We are witnessing the rapid expansion of smart devices in our daily life. The need for individual privacy protection calls for anonymous entity authentication techniques with affordable efficiency upon the resource-constrained smart devices. Towards this objective, in this paper we propose self-blindable credential, a lightweight anonymous entity authentication primitive. We provide a formulati...

We are witnessing the rapid expansion of smart devices in our daily life. The need for individual privacy protection calls for anonymous entity authentication techniques with affordable efficiency upon the resource-constrained smart devices. Towards this objective, in this paper we propose self-blindable credential, a lightweight anonymous entity authentication primitive. We provide a formulati...

In [10], we introduce a process calculus for describing security protocols and we propose a static and compositional analysis of entity authentication. In this paper we apply such a technique on well-known shared key authentication protocols. The analysis helps clarifying the protocol logics, suggests simplifications and reveals some attacks. Moreover we discuss how our analysis scales up to mu...

Traditionally, the approaches to user authentication have been more static, which have often proved to be less secure. More recently, some researchers [3] have explored allowing users to choose one of several available authentication schemes. In the recent past, researchers have also considered context-dependent attributes in user authentication. Context is information that allows a system to “...

Due to the problems that International Mobile Subscriber Identity is not encrypted during transmission, key disclosure, and high authentication overhead in Evolved Packet System-Authentication Key Agreement, next generation of high-speed railway Long-Term Evolution for Railway train ground protocol, this paper describes improved Secure Remote Password algorithm two-way heterogeneous agreement s...

In this paper, we address the problem of scaling authentication for naming, routing, and end-entity certification to a global environment in which authentication policies and users’ sets of trust roots vary widely. The current infrastructures for authenticating names (DNSSEC), routes (BGPSEC), and end-entity certificates (TLS) do not support a coexistence of authentication policies, affect the ...

The use of biometrics as a secure remote authentication mechanism is hindered by a series of issues. In the case of fingerprints, an attacker can make physical copies of fingerprints by ‘lifting’ latent fingerprints off a non-porous surface. These lifted fingerprints can be used to illegitimately gain access to an authentication system. Password authentication systems only accept passwords that...

A zero-knowledge authentication scheme is a type of authentication scheme, which gives no knowledge beyond the authenticity identifying an entity and is probabilistic than deterministic authentication scheme. This paper proposes Diffie-Hellman and Fiat-Shamir like zero-knowledge authentication schemes on general non-commutative groups. The key idea of our proposal is that for a given non-commut...

Authentication is a process of verifying the identity of someone (a user, device, or an entity) who wants to access data, resources, or applications. Validating the identity shall establish a trust relationship for further interactions. Authentication even enables the accountability by making it possible to integrate both access and actions to specific identities. There are a huge number of tec...

The uptake and utility of digital collaboration’s continues to grow as organizations are realizing the diverse range of benefits they provide to not only their organization as a whole but also to individual employees. However, like many information and communication technologies the implementation push often overshadows a proper evaluation of data security and information privacy risks that may...