• Corpus ID: 16167005

Comments on a Secure Authentication Scheme for IoT and Cloud Servers

@article{Tai2017CommentsOA,
  title={Comments on a Secure Authentication Scheme for IoT and Cloud Servers},
  author={Wei-Liang Tai and Ya-Fen Chang},
  journal={Int. J. Netw. Secur.},
  year={2017},
  volume={19},
  pages={648-651}
}
Recently, Kalra and Sood proposed an authentication scheme based on Elliptic Curve Cryptography (ECC) to have embedded devices and cloud servers communicate securely using HTTP cookies. After analyzing their scheme, it is found that there are five issues that are not properly addressed. In this paper, the details and further discussions are given. 

Tables from this paper

Cryptanalysis of A Hierarchical Data Access and Key Management in Cloud Computing
TLDR
In their scheme, the data owner could change the encryption key more easily, and not to affect other users in Cloud Storage Service system, however, some weaknesses are found.
DNA Cryptography for Secure Data Storage in Cloud
TLDR
A DNA based encryption algorithm for securing data in cloud environment which will be cost effective and secure by using bio-computational techniques is proposed which makes algorithm secure as it is an additional layer of biosecurity than conventional cryptographic techniques.
Secrecy Analysis in the AF Mode Cooperative Communication System
TLDR
This work concentrates on the theoretical solution to the secrecy rate in the AF mode cooperative communication system and shows the effects of eavesdropper could not affect the secure communication if the number of the eavesdroppers is less than that of relays in the system.
A Note on the Construction of Lightweight Cyclic MDS Matrices
TLDR
A class of lightweight 4 × 4 cyclic MDS matrices lighter than the state-of-the-art which reduces the implementation cost (in terms of number of XOR gates required) of linear diffusion layers for hardwareoriented cryptographic primitives.
IoT-based Efficient Tamper Detection Mechanism for Healthcare Application
TLDR
This paper effectively proposed (ANN-GA) tamper detection mechanism which relies on the certificate-based DTLS handshake protocol as it is the main security for (IoT-TD) model.
Evidence Based Trust Estimation Model for Cloud Computing Services
TLDR
An evidence based trust estimation model (EBTEM) is proposed for trust assessment of cloud services that performs adaptive trust computation, which is sensitive to changes in the service behavior and presents a method for dynamic trust prediction.
Enhance Data Storage Security DNA Cryptography in Cloud
TLDR
Cloud computing features, service models, and security issues are discussed and a DNA based encryption algorithm for securing data in cloud environment is proposed which will be cost effective and secure by using bio-computational techniques.

References

SHOWING 1-10 OF 14 REFERENCES
A Secure and Efficient One-time Password Authentication Scheme for WSN
TLDR
An efficient and secure one-time password authentication scheme for wireless sensor networks and according to the Lamport's concept it is proposed.
Secure authentication scheme for IoT and cloud servers
Cryptanalysis of an efficient password authentication scheme
TLDR
It is shown that the Thandra et al. scheme is vulnerable to denial of service attacks, online and offline password guessing attacks, and impersonation attacks.
Flexible Access Control over Verifiable Cloud Computing Services with Provable Security
TLDR
An access control mechanism of verifiable cloud computing services using chameleon hashing and Diffie-Hellman key exchange protocol is proposed so that security and cost saving can be both ensured.
A new strong-password authentication scheme using one-way hash functions
TLDR
This paper proposes a new strong-password authentication protocol that not only can withstand many possible attacks including a stolen-verifier attack, but that is also more efficient than the modified OSPA protocol.
Untraceable dynamic‐identity‐based remote user authentication scheme with verifiable password update
TLDR
A dynamic‐identity‐based remote user authentication scheme will be proposed in this manuscript that employs smart cards to achieve mutual authentication, and no verifier table is needed.
An Advanced Anonymous and Biometrics-based Multi-server Authentication Scheme Using Smart Cards
TLDR
This paper proposes an advanced biometries-based authentication scheme for a multi-server environment with higher security and efficiency, and overcomes the false negative problem inBiometries detection.
Secure and Efficient Smart Card Based Remote User Password Authentication Scheme
TLDR
A new smart card based password authentication scheme is introduced that cannot only resist various well-known attacks, but also is more efficient than other related works, and thus is feasible for practical applications.
Password Authentication Schemes: Current Status and Key Issues
TLDR
A survey through all currently available password-authentication-related schemes and gets them classified in terms of several crucial criteria to see how different password authentication schemes compare in different situations.
Robust two-factor authentication and key agreement preserving user privacy
TLDR
A robust two-factor authentication and key agreement scheme with user privacy preservation achieving all the goals is proposed, which not only provides more security guarantees, but also is still efficient both in computation and communication cost.
...
...