In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the pos...In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the possession of both a password and a snort card, and provides more security guarantees in two aspects: 1) it addresses the untmceability property so that any third party accessing the communication channel cannot link two authentication sessions originated from the same user, and 2) the use of a smart card prevents offiine attacks to guess passwords. The security and efficiency analyses indicate that our enhanced scheme provides the highest level of security at reasonable computational costs. Therefore, it is a practical authentication scheme with attractive security features for wireless sensor networks.展开更多
In network-connected UAV(NCUAV) communication systems, user authentication is replaced by platform identity authentication and integrity check because many NC-UAVs are operated without human intervention. Direct anony...In network-connected UAV(NCUAV) communication systems, user authentication is replaced by platform identity authentication and integrity check because many NC-UAVs are operated without human intervention. Direct anonymous attestation(DAA) is an attractive cryptographic scheme that provides an elegant balance between platform authentication and anonymity. However, because of the low-level computing capability and limited transmission bandwidth in UAV, the existing DAA schemes are not suitable for NC-UAV communication systems. In this paper, we propose an enhanced DAA scheme with mutual authentication(MA-DAA scheme), which meets the security requirements of NC-UAV communication systems. The proposed MA-DAA scheme, which is based on asymmetric pairings, bundles the identities of trusted platform module(TPM) and Host to solve the malicious module changing attacks. Credential randomization, batch proof and verification, and mutual authentication are realized in the MA-DAA scheme. The computational workload in TPM and Host is reduced in order to meet the low computation and resource requirements in TPM and Host.The entire scheme and protocols are presented,and the security and efficiency of the proposed MA-DAA scheme are proved and analyzed.Our experiment results also confirm the high efficiency of the proposed scheme.展开更多
基金This work was supported by the Program for Changjiang Scholars and Innovative Research Team in University under Grant No. IRT1078 the Key Program of NSFC-Guangdong Union Foundation under Grant No.U1135002+3 种基金 the Major National S&T Program under Grant No.2011ZX03005-002 the National Natural Science Foundation of China under Grants No. 61072066, No.61173135, No.61100230, No.61100233, No.61202389, No.61202390 the Natural Science Basic Research Plan in Shaanxi Province of China under Grants No.2012JQ8043, No. 2012JM8030, No. 2012JM8025, No2011JQ8003 the Fundamental Research Funds for the Central Universities under Cxants No. JY10000903001, No. K50511030004. The authors would like to thank the anonymous reviewers and the editor for their constructive comments that have helped us to improve this paper.
文摘In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the possession of both a password and a snort card, and provides more security guarantees in two aspects: 1) it addresses the untmceability property so that any third party accessing the communication channel cannot link two authentication sessions originated from the same user, and 2) the use of a smart card prevents offiine attacks to guess passwords. The security and efficiency analyses indicate that our enhanced scheme provides the highest level of security at reasonable computational costs. Therefore, it is a practical authentication scheme with attractive security features for wireless sensor networks.
基金supported in part by the European Commission Marie Curie IRSES project "AdvIOT"the National Natural Science Foundation of China (NSFC) under grant No.61372103
文摘In network-connected UAV(NCUAV) communication systems, user authentication is replaced by platform identity authentication and integrity check because many NC-UAVs are operated without human intervention. Direct anonymous attestation(DAA) is an attractive cryptographic scheme that provides an elegant balance between platform authentication and anonymity. However, because of the low-level computing capability and limited transmission bandwidth in UAV, the existing DAA schemes are not suitable for NC-UAV communication systems. In this paper, we propose an enhanced DAA scheme with mutual authentication(MA-DAA scheme), which meets the security requirements of NC-UAV communication systems. The proposed MA-DAA scheme, which is based on asymmetric pairings, bundles the identities of trusted platform module(TPM) and Host to solve the malicious module changing attacks. Credential randomization, batch proof and verification, and mutual authentication are realized in the MA-DAA scheme. The computational workload in TPM and Host is reduced in order to meet the low computation and resource requirements in TPM and Host.The entire scheme and protocols are presented,and the security and efficiency of the proposed MA-DAA scheme are proved and analyzed.Our experiment results also confirm the high efficiency of the proposed scheme.
