Yazar "Mahmood, Khalid" seçeneğine göre listele

Listeleniyor 1 - 7 / 7
  • Küçük Resim
    Öğe
    A clogging resistant secure authentication scheme for fog computing services
    (ELSEVIER, RADARWEG 29, 1043 NX AMSTERDAM, NETHERLANDS, 2021) Ali, Zeeshan; Chaudhry, Shehzad Ashraf; Mahmood, Khalid; Garg, Sahil; Lv, Zhihan; Bin Zikria, Yousaf
    Fog computing (FC) is an infrastructure consisting of decentralized computing, where computing resources such as storage, applications, and data are scattered among the cloud and data source. Fog computing inherits similar privacy and security concerns present in cloud computing, such as authentication and key management issues. Recently, Wazid et al. presented a scheme of authentication key exchange for fog computing called SAKA-FC to address these issues. We analyzed and identified that the SAKA-FC suffers from some severe vulnerabilities. Furthermore, we presented an improved scheme to mitigate these problems while retaining its strengths. The formal security analysis of the proposed scheme is validated through BAN logic. At the same time, the AVISPA tool is employed for automated formal security verification. Informal security analysis is conducted to attest that the proposal can confront the known attacks. Using computation and communication costs as the metrics, the proposed scheme is also compared with some state-of-the-art schemes. The proposed scheme achieves the same communication cost as of SAKA-FC, whereas the difference in computation cost is 24%. This increase in computation cost is justifiable as the proposal is resistant to clogging attacks and provides better security than the prior schemes.
  • Küçük Resim
    Öğe
    Designing secure and lightweight user access to drone for smart city surveillance
    (ELSEVIER, RADARWEG 29, 1043 NX AMSTERDAM, NETHERLANDS, 2022) Hussain, Sajid; Mahmood, Khalid; Khan, Muhammad Khurram; Chen, Chien-Ming; Alzahrani, Bander A.; Chaudhry, Shehzad Ashraf
    The Internet of drones (IoD) is a very useful application of the Internet of things (IoT) and it can help the daily life comfort through various functions including the smart city surveillance. The IoD can enhance the comfort to reach inaccessible and hard to access sites and can save lot of effort, time and cost. However, in addition to traditional threats, the IoD may suffer from new threats and requires customized methods to combat the security weaknesses. Very recently, Wazid et al. proposed a security solution for securing IoD application scenario and claimed its security. However, in this paper we show that their scheme cannot resist stolen verifier and traceability attacks. Moreover, an attacker with access to the verifier, can impersonate any user, drone or server of the system. An enhanced scheme is then proposed to cope with these weaknesses. The security claims of proposed scheme are endorsed by formal and informal security analysis. Moreover, the performance and security comparisons show that proposed scheme completes a cycle of authentication with a slight increase in computation time, but it offers all the required security features as compared with the scheme of Wazid et al.
  • Küçük Resim Yok
    Öğe
    An enhanced anonymous identity-based key agreement protocol for smart grid advanced metering infrastructure
    (John Wiley and Sons Ltd, 2019) Mahmood, Khalid; Arshad, Jehangir; Chaudhry, Shehzad Ashraf; Kumari, Saru
    Sprouting populace mass within the urban areas furnishes critical challenges of providing uninterruptible community services to fulfill the primitive needs of inhabitants in smart cities. Smart cities facilitate and uplift the living standards of inhabitants through various smart systems or infrastructures, and smart grid is one of them. Secure transmission is a key requirement in the advanced metering infrastructure (AMI) of most smart grids, and key establishment cryptographic protocols can be used to achieve such a requirement. Designing efficient and secure key establishment protocols for AMI remains challenging. For example, in this paper, we reveal several weaknesses in the identity-based key establishment protocol of Mohammadali et al (published in IEEE Trans Smart Grid, 2017), which is based on elliptic curves. We then improve their protocol and prove its security in the random oracle model. We also demonstrate that the improved protocol achieves both anonymity and untraceability, before presenting a comparative summary of the security and computational overheads of the proposed protocol and several other existing protocols. © 2019 John Wiley & Sons, Ltd.
  • Küçük Resim
    Öğe
    An enhanced scheme for mutual authentication for healthcare services
    (KEAI PUBLISHING LTD, 16 DONGHUANGCHENGGEN NORTH ST, BEIJING, DONGCHENG DISTRICT 100717, PEOPLES R CHINA, 2022) Shamshad, Salman; Ayub, Muhammad Faizan; Mahmood, Khalid; Kumari, Saru; Chaudhry, Shehzad Ashraf; Chen, Chien-Ming
    With the advent of state-of-art technologies, the Telecare Medicine Information System (TMIS) now offers fast and convenient healthcare services to patients at their doorsteps. However, this architecture engenders new risks and challenges to patients' and the server's confidentiality, integrity and security. In order to avoid any resource abuse and malicious attack, employing an authentication scheme is widely considered as the most effective approach for the TMIS to verify the legitimacy of patients and the server. Therefore, several authentication protocols have been proposed to this end. Very recently, Chaudhry et al. identified that there are vulnerabilities of impersonation attacks in Islam et al.'s scheme. Therefore, they introduced an improved protocol to mitigate those security flaws. Later, Qiu et al. proved that these schemes are vulnerable to the man-in-the-middle, impersonation and offline password guessing attacks. Thus, they introduced an improved scheme based on the fuzzy verifier techniques, which overcome all the security flaws of Chaudhry et al.'s scheme. However, there are still some security flaws in Qiu et al.'s protocol. In this article, we prove that Qiu et al.'s protocol has an incorrect notion of perfect user anonymity and is vulnerable to user impersonation attacks. Therefore, we introduce an improved protocol for authentication, which reduces all the security flaws of Qiu et al.'s protocol. We also make a comparison of our protocol with related protocols, which shows that our introduced protocol is more secure and efficient than previous protocols.
  • Küçük Resim
    Öğe
    A seamless anonymous authentication protocol for mobile edge computing infrastructure
    (ELSEVIER, RADARWEG 29, 1043 NX AMSTERDAM, NETHERLANDS, 2022) Mahmood, Khalid; Ayub, Muhammad Faizan; Hassan, Syed Zohaib; Ghaffar, Zahid; Lv, Zhihan; Chaudhry, Shehzad Ashraf
    Mobile Edge Computing (MEC) accommodates processing and data storage and manipulation capabilities across the scope of wireless network. In MEC environment, MEC servers along with the computing and storage capabilities are distributed at the edge of the network. However, due to the broad range of wireless communication, the fulfillment of security requirements still remain a challenging task in the for MEC environment. With the expeditious traffic expansion and growing end user requirements, the classic security protocols cannot encounter the innovative requirements of lightweightness and real-time communication. To meet these requirements, we have proposed an authentication protocol for the MEC environment. Our proposed protocol stipulates secure and efficient communication for all of the intended entities. Meanwhile, during its execution user anonymity remains intact. Moreover, our protocol is proven to be secure under the assumptions of formal security model. Additionally in this article, we have described the security properties of our protocol that it offers resistance against impersonation, session key computation and forward and backward secrecy attacks. The comparative analysis of time consumption and computation overheads are presented at the end of the paper, which is an evidence that our proposed protocol outperforms prior to various existing MEC protocols.
  • Küçük Resim
    Öğe
    A secure and lightweight authentication scheme for next generation IoT infrastructure
    (ELSEVIER, RADARWEG 29, 1043 NX AMSTERDAM, NETHERLANDS, 2021) Rana, Minahil; Shafiq, Akasha; Altaf, Izwa; Alazab, Mamoun; Mahmood, Khalid; Chaudhry, Shehzad Ashraf; Bin Zikria, Yousaf
    While the 6G/IoT transition is on the cards, the real advantage of this transition can be realized only if the user privacy and security are guaranteed. The smartcard and password based authentication protocols can help the transition in a rapid way. However, due to insecurities and/or heavy computation, many such protocols cannot cope with the dynamic requirements of future generation networks. Recently, Kaul and Awasthi presented a robust and secure user authentication protocol based on resource friendly symmetric cryptography primitives. They declared that their introduced protocol is convenient, efficient, and secure for the applications in realworld. In contrast, this article describes that protocol of Kaul and Awasthi is not secure because an attacker can easily find the identity of a legal user that is being sent on the public channel. Further, by using the identity of a legitimate user, an attacker can impersonate himself as a legitimate user of the system and can enjoy the services given by the server. So, their protocol is susceptible to user impersonation attacks, and their claim of being secure is proven to be wrong. Therefore, we have extended their work and presented an upgraded scheme by ensuring secure communication over the entire channel. Moreover, our proposed scheme is safe not solely against user impersonation attack but also major security attacks with reasonable communication, computation, and storage costs and is a better candidate for deployment in 6G/IoT networks.
  • Küçük Resim Yok
    Öğe
    A Security Enhanced Chaotic-Map-Based Authentication Protocol for Internet of Drones
    (IEEE-Inst Electrical Electronics Engineers Inc, 2024) Mahmood, Khalid; Ghaffar, Zahid; Farooq, Muhammad; Yahya, Khalid; Das, Ashok Kumar; Chaudhry, Shehzad Ashraf
    The Internet of Drones (IoD) extends the capabilities of unmanned aerial vehicles, enabling them to participate in a connected network. In IoD infrastructure, drones communicate not only among themselves but also with users and a control center. This interconnected communication framework holds promise for various applications, from collaborative decision-making to real-time data exchange. However, the expansion of communication in IoD also introduces new challenges, particularly in terms of security, privacy and authentication. Unfortunately, the current authentication protocols are inadequate in offering robust security features against various attacks in the IoD environment. To address these security issues and limitations, we proposed a secure protocol for the IoD environment using chaotic maps and hash functions. In addition, we also employed a physically unclonable function in the development of the proposed protocol. We assess the security of the protocol through both informal and formal security analysis. The formal security analysis is conducted through a widely used random or real (RoR) model. The informal analysis shows the rigorous security features against various attacks, such as masquerading, anonymity violation, and physical cloning attacks. Moreover, we compare the performance of the devised protocol with similar existing protocols across important performance parameters, such as communication overhead, computation overhead, and security features. The devised protocol provides a 67.86% and 17.80% reduction in computation and communication overheads, respectively, as compared to related protocols. The analysis demonstrates the proposed protocol's capacity to support secure communication in the IoD environment and satisfy desirable security attributes.