Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Filters

2016 - 202010

Settings

Author: search.filters.author.Madhusudhan, R.Subject: search.filters.subject.Security

Search Results

Now showing 1 - 10 of 10
  • No Thumbnail Available
    Item
    An efficient and secure authentication scheme with user anonymity for roaming service in global mobile networks
    (Association for Computing Machinery acmhelp@acm.org, 2016) Madhusudhan, R.; Shashidhara
    In global mobile network, it is essential to authenticate mobile users and provide secure communication between a user, foreign agent and the home agent using session key. Designing a secure and efficient authentication protocol for roaming users in mobile network is a challenging. The authors wen et al. analyzed Jiang et al. authentication scheme recently and proved that the scheme cannot resist with replay attack and stolen-verifier attack. Later, they come up with a smart card based authentication scheme for roaming service. The Wen et al.'s scheme protects anonymity of the user and is believed to have many abilities to resist a various kind of cryptographic attacks. However, through careful analysis, we find that Wen et al.'s scheme is vulnerable to bit flipping attack, impersonation (forgery attacks), insider attack, denial-of-service attack, unfair key agreement and cannot provide user's anonymity. To remedy these weaknesses and to achieve low communication and computation costs, we proposed an efficient secure authentication scheme for roaming users in global mobile networks. The performance analysis shows that the proposed authentication protocol is simple and secure. © 2016 ACM.
  • No Thumbnail Available
    Item
    An efficient and secure user authentication scheme with anonymity in global mobility networks
    (Institute of Electrical and Electronics Engineers Inc., 2017) Madhusudhan, R.; Suvidha, K.S.
    User authentication is a very important security mechanism for accessing the services while roaming in the global mobility networks. However, the authentication schemes designed are vulnerable to the attacks, hence new requirements should be employed while designing a scheme. In 2014 Gope and Hwang proposed an efficient mutual authentication and key agreement scheme, in which they stated that the scheme provides a strong security to the user anonymity. In this paper we have proved that Gope and Hwang scheme is vulnerable to stolen smart card attack, offline password guessing attack, forgery attack and replay attack. Moreover their scheme fails to preserve user anonymity. Hence a new efficient and secure user authentication scheme with anonymity in global mobility networks is proposed. Furthermore, the security analysis of the proposed scheme is also presented in this paper. Performance analysis shows that the proposed scheme is secure and suitable for practical implementation. © 2017 IEEE.
  • No Thumbnail Available
    Item
    An enhanced secure authentication scheme with user anonymity in mobile cloud computing
    (Institute of Electrical and Electronics Engineers Inc., 2017) Madhusudhan, R.; Suvidha, K.S.
    With the rapid growth and development in cloud computing and mobility, mobile cloud computing has emerged and becomes the trend of future generation computing paradigm. Cloud offers infrastructure, platform and software services to mobile users through mobile network. The key issues in mobile cloud computing are security and privacy. While analysing security and privacy issues in mobile cloud computing, three aspects should be considered they are: mobile terminal, mobile network and the cloud. To address the key issues in mobile cloud computing, we proposed an authentication scheme which will provide security to the messages exchanged between mobile user and the cloud server. Lee at al. have proposed authentication scheme for roaming service in global mobility networks in 2016. In this paper we have reviewed Lee et al.'s scheme and proved that their scheme is vulnerable to replay attack, man in the middle attack and impersonation attack. Moreover their scheme fails to preserve user anonymity, provides no local password verification and could not achieve perfect forward secrecy. Hence an enhanced secure authentication scheme with user anonymity in mobile cloud computing is proposed. Furthermore, the security analysis of the proposed scheme is also presented in this paper. © 2017 IEEE.
  • No Thumbnail Available
    Item
    An improved user authentication scheme for telecare medical information systems
    (Institute of Electrical and Electronics Engineers Inc., 2018) Madhusudhan, R.; Nayak, C.S.
    Medical field is one of the many important fields that keeps growing day by day. Since health care is essential for every human being, development of medical systems play a vital role in the overall development of society. With the help of the Internet, medical services are provided through TMIS (Telecare Medicine Information System). During the process, information related to patient is transmitted over open channels and ensuring safety to this information is an essential task. For this, a number of remote user authentication schemes have been proposed and evolved over the time. Chen et al. proposed an authentication scheme for TMIS in 2018. Through analysis of their scheme, it has been shown that their scheme cannot withstand user impersonation attack, server masquerading attack, password guessing attack and cannot preserve user anonymity. These weaknesses have been presented in this paper. In addition to this, an improved scheme has been proposed which overcomes the aforementioned security defects. Also, this paper discusses the security analysis of the proposed scheme, which proves that it is more secure and can be practically implemented. © 2018 ACM.
  • No Thumbnail Available
    Item
    An Efficient Two Factor Authentication Scheme Providing Secure Communication in Mobile Cloud Computing
    (Institute of Electrical and Electronics Engineers Inc., 2019) Madhusudhan, R.; Suvidha, K.S.
    Integration of mobile networks with cloud computing platform led to development of mobile cloud computing. Since the communication between mobile devices and the cloud computing occur over wireless medium, securing the network becomes paramount. With the thorough literature survey, we found that many two factor authentication schemes proposed so far to preserve user anonymity are vulnerable to various security attacks, they also had shortcomes to achieve security goals. To overcome the issues related to the two factor authentication schemes in mobile cloud computing, a new scheme is proposed. Furthermore, we have simulated the proposed scheme using widely accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool. With the simulated result of the proposed scheme, we show that the proposed scheme is secure against active and passive security attacks. Additionally, the proposed scheme is compared with Gope and Hwang's scheme and other related schemes in terms of computational cost and communication overhead. The proposed scheme is efficient, robust and suitable for practical implementation. © 2019 IEEE.
  • No Thumbnail Available
    Item
    Smart Card Based Remote User Authentication Scheme for Cloud Computing
    (Institute of Electrical and Electronics Engineers Inc., 2019) Madhusudhan, R.; Hegde, M.
    Cloud computing is an emerging technology in modern society. In recent years mobile users and cloud service providers are increased rapidly. In the cloud or any other distributed environment, if the users increased then security risks also increase parallelly. Many security problems are still unclear even after the advanced security measures have been taken. Security of stored data in the server is one of the most challenging issues in the cloud-based environment. Only authorized users should access the stored data of the server. Authentication plays a significant role in providing authorization. Therefore, in cloud computing, authentication is the primary measure to protect the data and the server from an unauthorized user. In this paper, an efficient authentication scheme using the smart card in the cloud environment is proposed. In the proposed scheme, with the help of a single private key, the user can access many cloud services. Also, the proposed scheme resists all security attacks. Through the simulation using the AVISPA tool, it is proved that the proposed scheme is robust and suitable for practical implementation. © 2019 IEEE.
  • No Thumbnail Available
    Item
    A Secure and Lightweight Authentication Protocol for Mobile User Preserving Privacy in Global Mobility Networks
    (Elsevier B.V., 2020) Madhusudhan, R.; Suvidha, K.S.
    In two factor authentication schemes the key factor that has to be addressed is user anonymity and privacy preservation during roaming scenario in GLObal MObility NETwork. While roaming MU needs to access the services of the FA, FA grants the service request only to the authenticated MU. To verify the authenticity of the MU, FA sends the service request of MU to HA. HA verifies the authenticity of the MU after which FA allows the MU to access the services. The entire communication during roaming is carried over insecure channel. Due to this, several security concerns are raised. The main objective in GLOMONET is to secure the channel and the designed scheme should over come all active and passive security attacks. Since, the scheme is designed for mobile networks, it should be light weight with less communication cost, one such scheme has been proposed in this article. The proposed scheme is light weight with less communication cost. Additionally the proposed scheme addresses the active and passive security attacks. The scheme is efficient in terms of computational and communication cost. The proposed scheme is robust and practically implementable. © 2020 The Authors. Published by Elsevier B.V.
  • No Thumbnail Available
    Item
    A robust authentication scheme for telecare medical information systems
    (Springer New York LLC barbara.b.bertram@gsk.com, 2019) Madhusudhan, R.; Nayak, C.S.
    With the speedy progress in technology, the Internet has become a non-separable part of human life. It is obvious to use the Internet in all fields and medical field is no exception. The concept of establishing telecare medicine information systems(TMIS) for patients is gaining more popularity recently. To ensure the privacy of patients and to allow authorized access to remote medical servers, many authentication schemes have been proposed. Li et al., in 2016, proposed a secure dynamic identity and chaotic maps based user authentication and key agreement scheme. They claimed that the scheme is resistant to most of the known attacks. However, from thorough cryptanalysis, we have proved that their scheme is vulnerable to user impersonation attack, password guessing attack and server impersonation attack. We have also illustrated that their scheme does not provide user anonymity, convenient smart card revocation and security to session key. To overcome the aforementioned security weaknesses, we have proposed an enhanced authentication scheme using chaotic maps, which has been discussed in this paper along with its cryptanalysis. Cryptanalysis of the proposed scheme proves that the scheme is more robust and suitable for implementation. © 2018, Springer Science+Business Media, LLC, part of Springer Nature.
  • No Thumbnail Available
    Item
    Mobile user authentication protocol with privacy preserving for roaming service in GLOMONET
    (Springer, 2020) Madhusudhan, R.; Shashidhara, R.
    In GLObal MObile NETwork (GLOMONET), it is essential to authenticate and provide secure communication between a user, foreign agent, and the home agent using session key. Designing a secure and efficient authentication protocol for roaming users in the mobile network is a challenging. In order to secure communication over an insecure channel, a number of authentication schemes have been proposed. The main weakness of the existing authentication protocols is that attackers have the ability to impersonate a legal user at any time. In addition, the existing protocols are vulnerable to various kind of cryptographic attacks such as insider attack, bit flipping attack, forgery attacks, denial-of-service attack, unfair key agreement and cannot provide user’s anonymity. To remedy these weaknesses and to achieve low communication and computation costs, we proposed a secure authentication scheme for roaming users. In addition, the formal verification tools ProVerif and AVISPA is used to check the correctness of the proposed protocol. Finally, the performance evaluation and simulation results shows that the proposed scheme is efficient in terms of communication and computational cost. © 2019, Springer Science+Business Media, LLC, part of Springer Nature.
  • No Thumbnail Available
    Item
    A novel DNA based password authentication system for global roaming in resource-limited mobile environments
    (Springer, 2020) Madhusudhan, R.; Shashidhara R
    Mobile environments are highly vulnerable to security threats and pose a great challenge for the wireless and mobile networks being used today. Because the mode of a wireless channel is open, these networks do not carry any inherent security and hence are more prone to attacks. Therefore, designing a secure and robust protocol for authentication in a global mobile network is always a challenging. In these networks, it is crucial to provide authentication to establish a secure communication between the Mobile User (MU), Foreign Agent (FA) and Home Agent (HA). In order to secure communication among these entities, a number of authentication protocols have been proposed. The main security flaw of the existing authentication protocols is that attackers have the ability to impersonate a legal user at any time. Moreover, the existing authentication protocols in the literature are exposed to various kind of cryptographic attacks. Besides, the authentication protocols require larger key length and more computation overhead. To remedy these weaknesses in mobility networks, DNA (Deoxyribo Nucleic Acid) based authentication scheme using Hyper Elliptic Curve Cryptosystem (HECC) is introduced. It offers greater security and allows an MU, FA and HA to establish a secure communication channel, in order to exchange the sensitive information over the radio link. The proposed system derive benefit from HECC, which is smaller in terms of key size, more computational efficiency. In addition, the security strength of this authentication system is validated through widely accepted security verification tool called ProVerif. Further, the performance analysis shows that the DNA based authentication system using HECC is secure and practically implementable in the resource-constrained mobility nodes. © 2019, Springer Science+Business Media, LLC, part of Springer Nature.