Get help now

Password-Based Smartcard Authentication Scheme in Network Environments

Updated September 25, 2022
dovnload

Download Paper

File format: .pdf, .doc, available for editing

Password-Based Smartcard Authentication Scheme in Network Environments essay

Get help to write your own 100% unique essay

Get custom paper

78 writers are online and ready to chat

This essay has been submitted to us by a student. This is not an example of the work written by our writers.

In various network environments if a user needs to use or control a remote server, the user first needs to pass the authentication scheme of the server. To provide a secure authentication system, password-based methods are often used in many remote log-in servers. Password authentication with smart card is one of the most suitable and useful two-factor authentication mechanisms in distributed systems. It is assures one communicating party of the authenticity of the corresponding party by the acquisition of corroborative evidence.

The first smartcard-based password authentication scheme is without a sensitive frication table stored on the server, which is a key advantage of two-factor schemes over common password-only schemes, for the latter have to maintain a sensitive password (or salted password) table on the server. Once this table is leaked, the entire system collapses. The characteristic of no password-related table on the server is highly attractive when considering the unending unsuccessful leakages of millions of user accounts in famous service providers and the amount of zero-day attacks. An attacker may use the static user identity to link different login sessions together to trace user activities. The revelation of user identity and activities may also make possible an unauthorized entity to trace the user’s login history and even current location.

Remote System

Monitoring is a remote control program, which enables the administrator to access the resources on the remote computer from his own computer and also control the remote computer from the server. The various information regarding the resources of a system in the network are transferred from the remote system to the administrator system in short period of time which will save the administrator time in than the administrator himself going to that system. OBJECTIVE To protect user privacy, use a dynamic ID-based password authentication scheme. In many recently proposed dynamic ID-based Anonymous Two-factor AKE protocols have one or more weaknesses, such as vulnerability against lost-smart-card attack, offline dictionary attack, or lack of forward secrecy, anonymity and intractability.

It is worth noting that, in order to provide user anonymity, almost all dynamic ID-based two-factor authentication protocols need an additional synchronization mechanism to maintain the consistency of the one-time identity between the user and the server. However, this consistency is broken easily, and the user may no longer be able to login the server. Furthermore, the schemes under public key infrastructure may not be suitable for lightweight computation devices. Therefore, it is still an open problem to design a secure and efficient Anonymous Two-Factor AKE scheme without using public keys. The main aim of this project is to find the different types of cyber crime and provide some preventive measures to protect themselves from those who would steal, deny access to, or destroy valuable information. All the malpractices done by the employees will be captured by this software and it is beneficial to the administrator to trap the people who are doing wrong.

1.3 SCHEME The security model of AKE to support user anonymity and resist lost-smart-card attack, and then propose a dynamic ID-based Anonymous Two-Factor AKE protocol which satisfies all the following properties: (1) Security against various attacks including desynchronization attack, lost-smart-card attack and offline dictionary attack; (2) User anonymity and untraceability; (3) Perfect forward secrecy; (4) No long-term public key; (5) No centralized password storage, and support user password change and smart card revocation; (6) Provable security in extended security model. The proposed scheme is large amount of data transferring. The main advantage of the system is the transferring of large amount of data and the freshness of the key. Remote System Monitoring is a remote control program, which enables the administrator to access the resources on the remote computer from his own computer and also control the remote computer from the server. The various information regarding the resources of a system in the network are transferred from the remote system to the administrator system in short period of time which will save the administrator time in than the administrator himself going to that system.

Use the RSA algorithm for key generation and to trace the Ip address of the client system use the Ip trace marking algorithm. The following notations, P: prime number Q: prime number KGC: key generation center Ra: random key K: group key CHAPTER 2 LITERATURE SURVEY 2.1 INTRODUCTION Due to the rapid growth of Internet technology, more and more people use the network to acquire desired services and exchange data .Remote user authentication is one of the most important mechanisms to identify the legal user over in secure communication network. In an insecure network environment, User authentication is an important component of security. Remote user authentication mechanisms are used to verify the validity of the user login request.

The remote server should authenticate the remote user based on identity and password over an insecure network. The remote server must maintain a password table for verifying legal user. The password table makes scheme susceptible to a stolen verifier attack, if the attack is capable of accessing the server password table. A remote user authentication scheme, which does not require any password table in the remote server. Any legal user could choose and change their password freely without the help of the remote system.

An efficient authentication and required much fewer computations then other scheme. Cryptanalysis their scheme, previously generate user secret hash values are insecure if the server secret key is prevail to real world, and also when Smart card is stolen.

2.2 AN EFFICIENT AND SECURE ID-BASED REMOTE USER AUTHENTICATION SCHEME USING SMART CARD In this paper, propose an efficient ID-based authentication scheme which can avoid all type of security flows. The functionally, performance and security analysis show the proposed scheme is feasible in terms of computation cost, storage capacity and the scheme can resist server attack.

Here use one-way hash function and Bitwise XOR operation in this proposed scheme. Which execution time is extremely very low to compare to using Modular exponentiation. Proposed scheme doesn’t use any common key for encryption and decryption algorithm. Using one-way Hash function, it’s computationally infeasible to invert operation. This scheme has four phases are there 1) Registration phase: to register the client, 2) Login phase: to login the client, 3) authentication/verification phase: to verify the authentication, and 4) password change phase.

This scheme is vulnerable to Denial-of-Service attack, Insider attack, and Offline password attack Forward secrecy attacks. It present an efficient and secure ID- base remote user authentication scheme with smart card. The proposed authentication scheme can suit all the requirements needed for achieving secure user authentication scheme with smart card. The proposed scheme is proved to be able to withstand the various possible attacks. The efficiency of the proposed algorithm is very high because it is not involved in any time consuming modular exponential computing.

In future, to more secure, low cost and resist to all attacks authentication scheme with smart card Body Sensor Network (BSN) allows the integration of intelligent, miniaturized low-power sensor nodes in, on or around human body to monitor body functions and the surrounding environment. It has great potential to transform the future of healthcare technology and attained a number of researchers both from the academia and industry in the past few years. Body sensor network consists of in-body and on-body sensor networks. The proposed scheme against all possible attacks. 2.2.1One-Way Function And XOR Use one-way function and XOR operation to develop this scheme.

The secure one-way function h (.) protects X server secret key, ID and PW since it is computationally infeasible to invert one-way function .It can resist the well-known attacks. In the paper, only concern with the specialties and the efficiency of this scheme, but also discuss for security and the computation complexity, storages capacities in proposed scheme. The security analysis is listed as fellow. Resistance to Stolen smart card Attack Resistance to Denial-of- service Resistance to Insider Attack- Resistance to Parallel Session Attack Resistance to Replay Attack Resistance to Offline password guessing Attack. In an insecure network environment, User authentication is an important component of security. Remote user authentication mechanisms are used to verify the validity of the user login request .In this scheme, the remote server must maintains a password table for verifying legal user.

In this paper, present a secure and an efficient ID-based remote authentication scheme with mutual authentication and session key agreement. Moreover this scheme provides the user to choose and change their password by their own choice. The propose scheme can resist insider attack, resist masquerade, server spoofing attack, parallel session attack etc. It provides security analysis to compare with other published scheme.

By performance analysis, the propose scheme is shown to be very efficient both in the storage and computation cost. One-Way Hash Function And Bitwise XOR Use one-way hash function and Bitwise XOR operation in this proposed scheme. Which execution time is extremely very low to compare to using Modular exponentiation. Proposed scheme doesn’t use any common key for encryption and decryption algorithm. Using one-way Hash function, it’s computationally infeasible to invert operation. This scheme has four phases.

1) Registration phase 2) Login phase 3) authentication/verification phase and 4) password change phase. In this section, analyze the security of our proposed scheme against all possible attacks. Use one-way function and XOR operation to develop the scheme. The secure one-way function h (.) protects X server secret key, ID and PW since it is computationally infeasible to invert one-way function .It can resist the well-known attacks such as insider attack, resist masquerade, server spoofing attack, parallel session attack etc. In the paper, not only concern with the specialties and the efficiency of this scheme, but also discuss for security and the computation complexity, storages capacities in proposed scheme. In this paper, review the authentication scheme proposed not secure enough against same weakness.

It showed that his scheme is vulnerable to Denial-of-Service attack, Insider attack, Offline password attack Forward secrecy attacks. It presents an efficient and secure ID- base remote user authentication scheme with smart card. It proposed authentication scheme can satisfy all the requirements needed for achieving secure user authentication scheme with smart card. The proposed scheme is proved to be able to withstand the various possible attacks.

The efficiency of the proposed algorithm is very high because it is not involved in any time consuming modular exponential computing. In future, invite to more secure, low cost and resist to all attacks authentication scheme with smart card. 2.3 ROBUST AND EFFICIENT PASSWORD AUTHENTICATED KEY AGREEMENT USING SMART CARDS User authentication and key agreement is an important security ancient for creating a securely distributed information system. Additionally, user authentication and key agreement is very useful for providing identity privacy to users. In this paper, propose a robust and efficient user authentication and key agreement scheme using smart cards.

The main merits include the following: 1) the computation and communication cost is very low; 2) there is no need for any password or verification table in the server; 3) a user can freely choose and change his own password; 4) it is a nonce-based scheme that does not have a serious time-synchronization problem; 5) servers and users can authenticate each other; 6) the server can revoke a lost card and issue a new card for a user without changing his identity; 7) the privacy of users can be protected; 8) it generates a session key agreed upon by the user and the server; and 9) it can prevent the offline dictionary attack even if the secret information stored in a smart card is compromised. In this paper, propose a new scheme based on elliptic curve cryptosystems for providing all the functionalities and enhancing the ef?ciency of scheme. The proposed scheme consists of ?ve phases: 1) the parameter generation phase; 2) the registration phase; 3) the precomputation phase; 4) the log-in phase; and 5) the password-changing phase. In the registration phase, the server identi?es a user and then issues a smart card to the identi?ed user. Then, the user and the server do the log-in phase to authenticate each other and generate an agreed-upon session key.

If the user wants to change his password, he needs to do the password-changing phase. Elliptic Curve Cryptosystems a) Parameter Generation Phase In this phase, the server needs to generate some parameters as follows. 1) The server chooses a large prime P and selects two ?eld elements a ? ZP and b ? ZP, where a and b must satisfy4a3 +27 b2(mob P) =0. The elliptic curve equationE P : y2 = x3 + ax+ b over ZP is de?ned. 2) The server ?nds a generator point G of order n, where n is a large divisor, and n×G = O.

3) The server selects a random number x as its private key and safely keeps it in its secret storage. 4) The server computes the public key PS =(x×G) and publishes the parameters (PS,P,EP,G,n). b) Registration Phase The phase is done only once, and users can use their smart cards after this phase. When user i needs to register in the server, he performs the following phase with the server. The server verifies user i by using a secure identi?cation scheme.

A simple identi?cation scheme is going to the registration counter and giving the identi?cation information to the server. Then, user i gives {IDi,h(PWi||b)}to the server for registration, where b is a random number chosen by user i, and PWi is a password chosen by user i. This procedure can be done by the manager of the server in user i’s face. After getting {IDi,h(PWi||b)}, the server creates the card identi?er CIi, which is the number of cards that the server has issued to user i. If IDi is a new user, then the server will set CIi =1and store {IDi,CI i} in the registration table in the server.

If the server issues a new card to a user i that registered before, the server can get {IDi,CI i} from the registration table. Then, the server computes CIi = CIi +1 and stores {IDi,CI i = CIi +1}in the registration table in the server. The server generates bi = Es(h(PWi||b)|| IDi||CIi|| h (IDi|| CIi|| h(PWi|| b))) and Vi = h(IDi,s,CI i). The purpose of the authentication tag h(IDi|| CIi|| h(PWi|| b)) is for data integrity. Without this authentication tag, if the encryption mode is the electronic codebook or cipher feedback mode, an attacker may forge another b|| i to do the denial-of-service attack. To improve the efficiency, this authentication tag can be discarded if the encryption mode is the cipher-block chaining or output feedback mode.

The server then issues a smart card to user i that contains {bi,V i,ID i,CI i}. Upon getting this smartcard, the user then stores b into the smart card. The memory of the smart card contains {bi,V i,ID i,CI i,b}. User i then keeps the smart card and PWi for the log-in phase. Precomputation Phase The smartcard selects a random number r and computes e = (r×G) and c =( r×Ps)=( r×x×G) as a point over EP before the start of the log-in phase. Then, it stores (c,e) into its memory for use in the log-in phase.

d) Log-in Phase When user i wants to log in to the server, he must insert his smart card into a card reader and input his password PWi. In proposed scheme, the smart card will complete the precomputation phase before the log-in phase. After user i has input the password and the smart card has ?nished the precomputation phase, the smart card sends bi and EVi(e) to the server, where Vi = h(IDi,s,CI i). After receiving bi and EVi(e), the server decrypts bi by the secret key s and obtains h(PWi||b)IDi|| CIi|| h(IDi|| CIi|| h(PWi|| b)), and then, the server computes Vi = h(IDi,s,CI i). Therefore, the server will use Vi to decrypt EVi(e) to obtain e =( r×G). Then, the server checks if: 1) decrypting bi can get the authentication tag (IDi CIih(PWi,b)) 2) IDi is in the registration 3) CIi is stored in the registration table.

If any of the above veri?cations is false, the server revokes the log-in request. If all of the above veri?cations are true, the server selects a random number u and computes c =( e×x)=( r×x×G) and MS = h(c|| u|| Vi). Then, the server sends u and Ms to the smart card. After the smart card receiving u and Ms, it computes MS and checks if MS is equal to h(c|| u|| Vi). If it is not, the smart card revokes the log-in phase. Otherwise, the smart card computes MU = h(h(PWi|| b)|| Vi|| c|| u)and a session key Sk = h(Vi,c,u) and then sends MU to the server.

At this time, the server is authenticated by the smart card. Upon receiving MU, the server checks if MU is equal to h(h(PWi|| b)|| Vi|| c|| u). If it is not, the server sends a wrong password message back to the user. The user can input the password PWi, compute MU, and send MU to the server again. If the number of the password veri?cations exceeds the allowed times, the server revokes the log-in request.

Otherwise, the server accepts the log-in request and computes a session key Sk = h(Vi,c,u). Then, the smart card and the server authenticate each other and can use the session key Sk = h(Vi,c,u) in secure communication soon. In practical implementations, the lifetime of this session is the following transaction. Furthermore, the duration of the transaction can be adjusted according various applications.

In this paper proposed two factor user authentication with key agreement scheme based on elliptic curve cryptosystem. The analysis shows that the computation costs of proposed scheme are slightly higher than other schemes; however, this scheme can accomplish most desired security goals compared with some related schemes. As a result, this scheme is more secure and practical for real-life use. 2.4 ANONYMITY ENHANCEMENT ON ROBUST AND EFFICIENT PASSWORD AUTHENTICATION KEY AGREEMENT USING SMART CARDS Low-entropy human-memorable passwords such as four-digit personal identification number code or alphanumerical passwords are commonly employed rather than high-entropy keys, owing to their convenience in use.

Many password-based authenticated key agreement protocols have been extensively investigated for a long time, where a client remembers a short password and the corresponding server holds the password or its verification data that are used to verify the client’s knowledge of the password. Protection of personal information is one of the most important security goals of communication protocols on public networks. By exploiting a smart card, this paper presents a robust and ef?cient password-authenticated key agreement scheme. This paper strengthens the security of the scheme by addressing untraceability property such that any third party over the communication channel cannot tell whether it has seen the same smart card twice through the authentication sessions.

The proposed scheme also prevents a kind of denial of service attack. High performance and other good functionalities are preserved. Propose a two-factor user authentication with key agreement scheme based on elliptic curve cryptosystem. The notations used in proposed scheme. This scheme includes five phases: 1) system initializing phase, 2) Registration phase, 3) login phase, 4) authentication phase, and 5) password change phase. Robust And Efficient Password-Authenticated Key Agreement Scheme This paper presents a robust and efficient password-authenticated key agreement scheme.

This paper strengthens the security of the scheme by addressing untraceability property. Such that any third party over the communication channel cannot tell whether or not it has seen the same smart card twice through the authentication sessions. The proposed method also prevents a kind of denial of service attack found in the original scheme. High performance and other good functionalities are preserved. Fig.

2.4.1 Login phase

2. 5 ANONYMOUS TWO-FACTOR AUTHENTICATION IN DISTRIBUTED SYSTEMS: CERTAIN GOALS ARE BEYOND ATTAINMENT Password authentication with smart card is one of the most suitable and efficient two-factor authentication mechanisms in distributed systems. It assures one communicating party of the authenticity of the corresponding party by gaining of corroborative evidence. Also password technique has been widely used for various kinds of daily applications, such as e-government, e-banking and e-health. There are severe challenges regarding security, privacy and usability due to the open and complex nature of distributed systems. Once the password table is leaked, the entire system collapses.

The feature of no password-related table on the server is highly appealing when considering the unending catastrophic leakages of millions of user accounts in famous service providers and the prevalence of zero-day attacks like the recent. Majority the two-factor schemes user’s identity is transmit in plain text over public networks during the login process. Which may reveal the identity of the logging user once the login transcripts are eavesdrop, resulting in violation of user privacy and raising legal issues in some scenarios. The examples are electronic auditing or secret online-order placement. In many cases, an attacker may utilize the static user identity to link different login sessions together to trace user activities.

For example, in e-commerce applications, once user activities are traced, the sensitive information such as shopping patterns, individual preferences, even age and gender, etc., can be learned and abused for marketing purposes, typically facilitating trying announcement flooding. The admission of user identity and activities may also help an unauthorized entity to trace the user’s login history and even current location. To address such static-user-ID-related issues, a feasible approach is to adopt the “dynamic ID technique”: the user’s real identity is concealed in session-variant pseudo-identities. And two factor schemes employing this technique are known as dynamic ID-based.

Anonymous Two-Factor Authentication Scheme Fig. 2.5.1 Smart-card-based Password Authentication In this paper mainly focus on the most general case of smart-card-based password authentication. The participants involve a set of users and a single remote server. This scheme consists of three basic phases, 1) registration, 2) authentication and 3) password change, as well as some supplementary phases like eviction and revocation. In the registration phase, a user submits some personal information to the server, and the server issues a smart card to the user.

The smart card may contain some public and sensitive security parameters, and it is a numeric number which will be used later for the authentication. This phase is carried out only once unless the user re-registers. Upon accomplishment of the registration phase, the user is able to access the server in the authentication phase. This phase can be performed as many times as needed. What a truly two-factor scheme can ensure is that, only the user who possesses both a valid smart card and the corresponding password can be successfully verified by the server. In the password change phase, the user can change her password and update the information in the card either locally or by interacting with the server.

To evict a malicious user and revoke a lost card, admired schemes may also provide additional phases such as eviction phase and revocation phase, respectively. In this paper, anonymous two-factor authentication scheme that satisfies all the criteria. This presents an unavoidable usability security tradeoff, thereby also suggesting a negative answer to the open question raised by Huang et al. It provides a better understanding of the underlying evaluation metric for anonymous two factor schemes, which is of fundamental importance for security engineers to make their choices correctly and for protocol designers to develop practical schemes with better usability-security tradeoffs. 2.6 TWO-FACTOR USER AUTHENTICATION WITH KEY AGREEMENT SCHEME BASED ON ELLIPTIC CURVE CRYPTOSYSTEM A password authentication scheme using smart card is called two-factor authentication scheme. Two-factor authentication scheme is the most accepted and commonly used mechanism that provides the authorized users a secure and efficient method for accessing resources over insecure communication channel.

In this paper two-factor user authentication schemes have been proposed. However, most of them are susceptible to smart card loss attack, offline password guessing attack, impersonation attack, and so on. In this paper, design a password remote user authentication with key agreement scheme. Here using elliptic curve cryptosystem for the encryption and decryption process. Security analysis shows that the proposed scheme has high level of security. Moreover, the proposed scheme is more practical and secure in contrast to some related schemes.

Two-Factor User Authentication With Key Agreement Scheme Due to the rapid growth of Internet technology, more and more people use the network to acquire desired services and exchange data. Remote user authentication is one of the most important mechanisms to identify the legal user over insecure communication network. The first password-based remote user authentication scheme, many password-based single-factor authentication schemes have been proposed in the literatures. However, most of password-based single-factor authentication schemes have various security pitfalls.

In order to provide better security of the system. Two-factor authentication scheme is that the authentication schemes are based on the user’s password and smart card. In the two-factor authentication scheme, when the user wants to access resources on a server, he/she inserts the smart card into a card reader and inputs his/her password. Then the smart card using the user’s password generates a login request message and sends the request to the server. When receiving the login request, the server verifies the validity of the request message. In this paper propose a two-factor user authentication with key agreement scheme based on elliptic curve cryptosystem.

Scheme includes five phases: 1) system initializing phase, 2) the registration phase, 3) login phase, 4) authentication phase, and 5) password change phase. System initializing phase Step 1. The server ? chooses an elliptic curve equation ? ? (?, ?) and a base point ? with the order ? over ??(?, ?). Step2.The server? selects the private key ?? ? 1, ? ? 1 and computes the corresponding public key ?? =? ? ?? .

Step 3. The server ? chooses three one-way hash functions: ? 1 : {0, 1}? ?? ?, ?2 😕 ? ×? ? ?? ? ?, ?3 : {0, 1}? ×? ? × ? ? ? {0, 1}?. Step4. The server ? publishes {??(?, ?), ?, ??,? 1 ,? 2 ,? 3 }. Registration Phase.

If the user ? wants to become a legal user of the system, he has to submit the related information to the server ?. The detail of the registration phase is described in the following steps. Step 1. The user ? generates his own identity ID? and PW? and a random number? ? ? 1, ??1;then the user?submits ID? and ?1(PW? ?? ? )??to the server ? over a secure communication channel. Step 2. The server ? computes AID? = (? ? + 1) ? ? 1 (PW? ? ? ? )??and BID? =? 2 (? 1 (ID?)?? 1 (PW? ?? ? ) ? ?) .

Step3. The server ? stores {AID?,BID?}in to a smartcard and issues the smartcard to the user ? via a secure channel. Step 4. On receiving the smart card, the user ? enters the random ?? into the smart card, and the smart card contains {AID?,BID?,? ? }. Login Phase. When the user ? wants to login to the server ?, he/she inserts his smart card into the card reader of a terminal and inputs ID? and PW?.Then, the smartcard performs the following steps for login.

Step1. The user computes BID? ? =? 2 (? 1 (ID?) ? (? 1 (PW? ? ? ? ) ? ?)) and checks if BID? ? = BID?. If it holds, it means that the user ? inputs the correct identity and password. Otherwise, the smartcard terminates the session.

Step 2. The user selects a random ?? ? 1, ? ? 1 and computes TID? = AID? ?? 1 (PW? ?? ? )?? , ?=? ? ?? ?, CID? = ID? ?? 2 (? ? TID?),DID? = ?+? 1 (PW? ?? ? )??, and EID? =? 3 (ID? ? ? ? ?),where?=? ? ?? . Step 3. The user submits the login request message ?1 = {CID?,DID?,EID?, ?}to the server ?. This paper has presented a remedy to by addressing the initiator untraceability property. The trick is to randomize the transmitted data in a manner that the adversary over the channel cannot link different conversations and that the communicating parties can recognize the received messages.

It is believed that untraceability property should also be addressed in the design of authentication schemes for wireless communications. It hopes that more research work would be done to cover other anonymity-related issues defined in the work and this paper actually works toward this. The remedy has also introduced consistency verification in the password changing phase to prevent a kind of DoS attack found in the original scheme JCL. The trick is applicable to the scheme proposed password-authenticated key agreement scheme using smart cards has been really efficient and effective. In terms of efficiency, besides the low communication costs.

This solution builds on the efficient cryptographic primitives of secure hash function and symmetric cipher, which may be easily instantiated in and thus essentially viable for smart card environment. In terms of effectiveness, solution not only preserves mutual authentication, key agreement, initiator anonymity, and the functionality of password updating but also can prevent initiator traceability, insider attack, offline password-guessing attack, and DoS attack. 2.7 EFFICIENT AND SECURE DYNAMIC ID-BASED REMOTE USER AUTHENTICATION SCHEME WITH SESSION KEY AGREEMENT FOR MULTI-SERVER ENVIRONMENT A dynamic ID based remote user authentication scheme for multi-server environment using smart cards. In this paper, propose an enhanced remote user authentication scheme. Performance evaluation demonstrated the efficiency of the proposed scheme over related works. Security analysis proved that the proposed scheme is secure against known attacks.

Since the beginning of Internet, remote user authentication has been one of the major issues in network security. A traditional remote user authentication scheme permits identifying legal users, among those who are not, to get them access to resources. In order to improve network security, many schemes provide mutual verification. Mutual verification is the process in where each participant, in a communication, can verify the identity of each other. Other property desirable in a remote user authentication scheme is the key agreement between parties.

Dynamic ID-Based Remote User Authentication Scheme The scheme proposed the following point of views: 1) security; and 2) efficiency. Their scheme prevents the known attacks, making it secure. On the other hand, their scheme requires high computational cost. The scheme is not easy-of-use because each user must know the server’s identity which is not comfortable for users.

Here proposed a new dynamic ID-based remote user authentication scheme using smart cards for multi-server environment. This Scheme is more efficient, in terms of computational cost, and at the same time provides strong security. The proposed scheme prevents the known attacks, keeping the merits of scheme. The proposed scheme provides the following properties: a) establish a session key, b) mutual verification; c) easy-of-use, d) without verification table and based on one way hash function. 2.8 ADVANCED AND AUTHENTICATED MARKING SCHEMES FOR IP TRACEBACK Protecting against distributed denial-of-service attacks is one of the hardest security problems on the Internet today.

One difficulty to these attacks is to trace the source of the attacks because they often use incorrect, or spoofed IP source addresses to cover the true origin. This techniques feature low network and router overhead, and support incremental deployment. In contrast to previous work, techniques have signi?cantly higher precision and lower computation overhead for the victim to reconstruct the attack paths under large scale distributed denialof-service attacks. The Authenticated Marking Scheme provides ef?cient authentication of routers markings. The scheme compromised router cannot forge or tamper markings from other uncompromised routers.

In this paper present two new IP marking techniques to solve the IP traceback problem. The Advanced Marking Scheme and the Authenticated Marking Scheme. Our approach has the same low network and router overhead as FMS proposed by Savage etc. This approach is much more efficient and correct for the attacker path reconstruction under DDoS. In particular, this approach can reconstruct the attacker path within seconds and has a low false positive rate.

Furthermore, our Authenticated Marking Scheme supports ef?cient authentication of routers’ markings. This prevents a compromised router from forging other uncompromised routers markings. Our schemes also support incremental deployment and allow the victim to reconstruct the attack paths even after the attack has completed. This paper is organized as follows.

The review background information and highlight the main challenges of the IP marking approach. It introduces a new Advanced Marking Schemes and shows theoretical analysis and experiment results which indicate the Advanced Marking Schemes are ef?cient and accurate even in the presence of large scale DDoS attacks. New Encoding Schemes Fig. 2.8.1 Encoding in Advanced Marking Scheme 1 It observe that if the victim knows the map of its upstream routers, it does not need the full IP address in the packet marking to reconstruct the attacking graph, and hence the marking scheme can be more communication and computation efficient. Advanced Marking Scheme I In the basic approach, we use a similar marking scheme as FMS, but instead of encoding the IP address of a router Ri into eight fragments, it simply encode its hash value, h(Ri) , as ?gure 2 shows.

In this scheme, we divide the 16-bit IP Identi?cation ?eld into a 5-bit distance ?eld and a 11-bit edge ?eld. Note that 5 bits can represent 32 hops which is suf?cient for almost all Internet paths. Marking: It describes the marking procedure of Advanced Marking Scheme I. Note that we actually use two independent hash functions, h and h’ in the encoding of the routers’ IP addresses. h and h’ both have 11-bit outputs.

Every router marks a packet with a probability q when forwarding the packet. If a router Ri decides to mark the packet which implies its previous router has marked the packet, it XOR h(Ri) with the edge ?eld value and overwrites the edge ?eld with the result of the XOR. The router always increments the distance ?eld if it decides not to mark the packet. The XOR of two neighboring routers encode the edge between the two routers of the upstream router map. The edge ?eld of the marking will contain the XOR result of two neighboring routers, except for samples from routers one hop away from the victim. It could start from markings from the routers one hop away from the victim, and then hop-by-hop, decode the previous routers.

The reason to use two independent hash functions is to distinguish the order of the two routers in the XOR result. Advanced Marking schemes, in which use new encoding schemes that are ef?cient and accurate for DDoS. The attacks originating from over 1000 simultaneous attackers. It observe that if the victim knows the map of its upstream routers, it does not need the full IP address in the packet marking to reconstruct the attacking graph, and hence the marking scheme can be more communication and computation ef?cient. For marking schemes, it assume the victim has a map of its upstream routers, denoted as Gm; Gm is a DAG with the victim as the root. 2.9 INNOVATIVE METHOD FOR ENHANCING KEY GENERATION AND MANAGEMENT IN THE AES ALGORITHM With the extraordinary maturity of data exchange in network environments and increasing the attackers capabilities, information security has become the most important process for data storage and communication.

In order to provide such information security the confidentiality, data integrity, and data origin authentication must be verified based on cryptographic encryption algorithms. This paper presents a development of the advanced encryption standard (AES) algorithm, which is considered as the most eminent symmetric encryption algorithm. The development focuses on the generation of the integration between the developed AES based S-Boxes, and the specific selected secret key generated from the quantum key distribution. The AES is an efficient modern encryption algorithm. However, it suffers from the key generation, distribution, and management. In order to address these problems, this article presents a new simulator environment which based on integration between QKD and AES-128 algorithm.

This paper shows that the QAES development and design do not oppose the security of the AES algorithm.Since all the mathematical criteria remain unchanged. The QAES symmetric encryption algorithm has been revealed depending on the integration between the AES and the QKD. The experimental results and the analysis show that the QAES produces more complicated un-breakable keys, hard to be predicted by attackers than the keys generated by the AES. However, the speed of encryption of the QAES is tiny slower (0.409 seconds) than using the AES due to quantum key generation. The strength of the QAES lies in its ability of generating a high ratio of independence between key rounds. Moreover, depending on NIST tests algorithms, QAES achieves the diffusion- confusion principles, this aids in achieving a more secured environment against most types of cryptanalysis attacks.

In the future, firstly the QAES is going to be implemented and tested using cloud environment, secondly to assure the strength of the QAES, the algebraic and quantum attacks are going to be implemented, and the results are going to be analyzed.

2.10 REMOTE PATIENT TRACKING AND MONITORING SYSTEM The increasing number of patients needing continuous care is load for medical staff. Today patient monitoring system along with wireless medical devices is used to monitor the patients, but still the patients have to stay inside coverage area of wireless devices. In this paper a remote patient tracking and monitoring (RPTM) system is proposed. The system monitors patient’s vital signs via wireless medical sensors. The medical sensor sends the data to an Android based mobile device, which, in turn, periodically sends the patient health data to the server.

The proposed system allows the patients to change their position freely; it tracks them using the collected GPS data from the mobile device and directs them to medical care team at any health emergency case. Also, the server informs the patient’s doctor about his patient’s status and position. A dedicated simple compression method is used to reduce the GPS data size, which is periodically collected. The proposed system components communicate with each other through a third party and there is no direct access between them. The transmitted data is encrypted by P2P key using AES.

The doctors can do query about their patients using a dedicated Android based application. Also, they can query using an established web server. In this paper the suggested system checks patient health status using wireless medical device that is connected to an Android based mobile device, also track patient’s position using internal GPS sensor. This mobile device reads health information (i.e.

temperature, heart rate and blood pressure) from the wireless medical devices, and in addition stores them locally before sending them to server via GPRS; it also checks for abnormal health status, and in case of occurrence of such abnormal status the mobile devices generates an alarm and sends emerging alarm to the server. The server does a set of emergency steps to direct patient to a medical care team and, if needed, ensures that a medical care team will reach the patient. All local and remote information are encrypted to ensure secrecy of sensitive data (such as position of each patient). Fig. 2.10 system work flow The system operation is stable, accurate in monitoring and detecting patient’s emergency case. Also, it is proactive by responding quickly to the patient has critical health status.

A set of tests is conducted on the patient’s application; the results indicate that in case of using slow and single core processor, the application takes 0.9% of the processor time, so the patient’s application can work beside other running applications without causing significant degradation in the performance of the device. The health data of a patient can be saved in the local database as needed. This means that even if the patient needs to check his vital signs every hour and one year historical health data has to be locally available in his mobile device; this needs less than 0.3 MB, which is low storage size requirement relative to the available storage supported by the modern mobile devices. 2.11 SURVEY ON CYBER CRIME Remote Monitoring is used for block the Cyber crime is addressed in the broadest sense, in a way that most emerging crimes today involve the use of information technology. The terms ‘Computer Crime’, ‘Computer Related Crimes’, ‘Internet Crime’, ‘Online Crimes’, ‘Hi-Tech Crimes’, ‘Information Technology Crime’, and ‘Cyber Crimes’ are being used interchangeably.

Cyber crime is hard to detect, thus giving the perpetrators plenty of time to take flight the area in which the crime was committed, because of this fact the criminals can be in another country far away from the scene of the crime by the time it is detected. They are easy to learn how to commit; they require few resources relative to the potential damage caused; they can be committed in a jurisdiction without being physically present in it; and they are often not clearly illegal. The development of information technology and the widening usage of the Internet have made it possible for cyber crimes to happen. Some people argue that cyber crime gives advantages to certain individuals because it gives them an opportunity to enhance their computer skills and make a profit out of it.

However, that is far from truth. In reality, cyber crime kills e-commerce industry as seen through the unleashing of viruses, fraud, and variety of tools available on the net and unauthorized use of computers. The first recorded cyber crime took place in the year 1820. That is not surprising considering the fact that the abacus, which is thought to be the first earliest form of computer, has been around since 3500 B.C. in India, Japan and China.

The era of modern computers, however, began with the analytical engine of Charles Babbage. Cyber crime is an evil having its origin in the growing of dependence on computers in modern life. In a day and age when everything from microwave ovens and refrigerators to nuclear power plants is being run on computers, cyber crime has assumed rather sinister implications. 2.11.1 Examples of Cyber Crimes Email Spoofing A spoofed email is one that appears to originate from one source but actually has been sent from another source. E.g., Pooja has an email address [email protected]. Her enemy, Sameer spoofs her email and sends obscene messages to all her acquaintances.

Since the emails appear to have originated from Pooja, her friends could take offence and relationships could be spoiled for life. Email spoofing can also cause monetary damage. Misinformation about companies are sent through emails and thus large lose will occur to companies in form of money and customers. Forgery Counterfeit currency notes, postage and revenue stamps, mark sheets, etc can be forged using sophisticated computers, printers and scanners. Unauthorized access to computer systems or networks This activity is commonly referred to as hacking. The user hack data and images without proper authorization.

Email Bombing Email bombing refers to sending large number of emails to the victim resulting in the victim’s email account(in case of an individual) or mail servers(in case of a company or an email service provider) crashing. Data Diddling This kind of attack involves altering raw data just before it is processed by a computer and the changing it back after the processing is completed. Salomi Attacks These attacks are used for the commission of financial crimes. The key here is to make the alteration so significant that in a single case it would go completely unnoticed. E.g., a bank employee inserts a program, into the bank server’s, which deducts a small amount of money from the account of every customer. No account holder will probably notice this unauthorized debit, but the bank employee will make a sizable amount of money every month.

2.12 SUMMARY

In this section describes the different security schemes are used for the communication of the wireless network. The important part is smartcard are used for the communication of the network. An efficient ID-based authentication scheme which can avoid all type of security flaws. The functionally, performance and security analysis show this scheme is feasible in terms of computation cost, storage capacity and the scheme can resist server attack. User authentication and key agreement is an important security primitive for creating a securely distributed information system.

User authentication and key agreement is very useful for providing identity privacy to users. A robust and ef?cient password-authenticated key agreement scheme. Strengthens the security of the scheme by addressing untraceability property such that any third party over the communication channel cannot tell whether or not he has seen the same (unknown) smart card twice through the authentication sessions. CHAPTER 3 METHODOLOGY 3.1 INTRODUCTION In this section describes the different security schemes are used for the communication of the wireless network. The important part is smartcard are used for the communication of the network.

An efficient ID-based authentication scheme which can avoid all type of security flaws. The functionally, performance and security analysis show this scheme is feasible in terms of computation cost, storage capacity and the scheme can resist server attack. User authentication and key agreement is an important security primitive for creating a securely distributed information system.User authentication and key agreement is very useful for providing identity privacy to users. A robust and ef?cient password-authenticated key agreement scheme.

Strengthen the security of the scheme by addressing untraceability property. Such that any third party over the communication channel cannot tell whether or not it has seen the same smart card twice through the authentication sessions. A password authentication scheme using smart card is called two-factor authentication scheme. Two-factor authentication scheme is the most accepted and commonly used mechanism that provides the authorized users a secure and efficient method for accessing resources over insecure communication channel. Now various two-factor user authentication schemes have been proposed.

However, most of them are vulnerable to smart card loss attack, offline password guessing attack, impersonation attacks etc. 3.2 PROPOSED SYSTEM In this section, propose a new TF-AKE scheme and remote system monitoring. In TF-AKE scheme is described : (a) encrypt user ID for user anonymity as in Sun et al.’s scheme, and ensuring user untraceability, meanwhile introduce an additional mechanism for de-synchronization; (b) encrypt all data stored in smart card SC under either the server S’s long-term secret number or user’s password, and ensure that an adversary is unable to get the server’s long-term secret number or user password through lost-smart-card attack; (c) introduce nonce in the messages flows for preventing the leakage of any information which facilitates an adversary to launch offline dictionary attack; and (d) use conventional method to defend against online dictionary attacks, namely, when a preset maximum number of consecutive failed attempts is reached, further run of the Login and Authentication process between SC and S will be prohibited. In this section propose six phases are there;1) registration ;2) login; 3) key generation; 4) group key generation ; 5) communication ; 6) remote system monitoring.

The system architecture, client enters the details and send the request to the server. The sever check the details with a smart card number and accept the request. Sever generate a password to client login the chat. When the client or use is login the chat that time a group key is generating The main proposed method is remote system monitoring and key exchange. To monitor the client system firstly we trace the Ip address of the client system.

In IP trace marking to trace all information of the user system. We provide algorithms for the IP trace marking and key exchange method.a) sever provide a password for the client to login the chat session b)automatically key is generated for the user c)to control the user system. The main advantage of this system is highly secured and freshness of the key. Fig 3.2Proposed System Architecture Remote System Monitoring is a remote control program, which enables the administrator to access the resources on the remote computer from his own computer and also control the remote computer from the server.

The various information regarding the resources of a system in the network are transferred from the remote system to the administrator system in short period of time which will save the administrator time in than the administrator himself going to that system. The administrator can see the remote computer screen in a window on his desktop. The information retrieved from remote machine is displayed in server machine in a user friendly way rather than complicated output formats of certain available software. The module also keeps track of the processes that are running on each system in which the client program has been installed. The remote computer can be anywhere in the network. Another feature of this module is that, administrator can Shutdown, Restart, or Logoff the remote PC from his computer.

“Remote System Monitoring” is developed with the aim of helping the network administrator to gather information about the resources in a remote machine in the network and to keep track of the users working in the systems. The administrator can send a file from his machine to the Remote Machine in the network. The administrator can transfer the file or the information to the client machine. The administrator can transfer the information or the file based on the client request. In the client machine, the user can receive this file and he stored it in a specific location and he can view the information in the file.

It prevents the illegal use of any hardware in the client machine. The user cannot able to use CD or any other hardware devices without the permission of the administrator. If the user wants to use CD or any other hardware, he wants to get the permission from the administrator and the administrator can open and view the contents in that particular hardware and if the contents are legal, then only the administrator can sent the contents in that hardware to the client machine from his machine. Then the user can receive this file and save it in a particular location and can view and use the information. Fig. 3.2.2 Remote System Monitoring SCHEME SPECIFICATION Let CTR_SC and CTR_Svr be two counters maintained by the smart card SC and the server S respectively, and their values are initially set to 0.

CTR_Svr corresponds to a user identified by the pair (ID;CI), it is used for tracking the number of consecutive failed attempts of Login and Authentication made with respect to ID and CI. The Login and Authentication process will be terminated when CTR_SC or CTR_Svr reaches a reset threshold value n. The scheme consists of four phases: user registration, login and authentication, password change and smart card revocation. User registration Step 1) A user U randomly picks a sub-identity IDu and sends it to a server S via a secure channel. Step 2) S randomly picks another sub-identity IDs, a card identifier CI, a nonce N0 for U, and computes ID = IDujjIDsjjCI, DID = Ex(IDjjN0), V0 = h1(IDjjx), where x is S’s long-term secret number, and V0 is a big number in Zp.

S writes (DID; V0) into SC, and sends SC to U via a secure channel. S also stores ID, CI and CTR_Svr in a registration table, where the initial value of CTR_Svr is set to 0. Note that we use n to denote the threshold value which is used for detecting online dictionary attack. Also note that S can revoke a lost card or issue a new card to U without changing the user’s sub-identity IDu. Step 3) U chooses a password PW and replaces V0 in SC by V = V0 _ h1(PW). Note that the output of h1() is a big number in Zp, it can be treated as a string of length jZpj for bit-wise operations.

Finally, the initial value 0 of CTR_SC is written into SC. Now SC contains (DID; V;CTR_SC) and the threshold value n. login and authentication Step 1) U enters password PW and sub-identity IDu. If CTR_SC < n, SC randomly selects r 2R Zp and computes e = rG, V0 = V _ h1(PW) = h1(IDjjx), and V1 = e +h1(V0jjIDujjT1)G, where T1 is the current timestamp. SC sends (V1;DID; T1) to S.

Otherwise, U aborts the protocol. If S receives another request message (V10;DID; T10) with the same DID at T10 without receiving V4 related with (V1;DID; T1), then S sets CTR_Svr = CTR_Svr + 1 and aborts. Step 3) Upon receiving (V2; V3; d; T2), SC checks the Step 2) Upon receiving (V1;DID; T1), S first checks the freshness of T1. The freshness of a timestamp refers to that the message reaches the receiver within a predefined threshold of time period, which is a widely applied technique for resisting replay attack. If the checking holds, S decrypts DID to get (ID = IDujjIDsjjCI;N0). If IDu, IDs and CI are invalid and CTR_Svr > n, S terminates the protocol.

Otherwise, S computes e = V1 ? h1(V0jjIDujjT1)G, and randomly picks two nonces u and N1, computes c = ue =urG, and d = uG. S further sets NID = Ex(IDjjN1), V2 = h2(c) _ NID and V3 = h2(NIDjjcjjT2), and sends (V2; V3; d; T2) to SC, where T2 is the current timestamp. Otherwise, S aborts the protocol. IP Traceback Marking Algorithm 1) If the traceback server infers a router logged the attack packet and it is examining the digest tables at that router would identify its upstream router in the attack path. 2) If the traceback server infers a router didn’t log the attack packet but marked the packet and it is querying the neighbor routers of that router in and examining the digest tables on these neighbor routers would identify the upstream router.

3) If the attack packet undergoes transformation at the current router and it commit both marking and logging operations on the packet. Record the transformation information in the transform lookup table. Given a packet, consulting the transform lookup table can get to know whether the packet was transformed and the original packet can be reconstructed. The implementation of the transform lookup table. 4) Add all information of client system to hash table.

5) If the packet is a fragmented packet, compute and store the packet digest in a particular digest table which is only for fragmented packets and is managed in the same way as the hash-based approach. 6) Based on the hashed based table data is remote system is monitored. Key Exchange Algorithm Authenticated group key transfer protocol consists of three processes 1) initialization of key generation centre (KGC), 2) user registration, and 3) group key generation and distribution. The detailed description is as follows: Initialization of KGC: The KGC randomly chooses two safe primes p and q (i.e., primes such that p0 ¼ p_1 2 and q0 ¼ q_1 2 are also primes) and compute n ¼ pq. n is made publicly known.

User Registration: Each user is required to register at KGC for subscribing the key distribution service. The KGC keeps tracking all registered users and removing any unsubscribed users. During registration, KGC shares a secret, ðxi; yiÞ, with each user Ui, where xi; yi 2 ZZ_n. Group key generation and distribution: Group key generation receive a request from any user, key generation centre needs (KGC) to randomly selects a group key and access all shared secrets with group members. KGC needs to distribute this group key to all group members in a secure and authenticated manner.

All communication between KGC and group members are in a broadcast channel. For example, assume that a group consists of t members, fU1; U2; . . .

; Utg, and shared secrets are ðxi; yiÞ, for i ¼ 1; . . . ; t. The key generation and distribution process contains five steps.

Step 1) The initiator sends a key generation request to KGC with a list of group members as fU1; U2; . . . ; Un. Step 2) KGC broadcasts the list of all participating members, fU1; U2; .

. . ; Un, as a response. Step 3) Each participating group member needs to send a random challenge, Ri 2 ZZ_n, to KGC. Step 4) KGC randomly selects a group key, k, and generates an interpolated polynomial fðxÞ with degree t to pass through ðt þ 1Þ points, ð0; kÞ and ðxi; yi _ RiÞ, for i ¼ 1; . .

. ; t. KGC also computes t additional points, Pi, for i ¼ 1; . . .

; t, on fðxÞ and Auth ¼ hðk;U1; . . . ; Ut; R2; .

. .;Rt; P1; . . . ; PtÞ, where h is a one-way hash function.

All computations on fðxÞ are over ZZ_n. KG.C broadcasts fAuth; Pig, for i ¼ 1; . . . ; t, to all group members.

All computations are performed in ZZ_n. Step 5) for each group member, Ui, knowing the shared secret, ðxi; yi _ RiÞ, and t additional public points, Pi, for i ¼ 1; . . . ; t, on fðxÞ, is able to compute the polynomial fðxÞ and recover the group key k ¼ fð0Þ. Then, Ui computes hðk; U1; .

. . ; Ut;R1; . . .; Rt; P1; . .

. ; PtÞ and checks whether this hash value is identical to Auth. If these two values are identical, Ui authenticates the group key is sent from KGC. Fig. 2.3.2 key exchange 3.3 SUMMARY The proposed schema have six phases 1)Registration 2)smart card generation 3)login 4)group key generation 5)communication 6)remote system monitoring.The main advantage of the system is more secure and time consuming.

The main proposed method is remote system monitoring and key exchange. To monitor the client system firstly we trace the Ip address of the client system. In IP trace marking to trace all information of the user system. We provide algorithms for the IP trace marking and key exchange method.a) sever provide a password for the client to login the chat session b)automatically key is generated for the user c)to control the user system. The main advantage of this system is highly secured and freshness of the key. Remote System Monitoring is a remote control program, which enables the administrator to access the resources on the remote computer from his own computer and also control the remote computer from the server. The various information regarding the resources of a system in the network are transferred from the remote system to the administrator system in short period of time which will save the administrator time in than the administrator himself going to that system. The administrator can see the remote computer screen in a window on his desktop.

CHAPTER 4 RESULT AND DISCUSSION 4.1 ENCRYPTION AND DECRYPTION TIME COMPARISONS OF NODE DATA SECURITY

The node data parameters for data encryption and data decryption time consumption as improved time for data transmission and reduced time delay between node network is experimented as shown. Fig. 4.1 Encryption and decryption data graph In the proposed system when the size of the encrypted data will be high but there time constraint will be less when compare with the existing system time delay between node network will be high .In the proposed it will reduced the delay between the node of the network. Where as in the decryption method in the proposed system it will be reduced the delay time between the node of the network whereas compare with the existing system in the network the delay time will be very high and packet size also high so that much delay occur in the existing but in the proposed system if the size of the data will be more also then it will be reduced the time delay and decrypt within in the minimum number of time and provide that much security for key also for decrypt the data.

4.2 PHYSICAL MEMORY UTILIZATIONFor this the rate of packets received are analyzed on certain intervals. If large amount of packets are arrived within a certain interval of time then it may be a malware. Also memory utilization is also analyzed. It was found that the malware detector is not utilizing much memory. It can be tabulated as follows. Table: 4.2 physical memory satus Time Interval(hr) Total physical memory Available physical memory 0.5 1625 577 1.0 1625 608 1.5 1625 700 2.0 1625 856 The memory utilization rate can be find out using graph X-Axis –time Y-Axis – percentage of memory utilized Fig. 4.3 memory utilization of graph Fig 4.3 show that the memory utilization of the proposed system. When the packet receiving and sending time large amount of memory loss are occurred. Two colors show in the graph, blue color represented the use of memory and red color represented the available memory of the system.

CHAPTER 5 CONCLUSION AND FUTURE SCOPE

5.1 INTRODUCTION

In this project, have an Anonymous Two-Factor AKE scheme and remote system monitoring. ATFE preserves security against various attacks including de-synchronization attack, lost-smart-card attack and password guessing attack, and supports several desirable properties including perfect forward secrecy, anonymity or untraceability, adaptively password change, no centralized password storage, and no long-term public key. Here use two key for the communication, the key generation is done with RSA algorithm. The main advantage of the system is freshness of the key. In Remote Monitoring is used for block the Cyber crime is addressed in the broadest sense, in a way that most emerging crimes today involve the use of information technology. Remote System Monitoring is a remote control program, which enables the administrator to access the resources on the remote computer from his own computer and also control the remote computer from the server.

REFERENCES

1 A. Valenzano, L. Durante, and M. Cheminod, “Review of security issues in industrial networks,” IEEE Trans. Ind. Inf., vol.9, no. 1, pp. 277-293, 2013 2 V. C. Gungor, and G. P. Hancke, “Industrial wireless sensor networks: challenges, design principles and technical approaches,” IEEE Trans. Ind. Electron., vol. 56, no. 10, pp. 4258-4265, Oct. 2009. 3 D. Liu, M. C. Lee, and D. Wu, “A Node-to-Node Location Verification Method,” IEEE Trans. Ind. Electron., vol. 57, no. 5, pp. 1526 -1537, May 2010. 4 C. Chang and C. Lee, “A secure single sign-on mechanism for distributed computer networks,” IEEE Trans. Ind. Electron., vol. 59, no. 1, pp. 629-637, Jan. 2012. 5 Omer K. Jasim Mohammad “Innovative Method For Enhancing Key Generation And Management In The Aes Algorithm” 6 L. Barolli and F. Xhafa, “JXTA-OVERLAY: A P2P platform for distributed, collaborative and ubiquitous computing,” IEEE Trans. Ind. Electron., vol. 58, no. 6, pp. 2163-2172, Oct. 2010. 7 Y. Huang, W. Lin, and H. Li, “Efficient Implementation of RFID Mutual Authentication Protocol,” IEEE Trans. Ind. Electron., vol.59, no. 12, pp. 4784 – 4791, 2012. 8 Dawn Xiaodong Song And Adrian Perrig Dawnsong, Perrig Computer Science Department University of California, Berkeley “Advanced And Authenticated Marking Schemes For Ip Traceback” 9 B. Fabian, T. Ermakova, and C. Muller, “SHARDIS: A privacy enhanced discovery service for RFID-based product information,” IEEE Trans. Ind. Inf., vol. 8, no. 3, pp. 707-718, Aug. 2012. 10 A Licentiate Thesis Submitted To ITN, Department Of Science And Technology, Linköping University, For The Degree Of Licentiate Of Technology. “Design and Optimization of Wireless Remote Monitoring and Control System Using the ZigBee protocol” 12 C. Lee, M. Hwang, and I. Liao, “Security enhancement on a new authentication scheme with anonymity for wireless environments, “IEEE Trans. Ind. Electron., vol. 53, no. 5, pp. 1683-1687, Oct. 2006. 13 J. J. Shen, C. W. Lin, and M. S. Hwang, “A modified remote user authentication scheme using smart cards,” IEEE Trans. Consum. Electron., 2003, 49(2): 414-416. 14 G. Yang, D. S. Wong, H. Wang and X. Deng, “Two-factor mutual authentication based on smart cards and passwords,” Journal of Computer and System Sciences, 74(7): 1160-1172, 2008. 15 C, Ma, D. Wang, and S. Zhao, “Security flaws in two improved remote user authentication schemes using smart cards,” Int. J. Commun. Syst., DOI: 10.1002/dac.2468, 2012. 16 D. He, J. Chen, and J. Hu, “Improvement on a smart card based password authentication scheme,” Journal of Internet Technology, vol. 13, no. 3, pp. 405-410, 2012. 17 Q. Xie, “Improvement of a security enhanced one-time two factor authentication and key agreement scheme,” Scientia Iranica, vol.19, no. 6, pp.1856-1860, 2012. 18 M. Khan, S. Kim, and K. Alghathbar, “Cryptanalysis and security enhancement of a more efficient and secure dynamic ID-based remote user authentication scheme. Computer Communications, 34:305-309, 2011. 19 F. Wen, and X. Li, “An improved dynamic ID-based remote user authentication with key agreement scheme,” Computers and Electrical Engineering, 38(2):381-387, 2012. 20 M. Witteman, “Advances in smartcard security”, Information Security Bulletin,” 7 (2002): 11-22, 2002.

Password-Based Smartcard Authentication Scheme in Network Environments essay

Remember. This is just a sample

You can get your custom paper from our expert writers

Get custom paper

Password-Based Smartcard Authentication Scheme in Network Environments. (2019, Mar 07). Retrieved from https://sunnypapers.com/chapter-1-introduction-general-background-in-various-network-environments-if-a-user-needs-to-use-or-control-a-remote-server/