Secure Authentication And Key Agreement Protocols In Modern Computing Environment

Recent evolution in the communication and information technology opened a new era for the researchers and facilitated the human life by providing more and more services online such as Healthcare,online banking,shopping,utility bill payments and gaming,etc.The public network is used to access these services,which is inherently insecure.Security and privacy is a core issue in such networks.An adversary can easily extract,delete,intercept and modify the user's information from the public network.So,user's information as well as message protection is a key issue.To improve the security,a plethora of cryptographic protocols have been proposed in the recent literature.Symmetric key cryptography is a very popular choice in a controlled environment and is also used for encryption/decryption in designing the lightweight protocol.Apart from this,secure one-way hash function and exclusive OR etc,may also be used in designing such protocols.However,the transmission of sensitive information in various situations such as online banking,e-health services requires more appropriate security systems such as asymmetric cryptosystem in comparison to traditional cryptosystems.This research work analyzes various approaches presented in the literature to address different security issues regarding the exposure of sensitive information of users.These approaches include;Password-based authentication,Smart-Card Based or two-factor authentication using ECC,Three-Factor Authentication for E-healthcare services,and Multiserver authentication in a client-server environment.The mentioned approaches are analyzed against different attacks like impersonation(user,server)attacks and anonymity attack.Moreover,some of the approaches are also analyzed for incorrectness issues.It is found that most of the analyzed approaches show vulnerable against user impersonation,server impersonation,and user anonymity attacks.The success of such attacks on the analyzed approaches shows that these approaches are unable to protect sensitive user information and using them to communicate sensitive information will ultimately lead to the exposure of this information.Incorrectness issues are also found in different schemes proposed by Lu et al.To address the identified issues,new protocols are designed in this research to protect the identifying information of users from being misused by malicious attackers.In this thesis,some cryptographic protocols have been proposed mainly in five sub areas:1.Password-based authentication using ECC for SIP:In this research work,we study and analysis the SIP(session initiation protocols)structure and cryptographic operation like ECC(Elliptic curve cryptosystem)in details.After detailed study,it is found that the recent research on SIP authentication protocols proposed by Lu et al.is insecure against user and server impersonation attack.Moreover,it fails to provide user anonymity.Hence,a new protocol has been proposed to ensure the security and privacy of the user.The proposed protocols not only efficient in term of running time but also secure than the recently proposed protocols.2.Two party two-factor authentication schemes:Two-factor authentication is considered to be more secure than the password-based authentication.In this study,a details analysis performed on smart-card based au-thentication protocols.After details probe of two-factor authentication protocols,it is observed that some protocols are vulnerable to user impersonation attack,in the case if smart-card loses/filched[1,2].A attacker can easily extract user's sensitive information through power analysis mention in literature[3-6].To secure the two-factor based authentication mechanism,keeping in mind the identified flaws in recent two-factor authentication protocols,a new protocol has been introduced which is secure against all known attacks.Moreover,the security of newly introduced protocols is solicited in random oracle model.The proposed protocol not only enhances the security but also lightweight than the conventional related protocols.3.Two party three-factor authentication schemes:In TMIS,physicians can get the patients current information remotely and patients can also use healthcare services.The information over a public channel is protected by using authentication schemes.For this purpose,numerous biometric authentication schemes have been introduced in the literature.However,the scheme of Omid et al.[7]is susceptible to the user impersonation attack and also fails to provide user anonymity Hence,to avoid these two attacks,we have changed a mechanism which makes the three-factor framework more secured for the practical application.Therefore,a novel scheme presented a robust and efficient three-factor authentication and key agreement scheme for E-Health Services.A comprehensive analysis performed on the proposed protocol and it is found provably secure.4.A mobile handover authentication scheme:The use of mobile technology in everyday life activities raises serious alarms over the security of user's personal information.User authentication is a key factor in such kind of environment,allows the remote users to enjoy roaming services provided by the remote server with the assistance of home network.Therefore,user privacy protection in such kind of network is a crucial issue for the researcher.So,many scholars proposed authentication schemes to address this issue.A recent proposal came from Lu et al.[8],where a key agreement protocol for authentication is presented using smart-card.The protocol is claimed to be robust in terms of all security features for practical applications.However,analysis of the said protocol reveals that being equipped with formal security proof,the protocol proposed by Lu et al.fails to resist against server and user impersonation attacks.Additionally,it also fails to provide user's anonymity.Hence,to counter these identified pitfalls,an efficient and secure two-factor authentication technique with higher security and rational efficiency has been presented in this research work.It has been made sure to the greatest possible extent that user identifying information is never transmitted in plain or even hash values are encoded to protect it from being misused.Furthermore,the security of these newly designed protocols has been analyzed using standard Random Oracle Model and BAN logic.It has been proved that newly designed protocols are secure against all the known attacks.ContributionsThe contributions of this thesis are enlisted below:1.The tasks of 2,Two-factor authentication and key agreement schemes/protocols are achieved and presented in Chapter 4,7 for different environments.The schemes are developed by using secure hash function,symmetric key primitives and ECC.All these techniques are proposed to offer anonymity,authenticity,non-repudiation and confidentiality etc.Whereas,the proposed protocols consumed low computation cost and found resilient against all the known attacks.2.Two remote user authentication protocols for Session Initiation Protocol have been proposed.Chapter 5,6 are designed for SIP environment.While designing these protocols,we used some cryptographic key operations and ECC.The new introduced protocols are verified to provably secured through standard random oracle model.Moreover,new proposed protocols are light weighted as compared to recent proposed protocols and secured against all familiar attacks.3.A biometric(three-factor)authentication schemes/protocols is proposed for Telecare medicine-information systems in Chapter 8 by using hash function and other symmetric cryptography primitives.The proposed three-factor scheme is also verified through random oracle model and found protected against all the feasible attacks.4.A secure substantiation scheme for handover process in mobile communications is presented in in Chapter 9.The proposed protocol is provably secure and is validated through BAN logic and random oracle model.Moreover,the proposed protocol also offers the lowest processing and communication costs as compared to the recently proposed protocols.