser pulses and interact with a movable mirror. We demonstrate that by tuning the laser frequency to the blue (anti-Stokes) sideband of the average frequency of the cavity modes, the modes become mutually coherent and then may collectively steer the mirror mode to a perfect Einstein-Podolsky-Rosen state. The scheme is shown to be experimentally feasible, it is robust against the frequency difference between the modes, mechanical thermal noise and damping, and coupling strengths of the cavity modes to the mirror.