The ISC International Journal of Information Security

Abstract Multi-Server Authentication and Key Agreement (MAKA) protocols in 5G networks play a pivotal role in securing communications due to their widespread applications in domains such as drones, cellular networks, and secure communications. We propose a novel and efficient protocol for multi-server authentication and key agreement in 5G networks, based on Elliptic Curve Cryptography (ECC). The proposed protocol is secure against attacks such as user and server impersonation, password guessing, insider attacks, tracking, session key disclosure, replay, denial-of-service, and man-in-the-middle attacks. Additionally, distinctive features such as user anonymity, avoidance of bilinear pairing, key confirmation, perfect forward secrecy, and the ability to perform authentication without an online registration server make the proposed scheme more efficient and secure, compared to previous schemes. Formal analysis using Proverif cryptographic protocol verifier, confirms the protocol’s confidentiality and authentication properties, while its computational and communication efficiency demonstrates relative superiority over comparable schemes. 

Abstract The Internet of Things has significantly improved healthcare with its promise of transforming technological, social, and economic perspectives. Medical devices with wireless internet access enable remote monitoring of patients, and collectively, these increasingly smart and connected medical devices can provide unique and contemporary medical and health services envisioned to be deployed in a large-scale fashion. For this, medical data and records generally are collected, stored, and shared through open-air wireless networks and public cloud infrastructures, which poses severe challenges regarding the confidentiality of sensitive medical data while maintaining low service overhead and system complexity. This paper presents a novel scheme for secure cloud-assisted Internet of Medical Things connecting patients/smart medical devices to smart applications/medical service providers in a scalable one-to-many fashion to make novel medical services practical. The proposed scheme uses index-based searchable encryption for data screening without decryption. It uses a low-overhead proxy re-encryption scheme for secure data sharing through public clouds

Abstract Smart grids using information technology (IT) and communication networks control smart home appliances to reduce costs and increase reliability and transparency. Preserving the privacy of the user data is one of the biggest challenges in smart grid research; by disclosing user-related data, an internal or external adversary can understand the habits and behavior of the users. A solution to address this challenge is, however, a data aggregation mechanism in which the aggregated data of all of the users in a residential area. The security and efficiency of the data aggregation approach are important. The drawback of the previous works is leaking fine-grained user data or the high computation and communication overhead. In this paper, we present an efficient privacy-preserving data-aggregation protocol, called PPDA, based on the Elliptic Curve Cryptography (ECC) and Anonymous Veto network protocol. The PPDA protocol aggregates metering data efficiently and securely so that it becomes applicable for resource-constraint metering devices. We also present an improved multi-cycle proposal of PPDA, called MC-PPDA. In the improved approach, the system initialization step runs only at the first cycle of the protocol which increases the efficiency of the protocol. Evaluation results show that the proposed approaches preserve the privacy of the fine-grained user data against an internal and external adversary; the improved multi-cycle approach is also secure against collusion. Compared to the previous approaches, the proposed approaches incur less computation and communication overhead.

Abstract This paper presents two efficient implementations of fast and pipelined bit-parallel polynomial basis multipliers over GF (2^m) by irreducible pentanomials and trinomials. The architecture of the first multiplier is based on a parallel and independent computation of powers of the polynomial variable. In the second structure only even powers of the polynomial variable are used. The parallel computation provides regular and low-cost structure with low critical path delay. In addition, the pipelining technique is applied to the proposed structures to shorten the critical path and to perform the computation in two clock cycles. The implementations of the proposed methods over the binary extension fields GF (2¹⁶³) and GF (2²³³) have been successfully verified and synthesized using Xilinx ISE 11 by Virtex-4, XC4VLX200 FPGA.

Abstract Key agreement protocols are essential for secure communications in open and distributed environments. Recently, identity-based key agreement protocols have been increasingly researched because of the simplicity of public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is generated by a trusted Private Key Generator (PKG). However, it is unrealistic to assume that a single PKG will be responsible for issuing private keys to members of different organizations or a large-scale nation. Hence, it is needed to consider multiple PKG environments with different system parameters. In this paper, we propose an identity-based key agreement protocol among users of different networks with independent PKGs, which makes use of elliptic curves. We prove the security of the proposed protocol in the random oracle model and show that all security attributes are satisfied. We also demonstrate a comparison between our protocol and some related protocols in terms of the communication costs and the execution time. The results show that the execution time of our protocol is less than 10%, and its communication costs are about 50% of the competitor protocols.