Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Has files: NoSubject: search.filters.subject.AVISPA

Search Results

Now showing 1 - 2 of 2
  • No Thumbnail Available
    Item
    A Secure Anonymous Authentication Protocol for Roaming Service in Resource-Constrained Mobility Environments
    (Springer, 2020) Madhusudhan, R.; Shashidhara, R.
    Mobile user authentication is very crucial to ensure the authenticity and privacy of roaming users in mobility environments. The existing communication technologies are highly vulnerable to security threats and pose a great challenge for the wireless networks being used today. Because the mode of a wireless channel is open, these networks do not carry any inherent security and hence are more prone to threats. Consequently, designing a robust scheme for roaming service in the mobile environment is always challenging. Recently, Kuo et al. proposed an efficient authentication protocol for roaming and they claimed that the protocol can resist several security threats in mobile networks. In this paper, we analyze the security of Kuo et al.’s. authentication protocol and show that the protocol is exposed to an insider attack, replay attack, denial-of-service attack and cannot provide fair key agreement, user untraceability, and local password verification. To combat these security flaws, we propose a secure authentication scenario for roaming service using elliptic curve cryptosystem. The proposed authentication protocol is implemented in HLPSL language using automated validation of internet security protocols and applications as a formal verification tool to prove that the novel protocol is free from known attacks. Further, we applied Burrows–Abadi–Needham logic to validate the correctness of the authentication system. The proposed protocol not only improves security but also retains a low communicational and computational overhead. © 2019, King Fahd University of Petroleum & Minerals.
  • No Thumbnail Available
    Item
    ES-HAS: ECC-based secure handover authentication scheme for roaming mobile user in global mobility networks
    (MDPI, 2021) Suvidha, K.S.; Ramalingam, J.; Kamath, S.S.; Lee, C.-C.
    The design and implementation of two-factor schemes designed for roaming mobile users for global mobility networks in smart cities requires attention to protect the scheme from various security attacks, such as the replay attack, impersonation attack, man-in-the-middle attack, password-guessing attack and stolen-smart-card attack. In addition to these attacks, the scheme should achieve user anonymity, unlinkability and perfect forward secrecy. In the roaming scenario, as mobile users are connected to the foreign network, mobile users must provide authentication details to the foreign network to which they are connected. The foreign network forwards the authentication messages received from the mobile users to their home network. The home network validates the authenticity of the mobile user. In the roaming scenario, all communication between the three entities is carried over an insecure channel. It is assumed that the adversary has the capabilities to intercept the messages transmitted over an insecure channel. Hence, the authentication scheme designed must be able to resist the above-mentioned security attacks and achieve the security goals. Our proposed scheme ES-HAS (elliptic curve-based secure handover authentication scheme) is a two-factor authentication scheme in which the mobile user possesses the password, and the smart card resists the above-mentioned security attacks. It also achieves the above-mentioned security goals. We also extended our two-factor authentication to a multi-factor authentication scheme using the fingerprint biometric technique. The formal security analysis using BAN logic and the formal security verification of the proposed scheme using the widely accepted AVISPA (automated validation of internet security protocols and applications) tool is presented in this article. In comparison with the related schemes, the proposed scheme is more efficient and robust. This makes the proposed scheme suitable for practical implementation. © 2021 by the authors. Licensee MDPI, Basel, Switzerland.