Security AnalysisProtecting the user identifications in the network Essay

Security Analysis

Protecting the user identifications in the network is an important task because they are located everywhere, such as airport lounges, hotels, hospitals, Bank, business centers, and cafes. All sorts of attacks may happen in such location, including key logger, malware, and phishing. So that it is needed to define an authentication protocols is highly important. Hence, this paper we define a threat model and identified that scheme is secure. We classify the following attacks in this authentication category such as password change attack, dictionary attack, brute force attack, impersonation attacks, forgery attack, stolen verifier attack, Replay attack and stolen smart card attack and GW bypassing attack [24].

Don't use plagiarized sources. Get Your Custom Essay on
Security AnalysisProtecting the user identifications in the network Essay
From as low as $9/Page
Order Essay

5.1 Password Change attack

The proposed protocol used the user’s unique biometrics Bioi information which is almost feasible and it is impossible for the illegitimate user Ul to be able to impersonate a legal user to modify the password. If the illegitimate user Ul need to change the password then they must be enter the old password UPWi and biometric Bioi information then only they allowed to change the password.

In case the illegitimate user Ul gets access to the smart card and extracts ei and fi, they still needs to enter correct biometric Bioi as input to proceed further which are impossible to forge.

5.2 Dictionary attack

Most passwords have such low entropy that the system is vulnerable to password guessing attacks, where an attacker intercepts authentication messages, stores them locally and then attempts to use a guessed password to verify the correctness of his/her guess using these authentication messages

If the illegitimate user Ul is trying to guess the user identity UIDi and password UPWi using either stolen smart device or any of the previously transmitted messages then the following steps will explain how the illegitimate user will not get success in guessing the password:

1. The illegitimate User Ul guesses a password as UPWl. In order to legalize this password UPWl, the Illegitimate user needs UIDi s identity as well as biometric Bioi with yi = yu and zi = zu.

2. To guess the password of the User UPWi, the illegitimate user Ul will require guessing Ui identity UIDi and biometric Bioi along with password UPWi. But, prediction of biometric information or forging it or stealing it is infeasible to achieve, hence the protocol is secure against offline?password?guessing attacks.

3. If the illegitimate user tries to find out the sensitive information from any of the communicated messages of login and authentication phases, ie, or , then the chances of guess password and biometric are very little.

5.3 Brute force attack

The illegitimate user can be extract the security parameters of messages are like {M1, M2, M3, M4 and Ti} from the transmitted messages between GWNi and SNj for the brute force attack. Even the illegitimate user obtained these security parameter, they still could not find the password UPWi as the IAS secret key MK and also Secret keys of PKi and PKu. Therefore, the proposed scheme can resist the brute force attack.

M1 = h {PKi, Gen(.) }

M2 = h {CK = PKs, Xs, Ti, UIDi }

M3= h {PKi, UPWi}

M4= h {PKi, Aj}

5.4 Impersonation attacks

The illegitimate user Ul enters into the legal communication and retransmits the intercept message to SNj or GWNi if they could not calculate the session key. Because illegitimate user Ul needs to submit personal biometric information of Ui which calculates is impossible to impersonate. Also, if the illegitimate user Ul modifies the login or authentication phase messages, ie, or < Riu ,Hj , Vu , Tru ,Trs , Trg> . To establish a new session, Ul needs to alter the login request message UPg to UlPg= h { xi , Xs, Tru) and UPs to UlPs = n ? xi. The illegitimate user Ul attempt to login will fail at the gateway node, GWNi, as UPg will not match with Qi computed during authentication phase by GWNi.

5.5 Forgery attack

In this attack, an illegitimate user Ul computes Message M1 = h {UIDi, PKi, UPWi} and try to pretend to be a user Ui by sending a valid login and authentication request message. But this is absolutely impossible, because they would not know UPWi and UBioi. Suppose that the illegitimate user Ul computes the following forged message M = {M1, M2, Trs, UIDi}, and sends the message to GWNi via SNj.

M1 = h{PKf} ? h { UPKf , IDl} ? Tl

M2 = h {PKl, IDl, Tl}

where IDl is the identity of the illegitimate user, Tl is the timestamp generated by the illegitimate user Ul, PKl is the secret key of the illegitimate user, and PKf is the fake secret key of GWNi. Then, after computing M2 ? h {PKf } ? Tl, GWNi tries to search h{ PKf , IDl } in its database. If GWNi finds no matching value then it can be easily recognized that message is sent by the illegitimate user Ul not by the User Ui.

5.6 Stolen verifier attack

An attacker who steals the password verifier (e.g., hashed passwords) from the server can use the stolen verifier to impersonate a legal user to log in the system.

Our proposed scheme is not used any password tables, so there is no way that an illegitimate user Ul could not gather sensitive information of the user Ui. Thus the illegitimate User Ul could not try and impersonate a user on any other network. Furthermore, when the user Ui initiates the authentication phase, the gateway node GWNi forwards the message to the SNj sensor node so that the illegitimate user Ul cannot extract user Ui password from the message M1 = h { h { h { UPWi, PKi }, Xs } Xs, Trs}, because it is a complex one to calculate due to the one-way property of the hash function. Thus our scheme is resilient against stolen-verifier attacks.

5.7 Replay Attacks

The illegitimate user Ul can intercepted the transmitted messages or of any previous session. All the messages transmitted during login and authentication phases have timestamp value. Therefore, an illegitimate user Ul cannot retransmit their messages because the transmission delay ?T is very small. If illegitimate user Ul intercepts a login request message and attempts replaying this message again to a node, it will fail timestamp check because of |Trp ?T| < ?T where Trp denotes the time when the node received the replayed message.

5.8 Stolen smart card attack

When the smart card is lost or stolen, unauthorized users can easily change the password of the smart card, or can guess the password of the user by using password guessing attacks, or can impersonate the user to log in the system

Many cryptographic authentication schemes are used for securely store the user data in the smart card. Smart cards are in general tamper-resistant and are safe against simple information stealing. Let us assume a smart card has been lost by or stolen from a user then the illegitimate user has achieves the control of it. The illegitimate user Ul can crack the smart card and obtains the information of {MIDi, ei, fi, Xg } which is stored in the smartcard. If the illegitimate user is trying to use the stolen smart card, they would need to login with the smart card first. Even though they enter the smart card and get into login phase’s Step 1 successfully, but they could not know User Ui’s password and could not precede the Biometric fingerprint Biou. Because it is highly impossible to extract the password from ei = fi ? h { h { UPWi, UPKi }, Xg } , due to the one-way hash function. Thus, it is concluded that the proposed scheme is more strength against stolen smart card attack.

5.9 GWN bypassing attack

In this attack, the GWNi sometimes plays the role of a trusted third party. If the illegitimate user Ul enters GWNi would make that they enter into the authentication. This type of attack is not possible of our proposed scheme because it uses a four-step authentication model which is explained in Fig. 2. If the illegitimate user Ul wants to enter the SNj then they must connects with a gateway GWNi to initiate an authentication phase and not directly to the SNj node. In our proposed scheme the gateway node GWNi connects with the SNj after the authentication message has been initiated by the user Ui. So that sensor node SNj handover the authentication process to the GWNi, whereby the GWNi verifies both the sensor node SNj and the GWNi.

Choose a paper you need
Pages 550 words
Approximate price: $0.00
Benefits we offer
  • Expert writers in 68 disciplines
  • 8.5/10 average satisfaction rate
  • Timely delivery
  • Money-back guarantee
  • Plagiarism-free papers
  • Free revisions
  • 24/7 support
Order now

How to place an order?

Take a few steps to place an order on our site:

  • Fill out the form and state the deadline.
  • Calculate the price of your order and pay for it with your credit card.
  • When the order is placed, we select a suitable writer to complete it based on your requirements.
  • Stay in contact with the writer and discuss vital details of research.
  • Download a preview of the research paper. Satisfied with the outcome? Press “Approve.”

Feel secure when using our service

It's important for every customer to feel safe. Thus, at The Homework Writings, we take care of your security.

Financial security You can safely pay for your order using secure payment systems.
Personal security Any personal information about our customers is private. No other person can get access to it.
Academic security To deliver no-plagiarism samples, we use a specially-designed software to check every finished paper.
Web security This website is protected from illegal breaks. We constantly update our privacy management.

Get assistance with placing your order. Clarify any questions about our services. Contact our support team. They are available 24\7.

Still thinking about where to hire experienced authors and how to boost your grades? Place your order on our website and get help with any paper you need. We’ll meet your expectations.

Order now Get a quote