With the rapid development of mobile devices, people can easily use various electronic services any time everywhere for convenient and modern life. Remote user authentication becomes a very important ingredient procedure for the network system service to verify whether a remote user is legal through any insecure channel. Users can use to access many applications, for example internet banking, online shopping, mobile pay TV, are accomplished on internet or wireless networks. Therefore, secure communications in such wireless environments are more and more important because they protect transactions between users and servers. Especially, users are people vulnerable to attacks and there are many authentication systems proposed to guarantee them. Islam and Biswas have proposed a more efficient and secure ID-based system for mobile devices on ECC to enhance security for authentication with key agreement system. They claimed that their system truly is more secure than previous ones and it can resist various attacks. However, it is true because their system is vulnerable to known session-specific temporary information attack, and the other system is denial of service resulting from leaking server's database. Thus, the paper presents an improvement to their system in order to isolate such problems.
Keywords-Authentication, Password, Dynamic ID, Smart card, Impersonation, Session key, elliptic curve cryptosystem
1. Introduction
Elliptic Curve (EC) systems as applied to cryptography were first proposed in 1985 Independently by Neal Koblitz and Victor Miller. Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create smaller, faster, and more efficient c...
... middle of paper ...
....
[10] "A new remote user authentication system using smart cards", M. S. Hwang and L. H. Li, IEEE Transactions on Consumer Electronics, vol.46, pp. 28-30, Feb 2000.
[11] “A novel remote user authentication system for multi-server environment without using smart cards”, K.-H. Yeh and N. W. Lo, International Journal of Innovative Computing and Information Control, vol.6, no.8, pp.3467-3478, 2010.
[12] “Efficient convertible multi-authenticated encryption system without message redundancy or one-way hash functions”, J.-L. Tsai, T.-S. Wu, H.-Y. Lin and J.-E. Lee, International Journal of Innovative Computing, Information and Control, 2010.
[13] “An authenticated key exchange protocol for mobile stations from two distinct home networks”, H.-L. Wang, T.-H. Chen, L.-S. Li, Y.-T. Wu and J. Chen, International Journal of Innovative Computing Information and Control, 2010.
Victorian government came up with a new idea of smart card ticketing transport system. This was also to collaborate the train, bus and tram services in Victoria. With this spark of idea in 2002, a project case and a feasibility study was
4-way handshake can be leveraged here, for authentication in the aforementioned setup. In this mechanism, the access point starts by sending the EAPoL (Extensible Authentication Protocol (EAP) over LAN) message which contains the AP Nonce (Access Point Nonce), where Nonce is just a random sequence. The station leverages this information along with the MAC address and PSK, and creates a pairwise transient key. The generated STA Nonce (Station Nonce) is protected with the MIC (Message Integrity Code) created from the pairwise transient key. The message formed is then sent to the access point.
Technological development in digital wallets continue to fascinate the world and offer to make the Bitcoin environment more secure for users. One of the latest innovation in digital wallet promises to keep users’ private access keys secure as encrypted audio. The encrypted login key is converted into
PKC is the enabling technology for all Internet security and the increasing use of digital signatures, which are replacing traditional signatures in many contexts. However, RSA is better than PKC because RSA doesn’t need digital signature. As a result, the RSA algorithm turned out to be a perfect fit for the implementation of a practical public security system. In 1977, Martin Gardner first introduced the RSA system. After 5 years, company RSA used secure electronic security products. Nowadays many credit companies of all over the world use the RSA system or a similar system based on the RSA system.
Enter the Remote Authentication Dial In User Service (RADIUS), a commonly used authentication system. Most remote-access equipment vendors have supported RADIUS in their remote-access ser-vers. Many virtual private networking equipment companies also are supporting the use of a RADIUS server for user authentication.
In the rapidly developing field of computer science, there is no more controversial issue than encryption. Encryption has become a highly contested issue with the broad use of global networks including the Internet. As more and more sensitive documents are being placed on computer networks, and trusted information is being sent from computer to computer throughout the world, the need for encryption has never been greater. However, the effects of encryption on our lifestyle and the government's role in encryption has been (and will continue to be) debated for years to come.
Lv, X., Li, H., Wang, B. (2012) Virtual private key generator based escrow-free certificateless public key cryptosystem for mobile ad hoc networks ISSN: 19390114
My knowledge has grown over the past six years, outwith the areas of learning offered by school courses, and I see this course as an opportunity to gain new skills and broaden my knowledge further. My main interests are varied, including communications and the internet, system analysis and design, software development, processors and low level machine studies. I have recently developed an interest in data encryption, hence my active participation in the RSA RC64 Secret-Key challenge, the latest international de-encryption contest from the RSA laboratories of America.
While the conventional desktop PC will still continue to serve important functions at both consumer and professional levels, there is an expectation that mobile devices will become the predominant form for accessing both personal and professional content; it is understandable that cyber criminals have begun focusing on mobile devices which have at the same time grown their user base while substantially consolidating the operating system variants which makes the surface area for a potential attack substantially larger (Juniper Networks, n.d.).... ... middle of paper ... ... Mobile Device Security: A Survey of Mobile Device Threats, Vulnerabilities and their Defensive Mechanism. International Journal of Computer Applications.
One of the largest parts of commerce is transaction. Transactions are needed anytime two parties exchange money or information. Since the Information Age has begun, transactions are more common over the Internet, where it is more imperative that transactions are secure (Klein x). Corporations have also become more widespread, which means that cryptography is needed to secu...
For thousands of years, cryptography and encryption have been used to secure communication. Military communication has been the leader in the use of cryptography and the advancements. From the start of the internet, there has been a greater need for the use of cryptography. The computer had been invented in the late 1960s but there was not a widespread market for the use of computers really until the late 1980s, where the World Wide Web was invented in 1989. This new method of communication has called for a large need for information security.
The factors that pose a threat to information may include inter-connectivity and the wireless applications used in business (Rainer & Turban, 2009, p. 1). There is massive communication of computers following the inter-connectivity and this introduces a lot of challenges in the manning of information security (Rainer & Turban, 2009, p. 1). The massive inter-connectivity has acted as a brooding ground for many attackers and malicious programs. This has brought about the idea of trusted and un-trusted networks that operate outside the business applications (Rainer & Turban, 2009, p. 1). Research has shown that wireless communication is the most risky in terms of information security but yet it is the most effective since it enables employees to access information from any part of the world (Rainer & Turban, 2009, p. 1).
In this era when the Internet provides essential communication between tens of millions of people and is being increasingly used as a tool for security becomes a tremendously important issue to deal with, So it is important to deal with it. There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography. But it is important to note that while cryptography is necessary for secure communications, it is not by itself sufficient. Cryptography is the science of writing in secret code and is an ancient art; In the old age people use to send encoded message which can be understand by the receiver only who know the symbolic and relative meaning of that encoded message .The first documented use of cryptography in writing dates back to circa 1900 B.C. Egyptian scribe used non-standard hieroglyphs in an inscription. After writing was invented cryptography appeared spontaneously with applications ranging from diplomatic missives to war-time battle plans. It is no surprise, then, that new forms of cryptography came soon after the widespread development of computer communications. In telecommunications and data cryptography is necessary when communicating in any untrusted medium, which includes any network, particularly the Internet [1].Within the context of any application-to-application communication, there are some security requirements, including:
This paper is going to discuss wireless security from a broad view where I will go into why exactly wireless security is so important especially today as the ways in which we are communicating is changing dramatically. From there I will discuss the multiple wireless securities that are available to give a better understanding of the options given. Then I will go into why exactly not protecting your wireless can be so dangerous with some descriptions on the most dangerous wireless attacks out there today. Finally I will then discuss how we can better prepare for these types of attacks with a synopsis on several effective security methods that will help to ensure data is securely passed and kept hidden.
Rayne, PB, Kulkarni, P, Patil, S & Meshram, BB 2012, ‘Authentication and Authorization:Tool for Ecommerce Security’, Engineering Science and Technology: An International Journal, vol. 2, no. 1, pp. 150-157.