nach oben

Wireless Personal Communications

Erschienen in:

18.07.2017

An Improved Mutual Authentication Mechanism for Securing Smart Phones

verfasst von: Wen-Bin Hsieh, Jenq-Shiou Leu

Erschienen in: Wireless Personal Communications | Ausgabe 2/2017

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

As technology advances, many wired and wireless devices have been created to fulfill consumer needs. With the popularity of the Internet and wireless networks, communication between devices has become necessary for accessing services. It is important for service providers that only legal clients with authorization access these services. By contrast, service consumers must verify that services are provided by legitimate servers. Therefore, many mutual authentication protocols have been developed to achieve this goal. This type of research has mainly been applied to server–client and peer-to-peer architecture, including radio frequency identification, wireless mobile networks, and wireless sensor networks. The proposed protocols have focused on securing exchanged messages in communication channels, and they assume that devices are secure. However, hackers have exposed devices, such as smart phones, to more threats and attacks. Hackers have begun targeting the Android platform because it has become a popular smart phone platform. Malware and phishing websites can steal sensitive information such as user account details and passwords. This negates protocol security. This paper improves the scheme developed by Li et al. and proposes a security mechanism to better protect protocol parameters. The proposed mechanism enhances mobile device security and allows protocols to take effect.

Vorheriger Artikel Performance Analysis of Cooperative Spectrum Sensing Network Using Optimization Technique in Different Fading Channels

Nächster Artikel An Enhanced Handover Algorithm in LTE-Advanced Network

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Wei, C.-H., Hwang, M.-S., & Chin, A. Y. (2011). A mutual authentication protocol for RFID. IT Professional, 13(2), 20–24.CrossRef

Huang, Y.-J., Yuan, C.-C., Chen, M.-K., Lin, W.-C., & Teng, H.-C. (2010). Hardware implementation of RFID mutual authentication protocol. IEEE Transactions on Industrial Electronics, 57(5), 1573–1582.CrossRef

Jiang, Y., Lin, C., Shen, X., & Shi, M. (2006). Mutual authentication and key exchange protocols for roaming services in wireless mobile networks. IEEE Transactions on Wireless Communications, 5(9), 2569–2577.CrossRef

Xue, K., Ma, C., Hong, P., & Ding, R. (2013). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316–323.CrossRef

Li, Z., & Gong, G. (2011). Computationally efficient mutual entity authentication in wireless sensor networks. Ad Hoc Networks, 9(2), 204–215.CrossRef

Lamport, L. (1981). Password authentication with insecure communication. Communications of the ACM, 24(11), 770–772.CrossRefMathSciNet

Hwang, M.-S., & Li, L.-H. (2000). A new remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics, 46(1), 28–30.CrossRef

ElGamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 32(4), 469–472.CrossRefMathSciNetMATH

Hwang, T., & Ku, W.-C. (1995). Reparable key distribution protocols for Internet environments. IEEE Transactions on Consumer Electronics, 43(5), 1947–1949.

10.

Sun, H. M. (2000). An efficient remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics, 46(4), 958–961.CrossRef

11.

Shen, J.-J., Lin, C.-W., & Hwang, M.-S. (2003). A modified remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics, 49(2), 414–416.CrossRef

12.

Awashti, A. K., & Lal, S. (2004). An enhanced remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics, 50(2), 583–586.CrossRef

13.

Chang, C.-C., & Hwang, K.-F. (2003). Some forgery attacks on a remote user authentication scheme using smart cards. Informatics, 14(3), 289–294.MathSciNetMATH

14.

Das, M. L., Saxena, A., & Gulati, V. P. (2004). A dynamic ID-based remote user authentication scheme. IEEE Transactions on Consumer Electronics, 50(2), 629–631.CrossRef

15.

Wei-Chi, Ku, & Chang, S.-T. (2005). Impersonation attack on a dynamic ID-based remote user authentication scheme using smart cards. IEICE Transactions on Communications, 5, 2165–2167.

16.

Hwang, M.-S., Lee, C.-C., & Tang, Y.-L. (2002). A simple remote user authentication scheme. Mathematical and Computer Modelling, 36(1–2), 103–107.CrossRefMathSciNetMATH

17.

Ku, W.-C., & Chen, S.-M. (2004). Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics, 50(1), 204–207.CrossRef

18.

Lee, C.-C., Hwang, M.-S., & Yang, W.-P. (2002). A flexible remote user authentication scheme using smart cards. ACM Operating Systems Review, 36(3), 46–52.CrossRef

19.

Fan, C.-I., Ho, P.-H., & Hsu, R.-H. (2010). Provably secure nested one-time secret mechanisms for fast mutual authentication and key exchange in mobile communications. IEEE/ACM Transactions on Networking, 18(3), 996–1009.CrossRef

20.

Lin, S.-H., Chiu, J.-H., & Lee, G.-R. (2010). A fast iterative localized re-authentication protocol for heterogeneous mobile networks. IEEE Transactions on Consumer Electronics, 56(4), 2267–2275.CrossRef

21.

Juang, W.-S., Chen, S.-T., & Liaw, H.-T. (2008). Robust and efficient password-authenticated key agreement using smart cards. IEEE Transactions on Industrial Electronics, 55(6), 2551–2556.CrossRef

22.

Li, X., Qiu, W., Zheng, D., Chen, K., & Li, J. (2010). Anonymity enhancement on robust and efficient password-authenticated key agreement using smart cards. IEEE Transactions on Industrial Electronics, 57(2), 793–800.CrossRef

23.

Lo, N.-W., & Yeh, K.-H. (2009). Cryptanalysis of two three-party encrypted key exchange protocols. Computer Standards & Interfaces, 31(6), 1167–1174.CrossRef

24.

Ku, W.-C. (2005). Weaknesses and drawbacks of a password authentication scheme using neural networks for multiserver architecture. IEEE Transactions on Neural Networks, 16(4), 1002–1005.CrossRef

25.

Byun, J. W., Lee, D. H., & Lim, J. I. (2006). Security analysis and improvement of a gateway-oriented password-based authenticated key exchange protocol. IEEE Communications Letters, 10(9), 683–685.CrossRef

26.

Chung, H.-R., Ku, W.-C., & Tsaur, M.-J. (2009). Weaknesses and improvement of Wang et al’.s remote user password authentication scheme for resource-limited environments. Computer Standards & Interfaces, 31(4), 863–868.CrossRef

27.

Xu, Z., Bai, K., Zhu, S. (2012) TapLogger, inferring user inputs on smartphone touchscreens using on-board motion sensors. In Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks (WISEC ‘12). ACM, New York, NY, USA, (pp. 113–124).

28.

Shen, C., Nahum, E., Schulzrinne, H., & Wright, C. P. (2012). The impact of TLS on SIP server performance: Measurement and modeling. IEEE/ACM Transactions on Networking, 20(4), 1217–1230.CrossRef

29.

Eastlake, D. E., Jones, P. E. (2001) US Secure Hash Algorithm 1 (SHA1),” RFC 3174.

30.

Yang, J-z, Wanf, Y.-J., Qian, H.-F., & Zhou, Y. (2012). On the security of two password authenticated key agreement scheme using smart cards. The Journal of China Universities of Posts and Telecommunications, 19(Suppl. 1), 137–141.CrossRef

Titel: An Improved Mutual Authentication Mechanism for Securing Smart Phones
verfasst von: Wen-Bin Hsieh
Jenq-Shiou Leu
Publikationsdatum: 18.07.2017
Verlag: Springer US
Erschienen in: Wireless Personal Communications / Ausgabe 2/2017
Print ISSN: 0929-6212
Elektronische ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-017-4641-1

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Jonas Klose/© Pine Valley Capital GmbH, Carina Kießling von der Strategieberatung Roland Berger/© Monika Walther Fotografie | ATZ, Beijing Auto Show 2024: Deutsche Hersteller wollen angreifen./© EKH-Pictures / Generated with AI / Stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2017

Analysis of Full-Duplex Downlink Using Diversity Gain

Frequency Selective Surface as Superstrate on Wideband Dielectric Resonator Antenna for Circular Polarization and Gain Enhancement

Performance Improvement of Two-Hop Relay System Using Polarization Diversity

Mapping Application Requirements to Virtualization-Enabled Software Defined WSN

Time Triggered Hybrid Scheduler with Dynamic Frequency Scaling for Distributed Real Time Embedded Systems

A Neural Network-Based Learning Algorithm for Intrusion Detection Systems

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.