In enterprise information systems, personal mobility provides the ability for roaming users to access enterprise network services from anywhere at anytime. However, methods for mutual authentication between roaming user and servers are still far from satisfied. In this paper, we focus on such a mutual authentication scheme, by which users can only use memorable information to log in servers wit...

Motivated by the design of the well-known Enigma machine, we present a novel ultra-lightweight encryption scheme, referred to as Hummingbird, and its applications to a privacy-preserving identification and mutual authentication protocol for RFID applications. Hummingbird can provide the designed security with a small block size and is therefore expected to meet the stringent response time and p...

In Public Wireless LANs(PWLANs), user anonymity is an essential issue. Recently, Juang et al. proposed an anonymous authentication and key exchange protocol using smart cards in PWLANs. They claimed that their proposed scheme provided identity privacy, mutual authentication, and half-forward secrecy. In this paper, we point out that Juang et al.'s protocol is vulnerable to the stolen-verifier a...

Cloud computing is a recently developed technology for complex systems with services sharing among various registered users. Therefore, proper mutual authentication is needed between users and cloud server prior to avail the services provided by cloud servers. Recently, Hao et al. [26] proposed time-bound ticketbased mutual authentication scheme for cloud computing. However, this paper shows th...

In recent years, electronic check (echeck) has been more and more popular on the electronic commerce application. For this reason, there were many scholars have proposed the security issues for related echeck. Chang et al. present their views on echeck to improve the past scheme. Chang et al.’s scheme achieves the security of system and provides mutual authentication between payer and payee. Ho...

Conventionally, mutual entity authentication is seen as the necessary precursor to the establishment of a secure connection. However, there exist examples of cases where authentication is not needed. The purpose of this paper is to consider this proposition, illustrated by case studies, and to use the findings of this investigation as input for the design of authentication protocols suitable fo...

This document specifies EAP-IKEv2, an Extensible Authentication Protocol (EAP) method that is based on the Internet Key Exchange (IKEv2) protocol. EAP-IKEv2 provides mutual authentication and session key establishment between an EAP peer and an EAP server. It supports authentication techniques that are based on passwords, high-entropy shared keys, and public key certificates. EAP-IKEv2 further ...

Many banks offer cardless ATMs, using a mobile banking application on the smartphone to overcome high risk of attack with traditional PIN-based cards. Several pieces research into ATMs have focused security strengthening, while others improving usability. Extra hardware devices may be required increase both and This paper presents location-based mutual authentication scheme. technique combines ...

Today, people benefit various services through networks. However, due to the open environment of communications, networks are vulnerable to variety of security risks. Remote access capability is one of the critical functions for network systems. The remote user authentication scheme provides the server a convenient way to authenticate users before they are allowed to access database and obtain ...

Long Term Evolution LTE is the first technology that provides exclusively packet-switched data and modifies the security architecture of the 2G and 3G systems. The LTE security architecture offers confidentiality, access control, a kind of obscurity and mutual authentication. However, numerous types of attacks can be encountered during the mutual authentication process which is a challengerespo...