We construct two efficient Identity-Based Encryption (IBE) systems that admit selective-identity security reductions without random oracles in groups equipped with a bilinear map. Selective-identity secure IBE is a slightly weaker security model than the standard security model for IBE. In this model the adversary must commit ahead of time to the identity that it intends to attack, whereas in an adaptive-identity attack the adversary is allowed to choose this identity adaptively. Our first system—BB1—is based on the well studied decisional bilinear Diffie–Hellman assumption, and extends naturally to systems with hierarchical identities, or HIBE. Our second system—BB2—is based on a stronger assumption which we call the Bilinear Diffie–Hellman Inversion assumption and provides another approach to building IBE systems.

Our first system, BB1, is very versatile and well suited for practical applications: the basic hierarchical construction can be efficiently secured against chosen-ciphertext attacks, and further extended to support efficient non-interactive threshold decryption, among others, all without using random oracles. Both systems, BB1 and BB2, can be modified generically to provide “full” IBE security (i.e., against adaptive-identity attacks), either using random oracles, or in the standard model at the expense of a non-polynomial but easy-to-compensate security reduction.

Efficient selective identity-based encryption without random oracles

The deployment of telecare medical information system (TMIS) over public networks gives rise to the threat of exposing sensitive medical information to illegal entities. Although a number of three-factor authentication (3FA) schemes have been developed to address this challenge, most of them are found to be flawed. Understanding security and privacy failures of authentication protocols is a prerequisite to both fixing existing protocols and designing future ones. In this paper, we investigate the 3FA protocol of Lu et al. for TMIS (J Med Syst 39:32, 2015) and reveal that it cannot achieve the claimed security and privacy goals. (1) It fails to provide anonymity and untraceability, and is susceptible to the following attacks targeting user privacy: identity revelation attack, identity guessing attack and tracking attack. (2) It is susceptible to offline password guessing attack, user impersonation attack, and server impersonation attack. Then we present an improved 3FA scheme and show that the new scheme fulfills session key secrecy and mutual authentication using the formal verification tool ProVerif. Moreover, detailed heuristic security analysis is also presented to demonstrate that our new scheme is capable of withstanding various attacks, and provides desired security features. Additionally, performance analysis shows that our proposed protocol is a practical solution for TMIS.

Security analysis and improvement of bio-hashing based three-factor authentication scheme for telecare medical information systems

Telecare medicine information systems (TMIS) have been known as an effective mechanism to increase quality and security of healthcare services. In other to the protection of patient privacy, several authentication schemes have been proposed in TMIS, however, most of them have a security problems. Recently, Das proposed a secure and robust password-based remote user authentication scheme for the integrated EPR information system. However, in this paper, we show that his scheme have some security flaws. Then, we shall propose a secure authentication scheme to overcome their weaknesses. We prove the proposed scheme with random oracle and also use the BAN logic to prove the correctness of the proposed scheme. Furthermore, we simulate our scheme for the formal security analysis using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool.

A Secure User Anonymity and Authentication Scheme Using AVISPA for Telecare Medical Information Systems

Smart card-based remote authentication schemes are widely used in multi-medical-server-based telecare medicine information systems (TMISs). Biometric is one of the most trustworthy authenticators and is presently being advocated to use in the remote authentication of TMIS. However, most of the existing TMISs consider a single-server-environment-based authentication system. Therefore, patients need to register and log into every server separately for different services. Furthermore, these schemes do not employ error correction technique to remove the errors from biometric data. Also, biometrics are inherent and demand diversification to generate a revocable template from inherent biometric data. In this paper, we propose a mutual authentication and key agreement scheme for a multi-medical server environment to overcome the limitations of the existing schemes. In the proposed scheme, a cancelable transformation of the raw biometric data is used to provide the privacy and the diversification of biometric data. The errors of the biometric data are corrected with error-correction techniques under the fuzzy commitment mechanism. A formal security analysis using the widely accepted real-or-random model, the Burrows–Abadi–Needham logic, and the automated validation of Internet security protocols and applications tool concludes that the proposed scheme is safe against known attacks. We also compare the computation and communication costs of our scheme to evaluate the performance with the others.

https://northumbria-test.eprints-hosting.org/id/document/268407

A Secure Authentication Protocol for Multi-Server-Based E-Healthcare Using a Fuzzy Commitment Scheme

This paper proposes an innovative image cryptosystem algorithm using the properties of the block encryption, 4D logistic map and DNA systems. Multiple key sequences are generated and pixel substitution is performed by using nonlinear 4D logistic map, then encryption is performed by using DNA rules to ensure that the different blocks are encrypted securely. The results of the experiment indicate that the proposed Non Linear 4D Logistic Map and DNA (NL4DLM_DNA) sequence based algorithm gives better performance, which is analyzed on the basis of security, quality, attack resilience, diffusion and running time as compared to some previous works.

Fast and Secure Medical Image Encryption Based on Non Linear 4D Logistic Map and DNA Sequences (NL4DLM_DNA)

In this paper, we present a new public key broadcast encryption (BE) for achieving adaptive security against arbitrary number of colluders. Specifically, our scheme is built from composite order multilinear maps and enjoys ciphertext overhead of a constant number of group elements which are ${O}$ (1) bits. Furthermore, the private key size and public key size are all poly-logarithmic in the total number of users. Herein, we generalize the methodology of Lewko and Waters for realizing dual system encryption to the composite order multilinear groups, and then prove the adaptive security of our scheme under static assumptions in the standard model. Compared with the state-of-the-art, our scheme achieves the adaptive security in simple and non-interactive falsifiable assumptions with the optimized parameter size for BE.

Adaptively Secure Broadcast Encryption With Constant Ciphertexts

Telecare medical information system (TMIS) offers healthcare delivery services and patients can acquire their desired medical services conveniently through public networks. The protection of patients' privacy and data confidentiality are significant. Very recently, Mishra et al. proposed a biometrics-based authentication scheme for telecare medical information system. Their scheme can protect user privacy and is believed to resist a range of network attacks. In this paper, we analyze Mishra et al.'s scheme and identify that their scheme is insecure to against known session key attack and impersonation attack. Thereby, we present a modified biometrics-based authentication scheme for TMIS to eliminate the aforementioned faults. Besides, we demonstrate the completeness of the proposed sche-me through BAN-logic. Compared to the related schemes, our protocol can provide stronger security and it is more practical.

An Improved Biometrics-Based Authentication Scheme for Telecare Medical Information Systems

In distributed networks, anonymous user authentication is crucial to enable authorized access and guard privacy. Recently, Lin proposed a chaotic map-based anonymous mobile user authentication scheme. In this paper, we analyze the security of Lin's scheme and identify that the scheme is vulnerable to impersonation attack and server masquerading attack. We then devise an improved chaotic map-based authentication scheme to assure reliability and security. Compared with the related chaotic map-based authentication schemes, our protocol employs an innovative solution which rectifies the security flaws caused by the inherent defect of Chebyshev chaotic map-based public key systems. Furthermore, BAN-logic is put forward to certify the validity of our proposal. The security and performance analysis also shows that our scheme provides stronger security and better scalability than previous related schemes.

Analysis and Improvement of `Chaotic Map Based Mobile Dynamic ID Authenticated Key Agreement Scheme'

Telecare medical information systems (TMIS), with the explosive growth of communication technology and physiological monitoring devices, are applied increasingly to enable and support healthcare delivery services. In order to safeguard patients' privacy and tackle the illegal access, authentication schemes for TMIS have been investigated and designed by many researchers. Many of them are promising for adoption in practice, nevertheless, they still have security flaws. In this paper, we propose a novel remote authentication scheme for TMIS using self-certified public keys, which is formally secure in the ID-mBJM model. Besides, the proposed scheme has better computational efficiency. Compared to the related schemes, our protocol is more practical for telemedicine system.

A Novel Authentication Scheme Using Self-certified Public Keys for Telecare Medical Information Systems

Multiple servers collaboration technology is the foundation to realize cloud computing deployed in the distributed environments. Service providers could supply massive data and service to authorized users on the cloud infrastructure, instead of maintaining them in the local servers. It is essential for cloud platforms to develop a uniform authentication system, which manages users’ access control and authorization. Recently, Irshad et al. presented a chaotic map-based authentication protocol for the multiple servers architecture, which is recognized susceptible to session key recovery attack and identity theft attack. There is an inherent vulnerability in the session key negotiation based on Chebyshev chaotic map-based public key system and the attacker could retrieve cleartext from a given ciphertext. It is the most crippling issue to result the aforementioned susceptibilities. In this paper, we illustrate the faults in Irshad et al.’s proposal and devise a solution with a tripartite authentication strategy, in which we replace the constant $T_{p}(x)$ with a disparate value for each users. Both the formal security analysis validated by BAN-logic focused on the tripartite authentication protocol and the heuristic analysis demonstrate the security reliability of the proposed protocol. Compare to the previous related solutions with the tripartite authentication strategy, our proposal possesses a superior security property and the better scalability with considerable efficiency.

/pdf/chaotic-map-based-authentication-protocol-for-multiple-31mhoq7u29.pdf

Chaotic Map-Based Authentication Protocol for Multiple Servers Architecture

Handle everyday research tasks with reliable, citation-backed results

Your personal Research Agent to handle research tasks with citation-backed results

Popular Tasks used by Researchers

How can I help with your research?

Meet SciSpace

Get more enhanced response by uploading the PDFs you want me to reference.

No relevant PDFs in your library

SciSpace is the AI research assistant for academics. Run systematic literature reviews on 280M+ papers, and write papers with cited sources. Trusted by 1M+ students, PhDs & researchers.

SciSpace | AI for Research

Analyze PDFs

Code & Manuscripts

Funding & Grants

Literature & Patents

Medical & Clinical Data

Systematic Review

Visualize & Present

Web & Data

Build a Google Scholar-like website for your research.

Build a website

Create charts and images for your research

Create a Chart

Write a paper for submission to a journal

Draft a manuscript

Patent Search

Design eye-catching scientific posters in minutes.

Scientific Poster Generation

Systematic Literature Review

One task is running at the moment. Your messages will be shown right after.

Drag and drop or click here to browse

Loved by <highlight>1 million+</highlight> researchers

Extract a list of specific topics and their sources from unstructured text

Topics

Compare and analyze relevant papers that matches with your search

Papers

Get insights from PDFs and bookmarked papers from your library

My library

Recent searches

Try searching for:

Catch AI-generated content in scholarly and non-scholarly content

{ai} Detector

Ai Writer

Get PDF Summaries, highlighted text explanations 

Chat with PDF

Effortlessly create in-text citations and bibliographies in APA and 2,500 other formats

Citation generator

Get explanations, summaries, and answers on academic papers

Ease up your research workflow with {scispace}'s cohort of exciting AI tools

Elevate your academic writing skills and convey your ideas the way you want

Paraphraser

Explore our range of reading and writing tools

Your file is being prepared and should be ready in a few minutes. If it's a large file, it might take a bit longer. You can close this window, and we'll email you the file when it's done.

You have reached a maximum limit of <strong>{limit}</strong> columns in the table. Remove at least <strong>1</strong> column to add or create another one.

Dianli Guo

Author Tools

Chat about Author