Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Filters

2017 - 201932020 - 20214

Settings

Author: search.filters.author.Suvidha, K.S.

Search Results

Now showing 1 - 7 of 7
  • No Thumbnail Available
    Item
    An efficient and secure user authentication scheme with anonymity in global mobility networks
    (Institute of Electrical and Electronics Engineers Inc., 2017) Madhusudhan, R.; Suvidha, K.S.
    User authentication is a very important security mechanism for accessing the services while roaming in the global mobility networks. However, the authentication schemes designed are vulnerable to the attacks, hence new requirements should be employed while designing a scheme. In 2014 Gope and Hwang proposed an efficient mutual authentication and key agreement scheme, in which they stated that the scheme provides a strong security to the user anonymity. In this paper we have proved that Gope and Hwang scheme is vulnerable to stolen smart card attack, offline password guessing attack, forgery attack and replay attack. Moreover their scheme fails to preserve user anonymity. Hence a new efficient and secure user authentication scheme with anonymity in global mobility networks is proposed. Furthermore, the security analysis of the proposed scheme is also presented in this paper. Performance analysis shows that the proposed scheme is secure and suitable for practical implementation. © 2017 IEEE.
  • No Thumbnail Available
    Item
    An enhanced secure authentication scheme with user anonymity in mobile cloud computing
    (Institute of Electrical and Electronics Engineers Inc., 2017) Madhusudhan, R.; Suvidha, K.S.
    With the rapid growth and development in cloud computing and mobility, mobile cloud computing has emerged and becomes the trend of future generation computing paradigm. Cloud offers infrastructure, platform and software services to mobile users through mobile network. The key issues in mobile cloud computing are security and privacy. While analysing security and privacy issues in mobile cloud computing, three aspects should be considered they are: mobile terminal, mobile network and the cloud. To address the key issues in mobile cloud computing, we proposed an authentication scheme which will provide security to the messages exchanged between mobile user and the cloud server. Lee at al. have proposed authentication scheme for roaming service in global mobility networks in 2016. In this paper we have reviewed Lee et al.'s scheme and proved that their scheme is vulnerable to replay attack, man in the middle attack and impersonation attack. Moreover their scheme fails to preserve user anonymity, provides no local password verification and could not achieve perfect forward secrecy. Hence an enhanced secure authentication scheme with user anonymity in mobile cloud computing is proposed. Furthermore, the security analysis of the proposed scheme is also presented in this paper. © 2017 IEEE.
  • No Thumbnail Available
    Item
    An Efficient Two Factor Authentication Scheme Providing Secure Communication in Mobile Cloud Computing
    (Institute of Electrical and Electronics Engineers Inc., 2019) Madhusudhan, R.; Suvidha, K.S.
    Integration of mobile networks with cloud computing platform led to development of mobile cloud computing. Since the communication between mobile devices and the cloud computing occur over wireless medium, securing the network becomes paramount. With the thorough literature survey, we found that many two factor authentication schemes proposed so far to preserve user anonymity are vulnerable to various security attacks, they also had shortcomes to achieve security goals. To overcome the issues related to the two factor authentication schemes in mobile cloud computing, a new scheme is proposed. Furthermore, we have simulated the proposed scheme using widely accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool. With the simulated result of the proposed scheme, we show that the proposed scheme is secure against active and passive security attacks. Additionally, the proposed scheme is compared with Gope and Hwang's scheme and other related schemes in terms of computational cost and communication overhead. The proposed scheme is efficient, robust and suitable for practical implementation. © 2019 IEEE.
  • No Thumbnail Available
    Item
    A Secure and Lightweight Authentication Protocol for Mobile User Preserving Privacy in Global Mobility Networks
    (Elsevier B.V., 2020) Madhusudhan, R.; Suvidha, K.S.
    In two factor authentication schemes the key factor that has to be addressed is user anonymity and privacy preservation during roaming scenario in GLObal MObility NETwork. While roaming MU needs to access the services of the FA, FA grants the service request only to the authenticated MU. To verify the authenticity of the MU, FA sends the service request of MU to HA. HA verifies the authenticity of the MU after which FA allows the MU to access the services. The entire communication during roaming is carried over insecure channel. Due to this, several security concerns are raised. The main objective in GLOMONET is to secure the channel and the designed scheme should over come all active and passive security attacks. Since, the scheme is designed for mobile networks, it should be light weight with less communication cost, one such scheme has been proposed in this article. The proposed scheme is light weight with less communication cost. Additionally the proposed scheme addresses the active and passive security attacks. The scheme is efficient in terms of computational and communication cost. The proposed scheme is robust and practically implementable. © 2020 The Authors. Published by Elsevier B.V.
  • No Thumbnail Available
    Item
    Secure 4G SEPS-AKA Protocol for UMTS Networks
    (Institute of Electrical and Electronics Engineers Inc., 2020) Suvidha, K.S.; Kamath, S.S.
    User authentication is one of the crucial challenges that has to be addressed in UMTS (Universal Mobile Telecommunications Service) in order to grant the access to the services during handovers. Therefore, to provide the authentication the proposed protocol makes use of the existing Extensible Authentication Protocol (EAP). To provide the authentication in the LTE networks, an authentication framework EAP is used. EAPAKA is one of the methods of EAP framework. EAP-AKA, uses the mechanism Authentication and Key Agreement (AKA). EAPAKA is used in UMTS networks to secure the communication channel. In LTE, this mechanism is called as Evolved Packet System Authentication and Key Agreement (EPS-AKA). Mobile users in LTE networks access the packet data network through Evolved UMTS Terrestrial Radio Access Network (EUTRAN). However, with the thorough literature survey, it is proved that EPS-AKA mechanism is susceptible to the security vulnerabilities such as disclosure of the user identity, Man in the Middle attack and replay attacks. To overcome these security attacks, a new Secure Evolved Packet System (SEPS) protocol has been proposed. The formal security verification of the proposed SEPS protocol using widely accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool is presented in this paper. In addition to this, the proposed protocol is compared with the other protocols in terms of performance. The proposed SEPS protocol is efficient and robust. This makes the proposed protocol suitable for the practical implementation. © 2020 IEEE.
  • No Thumbnail Available
    Item
    Robust and secure authentication protocol protecting privacy for roaming mobile user in global mobility networks
    (Inderscience Publishers, 2021) Madhusudhan, R.; Suvidha, K.S.
    With the advent of new 5G technology there is a need to develop security architecture. Two factor authentication schemes are developed to address the security features such as user anonymity and privacy preservation during roaming scenario in GLObal Mobility NETwork. The entire communication during roaming is carried over insecure channel and owing to this, security concern is raised. The main objective of the proposed protocol is to secure the channel and to overcome all active and passive security attacks. The proposed protocol addresses the active and passive security attacks that exist in 5G cellular networks which are formally verified using AVISPA tool. The proposed protocol is simulated using NS2.35 simulator and the performance metrics such as throughput, end to end delivery and packet delivery ratio are computed. The protocol is efficient in terms of computational and communication cost. The proposed scheme is robust and practically implementable. © 2021 Inderscience Enterprises Ltd.
  • No Thumbnail Available
    Item
    ES-HAS: ECC-based secure handover authentication scheme for roaming mobile user in global mobility networks
    (MDPI, 2021) Suvidha, K.S.; Ramalingam, J.; Kamath, S.S.; Lee, C.-C.
    The design and implementation of two-factor schemes designed for roaming mobile users for global mobility networks in smart cities requires attention to protect the scheme from various security attacks, such as the replay attack, impersonation attack, man-in-the-middle attack, password-guessing attack and stolen-smart-card attack. In addition to these attacks, the scheme should achieve user anonymity, unlinkability and perfect forward secrecy. In the roaming scenario, as mobile users are connected to the foreign network, mobile users must provide authentication details to the foreign network to which they are connected. The foreign network forwards the authentication messages received from the mobile users to their home network. The home network validates the authenticity of the mobile user. In the roaming scenario, all communication between the three entities is carried over an insecure channel. It is assumed that the adversary has the capabilities to intercept the messages transmitted over an insecure channel. Hence, the authentication scheme designed must be able to resist the above-mentioned security attacks and achieve the security goals. Our proposed scheme ES-HAS (elliptic curve-based secure handover authentication scheme) is a two-factor authentication scheme in which the mobile user possesses the password, and the smart card resists the above-mentioned security attacks. It also achieves the above-mentioned security goals. We also extended our two-factor authentication to a multi-factor authentication scheme using the fingerprint biometric technique. The formal security analysis using BAN logic and the formal security verification of the proposed scheme using the widely accepted AVISPA (automated validation of internet security protocols and applications) tool is presented in this article. In comparison with the related schemes, the proposed scheme is more efficient and robust. This makes the proposed scheme suitable for practical implementation. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.