Your search keyword '"DEBIAO HE"' showing total 403 results

301. On the Security of a Certificateless Proxy Signature Scheme with Message Recovery

Author

Peng Gong, Debiao He, and Wenbo Shi

Subjects

Article Subject, Computer science, lcsh:Mathematics, General Mathematics, General Engineering, Adversary, lcsh:QA1-939, Computer security, computer.software_genre, lcsh:TA1-2040, Proxy signature, Mobile agent, lcsh:Engineering (General). Civil engineering (General), Proxy (statistics), computer

Abstract

A proxy signature scheme allows a proxy signer to sign messages on behalf of an original signer within a given context. It has lots of practical applications in distributed systems, grid computing, mobile agent applications, distributed shared object systems, global distribution networks, and mobile communications. Recently, Padhye et al. proposed a certificateless proxy signature scheme with message recovery and claimed the scheme is secure against both of the two types of adversaries. However, in this paper, we will show that Padhye et al.’s scheme is not secure against the Type I adversary. The analysis shows their scheme is not secure for practical applications.

Published

2013

302. Cryptanalysis of a communication-efficient three-party password authenticated key exchange protocol

Author

Shuhua Wu, Shengbao Wang, Debiao He, and Qiong Pu

Subjects

Encrypted key exchange, Zero-knowledge password proof, Information Systems and Management, Dictionary attack, Computer science, Salt (cryptography), Data_MISCELLANEOUS, Oakley protocol, Computer security, computer.software_genre, One-time password, Theoretical Computer Science, law.invention, Password strength, S/KEY, Artificial Intelligence, law, Key stretching, Syskey, Key derivation function, Password, business.industry, Password cracking, Adversary, Computer Science Applications, Authenticated Key Exchange, Control and Systems Engineering, Challenge–response authentication, Cryptanalysis, business, computer, Software, Computer network

Abstract

We revisit the communication-efficient three-party password authenticated key exchange protocol recently proposed by Chang et al. We show it is insecure against partition attacks, whereby the adversary can guess the correct password off-line. Thereafter we propose an enhanced protocol that can resist the attack described and yet is quite efficient. Furthermore, we prove its security in a widely accepted model.

Published

2012

303. Anonymous handover authentication protocol for mobile wireless networks with conditional privacy preservation

Author

Debiao He, Kefei Chen, Qi Xie, and Ding Wang

Subjects

Provable security, 021110 strategic, defence & security studies, General Computer Science, business.industry, Computer science, 0211 other engineering and technologies, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Handover, Forward secrecy, 0202 electrical engineering, electronic engineering, information engineering, Wireless, The Internet, business, computer, Protocol (object-oriented programming), Mobile device, Computer network, Anonymity

Abstract

With the development of the wireless communication technology and the popularity of mobile devices, the mobile wireless network (MWN) has been widely used in our daily life. Through the access point (AP), users could access the Internet anytime and anywhere using their mobile devices. Therefore, MWNs can bring much convenience to us. Due to the limitation of APs coverage, the seamless handover frequently occurs in practical applications. How to guarantee the users privacy and security and identify the real identity when he/she brings harm to the system becomes very challenging. To achieve such goals, many anonymous handover authentication (AHA) protocols have been proposed in the last several years. However, most of them have high computation costs because mobile nodes need to carry out the bilinear pairing operations or the hash-to-point operations. Besides, most of them cannot satisfy some critical requirements, such as non-traceability and perfect forward secrecy. In this paper, we first outline the security requirements of AHA protocols, and then propose a new AHA protocol to eliminate weaknesses existing in previous AHA protocols. Based on the hardness of two famous mathematical problems, we demonstrate that the proposed AHA protocol is secure against different kinds of attacks and can meet a variety of security requirements. It can be seen from the details of implementations that the proposed AHA protocol also has much less computation cost than three latest AHA protocols.

Published

2016

304. Oblivious Transfer Protocols Based on Group Factoring Problem

Author

Debiao He, Jing Li, Licheng Wang, Xiong Li, and Xinxin Niu

Subjects

TheoryofComputation_MISCELLANEOUS, Theoretical computer science, Oblivious transfer, Basis (linear algebra), Group (mathematics), Computer science, Algebraic structure, Factoring problem, 0102 computer and information sciences, 02 engineering and technology, Computer security, computer.software_genre, 01 natural sciences, Factorization, 010201 computation theory & mathematics, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Oblivious transfer protocol, computer, Group ring

Abstract

In this paper, we propose 1-out-of-n oblivious transfer proto-col by using the group of matrices over group ring Zq[Sm]. The security of the proposal is on the basis of factorization problems of non-commutative algebraic structures. Meanwhile, some new intractable assumptions are de_ned based on the group factorization problem (GFP). Subsequently, we present a simpler 1-out-of-n oblivious transfer construction for un- derlying non-commutative group. Furthermore, to achieve the oblivious transfer for more challenged messages, an e_cient k-out-of-n oblivious transfer protocol with fewer public parameters is designed based on the newly de_ned hard assumptions.

Published

2016

305. fuzzyPSM: A New Password Strength Meter Using Fuzzy Probabilistic Context-Free Grammars

Author

Haibo Cheng, Debiao He, Ding Wang, and Ping Wang

Subjects

Password, 021110 strategic, defence & security studies, Password policy, Zero-knowledge password proof, Cognitive password, Computer science, 0211 other engineering and technologies, Probabilistic logic, 02 engineering and technology, computer.software_genre, Computer security, One-time password, Password strength, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Web service, computer

Abstract

To provide timely feedbacks to users, nearly every respectable Internet service now imposes a password strength meter (PSM) upon user registration or password change. It is a rare bit of good news in password research that well-designed PSMs do help improve the strength of user-chosen passwords. However, leading PSMs in the industrial world (e.g., Zxcvbn, KeePSM and NIST PSM) are mainly composed of simple heuristic rules and found to be highly inaccurate, while state-of-the-art PSMs from academia (e.g., probabilistic context-free grammar based ones and Markov-based ones) are still far from satisfactory, especially incompetent at gauging weak passwords. As preventing weak passwords is the primary goal of any PSM, this means that existing PSMs largely fail to serve their purpose. To fill this gap, in this paper we propose a novel PSM that is grounded on real user behavior. Our user survey reveals that when choosing passwords for a new web service, most users (77.38%) simply retrieve one of their existing passwords from memory and then reuse (or slightly modify) it. This is in vast contrast to the seemingly intuitive yet unrealistic assumption (often implicitly) made in most of the existing PSMs that, when user registers, a whole new password is constructed by mixing segments of letter, digit and/or symbol or by combining n-grams. To model users' realistic behaviors, we use passwords leaked from a less sensitiveservice as our base dictionary and another list of relatively strong passwords leaked from a sensitive service as our training dictionary, and determine how mangling rules are employed by users to construct passwords for new services. This process automatically creates a fuzzy probabilistic context-free grammar (PCFG) and gives rise to our fuzzy-PCFG-based meter, fuzzyPSM. It can react dynamically to changes in how users choose passwords and is evaluated by comparisons with five representative PSMs. Extensive experiments on 11 real-world password lists show that fuzzyPSM, in general, outperforms all its counterparts, especially accurate in telling apart weak passwords and suitable for services where online guessing attacks prevail.

Published

2016

306. One-to-many authentication for access control in mobile pay-TV systems

Author

Jong-Hyouk Lee, Debiao He, Neeraj Kumar, and Han Shen

Subjects

Challenge-Handshake Authentication Protocol, General Computer Science, Computer science, business.industry, Email authentication, 020206 networking & telecommunications, 02 engineering and technology, Multi-factor authentication, Computer security, computer.software_genre, Chip Authentication Program, Authentication protocol, Lightweight Extensible Authentication Protocol, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Challenge–response authentication, business, computer, Data Authentication Algorithm, Computer network

Abstract

In traditional authentication schemes for access control in mobile pay-TV systems, one-to-one delivery is used, i.e., one authentication message per request is delivered from a head-end system (HES) to a subscriber. The performance of one-to-one delivery for authentication is not satisfactory as it requires frequent operations which results in high bandwidth consumption. To address this issue, one-to-many authentication for access control in mobile pay-TV systems was developed. It requires only one broadcasted authentication message from a HES to subscribers if there are many requests for the same service in a short period of time. However, later it was revealed that the one-to-many authentication scheme was vulnerable to an impersonation attack, i.e., an attacker without any secret key could not only impersonate the mobile set (MS) to the HES but also impersonate the HES to the MS. Then, a new scheme has been recently introduced for secure operations of one-to-many authentication. However, as shown in this paper, the recent work for one-to-many authentication is still vulnerable to the impersonation attack. To mitigate this attack, in this paper, a new scheme for one-to-many authentication using bilinear pairing is proposed that eliminates security weaknesses in the previous work. Results obtained depict that the new improved scheme in this paper provides better performance in terms of computation and communication overheads.

Published

2016

307. Proxy Provable Data Possession with General Access Structure in Public Clouds

Author

Huaqun Wang and Debiao He

Subjects

Security analysis, Delegate, Computer science, business.industry, 020206 networking & telecommunications, Cloud computing, Access control, 0102 computer and information sciences, 02 engineering and technology, Possession (law), Computer security model, Computer security, computer.software_genre, 01 natural sciences, System model, 010201 computation theory & mathematics, 0202 electrical engineering, electronic engineering, information engineering, business, computer, Access structure

Abstract

Since public clouds are untrusted by many consumers, it is important to check whether their remote data keeps intact. Sometimes, it is necessary for many clients to cooperate to store their data in the public clouds. For example, a file needs many clients' approval before it is stored in the public clouds. Specially, different files need different client subsets' approval. After that, these stored remote data will be proved possession by the verifier. In some cases, the verifier has no ability to perform remote data possession proof, for example, the verifier is in the battlefield because of the war. It will delegate this task to its proxy. In this paper, we propose the concept of proxy provable data possession PPDP which supports a general access structure. We propose the corresponding system model, security model and a concrete PPDP protocol from n-multilinear map. Our concrete PPDP protocol is provably secure and efficient by security analysis and performance analysis. Since our proposed PPDP protocol supports the general access structure, only the clients of an authorized subset can cooperate to store the massive data to PCS Public Cloud Servers, and it is impossible for those of an unauthorized subset to store the data to PCS.

Published

2016

308. Cryptanalysis of a certificateless aggregate signature scheme with efficient verification

Author

Debiao He, Jian Shen, Jianhua Chen, and Han Shen

Subjects

Scheme (programming language), Computer Networks and Communications, Computer science, ComputingMilieux_LEGALASPECTSOFCOMPUTING, 020206 networking & telecommunications, 02 engineering and technology, Adversary, Computer security, computer.software_genre, Signature (logic), law.invention, Aggregate signature, law, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Cryptanalysis, computer, Information Systems, computer.programming_language

Abstract

Recently, Chen et al. proposed a certificateless aggregate signature scheme with efficient verification. They claimed that their scheme could resist attacks of Type I adversary and Type II adversary. Unfortunately, we present a universal attack to demonstrate that their scheme cannot provide unforgeability. The adversary in the proposed attack can forge a legal signature on any message without any users' secret information. Copyright © 2016 John Wiley & Sons, Ltd.

Published

2016

309. An efficient certificateless two-party authenticated key agreement protocol

Author

Jianhua Chen, Sahadeo Padhye, and Debiao He

Subjects

Key-agreement protocol, Provable security, Protocol (science), Authenticated key agreement, business.industry, Certificateless cryptography, Computer security, computer.software_genre, Authenticated key agreement protocol, Public-key cryptography, Computational Mathematics, Computational Theory and Mathematics, Modelling and Simulation, Modeling and Simulation, Elliptic curve, Key (cryptography), business, computer, Bilinear pairings, Key escrow, Mathematics, Computer network

Abstract

Since certificateless public key cryptography (CLPKC) has received widespread attention due to its efficiency in avoiding key escrow problems in identity-based public key cryptography (ID-PKC), the certificateless authenticated key agreement (CLAKA) protocol, an important part of CLPKC, has been studied a great deal. Most CLAKA protocols are built from pairings which need costly operations. To improve the performance, several pairing-free CLAKA protocols have been proposed. In this paper, we propose a new pairing-free CLAKA protocol. Compared with the related protocols, our protocol has better performance. Also, our protocol is provably secure in a very strong security model—the extended Canetti–Krawczyk (eCK) model.

Published

2012

310. An efficient remote user authentication and key agreement protocol for mobile client–server environment from pairings

Author

Debiao He

Subjects

Provable security, Challenge-Handshake Authentication Protocol, Key-agreement protocol, Otway–Rees protocol, Computer Networks and Communications, Computer science, business.industry, Hash function, Mutual authentication, Client-side, Computer security, computer.software_genre, Hardware and Architecture, Authentication protocol, Universal composability, Wide Mouth Frog protocol, business, Mobile device, computer, Software, Computer network

Abstract

With the continue evaluation of mobile devices in terms of the capabilities and services, security concerns increase dramatically. To provide secured communication in mobile client-server environment, many user authentication protocols from pairings have been proposed. In 2009, Goriparthi et al. proposed a new user authentication scheme for mobile client-server environment. In 2010, Wu et al. demonstrated that Goriparthi et al.'s protocol fails to provide mutual authentication and key agreement between the client and the server. To improve security, Wu et al. proposed an improved protocol and demonstrated that their protocol is provably secure in random oracle model. Based on Wu et al.'s work, Yoon et al. proposed another scheme to improve performance. However, their scheme just reduces one hash function operation at the both of client side and the server side. In this paper, we present a new user authentication and key agreement protocol using bilinear pairings for mobile client-server environment. Performance analysis shows that our protocol has better performance than Wu et al.'s protocol and Yoon et al.'s protocol. Then our protocol is more suited for mobile client-server environment. Security analysis is also given to demonstrate that our proposed protocol is provably secure against previous attacks.

Published

2012

311. Efficient ID-based multiproxy multisignature without bilinear maps in ROM

Author

Debiao He, Sahadeo Padhye, and Namita Tiwari

Subjects

Cryptographic primitive, business.industry, Bilinear interpolation, Cryptography, Scalar multiplication, Random oracle, Multisignature, Digital signature, Pairing, Electrical and Electronic Engineering, Arithmetic, business, Algorithm, Mathematics

Abstract

Most of the previously proposed identity-based multiproxy multisignature (IBMPMS) schemes used pairings in their construction. But pairing is regarded as an expensive cryptographic primitive in terms of complexity. The relative computation cost of a pairing is approximately more than ten times of the scalar multiplication over elliptic curve group. So, to reduce running time, we first define a model of a secure MPMS scheme, then propose an IBMPMS scheme without using pairings. We also prove the security of our scheme against chosen message attack in random oracle model. Our scheme’s construction avoids bilinear pairing operations but still provides signature in the ID-based setting and reduces running time heavily. Therefore, proposed scheme is more applicable than previous schemes in terms of computational efficiency for practical applications.

Published

2012

312. A new dynamic identity-based authentication protocol for multi-server environment using elliptic curve cryptography

Author

Debiao He and Muhammad Khurram Khan

Subjects

Challenge-Handshake Authentication Protocol, Otway–Rees protocol, Computer Networks and Communications, computer.internet_protocol, business.industry, Computer science, Computer security, computer.software_genre, Internet protocol suite, Authentication protocol, The Internet, Wide Mouth Frog protocol, Challenge–response authentication, Elliptic curve cryptography, business, computer, Information Systems

Abstract

With the popularity of Internet and wireless networks, more and more network architectures are used in multi-server environment, in which users remotely access servers through open networks. For the reliability of accessing these remote services, user must pass a verification procedure to obtain the authorization for legal resource acquisition and data exchange. Recently, several dynamic identity-based authentication protocols for multi-server environment have been proposed, but all of these protocols have been cryptanalyzed by other scholars. In this paper, we propose a new dynamic identity-based authentication protocol for multi-server environment using elliptic curve cryptography. The analysis shows that our protocol could overcome security weaknesses in the previously published protocols. Hence, our protocol is more suitable for practical applications. Copyright © 2012 John Wiley & Sons, Ltd.

Published

2012

313. Security Flaws in a Smart Card Based Authentication Scheme for Multi-server Environment

Author

Debiao He and Shuhua Wu

Subjects

Scheme (programming language), Length extension attack, Spoofing attack, Computer science, business.industry, Data_MISCELLANEOUS, Password cracking, Computer security, computer.software_genre, Computer Science Applications, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Chosen-ciphertext attack, Smart card, Electrical and Electronic Engineering, Reflection attack, Challenge–response authentication, business, computer, computer.programming_language

Abstract

Recently, Wang and Ma (Wireless Pers Commun, 2012. doi: 10.1007/s11277-011-0456-7 ) proposed a smart card based authentication scheme for multi-server environment. They also demonstrated that their scheme could overcome various attacks. In this paper, the security of Wang et al.'s scheme is evaluated. Our analysis shows their scheme is vulnerable to the server spoofing attack, the impersonation attack, the privileged insider attack and the off-line password guessing attack.

Published

2012

314. A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography

Author

Yitao Chen, Jianhua Chen, and Debiao He

Subjects

Scheme (programming language), Authentication, Session Initiation Protocol, Computer Networks and Communications, Computer science, business.industry, computer.internet_protocol, Mutual authentication, Computer security, computer.software_genre, law.invention, law, Forward secrecy, Secrecy, Elliptic curve cryptography, Cryptanalysis, business, computer, Information Systems, computer.programming_language, Computer network

Abstract

The session initiation protocol (SIP) is one of the most important protocols supporting multimedia services. With the wide spread of the internet, the security of SIP is becoming more and more important. In 2009, Tsai proposed an efficient authentication scheme as an enhancement to SIP. However, Arshad et al. demonstrated that Tsai's scheme was vulnerable to the off-line password-guessing attack and the stolen-verifier attack. They also pointed out that Tsai's scheme did not provide known-key secrecy and perfect forward secrecy. To overcome the weaknesses, Arshad et al. also proposed an improved authentication scheme based on the elliptic curve discrete logarithm problem for SIP and claimed that their scheme can withstand various attacks. In this paper, we do a cryptanalysis of the scheme by Arshad et al., and we show that their scheme is vulnerable to the off-line password-guessing attack. We also propose an improved authentication scheme based on the elliptic curve cryptography for SIP which is immune to the presented attacks. Copyright © 2012 John Wiley & Sons, Ltd.

Published

2012

315. Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol

Author

Jianhua Chen, Debiao He, and Yitao Chen

Subjects

Key-agreement protocol, Computer science, Applied Mathematics, Mechanical Engineering, Data_MISCELLANEOUS, Chaotic, Aerospace Engineering, Ocean Engineering, Mutual authentication, Computer security, computer.software_genre, law.invention, Control and Systems Engineering, law, Insider attack, Electrical and Electronic Engineering, Cryptanalysis, computer, Protocol (object-oriented programming), Anonymity

Abstract

Very recently, Lee et al. (C. Lee, C. Chen, C. Wu, S. Huang, An extended chaotic maps-based key agreement protocol with user anonymity, Nonlinear Dynamics, doi: 10.1007/s11071-011-0247-4 ) proposed a chaotic maps-based key agreement protocol with user anonymity and claimed their protocol could resist various attacks. In this paper, we will point out that Lee et al.’s protocol suffers from three weaknesses: (1) inability of resisting the privileged insider attack; (2) inability of resisting the denial-of-service attack; and (3) inability of providing anonymity. To overcome the weaknesses, we also proposed an improved protocol. The analysis shows our protocol is more suitable for practical applications.

Published

2012

316. Note on ‘Design of improved password authentication and update scheme based on elliptic curve cryptography’

Author

Debiao He, Jianhua Chen, and Shuhua Wu

Subjects

Password, Scheme (programming language), Zero-knowledge password proof, computer.internet_protocol, Computer science, Elliptic Curve Digital Signature Algorithm, Computer security, computer.software_genre, One-time password, Password strength, Computer Science Applications, Modeling and Simulation, Modelling and Simulation, Password authentication protocol, Elliptic curve cryptography, computer, computer.programming_language

Published

2012

317. Privacy Preserving Search Schemes over Encrypted Cloud Data: A Comparative Survey

Author

Haowen Tan, Jun Shen, Debiao He, Dengzhi Liu, and Jian Shen

Subjects

business.industry, Computer science, Data management, Big data, Cloud computing, Computer security, computer.software_genre, Encryption, Outsourcing, Information sensitivity, Data retrieval, Health care, Overhead (computing), Data mining, business, computer, Data virtualization

Abstract

Due to the development of the network and the growth big data, data owner prefer to remotely outsource their data to cloud, which can avoid the local data management and decrease the local hardware cost. But some sensitive data, such as personal healthcare information and personal property information, must be encrypted firstly and then outsourced to the cloud. This can protect sensitive information. But the outsource encrypted data to cloud can increase the difficulty of the data retrieval, because data owner or unauthorized users can't search correctly the data they need, and also it is impractical to download all of the data to local side from the cloud, which will result in huge communication an computation overhead. Hence, some cloud data retrieval schemes has been proposed to solve this problem, these schemes not only can search the data they need correctly, but also can prevent sensitive data leaked out. In this paper, we survey the privacy preserving cloud data retrieval schemes and give a comparison of them with respect to the key principles of search and privacy assured.

Published

2015

318. Special issue on Secure Computation on Encrypted Data

Author

Jiageng Chen, Debiao He, Zhe Xia, and Chunhua Su

Subjects

Bus encryption, Computer Networks and Communications, Computer science, business.industry, Distributed computing, Secure two-party computation, Secure multi-party computation, Safety, Risk, Reliability and Quality, business, Encryption, Software, Computer network

Published

2017

319. A new two-round certificateless authenticated key agreement protocol without bilinear pairings

Author

Yitao Chen, Weiwei Han, Rui Zhang, Debiao He, and Jianhua Chen

Subjects

Key-agreement protocol, Theoretical computer science, Computer science, business.industry, Certificateless cryptography, Computer security, computer.software_genre, Computer Science Applications, Public-key cryptography, ID-based cryptography, Modeling and Simulation, Modelling and Simulation, Key (cryptography), business, computer, Implicit certificate, Key exchange, Key escrow

Abstract

Certificateless public key cryptography (CLPKC), which can simplify the complex certificate management in the traditional public key cryptography and resolve the key escrow problem in identity-based cryptography, has been widely studied. As an important part of CLPKC, certificateless two-party authenticated key agreement (CTAKA) protocols have also received considerable attention. Recently, many CTAKA protocols using bilinear pairings have been proposed. But the relative computation cost of the pairing is approximately twenty times higher than that of the scalar multiplication over elliptic curve group. To improve the performance, several CTAKA protocols without pairings have been proposed. In this paper, we will show a latest CTAKA protocol is not secure against a type 1 adversary. To improve the security and performance, we also propose a new CTAKA protocol without pairing. At last, we show the proposed protocol is secure under the random oracle model.

Published

2011

320. An efficient and provably-secure certificateless signature scheme without bilinear pairings

Author

Debiao He, Jianhua Chen, and Rui Zhang

Subjects

Theoretical computer science, Computer Networks and Communications, Computer science, business.industry, computer.internet_protocol, Bilinear interpolation, Cryptography, Computer security, computer.software_genre, Scalar multiplication, Certificate Management Protocol, Random oracle, Public-key cryptography, Key (cryptography), Electrical and Electronic Engineering, business, computer, Key escrow

Abstract

Certificateless public key cryptography simplifies the complex certificate management in the traditional public key cryptography and resolves the key escrow problem in identitybased cryptography. The certificateless signature scheme is studied widely as an important primitive. Following the pioneering work done by Al-Riyami et al., many certificateless signature schemes using bilinear pairings have been proposed ever since. However, the relative computation cost of the pairing is approximately 20 times higher than that of the scalar multiplication over the elliptic curve group. To improve the performance we propose a certificateless signature scheme without bilinear pairings. With the running time being reduced greatly, our scheme is more practical than the previous related schemes for practical application. Copyright © 2011 John Wiley & Sons, Ltd. (The key findings presented in the paper is described as follows. (1) We proposed an efficient certificateless signature scheme without pairings. (2) We also show the proposed scheme is secure in the random oracle. (3) The experimental results show the proposed scheme has better performance than the related schemes.)

Published

2011

321. An efficient identity-based blind signature scheme without bilinear pairings

Author

Rui Zhang, Debiao He, and Jianhua Chen

Subjects

General Computer Science, Elliptic Curve Digital Signature Algorithm, Bilinear interpolation, ElGamal signature scheme, Scalar multiplication, Identity (music), Control and Systems Engineering, Blind signature, Electrical and Electronic Engineering, Arithmetic, Signature (topology), Algorithm, Schnorr signature, Mathematics

Abstract

The blind signature schemes are useful in some applications where the anonymity is a big issue. Examples include the online voting systems and the electronic cash systems. Since the first identity-based blind signature scheme was proposed by Zhang et al., many identity-based blind signature schemes using bilinear pairings have been proposed. But the relative computation cost of the pairing is approximately 20 times higher than that of the scalar multiplication over elliptic curve group. In order to save the running time and the size of the signature, we propose an identity based blind signature scheme without bilinear pairings. With both the running time and the size of the signature being saved greatly, our scheme is more practical than the related schemes in application.

Published

2011

322. A pairing-free certificateless authenticated key agreement protocol

Author

Jianhua Chen, Debiao He, and Jin Hu

Subjects

Discrete mathematics, Provable security, Elliptic curve, Computer Networks and Communications, Computer science, Pairing, Distributed computing, Key (cryptography), Certificateless cryptography, Bilinear interpolation, Electrical and Electronic Engineering, Scalar multiplication, Random oracle

Abstract

Many certificateless two-party authenticated key agreement schemes using bilinear pairings have been proposed. But the relative computation cost of the pairing is approximately twenty times higher than that of the scalar multiplication over elliptic curve group In order to improve the performance we propose a certificateless two-party authenticated key agreement scheme without bilinear pairings in this paper. A security proof under random oracle model is also provided. Copyright © 2011 John Wiley & Sons, Ltd.

Published

2011

323. An efficient and secure 3-factor user-authentication protocol for multiserver environment

Author

Xiaohong Li, Aiying Sun, Debiao He, and Min Luo

Subjects

021110 strategic, defence & security studies, User authentication, Biometrics, Computer Networks and Communications, business.industry, Computer science, 0211 other engineering and technologies, 020206 networking & telecommunications, 02 engineering and technology, Factor (programming language), 0202 electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, business, Protocol (object-oriented programming), computer, computer.programming_language, Computer network

Published

2018

324. On Diophantine equation 3a 2 x 4 − By 2 = 1

Author

Debiao He, Jianhua Chen, and Yu Wang

Subjects

Discrete mathematics, Pure mathematics, symbols.namesake, Diophantine set, Applied Mathematics, Diophantine equation, Quartic function, symbols, Field (mathematics), Quadratic reciprocity, Class number, Legendre's equation, Mathematics

Abstract

Bumby proved that the only positive solutions to the quartic Diophantine equation 3x 4 − 2y 2 = 1 are (x, y) = (1, 1), (3, 11). In this paper, we extend this result and prove that if the class number of the field $${{\rm Q}(\sqrt{1-3a^{2}})}$$ is not divisible by 2, the equation 3a 2 x 4 − By 2 = 1 has at most two solutions. However, both solutions occur in only one case, a = 1, b = 2, as solved by Bumby. The proof utilizes the law of quadratic reciprocity that seems very rare in solving Diophantine equations, and the solution will be also obtained effectively through the proof when it exists.

Published

2010

325. Provable Secure and Efficient Digital Rights Management Authentication Scheme Using Smart Card Based on Elliptic Curve Cryptography

Author

Muhammad Khurram Khan, Debiao He, Jianhua Chen, and Yuanyuan Zhang

Subjects

Password, Digital rights management, Ubiquitous computing, Article Subject, business.industry, Computer science, General Mathematics, lcsh:Mathematics, General Engineering, Password cracking, Denial-of-service attack, Computer security, computer.software_genre, lcsh:QA1-939, lcsh:TA1-2040, Session key, Smart card, Elliptic curve cryptography, business, lcsh:Engineering (General). Civil engineering (General), computer

Abstract

Since the concept of ubiquitous computing is firstly proposed by Mark Weiser, its connotation has been extending and expanding by many scholars. In pervasive computing application environment, many kinds of small devices containing smart cart are used to communicate with others. In 2013, Yang et al. proposed an enhanced authentication scheme using smart card for digital rights management. They demonstrated that their scheme is secure enough. However, Mishra et al. pointed out that Yang et al.’s scheme suffers from the password guessing attack and the denial of service attack. Moreover, they also demonstrated that Yang et al.’s scheme is not efficient enough when the user inputs an incorrect password. In this paper, we analyze Yang et al.’s scheme again, and find that their scheme is vulnerable to the session key attack. And, there are some mistakes in their scheme. To surmount the weakness of Yang et al.’s scheme, we propose a more efficient and provable secure digital rights management authentication scheme using smart card based on elliptic curve cryptography.

Published

2015

326. Cryptanalysis of a Dynamic ID-Based Remote User Authentication Scheme with Access Control for Multi-Server Environments

Author

Hao Hu and Debiao He

Subjects

Scheme (programming language), Computer science, business.industry, Access control, Multi-factor authentication, law.invention, Internet Authentication Service, Artificial Intelligence, Hardware and Architecture, law, Authentication protocol, Lightweight Extensible Authentication Protocol, Computer Vision and Pattern Recognition, Electrical and Electronic Engineering, Cryptanalysis, business, computer, Software, Data Authentication Algorithm, Computer network, computer.programming_language

Published

2013

327. Cryptanalysis of an Authenticated Key Agreement Protocol for Wireless Mobile Communications

Author

Debiao He

Subjects

General Computer Science, business.industry, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Password cracking, Computer security, computer.software_genre, Electronic, Optical and Magnetic Materials, law.invention, law, Key (cryptography), Bandwidth (computing), Electrical and Electronic Engineering, Elliptic curve cryptography, Cryptanalysis, business, Protocol (object-oriented programming), Mobile device, computer, Countermeasure (computer), Computer network

Abstract

With the rapid progress of wireless mobile communications, the authenticated key agreement (AKA) protocol has attracted an increasing amount of attention. However, due to the limitations of bandwidth and storage of the mobile devices, most of the existing AKA protocols are not suitable for wireless mobile communications. Recently, Lo and others presented an efficient AKA protocol based on elliptic curve cryptography and included their protocol in 3GPP2 specifications. However, in this letter, we point out that Lo and others' protocol is vulnerable to an offline password guessing attack. To resist the attack, we also propose an efficient countermeasure.

Published

2012

328. Cryptanalysis of a Smartcard-Based User Authentication Scheme for Multi-Server Environments

Author

Hao Hu and Debiao He

Subjects

Computer Networks and Communications, Computer science, business.industry, Multi-factor authentication, Computer security, computer.software_genre, Chip Authentication Program, law.invention, Internet Authentication Service, Generic Bootstrapping Architecture, law, Authentication protocol, Lightweight Extensible Authentication Protocol, Electrical and Electronic Engineering, Cryptanalysis, business, computer, Software, Data Authentication Algorithm, Computer network

Published

2012

329. Efficient revocable ID-based encryption with cloud revocation server

Author

Xiaoying Jia, Neeraj Kumar, Kim-Kwang Raymond Choo, and Debiao He

Subjects

Revocation, Computer Networks and Communications, business.industry, Computer science, Cloud computing, 0102 computer and information sciences, 02 engineering and technology, ID-based encryption, Computer security, computer.software_genre, 01 natural sciences, Outsourcing, 010201 computation theory & mathematics, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, business, computer

Published

2017

330. A secure and efficient identity-based mutual authentication scheme with smart card using elliptic curve cryptography

Author

Min Luo, Muhammad Khurram Khan, Yunru Zhang, and Debiao He

Subjects

Provable security, Password, Computer Networks and Communications, business.industry, Computer science, Password cracking, 020206 networking & telecommunications, 02 engineering and technology, Mutual authentication, Computer security, computer.software_genre, Relay attack, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Smart card, Electrical and Electronic Engineering, Elliptic curve cryptography, business, Mobile device, computer

Abstract

Summary The e-commerce has got great development in the past decades and brings great convenience to people. Users can obtain all kinds of services through e-commerce platform with mobile device from anywhere and at anytime. To make it work well, e-commerce platform must be secure and provide privacy preserving. To achieve this goal, Islam et al. proposed a dynamic identity-based remote user mutual authentication scheme with smart card using Elliptic Curve Cryptography(ECC). Islam et al claimed that the security of their scheme was good enough to resist various attacks. However, we demonstrate that their scheme is vulnerable to insider attack and suffers from off-line password guessing attack if smart card is compromised. To overcome the deficiencies, we present an improved scheme over Islam's scheme. The security proof and analysis shows that our scheme can also provide user anonymity and mutual authentication, and the security is enough to against relay attack, impersonation attack, and other common secure attackers. The performance analysis shows that the proposed scheme is more efficient than Islam et al's scheme.

Published

2017

331. An efficient chaos-based 2-party key agreement protocol with provable security

Author

Yunru Zhang, Min Luo, Muhammad Khurram Khan, and Debiao He

Subjects

Provable security, Key-agreement protocol, Cryptographic primitive, Otway–Rees protocol, Computer Networks and Communications, Computer science, 020206 networking & telecommunications, 02 engineering and technology, Cryptographic protocol, Computer security, computer.software_genre, 01 natural sciences, 0103 physical sciences, Universal composability, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Electrical and Electronic Engineering, 010301 acoustics, computer, Replay attack

Abstract

Summary Key agreement protocol is an important cryptographic primitive, which allows 2 parties to establish a secure session in an open network environment. A various of key agreement protocols were proposed. Nowadays, there still exists some other security flaws waiting to be solved. Owing to reduce the computational and communication costs and improve the security, chaotic map has been studied in-depth and treated as a good solution. Recently, Liu et al proposed a chaos-based 2-party key agreement protocol and demonstrated that it can defend denial-of-service attack and replay attack. We found, however, it cannot resist off-line password-guessing attack, and it also has some other security flaws. In this paper, we propose an improved chaos-based 2-party key agreement protocol. The results prove that the protocol can solve the threats of off-line password-guessing attack and other security flaws in the security proof section. What is more, performance analysis shows that the computational cost of the improved protocol is lower than Liu et al protocol.

Published

2017

332. Provably Secure Proxy Multi-Signature Scheme Based on ECC

Author

Debiao He, Sahadeo Padhye, and Namita Tiwari

Subjects

Distributed computing, Computer security model, computer.software_genre, Computer Science Applications, Digital Signature Algorithm, Grid computing, Digital signature, Control and Systems Engineering, Elliptic curve cryptosystem, Mobile agent, Electrical and Electronic Engineering, Proxy (statistics), computer, Mathematics, Key size

Abstract

The elliptic curve cryptosystem (ECC) achieves the security level equivalent to that of digital signature algorithm (DSA), but has a lower computational cost and a smaller key size than the DSA. Till now so many proxy multi-signature schemes based on ECC without pairings have been proposed. To the best of our knowledge, none of them are provable secure. Having motivated, we first define a formal security model and then propose a provable secure proxy multi-signature scheme based on ECC without pairings. Our proposed scheme can play a crucial role in application to distributed systems, grid computing, mobile agent environment etc. DOI: http://dx.doi.org/10.5755/j01.itc.43.2.5377

Published

2014

333. Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol

Author

Neeraj Kumar, Debiao He, Naveen Chilamkurti, and Jong-Hyouk Lee

Subjects

Challenge-Handshake Authentication Protocol, Authentication, Computer science, business.industry, Medicine (miscellaneous), Health Informatics, Computer security, computer.software_genre, Radio Frequency Identification Device, Systems Integration, Health Information Management, Authentication protocol, Lightweight Extensible Authentication Protocol, Radio-frequency identification, Challenge–response authentication, Elliptic curve cryptography, business, computer, Delivery of Health Care, Data Authentication Algorithm, Algorithms, Computer Security, Information Systems, Computer network

Abstract

The radio frequency identification (RFID) technology has been widely adopted and being deployed as a dominant identification technology in a health care domain such as medical information authentication, patient tracking, blood transfusion medicine, etc. With more and more stringent security and privacy requirements to RFID based authentication schemes, elliptic curve cryptography (ECC) based RFID authentication schemes have been proposed to meet the requirements. However, many recently published ECC based RFID authentication schemes have serious security weaknesses. In this paper, we propose a new ECC based RFID authentication integrated with an ID verifier transfer protocol that overcomes the weaknesses of the existing schemes. A comprehensive security analysis has been conducted to show strong security properties that are provided from the proposed authentication scheme. Moreover, the performance of the proposed authentication scheme is analyzed in terms of computational cost, communicational cost, and storage requirement.

Published

2014

334. Security Analysis and Improvements of a Three-Party Password-Based Key Exchange Protocol

Author

Jianhua Chen, Hang Tu, Han Shen, and Debiao He

Subjects

Password, Key-agreement protocol, Zero-knowledge password proof, Otway–Rees protocol, Interlock protocol, Computer science, Computer security, computer.software_genre, Computer Science Applications, Password strength, Control and Systems Engineering, Authentication protocol, Electrical and Electronic Engineering, computer, Key exchange

Abstract

Recently Xie et al. [Q. Xie, N. Dong, X. Tan. D. Wong, G. Wang. Improvement of a three-party password-based key exchange protocol with formal verification. Information Technology and Control, 2013, Vol. 42, No. 3, 231-237] proposed an efficient three-party password-based key exchange protocol and used a formal verification tool to verify its security. In this paper, we demonstrate that their protocol is vulnerable to the off-line password guessing attack and the key compromise impersonation attack. The analysis shows that their protocol is not secure for practical applications. To overcome weaknesses in Xie et al.’s protocol, we also propose an improved 3PAKE protocol. Analysis shows that our protocol not only overcomes those weaknesses, but also has better performance. Therefore, our protocol is more suitable for practical applications. DOI: http://dx.doi.org/10.5755/j01.itc.43.1.5322

Published

2014

335. Two-Step Single Slope/SAR ADC with Error Correction for CMOS Image Sensor

Author

Fang Tang, Mohieddine Benammar, Debiao He, Xiaojin Zhao, Abbes Amira, and Amine Bermak

Subjects

Article Subject, Computer science, lcsh:Medicine, Hardware_PERFORMANCEANDRELIABILITY, lcsh:Technology, Noise (electronics), General Biochemistry, Genetics and Molecular Biology, Electronic engineering, Hardware_INTEGRATEDCIRCUITS, Image sensor, Hardware_ARITHMETICANDLOGICSTRUCTURES, lcsh:Science, General Environmental Science, lcsh:T, business.industry, lcsh:R, Successive approximation ADC, General Medicine, Chip, Power (physics), Effective number of bits, CMOS, Semiconductors, Calibration, lcsh:Q, Telecommunications, business, Error detection and correction, Algorithms, Research Article

Abstract

Conventional two-step ADC for CMOS image sensor requires full resolution noise performance in the first stage single slope ADC, leading to high power consumption and large chip area. This paper presents an 11-bit two-step single slope/successive approximation register (SAR) ADC scheme for CMOS image sensor applications. The first stage single slope ADC generates a 3-bit data and 1 redundant bit. The redundant bit is combined with the following 8-bit SAR ADC output code using a proposed error correction algorithm. Instead of requiring full resolution noise performance, the first stage single slope circuit of the proposed ADC can tolerate up to 3.125% quantization noise. With the proposed error correction mechanism, the power consumption and chip area of the single slope ADC are significantly reduced. The prototype ADC is fabricated using 0.18 μm CMOS technology. The chip area of the proposed ADC is 7 μm × 500 μm. The measurement results show that the energy efficiency figure-of-merit (FOM) of the proposed ADC core is only 125 pJ/sample under 1.4 V power supply and the chip area efficiency is 84 k μm2·cycles/sample.

Published

2014

336. A secure temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks

Author

Naveen Chilamkurti, Debiao He, and Neeraj Kumar

Subjects

business.industry, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Cryptography, Mutual authentication, Computer security, computer.software_genre, Key distribution in wireless sensor networks, Secure communication, Sensor node, Key (cryptography), Challenge–response authentication, business, Wireless sensor network, computer, Computer network

Abstract

With the development of wireless communication technology and sensor technology, the wireless sensor network (WSN) has been widely used in various applications, such as military surveillance, environment monitoring industry control, medical monitoring, and so on. In most of the cases, WSNs are deployed in unattended environment. So, these are more vulnerable to various attacks than traditional networks. To protect communications in WSNs, mutual authentication and key agreement schemes for WSNs have been studied widely. Recently, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs and claimed their scheme could withstand various attacks. However, in this paper, we will point out that their scheme is vulnerable to the off-line password guessing attack, the user impersonation attack, the sensor node impersonation attack and the modification attack. To overcome weaknesses in Xue et al.'s scheme, we also propose a new temporal-credential-based mutual authentication and key agreement scheme for WSNs. Security analysis shows our scheme could overcome weaknesses in Xue et al.'s scheme. Performance analysis shows our scheme also has better performance. Therefore, our scheme is more suitable for providing secure communication in WSNs.

Published

2013

337. Cryptanalysis of 'An Improved Remote Password Authentication Scheme with Smartcard'

Author

Debiao He and Muhammad Khurram Khan

Subjects

Scheme (programming language), ComputerSystemsOrganization_COMPUTERSYSTEMIMPLEMENTATION, computer.internet_protocol, Computer science, business.industry, Data_MISCELLANEOUS, Cryptography, Authentication scheme, Computer security, computer.software_genre, law.invention, law, Password authentication protocol, Smart card, Challenge–response authentication, business, Cryptanalysis, computer, computer.programming_language, Anonymity

Abstract

Recently, an improved remote user authentication scheme using smartcard was proposed. The authentication scheme by J. Chao claimed that it could provide user anonymity and withstand various attacks. In this paper, we analyze the security of Chao's scheme and point out that his scheme cannot provide user anonymity. Moreover, we demonstrate that his scheme cannot withstand the user masquerade attack and the server masquerade attack.

Published

2013

338. Cryptanalysis and Improvement of a Password-Based Remote User Authentication Scheme without Smart Cards

Author

Debiao He, Shuhua Wu, and Ding Wang

Subjects

Password, business.industry, Computer science, Mutual authentication, Computer security, computer.software_genre, Computer Science Applications, law.invention, S/KEY, Control and Systems Engineering, law, Forward secrecy, Key (cryptography), Smart card, Electrical and Electronic Engineering, Challenge–response authentication, business, Cryptanalysis, computer

Abstract

Recently, Chen et al. [B. Chen, W. Kuo, L. Wuu, A secure password-based remote user authentication scheme without smart cards, Information Technology and Control 41(1) (2012) 53-59] proposed a secure password-based remote user authentication scheme without smart cards and claimed that their scheme could withstand various attacks. Although Chen et al.’s scheme has many benefits; we find that it is vulnerable to the device stolen attack and the privileged insider attack. We also find that their scheme does not support perfect forward secrecy and no key control. Therefore, we propose an improved scheme to overcome weaknesses and maintain the benefits of the original scheme. DOI: http://dx.doi.org/10.5755/j01.itc.42.2.2554

Published

2013

339. A privacy-aware two-factor authentication protocol based on elliptic curve cryptography for wireless sensor networks

Author

Debiao He, Neeraj Kumar, Jian Shen, Qi Jiang, Naveen Chilamkurti, and Jianfeng Ma

Subjects

Password, Authentication, Otway–Rees protocol, Computer Networks and Communications, business.industry, Computer science, 020206 networking & telecommunications, 02 engineering and technology, Mutual authentication, Multi-factor authentication, Computer security, computer.software_genre, Computer Science Applications, Authentication protocol, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Wide Mouth Frog protocol, Elliptic curve cryptography, business, computer, Computer network

Abstract

Summary As one of the enabling components of Internet of things (IoT), wireless sensor networks (WSNs) have found applications in a wide range of fields, in which outside users need to directly interact with sensors to obtain sensed data. However, WSNs are vulnerable to various attacks over wireless links, such as eavesdropping and tampering. How to ensure that sensitive or critical information is only available to legal users becomes a challenging issue. Two-factor authentication combining password and smart card perfectly matches this requirement because of its practicality. However, a dozen of two-factor authentication protocols have been suggested in recent years. Owing to the challenging mission of reconciling efficiency and security requirements, it is still challenging to propose a privacy-aware two-factor protocol that is capable of providing various security features while maintaining acceptable efficiency. In this paper, we put forward a privacy-aware two-factor authentication protocol based on elliptic curve cryptography for WSNs. Our new protocol accomplishes various security features necessary for real-life application environments while maintaining acceptable efficiency. We prove that the new protocol fulfills mutual authentication in the Burrows–Abadi–Needham logic. Additionally, by way of informal security analysis, we show that the new protocol can withstand a variety of attacks and provide desirable security features. Copyright © 2016 John Wiley & Sons, Ltd.

Published

2016

340. Weaknesses of 'Security Analysis and Enhancement for Three-Party Password-Based Authenticated Key Exchange Protocol'

Author

Muhammad Khurram Khan and Debiao He

Subjects

Password, Security analysis, Computer science, business.industry, Internet Security Association and Key Management Protocol, Computer security, computer.software_genre, Authenticated Key Exchange, Session key, Smart card, business, Protocol (object-oriented programming), computer, Key exchange

Abstract

The three-party password-based authenticated key exchange (3PAKE) protocol allows two users to share a session key for future communication with the help of a trusted server in the public network. Recently, Zhao et al. [Zhao J., Gu D., Zhang L., Security analysis and enhancement for three-party password-based authenticated key exchange protocol, Security Communication Networks 2012; 5(3):273-278] proposed an efficient 3PAKE protocol using smart cards. They proved that their protocol can withstand various known attacks found in the previously published schemes. However, in this paper, we point out that their protocol is vulnerable to three kinds of attacks namely, off-line password-guessing attack, privileged insider attack and stolen smart card attack. Hence, Zhao et al.’s scheme is not recommended for practical applications.

Published

2012

341. Insecurity of an Efficient Identity-Based Proxy Signature in the Standard Model

Author

Mingwu Zhang, Baowen Xu, and Debiao He

Subjects

General Computer Science, Computer science, business.industry, Identity (philosophy), media_common.quotation_subject, Proxy signature, Artificial intelligence, computer.software_genre, business, computer, Natural language processing, Standard model (cryptography), media_common

Published

2014

342. Improvement of Lee-Kim-Yoo Password-Based Key Agreement Scheme

Author

Rui Zhang, Jianhua Chen, and Debiao He

Subjects

Password, Scheme (programming language), Authentication, Dictionary attack, Computer science, business.industry, Key space, Cryptography, Computer security, computer.software_genre, Key (cryptography), Session key, business, computer, computer.programming_language

Abstract

Recently, Kwon et al. found that LKY scheme is vulnerable to off-line dictionary attack. They showed that LKY is not a complete PAKA scheme since it is possible for the involved two parties to not share a common session key as a result of executing LKY. In our paper, we will discuss the reasons for the above attack and propose two improved scheme to solve this problem.

Published

2010

343. Weakness Analysis and Improvement of a Gateway-Oriented Password-Based Authenticated Key Exchange Protocol

Author

Debiao, He, Jianhua, Chen, and Jin, Hu

Subjects

FOS: Computer and information sciences, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Computer Science - Cryptography and Security, C.2.1, Data_MISCELLANEOUS, D.4.6, Cryptography and Security (cs.CR)

Abstract

Recently, Abdalla et al. proposed a new gateway-oriented password-based authenticated key exchange (GPAKE) protocol among a client, a gateway, and an authentication server, where each client shares a human-memorable password with a trusted server so that they can resort to the server for authentication when want to establish a shared session key with the gateway. In the letter, we show that a malicious client of GPAKE is still able to gain information of password by performing an undetectable on-line password guessing attack and can not provide the implicit key confirmation. At last, we present a countermeasure to against the attack., 6 pages

Published

2010

344. Cryptanalysis of a simple three-party key exchange protocol

Author

Debiao, He, Jianhua, Chen, and Jin, Hu

Published

2010

345. A new handover authentication protocol based on bilinear pairing functions for wireless networks

Author

Muhammad Khurram Khan, Neeraj Kumar, and Debiao He

Subjects

Challenge-Handshake Authentication Protocol, Otway–Rees protocol, Port Control Protocol, Internet Protocol Control Protocol, Computer Networks and Communications, computer.internet_protocol, Wireless network, Network security, business.industry, Computer science, Link Control Protocol, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Layer 2 Tunneling Protocol, Computer security, computer.software_genre, Public-key cryptography, Handover, Hardware and Architecture, Authentication protocol, Universal composability, Wide Mouth Frog protocol, business, computer, Software, Computer network

Abstract

Seamless handover over multiple access points is highly desirable to mobile nodes, but ensuring security and efficiency of this process is challenging. Many such protocols have been proposed but most of them are either insecure or inefficient. Very recently, He et al. proposed an improved protocol to overcome the weakness of a novel handover authentication protocol, namely PairHand. Later, they pointed out that their protocol is vulnerable to a private key compromised problem under certain circumstances and proposed an improved protocol to overcome the weakness. In this paper, we examine the security of He et al.'s improved protocol and show it is vulnerable to a private key compromised problem. To improve security, we propose a new ID-based signature protocol and construct a new handover authentication protocol based on the proposed signature protocol.

Published

2015

346. Enhanced authentication protocol for session initiation protocol using smart card

Author

Wenxia Zhu, Debiao He, and Jianhua Chen

Subjects

Challenge-Handshake Authentication Protocol, Session Initiation Protocol, Otway–Rees protocol, Internet Protocol Control Protocol, Interlock protocol, Computer Networks and Communications, business.industry, Computer science, computer.internet_protocol, Data_MISCELLANEOUS, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Computer security, computer.software_genre, Authentication protocol, Wide Mouth Frog protocol, Reflection attack, Safety, Risk, Reliability and Quality, business, Law, computer, Computer network

Abstract

Providing a security and efficiently key agreement for session initiation protocol SIP is so important to protect communication sessions on the internet. An authentication should be finished before a user utilises the SIP service provided by a server. However, there are some security problems with SIP authentication. Recently, Tu et al. improved Zhang et al.'s authenticated key agreement protocol. They also claimed that their protocol could be resistant to kinds of attacks. In our paper, we show that their protocol is susceptible to the server spoofing attack, user impersonation attack. We also proposed an enhanced protocol which can be more secure and flexible here.

Published

2015

347. An Enhanced Cloud Data Storage Auditing Protocol Providing Strong Security and Efficiency for Smart City.

Author

JIAN SHEN, DENGZHI LIU, QI LIU, DEBIAO HE, and XINGMING SUN

Subjects

CLOUD storage, DATA security, AUDITING procedures, SMART cities, CLOUD computing, SOFTWARE verification

Abstract

Cloud-assisted applications have been developed in recent years, especially in servicing the smart city. Cloud computing is an emerging technology, which combines many redundant and distributed servers to provide various applications and services. On the one hand, the users can outsource their data to the cloud and enjoy the services that are provided by the cloud anytime and anywhere. On the other hand, outsourcing the data to the cloud will reduce the local storage burden and alleviate the hardware maintenance. However, the cloud server is semi-trusted, which possibly threaten the data's security. In addition, because the data owner will not physically possess the data after outsourcing the data to the cloud, it is required to check the storage correctness and data integrity. Cloud auditing protocols are proposed to solve this problem, but the efficiency and security of previous protocols are not well. In this paper, we proposed an enhanced auditing protocol, which can reduce the verification cost greatly and offer enough security assurance. Besides, our protocol is able to resist the forgery attack in the proof verification. The security and performance analysis shows that the proposed protocol can efficiently support storage verification and privacy preserving. [ABSTRACT FROM AUTHOR]

Published

2017

348. Cryptanalysis and improvement of a DoS-resistant ID-based password authentication scheme without using smart card

Author

Wenbo Shi, Shuhua Wu, and Debiao He

Subjects

Scheme (programming language), Computer Networks and Communications, business.industry, Computer science, computer.internet_protocol, Mutual authentication, Impersonation attack, Computer security, computer.software_genre, Computer Science Applications, law.invention, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, law, Session key, Password authentication protocol, Smart card, Challenge–response authentication, Cryptanalysis, business, computer, Software, Information Systems, computer.programming_language

Abstract

An authentication scheme allows the user and the server to authenticate each other and establish a session key for future communication in an open network. Very recently, Wen et al. proposed a DoS-resistant ID-based password authentication scheme without using smart card. They claimed that their scheme could overcome various attacks. However, in this paper, we will point out that Wen et al.'s scheme is vulnerable to an impersonation attack and a privileged insider attack. To overcome weaknesses, we also propose an improved scheme. The analysis shows our scheme not only overcomes weaknesses in Wen et al.'s scheme but also has better performance. Then our scheme is more suitable for practical applications.

Published

2014

349. Lightweight anonymous key distribution scheme for smart grid using elliptic curve cryptography.

Author

Debiao He, Huaqun Wang, Khan, Muhammad Khurram, and Lina Wang

Subjects

*SMART power grids, *CRYPTOGRAPHY, *INFORMATION technology security, *PERFORMANCE evaluation, *PUBLIC key infrastructure (Computer security)

Abstract

Due to efficiency, security and reliability, the smart grid attracts more and more attentions from both industry and researchers. To implement secure communication in the smart grid, how to distribute secret keys among participants become an important issue. Several key distribution schemes for the smart grid have been proposed to guarantee secure communication. However, most of them cannot provide smart meter anonymity or have unsatisfactory performance. Based on the identity-based cryptography, this study proposes an anonymous key distribution (AKD) scheme for the smart grid using the elliptic curve cryptography. The proposed AKD scheme can provide the smart meter anonymity and mutual authentication between two participants without any help of the trusted anchor. Due to the fact that no bilinear paring operation is involved in the execution, the proposed AKD scheme has much better performance than the latest AKD scheme proposed by Tsai and Lo. Detailed performance analysis shows that the computation and the communication costs of the authors' AKD scheme is about 82.39 and 52.33% less than that of Tsai and Lo's AKD scheme. Besides, security analysis shows that the proposed AKD scheme is provably secure in the random oracle model. [ABSTRACT FROM AUTHOR]

Published

2016

350. New large-universe multi-authority ciphertext-policy ABE scheme and its application in cloud storage systems.

Author

Hao Wang, Zhihua Zheng, Lei Wu, and Debiao He

Subjects

DATA encryption, ENCRYPTION protocols, COMPUTER security, CLOUD storage, DATA warehousing

Abstract

We propose a new large-universe multi-authority ciphertext-policy attribute-based encryption system. In this system, any string can be used as an attribute of the system, and there are several authorities, each of which is responsible for the authorized key distribution of a specific set of attributes. Then, we prove its security under two static assumptions without random oracle. The main techniques used in this work are "Waters' hash" over global identifier and attribute information in the construction, as well as dual system encryption in the security proof. To the best of our knowledge, this is the first ciphertext-policy attribute-based encryption system satisfying both of "large-universe" property and "multi-authority" property without random oracle. Finally, as the application of our new scheme, we propose a new data access control scheme for cloud storage systems. [ABSTRACT FROM AUTHOR]

Published

2016