Search for: authentication
0.007 seconds
Total 154 records

    New attacks on UMTS network access

    , Article 2009 Wireless Telecommunications Symposium, WTS 2009, 22 April 2009 through 24 April 2009 ; 2009 ; 9781424425884 (ISBN) Ahmadian, Z ; Salimi, S ; Salahi, A ; Sharif University of Technology
    In this paper we propose two new attacks on UMTS network. Both attacks exploit the UMTS-GSM interworking and are possible in the GSM access area of UMTS network. The first attack allows the attacker to eavesdrop on the entire traffic of the victim UMTS subscriber in the GERAN coverage of the UMTS network. The second attack is an impersonation attack i.e. the attacker impersonates a genuine UMTS subscriber to a UMTS network and fools the network to provide services at the expense of the victim subscriber in its GERAN coverage. © 2009 IEEE  

    Group Authentication in Secure IP Multicast Using One-Time Password

    , M.Sc. Thesis Sharif University of Technology Ghanbari Maman, Reza (Author) ; Nemaney Pour, Alireza (Supervisor)
    Since the number of Internet users for the services such as e-applications is increasing rapidly, authentication constrains more latency as well as load to the system. It is due to large number of users whose identity needs to be checked and compared individually, and the number of simultaneous authentication requests in a specific time. To solve the stated issues, this thesis proposes a new definition of group authentication and describes group authentication protocols. Group authentication is the verification of identity of multiple requests of users at the same time. In this protocol, the authentication server inputs the multiple authentication requests in a function, and then applies... 

    Simulation-based traceability analysis of RFID authentication protocols

    , Article Wireless Personal Communications ; Vol. 77, Issue. 2 , 2014 , pp. 1019-1038 Alagheband, M. R ; Aref, M. R ; Sharif University of Technology
    Nowadays low-cost RFID systems have moved from obscurity into mainstream applications which cause growing security and privacy concernsThe lightweight cryptographic primitives and authentication protocols are indispensable requirements for these devices to grow pervasiveIn recent years, there has been an increasing interest in intuitive analysis of RFID protocolsThis concept has recently been challenged by formal privacy modelsThis paper investigates how to analyse and solve privacy problems in formal modelFirst, we highlight some vague drawbacks especially in forward and backward traceability analysis and extend it in the simulation-based privacy model familyThen, the privacy weaknesses of... 

    Traceability analysis of quadratic residue-based RFID authentication protocols

    , Article 2013 11th Annual Conference on Privacy, Security and Trust, PST 2013 ; 2013 , Pages 61-68 ; 9781467358392 (ISBN) Sohrabi Bonab, Z ; Alagheband, M. R ; Aref, M. R ; Sharif University of Technology
    Since low-cost RFID systems are applied in ubiquitous varied applications, privacy and security of their users became a great concern. Therefore, the various authentication protocols have been proposed. In this paper, we inspect the three new-found RFID authentication protocols based on quadratic residue property via one of the well-organized formal RFID privacy models instead of intuitive analysis. We formally prove that modular squaring is the suitable technique to guarantee RFID authentication protocols against backward traceability. Then, the flaws are alleviated to resist traceability attacks  

    Security and privacy analysis of song-mitchell RFID authentication protocol

    , Article Wireless Personal Communications ; Volume 69, Issue 4 , May , 2013 , Pages 1583-1596 ; 09296212 (ISSN) Habibi, M. H ; Aref, M. R ; Sharif University of Technology
    Many applications, such as e-passport, e-health, credit cards, and personal devices that utilize Radio frequency Identification (RFID) devices for authentication require strict security and privacy. However, RFID tags suffer from some inherent weaknesses due to restricted hardware capabilities and are vulnerable to eavesdropping, interception, or modification. The synchronization and untraceability characteristics are the major determinants of RFID authentication protocols. They are strongly related to privacy of tags and availability, respectively. In this paper, we analyze a new lightweight RFID authentication protocol, Song and Mitchell, in terms of privacy and security. We prove that not... 

    Integration of handheld NIR and machine learning to “Measure & Monitor” chicken meat authenticity

    , Article Food Control ; Volume 112 , 2020 Parastar, H ; Van Kollenburg, G ; Weesepoel, Y ; Van den Doel, A ; Buydens, L ; Jansen, J ; Sharif University of Technology
    Elsevier Ltd  2020
    By combining portable, handheld near-infrared (NIR) spectroscopy with state-of-the-art classification algorithms, we developed a powerful method to test chicken meat authenticity. The research presented shows that it is both possible to discriminate fresh from thawed meat, based on NIR spectra, as well as to correctly classify chicken fillets according to the growth conditions of the chickens with good accuracy. In all cases, the random subspace discriminant ensemble (RSDE) method significantly outperformed other common classification methods such as partial least squares-discriminant analysis (PLS-DA), artificial neural network (ANN) and support vector machine (SVM) with classification... 

    Security enhancement for a low computation cost user authentication scheme

    , Article International Conference on Security and Cryptography, SECRYPT 2006, Setubal, 7 August 2006 through 10 August 2006 ; 2006 , Pages 5-8 ; 9728865635 (ISBN); 9789728865634 (ISBN) Sattarzadeh, B ; Asadpour, M ; Jalili, R ; Sharif University of Technology
    In 2003, Wu and Chieu proposed a user friendly remote authentication scheme using smart cards. Later, Yang and Wang pointed out that Wu and Chieu's scheme is vulnerable to the password guessing and forgery attacks. Recently, Lee et al. proposed an improved authentication scheme and claimed that their scheme is secure against forgery attack. However, in this paper, we illustrate that Lee et al.'s scheme is still vulnerable to the forgery attack. We also propose an enhancement of the scheme to resist such that attack. © 2010  

    A novel secure bilinear pairing based remote user authentication scheme with smart card

    , Article Proceedings - IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2010, 11 December 2010 through 13 December 2010 ; 2010 , Pages 578-582 ; 9780769543222 (ISBN) Bayat, M ; Sabzinejad, M ; Movahed, A ; Sharif University of Technology
    Authentication schemes play vital roles in computer and communication security. In order to authenticate the remote users, password based schemes have been widely used. In this paper we introduce a secure remote user authentication scheme based on bilinear pairing that satisfies all security requirements which are mentioned for password based authentication schemes using smart card  

    An ultra-lightweight RFID mutual authentication protocol

    , Article 16th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology, ISCISC 2019, 28 August 2019 through 29 August 2019 ; 2019 , Pages 27-32 ; 9781728143736 (ISBN) Rahnama, A ; Beheshti Atashgah, M ; Eghlidos, T ; Aref, M. R ; Sharif University of Technology
    Institute of Electrical and Electronics Engineers Inc  2019
    In some applications of the Internet of Things (IoT), for privacy preserving and authentication of entities, it is necessary to use ultra-lightweight cryptographic algorithms. In this paper, we propose a new ultra-lightweight authentication protocol between RFID components, in which only simple operations are used. In this protocol, the server has access to the data gathered by the tag in the same authentication phase through the reader interface, instead of sharing a secret key. The proposed protocol is secure against several attacks, such as replay attacks, denial of service, offline guessing attacks, modification attacks, full disclosure attacks and impersonation attacks, in addition to... 

    Recursive linear and differential cryptanalysis of ultralightweight authentication protocols

    , Article IEEE Transactions on Information Forensics and Security ; Volume 8, Issue 7 , 2013 , Pages 1140-1151 ; 15566013 (ISSN) Ahmadian, Z ; Salmasizadeh, M ; Aref, M. R ; Sharif University of Technology
    Privacy is faced with serious challenges in the ubiquitous computing world. In order to handle this problem, some researchers in recent years have focused on design and analysis of privacy-friendly ultralightweight authentication protocols. Although the majority of these schemes have been broken to a greater or lesser extent, most of these attacks are based on ad-hoc methods that are not extensible to a large class of ultralightweight protocols. So this research area still suffers from the lack of structured cryptanalysis and evaluation methods. In this paper, we introduce new frameworks for full disclosure attacks on ultralightweight authentication protocols based on new concepts of... 

    A novel and low-energy PKC-based key agreement protocol for WSNs

    , Article 2013 10th International ISC Conference on Information Security and Cryptology, ISCISC 2013 ; 2013 Ghasemzadeh, H ; Aref, M. R ; Payandeh, A ; Sharif University of Technology
    IEEE Computer Society  2013
    Security is a critical and vital task in WSNs. Recently, key management as the core of a secure communication has received lots of attention, but in most of the proposed methods security has been compromised in favor of reducing energy consumption. Consequently, perfect resiliency has not been achieved by most of the previous works. Hostile environment, ability of adversary to capture the nodes, and dead nodes with sensitive data scattered in the region, calls for a more secure and yet practical method. This paper proposes a novel authentication scheme based on broadcast messages from BS to improve security of key management system. Through simulation it is shown that energy consumption of... 

    Attacks on Recent RFID Authentication Protocols

    , Article Journal of Signal Processing Systems ; Volume 79, Issue 3 , 2015 , Pages 271-283 ; 19398018 (ISSN) Habibi, M. H ; Aref, M. R ; Sharif University of Technology
    Springer New York LLC  2015
    The developing of RFID systems in sensitive applications like e-passport, e-health, credit cards, and personal devices, makes it necessary to consider the related issues such as maximum reading distance, communication speed and data security. The use of signal processing methods is an efficient and convenient way to achieve the maximum reading distance and communication rate. However, the signal processing techniques are not adequate to provide a reasonable level of security and privacy for RFID systems. Thus, it is necessary to employ specific authentication protocols which assure data security and preserve the user’s privacy. Among other security and privacy characteristic of an RFID... 

    NERA: A new and efficient RSU based authentication scheme for VANETs

    , Article Wireless Networks ; Volume 26, Issue 5 , 2020 , Pages 3083-3098 Bayat, M ; Pournaghi, M ; Rahimi, M ; Barmshoory, M ; Sharif University of Technology
    Springer  2020
    In vehicular ad-hoc networks (VANETs), the correctness of a message requires authentication of the origin vehicle.In this paper, we introduce a novel authentication scheme for VANETs which suggests a new solution for secure vehicle communications. The proposed scheme is an road side unit (RSU) based scheme in which the master key of the Trusted Authority (TA) is embedded in a tamper-proof device provided at the RSUs. Compared with the schemes that store the master key in the on-board units, our scheme is more practical because of a secure and high speed communication link between TA and RSUs. To the best of our knowledge,this solution has not yet been devised for secure authentication in... 

    Enhanced smart-card-based authentication scheme providing forward-secure key agreement

    , Article 1st IFIP International Conference on New Technologies, Mobility and Security, NTMS 2007, Paris, 2 May 2007 through 4 May 2007 ; 2007 , Pages 447-458 ; 9781402062698 (ISBN) Asadpour, M ; Sattarzadeh, B ; Jalili, R ; Sharif University of Technology
    Kluwer Academic Publishers  2007
    Many smart-card-based remote authentication schemes have been proposed recently. In 2004, Yoon et al. presented an improved scheme which is the leading of a research track started from Sun, 2000. In this paper, we illustrate that Yoon et al.'s scheme is vulnerable to the parallel session attack and propose an enhancement of the scheme to resist that attack. In our scheme the parties further establish a forward-secure session key by employing only hash functions to protect the subsequent communications. We also demonstrate that our scheme has better security in comparison to other related works, while it does not incur much computational cost © 2007 Springer  

    A mafia and distance fraud high-resistance RFID distance bounding protocol

    , Article International ISC Conference on Information Security and Cryptology, ISCISC 2014 ; 18 December 2014 , Pages 67-72 Entezari, R ; Bahramgiri, H ; Tajamolian, M ; Sharif University of Technology
    A practical approach to prevent location-based attacks in RFID systems is the use of Distance Bounding (DB) protocols. These protocols enable an entity to determine an upper bound on the physical distance to another entity as well as to authenticate it. It makes, rejection of the requests located out of this distance limitation. So far, many DB protocols have been designed with the aim of resistance to location-based attacks. In this paper, we propose a unilateral DB protocol using delay concept while sending two random binary challenges. This protocol can resist better than other unilateral DB protocols against mafia and distance fraud attacks. In addition, the proposed protocol can be... 

    Unified privacy analysis of new-found RFID authentication protocols

    , Article Security and Communication Networks ; Volume 6, Issue 8 , 2013 , Pages 999-1009 ; 19390122 (ISSN) Alagheband, M. R ; Aref, M. R ; Sharif University of Technology
    Ubiquitousness of Radio Frequency Identification (RFID) systems with inherent weaknesses has been a cause of concern about their privacy and security. Therefore, secure protocols are essentially necessary for the RFID tags to guarantee privacy and authentication among them and the reader. This paper inspects privacy in the RFID systems. First, we survey four new-found RFID authentication protocols, and then, their weaknesses in formal privacy model are analyzed. Although the authors of the schemes claimed that their protocols completely resist privacy attacks, we formally prove that all of them suffer from the family of traceability attacks. Furthermore, not only are the four improved... 

    On the security of an ECC based RFID authentication protocol

    , Article 2012 9th International ISC Conference on Information Security and Cryptology, ISCISC 2012 ; 2012 , Pages 111-114 ; 9781467323864 (ISBN) Babaheidarian, P ; Delavar, M ; Mohajeri, J ; Sharif University of Technology
    Following the fact that there are some efficient implementations of ECC-based RFID authentication protocols on RFID tags, a new family of RFID authentication protocols known as EC-RAC family has been introduced. However, it has been shown that all the versions of EC-RAC protocols are exposed to privacy and/or security threats. In this paper we analyzed a version of the EC-RAC RFID authentication protocol as well as a version of Schnorr protocol which were presented in a recent work and are claimed to have the demanding requirements. We demonstrated an impersonation attack on the claimed improved EC-RAC, and consequently showed that it would not satisfy the tag authentication property. Also,... 

    Analysis of Xiao et al.'s authentication protocol conforming to EPC C1 G2 standard

    , Article 2016 8th International Symposium on Telecommunications, IST 2016, 27 September 2016 through 29 September 2016 ; 2017 , Pages 111-116 ; 9781509034345 (ISBN) Abdolmaleki, B ; Baghery, K ; Akhbari, B ; Aref, M. R ; Sharif University of Technology
    Institute of Electrical and Electronics Engineers Inc  2017
    Recently, different RFID authentication protocols conforming to EPC Class 1 Generation 2 (EPC C1 G2) standard have been proposed. In 2013, Xiao et al. have proposed an improved mutual authentication protocol which claimed to eliminate the weaknesses of Yoon's protocol that has been proposed in 2012. In this paper, we study the security and the privacy of Xiao et al.'s protocol. It is shown that their protocol suffers from secret parameters reveal, tag impersonation attack, backward and forward traceability attacks. Then, in order to enhance the security and the privacy of this protocol, a modified version is proposed. In order to evaluate our proposed protocol, its security and privacy are... 

    A multi sender attribute-based broadcast authentication scheme

    , Article 2016 8th International Symposium on Telecommunications, IST 2016, 27 September 2016 through 29 September 2016 ; 2017 , Pages 78-83 ; 9781509034345 (ISBN) Aghapour, S ; Ameri, M. H ; Mohajeri, J ; Sharif University of Technology
    Institute of Electrical and Electronics Engineers Inc  2017
    Multi sender attribute-based broadcast authentication scheme for the network containing resource constrained nodes is the main focus of this research. In this paper, we proposed a framework in which each element of a set of authorized users whose attributes satisfy a special sign control policy can generate a valid signature. In this framework, there exists a trusted server who receives and verifies the validity of the generated attribute-based signatures and broadcast the intended message through the nodes of the network in an efficient and authenticated manner. We also proposed a new symmetric-based broadcast authentication scheme which is used for broadcasting the authenticated messages... 

    A lightweight anonymous authentication protocol for IoT wireless sensor networks

    , Article 16th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology, ISCISC 2019, 28 August 2019 through 29 August 2019 ; 2019 , Pages 39-44 ; 9781728143736 (ISBN) Rahnama, A ; Beheshti Atashgah, M ; Eghlidos, T ; Aref, M. R ; Sharif University of Technology
    Institute of Electrical and Electronics Engineers Inc  2019
    Lightweight authentication protocols are crucial for privacy preserving in Internet of Things (IoT). Authentication protocols should be implementable for devices with constrained memory and computational power in this area, in addition to resistance against cryptographic threats. On the other hand, these protocols should not impose a heavy computational load on such devices. In this paper we proposed an authentication protocol that properly meets these features. Our protocol is suitable for wireless sensor networks (WSNs). In this protocol, authentication is fulfilled with low communication and computational loads between sensors and users through the gateway interface using a hash function...