Article
Computer Science, Information Systems
Bshisht Moony, Amit K. Barnwal, Mrityunjay Singh, Dheerendra Mishra
Summary: With the advancements in mobile and wireless technologies, the security issue in wireless communications has become critical. Many authentication protocols have been proposed, but most of them are not secure in post-quantum environments. Therefore, analyzing and designing authenticated key agreement schemes for the quantum environment is necessary. We propose a two party authenticated key agreement scheme for mobile devices based on ring learning with error problems, which is analyzed and proved to be secure in the random oracle model.
PEER-TO-PEER NETWORKING AND APPLICATIONS
(2023)
Article
Computer Science, Hardware & Architecture
Tsu-Yang Wu, Qian Meng, Lei Yang, Xinglan Guo, Saru Kumari
Summary: In this paper, a lightweight and secure authentication protocol is proposed to meet the real-time needs of users by pushing cloud resources to the edge of a mobile network. The protocol is formally analyzed for security using ProVerif and the Real-or-Random model and proves its correctness and security, even in the event of an attack on the registration center. By comparing communication and computing costs with other existing protocols, the security and efficiency of the protocol are demonstrated.
JOURNAL OF SUPERCOMPUTING
(2022)
Article
Computer Science, Information Systems
Yan Zhang, Dianqi Han, Ang Li, Lili Zhang, Tao Li, Yanchao Zhang
Summary: MagAuth is a dual-factor authentication scheme that utilizes magnetic wrist wearables to enhance the security and usability of password-based authentication on mobile touchscreen devices. Users enroll a self-chosen unlock pattern or touch gesture, performing it with the same hand as the magnetic wrist wearable, to verify their identity.
IEEE TRANSACTIONS ON MOBILE COMPUTING
(2023)
Article
Computer Science, Artificial Intelligence
B. B. Gupta, Varun Prajapati, Nadia Nedjah, P. Vijayakumar, Ahmed A. Abd El-Latif, Xiaojun Chang
Summary: Telecare Medical Information System (TMIS) plays a crucial role in connecting remote patients and doctors. This paper discusses the vulnerabilities of existing systems and proposes a secure authentication mechanism. The proposed system utilizes machine learning and nonce-based authentication for entity verification and message freshness. Smart card blocking mechanisms are implemented to prevent unauthorized data access. The system is formally evaluated and tested against various attacks, demonstrating its efficiency and security compared to other models.
NEURAL COMPUTING & APPLICATIONS
(2023)
Article
Computer Science, Information Systems
Oladayo Olufemi Olakanmi, Kehinde Odeyemi
Summary: Mobile cloud computing combines cloud computing with mobile devices, facing security and privacy attacks, while also encountering challenges in restricting user subscriptions to services.
COMPUTERS & SECURITY
(2021)
Review
Multidisciplinary Sciences
Zuriati Ahmad Zukarnain, Amgad Muneer, Mohd Khairulanuar Ab Aziz
Summary: Smartphone devices are crucial for our daily activities and require secure authentication methods to protect transactions. However, existing methods have vulnerabilities, driving the need for the best authentication solution.
Article
Computer Science, Information Systems
Weiyou Liang, Yujue Wang, Yong Ding, Haibin Zheng, Hai Liang, Huiyong Wang
Summary: This article introduces an efficient blockchain-based anonymous authentication and supervision system (EAAS) to overcome the inefficiency issues of current controlled anonymous authentication techniques. The proposed system adopts a double-layer CA architecture to quickly respond to a large number of certificate requests and reduces computational cost. It ensures anonymity, traceability, unlinkability, and resistance to forgery attacks.
PEER-TO-PEER NETWORKING AND APPLICATIONS
(2023)
Article
Computer Science, Information Systems
Muhammad Asad Saleem, Zahid Ghaffar, Khalid Mahmood, Ashok Kumar Das, Joel J. P. C. Rodrigues, Muhammad Khurram Khan
Summary: The Internet of Things has brought convenience to mobile services, but it is essential to ensure information security. Current authentication protocols are mostly inadequate for meeting new security requirements, highlighting the need for the development of protocols suitable for the IoT environment.
IEEE INTERNET OF THINGS JOURNAL
(2021)
Article
Computer Science, Hardware & Architecture
Maria Isabel Gonzalez Vasco, Angel L. Perez del Pozo, Claudio Soriente
Summary: APAKE is a hybrid of standard key exchange and anonymous password authentication protocols, allowing clients with low-entropy passwords to establish session keys with servers while maintaining security and anonymity provisions for both parties. This paper provides a formal security model and presents two APAKE protocols that only require clients to remember a password and achieve key secrecy and anonymity guarantees.
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
(2021)
Article
Computer Science, Information Systems
Khalid Mahmood, Salman Shamshad, Minahil Rana, Akasha Shafiq, Shafiq Ahmad, Muhammad Arslan Akram, Ruhul Amin
Summary: The article presents a multi-server authentication framework based on Elliptic Curve Cryptography and Physically Unclonable Function for D2D communication, showing improved security and efficiency through experimental results.
JOURNAL OF INFORMATION SECURITY AND APPLICATIONS
(2021)
Article
Computer Science, Information Systems
Song Liu, Yuxiang Chai, Longshuo Hui, Weiguo Wu
Summary: In this paper, a blockchain-based anonymous authentication scheme for edge computing environments is proposed, which stores a small number of authentication elements in the blockchain network and reduces the computational overhead in the authentication process. The experimental results show that the proposed scheme achieves secure authentication process and effectively reduces the authentication overhead.
Article
Chemistry, Analytical
Ya-Fen Chang, Wei-Liang Tai, Ka-Ho Fung
Summary: This paper presents a non-repudiation and anonymity-ensured user authentication system that meets specific requirements for certain institutions or companies. The system utilizes department authentication devices and executive authentication devices to authenticate identities while keeping the executive's identity undisclosed to the department.
Article
Computer Science, Information Systems
Xiaoying Jia, Min Luo, Kim-Kwang Raymond Choo, Li Li, Debiao He
Summary: This article focuses on the security and privacy issues in mobile-edge computing (MEC) deployment and revisits an anonymous authentication scheme. It highlights the vulnerabilities in the scheme and presents a redesigned protocol using password and biometrics for authentication. Performance comparison shows that our scheme outperforms competing schemes in terms of computation and communication costs.
IEEE INTERNET OF THINGS JOURNAL
(2022)
Article
Computer Science, Hardware & Architecture
Qingxuan Wang, Ding Wang, Chi Cheng, Debiao He
Summary: This article presents a quantum-resistant smart-card-based password authentication scheme that utilizes lattice-based key exchange and fuzzy-verifier + honeywords technique to effectively protect against quantum attacks. The scheme is proven to be secure under the random oracle model and demonstrates better computation efficiency compared to the state-of-the-art conventional 2FA schemes.
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
(2023)
Article
Computer Science, Information Systems
Khalid Mahmood, Muhammad Faizan Ayub, Syed Zohaib Hassan, Zahid Ghaffar, Zhihan Lv, Shehzad Ashraf Chaudhry
Summary: Mobile Edge Computing (MEC) is a technology that distributes processing and storage capabilities at the edge of wireless networks. Ensuring security in MEC environments is a challenging task. To meet the requirements of lightweight and real-time communication, we propose a secure authentication protocol for MEC environments. Our protocol ensures secure and efficient communication between entities while preserving user anonymity. It has been proven to be secure and outperforms existing MEC protocols.
COMPUTER COMMUNICATIONS
(2022)
Article
Computer Science, Information Systems
Yinbin Miao, Wei Zheng, Xiaohua Jia, Ximeng Liu, Kim-Kwang Raymond Choo, Robert H. Deng
Summary: This paper studies the problem of ranked keyword search over encrypted data in cloud computing. A Machine Learning-based Ranked Keyword Search (ML-RKS) scheme is proposed to reduce search complexity without sacrificing search accuracy, and an Enhanced ML-RKS (ML-RKS+) scheme is introduced to achieve forward security. The experiments on real-world dataset demonstrate the efficiency and feasibility of our schemes in practical applications.
IEEE TRANSACTIONS ON SERVICES COMPUTING
(2023)
Article
Computer Science, Information Systems
Liping Zhang, Yue Zhu, Wei Ren, Yixin Zhang, Kim-Kwang Raymond Choo
Summary: E-health systems are important during the COVID-19 pandemic, but ensuring data security is challenging, especially when data comes from insecure devices. This study proposes a lightweight privacy-preserving three-factor authenticated key agreement scheme for resource-constrained e-health systems, with minimal computational cost.
IEEE TRANSACTIONS ON SERVICES COMPUTING
(2023)
Article
Engineering, Electrical & Electronic
Xiaotong Zhou, Debiao He, Muhammad Khurram Khan, Wei Wu, Kim-Kwang Raymond Choo
Summary: Vehicular Ad-hoc Networks (VANETs) have potential applications in improving the efficiency and safety for intelligent transportation systems. The paper proposes an efficient blockchain-based CPPA (EBCPPA) scheme to address the limitations of existing schemes. Security and performance analyses show that EBCPPA is more efficient than other state-of-the-art solutions in terms of signing, verification, and bandwidth requirement.
IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY
(2023)
Article
Computer Science, Information Systems
Qing Fan, Debiao He, Jianhua Chen, Cong Peng, Lianhai Wang
Summary: Driven by cloud computing technologies, public-key encryption with keyword search (PEKS) is becoming popular in various fields. However, there are security and privacy issues in the encrypted data search and access processes. This article presents a postquantum searchable encryption scheme named Isoga, which fights against keyword guessing attacks. The scheme utilizes designated tester primitive and quantum resistance of isogeny.
IEEE SYSTEMS JOURNAL
(2023)
Article
Computer Science, Information Systems
Xiaohan Hao, Wei Ren, Yangyang Fei, Tianqing Zhu, Kim-Kwang Raymond Choo
Summary: The increase in volume, variety, and value of data generated by IoT devices highlights the need for secure and efficient access control solutions. Existing solutions are not lightweight or scalable for resource-constrained IoT devices. To address this, we propose a lightweight consortium blockchain-based architecture that utilizes intelligent access control for IoT devices. Our system ensures reliability, availability, confidentiality, integrity, security, and scalability, while also supporting data sharing among users and exceptional blockchain situations. Performance analysis indicates that typical cryptographic algorithms can run in the microsecond range.
IEEE TRANSACTIONS ON SERVICES COMPUTING
(2023)
Article
Telecommunications
Biwen Chen, Zhongming Wang, Tao Xiang, Jiyun Yang, Debiao He, Kim-Kwang Raymond Choo
Summary: Vehicular Ad-Hoc Networks (VANETs) have improved driving safety and comfort through vehicular wireless communication technology. However, existing authentication protocols in VANETs have limitations in terms of privacy protection, malicious entity tracking, and cross-domain authentication. To address these challenges, we propose a secure and effective group signature scheme for anonymous authentication and traceable identity within a domain, and a blockchain-based privacy-preserving cross-domain authentication protocol (BCGS) that integrates both blockchain and group signature. Our evaluations show that BCGS outperforms other approaches in terms of security, computation, and storage costs.
VEHICULAR COMMUNICATIONS
(2023)
Article
Business
Saeed Alzahrani, Tugrul Daim, Kim-Kwang Raymond Choo
Summary: This article develops a scoring model to evaluate healthcare organization's readiness for blockchain adoption and validates the model through case studies.
IEEE TRANSACTIONS ON ENGINEERING MANAGEMENT
(2023)
Article
Engineering, Civil
Mohammad Bany Taha, Saed Alrabaee, Kim-Kwang Raymond Choo
Summary: This paper proposes a scheme using CP-ABE to achieve data confidentiality in VANETs by building a cluster of vehicles to handle distributed micro-tasks. Tasks are distributed based on factors such as distance, duration, and resource availability. The effectiveness of the scheme is demonstrated through comparison with Kubernetes mechanism and simulation evaluations.
IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS
(2023)
Article
Computer Science, Theory & Methods
Jie Cui, Hu Sun, Hong Zhong, Jing Zhang, Lu Wei, Irina Bolodurina, Debiao He
Summary: With the development of communication technology and intelligent transportation systems, vehicular ad hoc networks (VANETs) have gained popularity, leading to increased importance of VANET communication security. An intrusion detection system (IDS) is essential in improving network security, but faces challenges in accuracy, efficiency, and completeness due to frequent location changes in VANETs. This study proposes a collaborative intrusion detection system (CIDS) model that utilizes federated learning in software-defined VANETs to address these issues. The model trains through collaboration among local software-defined networks (SDNs) without sharing local network data flows, improving IDS scalability and globality.
IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS
(2023)
Article
Computer Science, Information Systems
Lang Pu, Chao Lin, Biwen Chen, Debiao He
Summary: The Industrial Internet of Things (IIoT) utilizes physical devices to collect data, which needs to be saved on a cloud server for processing and analysis. Traditional encryption techniques make it difficult to search the generated ciphertext. Public-key encryption with keyword search (PEKS) can provide data encryption and confidential searching, but it is susceptible to internal keyword guessing attacks (IKGAs) due to limited commonly used keywords. A user-friendly public-key authenticated encryption with keyword search (PAEKS) scheme is proposed in this article to address this issue.
IEEE INTERNET OF THINGS JOURNAL
(2023)
Article
Computer Science, Theory & Methods
Zhili Zhou, Xiaohua Dong, Ruohan Meng, Meimin Wang, Hongyang Yan, Keping Yu, Kim-Kwang Raymond Choo
Summary: As a promising technique of resisting steganalysis detection, generative steganography generates a new image with secret information as the stego-image. However, the conventional methods of generating stego-images result in limited information extraction accuracy and low security. To address these limitations, we propose a generative steganographic framework that encodes secret messages as disentangled object contours in a distribution-preserving manner.
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY
(2023)
Article
Computer Science, Theory & Methods
Biwen Chen, Tao Xiang, Debiao He, Hongwei Li, Kim-Kwang Raymond Choo
Summary: In this paper, we propose BPVSE, a new verifiable and dynamic searchable encryption scheme for cloud-assisted EHR. BPVSE leverages blockchain and hash-proof chain to enable public verification of search results without a trusted authority. It supports dynamic datasets with forward and backward security, using a newly designed hidden data structure. Additionally, BPVSE allows for efficient encryption and parallel search.
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY
(2023)
Article
Engineering, Environmental
Ding Ling Gao, Wei Wei Lin, Qiao Jing Lin, Fei Fei Dai, Yan Xue Xue, Jian Hua Chen, Yu Xiang Liu, Yang Huang, Qian Yang
Summary: In this study, Cu2+ was doped into ZnAl hydrotalcite to enhance its phosphate adsorption capacity. The Cu2+ doping increased the inter-layer spacing and specific surface area of the adsorbent. The optimal doping amount was found to be 1% of the total metal molarity. The resulting ZnAlCu layered trimetallic oxide exhibited significantly improved phosphate adsorption performance compared to ZnAl hydrotalcite and ZnAlCu ternary hydrotalcite.
JOURNAL OF ENVIRONMENTAL CHEMICAL ENGINEERING
(2023)
Article
Computer Science, Theory & Methods
Yang Liu, Debiao He, Qi Feng, Min Luo, Kim-Kwang Raymond Choo
Summary: The anonymous credential has various applications, such as pay-as-you-go strategy in electronic subscription. However, the strategy may not suit non-regular users as they require stricter identity supervision. Identity supervision is a crucial part of an anonymous credential system and needs to be both reasonable and practical in regulating user behavior. The combination of customized k-times and epochs is necessary due to the limitations of existing works. This paper presents a permissioned redactable credentials scheme that allows fine-grained supervision, user control, and user redaction, providing potential utility when evaluated for performance.
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY
(2023)
Article
Computer Science, Information Systems
Pengfei Wu, Jianting Ning, Wu Luo, Xinyi Huang, Debiao He
Summary: This article introduces a T-SGX framework based on trusted execution environments, which aims to protect user privacy and ensure system efficiency by dynamically loading enclave objects. All these objects are secretly shared and stored in a verifiably distributed share management system to mitigate exposure of sensitive information. Security analysis shows that T-SGX achieves secure distributed computing without privacy leakage to unauthorized parties. Experimental results demonstrate that T-SGX outperforms a state-of-the-art solution, with 11.9%-29.7% less overhead in SGX-based applications.
IEEE TRANSACTIONS ON SERVICES COMPUTING
(2023)