Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Filters

2017 - 20205

Settings

Author: search.filters.author.Madhusudhan, R.Subject: search.filters.subject.User anonymity

Search Results

Now showing 1 - 5 of 5
  • No Thumbnail Available
    Item
    An efficient and secure user authentication scheme with anonymity in global mobility networks
    (Institute of Electrical and Electronics Engineers Inc., 2017) Madhusudhan, R.; Suvidha, K.S.
    User authentication is a very important security mechanism for accessing the services while roaming in the global mobility networks. However, the authentication schemes designed are vulnerable to the attacks, hence new requirements should be employed while designing a scheme. In 2014 Gope and Hwang proposed an efficient mutual authentication and key agreement scheme, in which they stated that the scheme provides a strong security to the user anonymity. In this paper we have proved that Gope and Hwang scheme is vulnerable to stolen smart card attack, offline password guessing attack, forgery attack and replay attack. Moreover their scheme fails to preserve user anonymity. Hence a new efficient and secure user authentication scheme with anonymity in global mobility networks is proposed. Furthermore, the security analysis of the proposed scheme is also presented in this paper. Performance analysis shows that the proposed scheme is secure and suitable for practical implementation. © 2017 IEEE.
  • No Thumbnail Available
    Item
    A secure and lightweight authentication scheme for roaming service in global mobile networks
    (Elsevier Ltd, 2018) Madhusudhan, R.; Shashidhara
    Global Mobile Network provides global roaming service to the users moving from one network to another. It is essential to authenticate and protect the privacy of roaming users. Recently, Marimuthu and Saravanan proposed a secure authentication scheme for roaming service in mobile networks. This scheme can protect user anonymity, untraceability, and is believed to have many abilities to resist a range of attacks in global mobile networks. In this paper, we analyse the security strength of their scheme and show that the authentication protocol is in fact insecure against insider attack, stolen-verifier attack, impersonation attack, denial-of-service attack, synchronization problem, lack of user anonymity and operational inefficiencies. Hence, we propose a secure and lightweight authentication scheme for Global Mobile Networks. In addition, the proposed scheme requires few message exchanges between the entities such as MU (Mobile User), FA (Foreign Agent) and HA (Home Agent). The scheme ensures both communication and computation efficiency as compared to the well-known authentication schemes. The performance analysis shows that the proposed authentication scheme is well suited for resource limited wireless and mobile environments. © 2017 Elsevier Ltd
  • No Thumbnail Available
    Item
    Mobile user authentication protocol with privacy preserving for roaming service in GLOMONET
    (Springer, 2020) Madhusudhan, R.; Shashidhara, R.
    In GLObal MObile NETwork (GLOMONET), it is essential to authenticate and provide secure communication between a user, foreign agent, and the home agent using session key. Designing a secure and efficient authentication protocol for roaming users in the mobile network is a challenging. In order to secure communication over an insecure channel, a number of authentication schemes have been proposed. The main weakness of the existing authentication protocols is that attackers have the ability to impersonate a legal user at any time. In addition, the existing protocols are vulnerable to various kind of cryptographic attacks such as insider attack, bit flipping attack, forgery attacks, denial-of-service attack, unfair key agreement and cannot provide user’s anonymity. To remedy these weaknesses and to achieve low communication and computation costs, we proposed a secure authentication scheme for roaming users. In addition, the formal verification tools ProVerif and AVISPA is used to check the correctness of the proposed protocol. Finally, the performance evaluation and simulation results shows that the proposed scheme is efficient in terms of communication and computational cost. © 2019, Springer Science+Business Media, LLC, part of Springer Nature.
  • No Thumbnail Available
    Item
    A novel DNA based password authentication system for global roaming in resource-limited mobile environments
    (Springer, 2020) Madhusudhan, R.; Shashidhara R
    Mobile environments are highly vulnerable to security threats and pose a great challenge for the wireless and mobile networks being used today. Because the mode of a wireless channel is open, these networks do not carry any inherent security and hence are more prone to attacks. Therefore, designing a secure and robust protocol for authentication in a global mobile network is always a challenging. In these networks, it is crucial to provide authentication to establish a secure communication between the Mobile User (MU), Foreign Agent (FA) and Home Agent (HA). In order to secure communication among these entities, a number of authentication protocols have been proposed. The main security flaw of the existing authentication protocols is that attackers have the ability to impersonate a legal user at any time. Moreover, the existing authentication protocols in the literature are exposed to various kind of cryptographic attacks. Besides, the authentication protocols require larger key length and more computation overhead. To remedy these weaknesses in mobility networks, DNA (Deoxyribo Nucleic Acid) based authentication scheme using Hyper Elliptic Curve Cryptosystem (HECC) is introduced. It offers greater security and allows an MU, FA and HA to establish a secure communication channel, in order to exchange the sensitive information over the radio link. The proposed system derive benefit from HECC, which is smaller in terms of key size, more computational efficiency. In addition, the security strength of this authentication system is validated through widely accepted security verification tool called ProVerif. Further, the performance analysis shows that the DNA based authentication system using HECC is secure and practically implementable in the resource-constrained mobility nodes. © 2019, Springer Science+Business Media, LLC, part of Springer Nature.
  • No Thumbnail Available
    Item
    A Secure Anonymous Authentication Protocol for Roaming Service in Resource-Constrained Mobility Environments
    (Springer, 2020) Madhusudhan, R.; Shashidhara, R.
    Mobile user authentication is very crucial to ensure the authenticity and privacy of roaming users in mobility environments. The existing communication technologies are highly vulnerable to security threats and pose a great challenge for the wireless networks being used today. Because the mode of a wireless channel is open, these networks do not carry any inherent security and hence are more prone to threats. Consequently, designing a robust scheme for roaming service in the mobile environment is always challenging. Recently, Kuo et al. proposed an efficient authentication protocol for roaming and they claimed that the protocol can resist several security threats in mobile networks. In this paper, we analyze the security of Kuo et al.’s. authentication protocol and show that the protocol is exposed to an insider attack, replay attack, denial-of-service attack and cannot provide fair key agreement, user untraceability, and local password verification. To combat these security flaws, we propose a secure authentication scenario for roaming service using elliptic curve cryptosystem. The proposed authentication protocol is implemented in HLPSL language using automated validation of internet security protocols and applications as a formal verification tool to prove that the novel protocol is free from known attacks. Further, we applied Burrows–Abadi–Needham logic to validate the correctness of the authentication system. The proposed protocol not only improves security but also retains a low communicational and computational overhead. © 2019, King Fahd University of Petroleum & Minerals.