Yazar "Kumar, Neeraj" seçeneğine göre listele
Listeleniyor 1 - 6 / 6
Sayfa Başına Sonuç
Sıralama seçenekleri
Öğe Amassing the Security: An ECC-Based Authentication Scheme for Internet of Drones(IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855-4141, 2021) Hussain, Sajid; Chaudhry, Shehzad Ashraf; Alomari, Osama Ahmad; Alsharif, Mohammed H.; Khan, Muhammad Khurram; Kumar, NeerajThe continuous innovation and progression in hardware, software and communication technologies helped the expansion and accelerated growth in Internet of Things based drone networks (IoD), for the devices, applications and people to communicate and share data. IoD can enhance comfort in many applications including, daily life, commercial, and military/rescue operations in smart cities. However, this growth in infrastructure smartness is also subject to new security threats and the countermeasures require new customized solutions for IoD. Many schemes to secure IoD environments are proposed recently; however, some of those were proved as insecure and some degrades the efficiency. In this article, using elliptic curve cryptography, we proposed a new authentication scheme to secure the communication between a user and a drone flying in some specific flying zone. The security of the proposed scheme is solicited using formal Random oracle method along with a brief discussion on security aspects provided by proposed scheme. Finally, the comparisons with some related and latest schemes is illustrated.Öğe ITSSAKA-MS: An Improved Three-Factor Symmetric-Key Based Secure AKA Scheme for Multi-Server Environments(IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855-4141, 2020) Ali, Zeeshan; Hussain, Sajid; Rehman, Rana Haseeb Ur; Munshi, Asmaa; Liaqat, Misbah; Kumar, Neeraj; Chaudhry, Shehzad AshrafA variety of three-factor smart-card based schemes, specifically designed for telecare medicine information systems (TMIS) are available for remote user authentication. Most of the existing schemes for TMIS are customarily proposed for the single server-based environments and in a single-server environment. Therefore, there is a need for patients to distinctly register and login with each server to employ distinct services, so it escalates the overhead of keeping the cards and memorizing the passwords for the users. Whereas, in a multi-server environment, users only need to register once to resort various services for exploiting the benefits of a multi-server environment. Recently, Barman et al. proposed an authentication scheme for ehealthcare by employing a fuzzy commitment and asserted that the scheme can endure many known attacks. Nevertheless, after careful analysis, this paper presents the shortcoming related to its design. Furthermore, it proves that the scheme of Barman et al. is prone to many attacks including: server impersonation, session-key leakage, user impersonation, secret temporary parameter leakage attacks as well as its lacks user anonymity. Moreover, their scheme has the scalability issue. In order to mitigate the aforementioned issues, this work proposes an amended three-factor symmetric-key based secure authentication and key agreement scheme for multi-server environments (ITSSAKA-MS). The security of ITSSAKA-MS is proved formally under automated tool AVISPA along with a security feature discussion. Although, the proposed scheme requisites additional communication and computation costs. In contrast, the informal and automated formal security analysis indicate that only proposed scheme withstands several known attacks as compared to recent benchmark schemes.Öğe A Novel Pairing-Free Lightweight Authentication Protocol for Mobile Cloud Computing Framework(IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855-4141, 2021) Irshad, Azeem; Chaudhry, Shehzad Ashraf; Alomari, Osama Ahmad; Yahya, Khalid O. Moh.; Kumar, NeerajThe mobile cloud computing (MCC) refers to an infrastructure that integrates cloud computing and mobile computing, and it has changed a great deal, the service provisioning of applications, which requires to get the data processed after collection from vast sensor and Internet-of-Things-based network. The ever increasing number of handheld mobile gadgets has exacerbated the need for robust and efficient authenticated key agreements. We could witness a number of MCC-based multiserver authentication schemes lately to foster the secure adaptation of the technology; however, the demonstrated solutions are either insecure or employing too costly bilinear pairing operations for implementation. In view of limitations, as illustrated in previous studies, we propose a novel pairing-free multiserver authentication protocol for MCC environment based on an elliptic curve cryptosystem that is not only efficient, but also free from security loopholes as demonstrated. The performance evaluation section discusses and distinguishes the findings among latest studies. The strength of the contributed scheme is proved theoretically under formal security model.Öğe PFLUA-DIoT: A Pairing Free Lightweight and Unlinkable User Access Control Scheme for Distributed IoT Environments(IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855-4141, 2022) Chaudhry, Shehzad Ashraf; Farash, Mohammad Sabzinejad; Kumar, Neeraj; Alsharif, Mohammed H.The Internet of Things (IoT) connects enormous objects through various sensors to facilitate daily life by interconnecting the information space with the decision-makers. Security and privacy are, however, the main concerns in IoT due to the openness of communication channels and the unattended nature of common sensors. To provide security and privacy for sensors and users in IoT-based systems; in 2019, Zhou et al. proposed an unlinkable authentication scheme using bilinear pairings. However, the vulnerability of their scheme against sensor node impersonation attack as proved in this article renders the scheme of their work impractical and insecure. A pairing free lightweight and unlinkable authentication scheme for distributed IoT devices (PFLUA-DIoT) is then proposed in this article. The security of PFLUA-DIoT is proved using the formal method along with a discussion on its provision of security features. The performance and security comparisons show that PFLUA-DIoT provides known security features and provides better performance. Due to the avoidance of bilinear pairing-based expensive operations, PFLUA-DIoT completes authentication in less than half running time as compared with their and related schemes. Therefore, the PFLUA-DIoT can address the security and privacy issues of IoT, practically and efficiently.Öğe A Robust Access Control Protocol for the Smart Grid Systems(IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855-4141, 2022) Tanveer, Muhammad; Khan, Abd Ullah; Kumar, Neeraj; Naushad, Alamgir; Chaudhry, Shehzad AshrafLightweight cryptography (LWC)-based authenticated encryption with associative data (AEAD) cryptographic primitives require fewer computational and energy resources than conventional cryptographic primitives as a single operation of an AEAD scheme provides confidentiality, integrity, and authenticity of data. This feature of AEAD schemes helps design an access control (AC) protocol to be leveraged for enhancing the security of the resource-constrained Internet of Things (IoT)- enabled smart grid (SG) system with low computational overhead and fewer cryptographic operations. This article presents a novel and robust AC protocol, called RACP-SG, which aims to enhance the security of resource-constrained IoT-enabled SG systems. RACP-SG employs an LWC-based AEAD scheme, ASCON and the hash function, ASCON-hash, along with elliptic curve cryptography to accomplish the AC phase. Besides, RACP-SG enables a smart meter (SM) and a service provider (SEP) to mutually authenticate each other and establish a session key (SK) while communicating across the public communication channel. By using the SK, the SM can securely transfer the gathered data to the SEP. We verify the security of the SK using the widely accepted random oracle model. Moreover, we conduct Scyther-based and informal security analyses to demonstrate that RACP-SG is protected against various covert security risks, such as replay, impersonation, and desynchronization attacks. Besides, we present a comparative study to illustrate that RACP-SG renders superior security features while reducing energy, storage, communication, and computational overheads compared to the state of the art.Öğe Rotating behind Privacy: An Improved Lightweight Authentication Scheme for Cloud-based IoT Environment(Assoc Computing Machinery, 2021) Chaudhry, Shehzad Ashraf; Irshad, Azeem; Yahya, Khalid; Kumar, Neeraj; Alazab, Mamoun; Bin Zikria, YousafThe advancements in the internet of things (IoT) require specialized security protocols to provide unbreakable security along with computation and communication efficiencies. Moreover, user privacy and anonymity has emerged as an integral part, along with other security requirements. Unfortunately, many recent authentication schemes to secure IoT-based systems were either proved as vulnerable to different attacks or prey of inefficiencies. Some of these schemes suffer from a faulty design that happened mainly owing to undue emphasis on privacy and anonymity alongside performance efficiency. This article aims to show the design faults by analyzing a very recent hash functions-based authentication scheme for cloud-based IoT systems with misunderstood privacy cum efficiency tradeoff owing to an unadorned design flaw, which is also present in many other such schemes. Precisely, it is proved in this article that the scheme of Wazid et al. cannot provide mutual authentication and key agreement between a user and a sensor node when there exists more than one registered user. We then proposed an improved scheme and proved its security through formal and informal methods. The proposed scheme completes the authentication cycle with a minor increase in computation cost but provides all security goals along with privacy.
