Project description:Efficient authentication and key agreement protocols between two entities are required in many application areas. In particular, for client-server type of architectures, the client is mostly represented by a constrained device and thus highly efficient protocols are needed. We propose in this paper two protocols enabling the construction of a mutual authenticated key ensuring anonymity and unlinkability of the client and resisting the most well known attacks. The main difference between the two proposed protocols is in the storage requirements on the server side. The innovation of our protocols relies on the fact that, thanks to the usage of the sponge construction, available in the newly proposed SHA3 standard with underlying Keccak design, the computation cost can be reduced to only one hash operation on the client side in case of the protocol with storage and two hash operations for the protocol without storage and thus leads to a very efficient solution.

Project description:Qiu et al. made a security analysis about the protocols of Chaudhry et al. and Kumari et al. in 2018, and they pointed out that there are many security weaknesses in the protocols. To improve the security, Qiu et al. proposed an advanced authentication scheme for Session Initiation Protocol on the basis of the previous protocols and claimed that their own protocol was very secure and practical. However, we demonstrate that the protocol of Qiu et al. has a serious mistake which causes their protocol cannot be executed normally. Beyond that, we also find out that their protocol cannot withstand insider attack and denial service attack. In order to remove these weaknesses, we propose an efficient provably secure mutual authentication scheme. Furthermore, our scheme provides security analysis with the help of Burrows-Abadi-Needham (BAN) logic. Compared with their protocol, ours has greater security and better performance.

Project description:Passive radio-frequency identification (RFID) tag has been used in many applications. While the RFID market is expected to grow, concerns about security and privacy of the RFID tag should be overcome for the future use. To overcome these issues, privacy-preserving authentication protocols based on cryptographic algorithms have been designed. However, to the best of our knowledge, evaluation of the whole tag, which includes an antenna, an analog front end, and a digital processing block, that runs authentication protocols has not been studied. In this paper, we present an implementation and evaluation of a fully integrated passive UHF RFID tag that runs a privacy-preserving mutual authentication protocol based on a hash function. We design a single chip including the analog front end and the digital processing block. We select a lightweight hash function supporting 80-bit security strength and a standard hash function supporting 128-bit security strength. We show that when the lightweight hash function is used, the tag completes the protocol with a reader-tag distance of 10 cm. Similarly, when the standard hash function is used, the tag completes the protocol with the distance of 8.5 cm. We discuss the impact of the peak power consumption of the tag on the distance of the tag due to the hash function.

Project description:The development of the Internet of Things (IoT) predicts several new applications, some of which are designed to be incorporated into e-health systems, and some technologies, like cloud computing and device-to-device communication (D2D), are promising for use in the support of resource-constrained devices employed in Mobile-health (m-health) and Telecare Medicine Information Systems (TMIS). In a scenario with billions of devices predicted for the IoT, it is essential to avoid performance and security problems, among others. Security is fundamental for the achievement of optimal performance regarding the sensibility of e-health shared data and, especially, the anonymity of patients and other entities, while it is also essential to consider the scarcity of bandwidth in wireless networks. This paper proposes a new mutual authentication protocol for m-health systems, which supports D2D communication, ensuring security and surpassing the performance and security of other authentication procedures reported in the literature.

Project description:Authentication is essential for the prevention of various types of attacks in fog/edge computing. Therefore, a novel mode-based hash chain for secure mutual authentication is necessary to address the Internet of Things (IoT) devices' vulnerability, as there have been several years of growing concerns regarding their security. Therefore, a novel model is designed that is stronger and effective against any kind of unauthorized attack, as IoT devices' vulnerability is on the rise due to the mass production of IoT devices (embedded processors, camera, sensors, etc.), which ignore the basic security requirements (passwords, secure communication), making them vulnerable and easily accessible. Furthermore, crackable passwords indicate that the security measures taken are insufficient. As per the recent studies, several applications regarding its requirements are the IoT distributed denial of service attack (IDDOS), micro-cloud, secure university, Secure Industry 4.0, secure government, secure country, etc. The problem statement is formulated as the "design and implementation of dynamically interconnecting fog servers and edge devices using the mode-based hash chain for secure mutual authentication protocol", which is stated to be an NP-complete problem. The hash-chain fog/edge implementation using timestamps, mode-based hash chaining, the zero-knowledge proof property, a distributed database/blockchain, and cryptography techniques can be utilized to establish the connection of smart devices in large numbers securely. The hash-chain fog/edge uses blockchain for identity management only, which is used to store the public keys in distributed ledger form, and all these keys are immutable. In addition, it has no overhead and is highly secure as it performs fewer calculations and requires minimum infrastructure. Therefore, we designed the hash-chain fog/edge (HCFE) protocol, which provides a novel mutual authentication scheme for effective session key agreement (using ZKP properties) with secure protocol communications. The experiment outcomes proved that the hash-chain fog/edge is more efficient at interconnecting various devices and competed favorably in the benchmark comparison.

Project description:Smart grid solutions enable utilities and customers to better monitor and control energy use via information and communications technology. Information technology is intended to improve the future electric grid's reliability, efficiency, and sustainability by implementing advanced monitoring and control systems. However, leveraging modern communications systems also makes the grid vulnerable to cyberattacks. Here we report the first use of quantum key distribution (QKD) keys in the authentication of smart grid communications. In particular, we make such demonstration on a deployed electric utility fiber network. The developed method was prototyped in a software package to manage and utilize cryptographic keys to authenticate machine-to-machine communications used for supervisory control and data acquisition (SCADA). This demonstration showcases the feasibility of using QKD to improve the security of critical infrastructure, including future distributed energy resources (DERs), such as energy storage.

Project description:A smartcard based password-authenticated key agreement scheme enables a legal user to log in to a remote authentication server and access remote services through public networks using a weak password and a smart card. Lin recently presented an improved chaotic maps-based password-authenticated key agreement scheme that used smartcards to eliminate the weaknesses of the scheme of Guo and Chang, which does not provide strong user anonymity and violates session key security. However, the improved scheme of Lin does not exhibit the freshness property and the validity of messages so it still fails to withstand denial-of-service and privileged-insider attacks. Additionally, a single malicious participant can predetermine the session key such that the improved scheme does not exhibit the contributory property of key agreements. This investigation discusses these weaknesses and proposes an enhanced smartcard-based password-authenticated key agreement scheme that utilizes extended chaotic maps. The session security of this enhanced scheme is based on the extended chaotic map-based Diffie-Hellman problem, and is proven in the real-or-random and the sequence of games models. Moreover, the enhanced scheme ensures the freshness of communicating messages by appending timestamps, and thereby avoids the weaknesses in previous schemes.

Project description:We present a novel biometric authentication system enabled by ratiometric analysis of impedance of fingers. In comparison to the traditional biometrics that relies on acquired images of structural information of physiological characteristics, our biological impedance approach not only eliminates any practical means of making fake copies of the relevant physiological traits but also provides reliable features of biometrics using the ratiometric impedance of fingers. This study shows that the ratiometric features of the impedance of fingers in 10 different pairs using 5 electrodes at the fingertips can reduce the variation due to undesirable factors such as temperature and day-to-day physiological variations. By calculating the ratio of impedances, the difference between individual subjects was amplified and the spectral patterns were diversified. Overall, our ratiometric analysis of impedance improved the classification accuracy of 41 subjects and reduced the error rate of classification from 29.32% to 5.86% (by a factor of 5).

Project description:Most of small RNA library construction methods are based on RNA ligases, which prefer to join the molecules (small RNAs and adapters) that can anneal to each other and form a ligase favoured structure. Different platforms for next generation sequencing use different adapter sequences, causing the cloning bias. Adapters with degenerated nucleotides at the ligating ends (High Definition, HD adapters) were developed to reduce the cloning bias. However, above 90% of the cloning products is adapter dimer when the current available commercial kits and their corresponding protocols are used. Here we adopted and further improved a method demonstrated in a publically available patent (http://www.google.com/patents/WO2011056866A2?cl=en). Using the improved method, we constructed the small RNA libraries by using the total RNA of Medicago truncatula leaf tissue. The adapter dimer was significantly reduced. The small RNA sequences were also analysed.

Project description:Most of small RNA library construction methods are based on RNA ligases, which prefer to join the molecules (small RNAs and adapters) that can anneal to each other and form a ligase favoured structure. Different platforms for next generation sequencing use different adapter sequences, causing the cloning bias. Adapters with degenerated nucleotides at the ligating ends (High Definition, HD adapters) were developed to reduce the cloning bias. However, above 90% of the cloning products is adapter dimer when the current available commercial kits and their corresponding protocols are used. Here we adopted and further improved a method demonstrated in a publically available patent (http://www.google.com/patents/WO2011056866A2?cl=en). Using the improved method, we constructed the small RNA libraries by using the total RNA of Medicago truncatula leaf tissue. The adapter dimer was significantly reduced. The small RNA sequences were also analysed. The small RNA libraries of medicago truncatula leaves were constructed by using an improved protocol where high-definition (HD) adapters were used.