• Title/Summary/Keyword: user pairing

Search Result 43, Processing Time 0.029 seconds

Remote Login Authentication Scheme based on Bilinear Pairing and Fingerprint

  • Kumari, Shipra;Om, Hari
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.12
    • /
    • pp.4987-5014
    • /
    • 2015
  • The bilinear pairing, also known as Weil pairing or Tate pairing, is widely used in cryptography and its properties help to construct cryptographic schemes for different applications in which the security of the transmitted data is a major concern. In remote login authentication schemes, there are two major requirements: i) proving the identity of a user and the server for legitimacy without exposing their private keys and ii) freedom for a user to choose and change his password (private key) efficiently. Most of the existing methods based on the bilinear property have some security breaches due to the lack of features and the design issues. In this paper, we develop a new scheme using the bilinear property of an elliptic point and the biometric characteristics. Our method provides many features along with three major goals. a) Checking the correctness of the password before sending the authentication message, which prevents the wastage of communication cost; b) Efficient password change phase in which the user is asked to give a new password after checking the correctness of the current password without involving the server; c) User anonymity - enforcing the suitability of our scheme for applications in which a user does not want to disclose his identity. We use BAN logic to ensure the mutual authentication and session key agreement properties. The paper provides informal security analysis to illustrate that our scheme resists all the security attacks. Furthermore, we use the AVISPA tool for formal security verification of our scheme.

Attribute-based Proxy Re-encryption with a Constant Number of Pairing Operations

  • Seo, Hwa-Jeong;Kim, Ho-Won
    • Journal of information and communication convergence engineering
    • /
    • v.10 no.1
    • /
    • pp.53-60
    • /
    • 2012
  • Attribute-based encryption (ABE) is an encryption scheme in which the user is able to decrypt a ciphertext with associated attributes. However, the scheme does not offer the capability of decryption to others when the user is offline. For this reason, the attribute-based proxy re-encryption (ABPRE) scheme was proposed, which combines traditional proxy re-encryption with ABE, so a user is able to empower designated users to decrypt the re-encrypted ciphertext with the associated attributes of designated users. However, previous ABPRE schemes demands a number of pairing operations that imply huge computational overhead. To reduce the number of pairing operations, we reduce the pairing operations with exponent operations. This paper provides a novel approach to an ABPRE scheme with constant pairing operation latency.

User Pairing and Resource Allocation for DFTS-OFDMA Uplink Systems Using Virtual MIMO (가상 여러입력 여러출력을 적용한 DFTS-OFDMA 상향 링크 시스템에서의 사용자 쌍 선택 및 자원 할당)

  • Shin, Dong Ryul;Wang, Jinsoo;Kim, Yun Hee
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.38A no.5
    • /
    • pp.443-450
    • /
    • 2013
  • We consider user pairing and resource allocation for the uplink of cellular systems employing virtual multiple input multiple output (MIMO). As a multiple access scheme, discrete Fourier transform spread orthogonal frequency division multiple access (DFTS-OFDMA) is adopted for more flexible resource allocation than single carrier (SC)-OFDMA adopted in the Long Term Evolution (LTE) system. We formulate the optimization problems of user pairing and resource allocation to maximize the throughput of the DFTS-OFDMA system under different constraints. The DFTS-OFDMA allowing non-contiguous subcarrier allocation and redundant user assignment provides a better throughput than the SC-FDMA at lower complexity in finding the optimal solution but at the cost of the increased control information indicating the allocated resources.

Data Analysis and Risk Assessment of Smartwatch (스마트워치 데이터 분석 및 위험도 평가)

  • Lee, Youngjoo;Yang, Wonseok;Kwon, Teakyoung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.6
    • /
    • pp.1483-1490
    • /
    • 2017
  • Wearable devices need a host device to be paired with because of connectivity, functionality and ease personalization. There should be frequent update and backup processes between the paired devices even without user's consciousness. Due to pairing process, user-specific data are copied from smartphone and transferred to paired smartwatch. We focus on what happens in smartwatch because of pairing process. We perform an experiment study by observing and extracting data from smartwatch under real world usage phases. With a survey of user awareness on smartwatch regarding security and privacy, moreover, we suggest risk assessment on smartwatch in five levels, particularly considering pairing process based on security and privacy.

MITM Attack on Bluetooth Pairing in Passkey Entry Mode and Its Countermeasure (블루투스 Passkey Entry 인증 모드에 대한 MITM 공격과 대응방법)

  • Lee, Jearyong;Choi, Wonsuk;Lee, DongHoon
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.5 no.12
    • /
    • pp.481-490
    • /
    • 2016
  • Bluetooth utilizes a symmetric key that is exchanged at the first pairing to establish a secure channel. There are four authentication modes which enables device authentication, Just work, Passkey Entry, Out of Band, and Numeric Comparison. Up to now, Just work has been considered as the authentication mode that is vulnerable to Man-In-The-Middle (MITM) Attack. In addition, it is possible to intentionally change any authentication mode to Just work mode, in order to succeed in MITM Attack under Just work mode. However, this kind of attacks have just worked under the assumption that users should not notice that authentication mode was changed. In this paper, We analyze the specification of Secure Simple Pairing, LE Legacy Pairing and LE Secure Connection Pairing. When using Passkey Entry mode on each approach, it seems the MITM attack is possible. Also it offers Passkey Entry MITM attack that does not require assumptions about the user's fault, because it isn't change verification process of the authentication mode unlike traditional attacks. We implement the proposed MITM attacks. Also we presents a scenario in which an attack can be exploited and a countermeasure.

A Credit Card based Secure Micro-Payment Protocol Design (신용카드기반의 안전한 소액 지불 프로토콜 설계)

  • 김석매;이현주;이충세
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2003.10a
    • /
    • pp.215-218
    • /
    • 2003
  • In this paper, we propose a protocol both allow a End-to-End security between user and service provider and independent in mobile Internet platform in AIP. In particular, our proposed protocol generates a session key using Weil pairing by ID-based public key system. We analysis a security and efficient of protocol when on-line certification authority participates in authentication process.

  • PDF

Sequential Optimization for Subcarrier Pairing and Power Allocation in CP-SC Cognitive Relay Systems

  • Liu, Hongwu;Jung, Jaijin;Kwak, Kyung Sup
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.8 no.5
    • /
    • pp.1638-1653
    • /
    • 2014
  • A sequential optimization algorithm (SOA) for resource allocation in a cyclic-prefixed single-carrier cognitive relay system is proposed in this study. Both subcarrier pairing (SP) and power allocation are performed subject to a primary user interference constraint to minimize the mean squared error of frequency-domain equalization at the secondary destination receiver. Under uniform power allocation at the secondary source and optimal power allocation at the secondary relay, the ordered SP is proven to be asymptotically optimal in maximizing the matched filter bound on the signal-to-interference-plus-noise ratio. SOA implements the ordered SP before power allocation optimization by decoupling the ordered SP from the power allocation. Simulation results show that SOA can optimize resource allocation efficiently by significantly reducing complexity.

A Secure User Authentication Scheme using ID-based Bilinear Pairing based on Smart Card (스마트카드 기반 ID-based Bilinear Pairing을 이용한 안전한 사용자 인증 스킴)

  • Chen, Xinyi;Choi, Kyong;Chae, Kijoon
    • Annual Conference of KIPS
    • /
    • 2013.05a
    • /
    • pp.679-682
    • /
    • 2013
  • 스마트카드는 편리성과 안전성의 특성으로 인해 원격 시스템 인증에 다양하게 사용된다. 카드를 사용해서 통신하는 분야에서는 스마트카드에 대한 보안과 카드 소지자의 인증이 매우 중요하다. 기존 패스워드와 스마트카드를 이용한 원격 사용자 인증 기법은 공격자에 의해서 정당한 아이디와 패스워드 쌍을 쉽게 만들 수 있게 됨으로써 위장 공격이 가능한 취약점이 존재한다. 본 연구에서는 카드 보안 기술의 특징을 기반으로 하여 안전하고 편리한 사용자 인증 서비스를 제공하기 위해 키 생성 알고리즘인 ID-based Bilinear Pairing 암호방식을 이용해서 스마트카드 사용자와 서버 사이에 인증 스킴을 제안한다.

Implementation of Bluetooth Secure Simple Pairing (SSP) using Elliptic Curve Cryptography (ECC)

  • Alfarjat, Ahmad Hweishel A.;Hanumanthappa, J.;Hamatta, Hatem S.A.
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.3
    • /
    • pp.60-70
    • /
    • 2021
  • In this paper we study the problem of implementation of security issues of blue tooth, especially secure simple pairing, with the help of an efficient four user authenticated key (4UAK) for an elliptic curve cryptography (ECC). This paper also deals with the design, implement and performance evaluation of secure simple pairing (SSP) using an elliptic curve cryptography, such as Diffie Hellman protocol when four users are involved. Here, we also compute the best, worst and average case step counts (time complexities). This work puts forth an efficient way of providing security in blue tooth. The time complexity of O(n4) is achieved using Rabin Miller Primality methodology. The method also reduces the calculation price and light communication loads.

AN EFFICIENT AND SECURE STRONG DESIGNATED VERIFIER SIGNATURE SCHEME WITHOUT BILINEAR PAIRINGS

  • Islam, Sk Hafizul;Biswas, G.P.
    • Journal of applied mathematics & informatics
    • /
    • v.31 no.3_4
    • /
    • pp.425-441
    • /
    • 2013
  • In literature, several strong designated verifier signature (SDVS) schemes have been devised using elliptic curve bilinear pairing and map-topoint (MTP) hash function. The bilinear pairing requires a super-singular elliptic curve group having large number of elements and the relative computation cost of it is approximately two to three times higher than that of elliptic curve point multiplication, which indicates that bilinear pairing is an expensive operation. Moreover, the MTP function, which maps a user identity into an elliptic curve point, is more expensive than an elliptic curve scalar point multiplication. Hence, the SDVS schemes from bilinear pairing and MTP hash function are not efficient in real environments. Thus, a cost-efficient SDVS scheme using elliptic curve cryptography with pairingfree operation is proposed in this paper that instead of MTP hash function uses a general cryptographic hash function. The security analysis shows that our scheme is secure in the random oracle model with the hardness assumption of CDH problem. In addition, the formal security validation of the proposed scheme is done using AVISPA tool (Automated Validation of Internet Security Protocols and Applications) that demonstrated that our scheme is unforgeable against passive and active attacks. Our scheme also satisfies the different properties of an SDVS scheme including strongness, source hiding, non-transferability and unforgeability. The comparison of our scheme with others are given, which shows that it outperforms in terms of security, computation cost and bandwidth requirement.