An Improved Authentication Scheme for Digital Rights Management System

Hussain, Sajid; Zikria, Yousaf Bin; Mallah, Ghulam Ali; Chen, Chien-Ming; Alshehri, Mohammad Dahman; Ishmanov, Farruh; Chaudhry, Shehzad Ashraf

doi:https://doi.org/10.1155/2022/1041880

Wireless Communications and Mobile Computing

On this page

Abstract Introduction Conclusion Data Availability Conflicts of Interest Authors’ Contributions Acknowledgments References Copyright Related Articles

Special Issue

Next-Generation Wireless Networks (NGWN) for Autonomous Intelligent Communications

View this Special Issue

Research Article | Open Access

Volume 2022 | Article ID 1041880 | https://doi.org/10.1155/2022/1041880

An Improved Authentication Scheme for Digital Rights Management System

Sajid Hussain,¹Yousaf Bin Zikria,²Ghulam Ali Mallah,³Chien-Ming Chen,⁴Mohammad Dahman Alshehri,⁵Farruh Ishmanov,⁶and Shehzad Ashraf Chaudhry⁷

Academic Editor: Vinayakumar Ravi

Received13 Oct 2021

Accepted29 Dec 2021

Published27 Jan 2022

Abstract

With the increasing number and popularity of digital content, the management of digital access rights has become an utmost important field. Through digital rights management systems (DRM-S), access to digital contents can be defined and for this, an efficient and secure authentication scheme is required. The DRM authentication schemes can be used to give access or restrict access to digital content. Very recently in 2020, Yu et al. proposed a symmetric hash and xor-based DRM and termed their system to achieve both security and performance efficiency. Contrarily, in this study, we argue that their scheme has several issues including nonresistance to privileged insider and impersonation attacks. Moreover, it is also to show in this study that their scheme has an incorrect authentication phase and due to this incorrectness, the scheme of Yu et al. lacks user scalability. An improved scheme is then proposed to counter the insecurities and incorrectness of the scheme of Yu et al. We prove the security of the proposed scheme using BAN logic. For a clear picture of the security properties, we also provide a textual discussion on the robustness of the proposed scheme. Moreover, due to the usage of symmetric key-based hash functions, the proposed scheme has a comparable performance efficiency.

1. Introduction

The rapid expansion of computer technology and media of various types such as software, music services, videos, photos, documents, and e-books is combined and manipulated as digital contents. With the invention of the low power devices, the distribution of such digital content along the globe is increased rapidly [1]. This rapid distribution demands an efficient digital rights management system to be utilized to preserve the digital rights associated with the content. A serious concern is the downloading of the contents by unauthorized users, which is a big problem and deprivation for the copyright owners. Thus, the protection of the digital contents is the major issue, and authentication is a very necessary security requirement for the prevention of unauthorized access and making the availability of the digital contents to the only legitimate users. Digital right management (DRM) systems are specifically designed environments that include some access control mechanism for the use of the digital content [2, 3]. The main purpose of the DRM system is to provide protection to the digital contents and to make sure these are only accessible to valid users. Digital content services that include important data are conveyed through the public channels, which are fully accessible to malicious users. Hence, for the sake of secure transmission of the digital contents to the valid user through the public channel, strong authentication and key agreement schemes are needed [4–6].

In the immediate past, various authentication schemes have been proposed to make sure the privacy of the digital content and user. In 2008, Chen [7] proposed a biometric-based authentication scheme based on biometric for DRM environment. Later on, Chang et al. [8] pointed weaknesses such as attackers can steal keys and can access digital content without any permission and proposed an improved system. Later on, Chang et al. [9] pointed that [8] is insecure against stolen device attacks and proposed an improved scheme for DRM. Mishra et al. [10] proved that the scheme of Zhang et al. [11] was vulnerable to password guessing attacks and insider attacks and proposed an improved biometric-based scheme for DRM. In 2015, Jung et al. [12] proposed an ECC-based authentication scheme for DRM. In 2017, Jung et al. [12] presented a biometric-based authentication scheme for the DRM system. Later in 2018, Lee et al. [13] proved that the protocol of [10] is suspected to the secret key disclosure which leads to anonymity violation. Yu et al. [14] claimed that the method presented in [13] is insecure against user impersonation and device theft attack and proposed an improved scheme to overcome the flaws of [13].

1.1. Adversarial Model

The main purpose of authentication schemes for DRM systems is to provide a scalable solution for remote user successful authentication. However, the authentication protocols should oppose many active/passive attacks [15–17]. The analysis of attacks is based on the CK adversarial model [18], which is an extension of the DY model [19] with the following features: (1)A valid user can possess the login credentials, namely, identity, password, biometric, etc. The server keeps the master key [20, 21](2)A public communication channel is in full control of the adversary(3)A legal user can be dishonest [22, 23](4)Any malicious user can extract saved credentials in the smart card by applying a stolen attack

1.2. System Model of DRM

DRM system is a verification and access control method to access digital content. Figure 1 shows the DRMS common architecture comprising of four major entities: (1) the content writer/owner, (2) content server, (3) the user, and (4) license sever. (1)The user who wants to obtain digital content transmits an authentication ask to the content and license servers. As soon as mutual authentication with the license server is successfully completed, reach to the encrypted digital content is issued with the help of a secret key(2)The content server saves the encrypted digital content in its database receive by the digital content creator and after that abstract of the content is accessible to the users on the internet(3)The content generator/provider provides content generation services. The digital content is generated and encrypted by the secret key. This key is transmitted to the license server using the public channel, and also encrypted digital content is also sent to the content server using a tunneled channel(4)The license server receives the secret key and stores it in its database. When a user requires the secret key of the encrypted digital content, the license server first authenticates that user and then sends the secret key of the content

2. The Scheme of Yu et al.: A Review

The scheme of Yu et al. [14] is reviewed and briefly explained in this section and the notation guide which is used in this paper is depicted in Table 1.

2.1. User Registration Phase

The process to register a user with the license server is depicted in Figure 2 and explained through the following steps: (RG1)user chooses his/her identity , password , and marks biometrics . After that calculates , and = and dispatches to -license server via private channel(RG2)license server on receiving request containing by calculates =, =, and =. saves and within its database and replies the registration request message via private channel(RG3) receives the message from saves in its mobile device memory

2.2. Login and Authentication Phase

A registered user who wants to utilize the digital content initiates a mutual authentication request with with an aim to attain mutual authentication and obtain the secret key of the . The steps involved in the login and authentication procedure are detailed in Figure 3 and explained as follows: (LAA 1) enters his/her apir and submits . After that, calculates =, =, =, and = and compare if . If the condition is true, creates randomly and calculates , , , and . Then, the user initiates the request message through public channel to (LAA 2) receives the request message sent by and calculates , , , and and verifies if . If the condition is true, picks relevant , creates random nonce , and calculates , and . At the end, sends the message to user directly through public channel(LAA 3) receives the response message from and calculates , , and . At the end user, verifies if and saves in the device

3. Cryptanalysis of Yu et al.’s Scheme

In this section, through the informal analysis of Yu et al.’s scheme [14], it is affirmed that their scheme is secure against well-known attacks. However, the following subsections demonstrate that the scheme presented in [14] is having correctness issues, is weak against ephemeral secret leakage attacks, and does not provide anonymity.

3.1. Incorrectness

The authentication phase of Yu et al.’s scheme cannot end normally, and the license server and user may be unable to share any key at all. The user in the Yu et al. scheme after initiating an authentication message to the license server may never receive an acknowledgment, and the license server may never create a session key. Hence, their scheme lacks the property of authentication and key agreement. The depiction of incorrectness case is as follows: (Inc 1)user sends a login request by entering password, identity, and biometric, and transmits to (the license server)(Inc 2)license server receives the request message and computes

The computation of the above equation requires the corresponding requesting user identity , which the license server does not know. Also, the request message sent by the user does not include the identity of the requesting user. The license server computes the request without the information of any designated user. In the same way, the license server sends the acknowledgment message without knowing to whom this message is to be sent.

The only case in which Yu et al.’s scheme can achieve the authentication and key agreement in the view is if the system has only one registered user. Hence, systems with a single registered user are not preferable in the real world. Therefore, Yu et al.’s scheme for facilitating digital rights management systems is incorrect, and this incorrectness shows that their system is not preferable for real-world deployments.

3.2. Privileged Insider Attack

Yu et al.’s scheme stores the sensitive information in the database of the license server. Due to which it is susceptible to user impersonation, server impersonation attacks, and secret key leakage attacks. The attacks can be simulated in the following methods.

3.2.1. User Impersonation Attack

The internal adversary gets and from the database of the license server. Now the adversary can impersonate as by adopting the following steps: (IUA 1) picks a random number (IUA 2)computes , =, =, and =(IUA 3)transmits the message to license server (IUA 4)license server accepts the message and verifies the message legitimacy and verification will be successful as user verification on license server is not taking place(IUA 5) will fetch relevant and computes , and . sends the message to (IUA 6) receives the message sent by and computes , , and . Adversary gets successfully the secret key

3.2.2. License Server Impersonation Attack

The privileged adversary steals the from the database of the . When sends the the message to through public channel; then, will intercept the message and and impersonate as a valid license server in the following ways. (ISA 1) will compute = , = , = , and = (ISA 2)verify if . If the condition is true, picks relevant and creates random nonce (ISA 3)calculate = , = , and = .(ISA 4) sends the message to user (ISA 5) will verify the message and verification will be successful and as a result, get secret key which is in real a forged key and will not work

3.2.3. No Secret Key Secrecy

Only those users who have the secret key can access the digital content in the digital rights management system. But, as shown in Section 3.2.1, an adversary can acquire the secret key by impersonating as a valid user . Hence, Yu et al.’s scheme does not ensure the security of the secret key.

4. Proposed Scheme

To ensure privacy, security, and to remove the incorrectness in the scheme of Yu et al. [14], a new scheme is proposed in this section. The proposed scheme comprises three main phases, which are further divided into subphases. The detail of the scheme is given in the following subsections.

4.1. Registration Phase

To get access to the digital contents, a user must register himself/herself to be a legitimate user. Following are the steps as mentioned in Figure 4 to be followed:

RGD 3: the user picks the pair and engraves . Now computes =, and = and dispatches to license server by using secure channel

RGD 3: license server receiving the registration request by computes , , and saves and in its database and reply the registration request message by using channel

RGD 3: receives the message from and computes , , and stores in the mobile device memory

4.2. Login and Authentication

Following steps as mentioned in Figure 5 are executed to furnish login and authentication phase of the proposed scheme: (LAuth 1) inputs , password , imprints biometric , calculates , and checks if , and if the condition is true, then, select and and compute , , , and send the message containing to the (LAuth 2)after receiving the message verifies if , if the condition is true then fetch corresponding to and compute , , , and check if is true. If true pick , , and , fetches and calculate , , , , . Replace with , and send the message containing to (LAuth 3)after receiving the message from , check if the condition is true then calculates , , , , . Then, check if , if the condition is true, then, calculate and save

4.3. Password Change

If a valid user has lost/forgot his/her password then can change password by adopting the following steps: (PWD 1)user enters new pair and engraves . Now, computes , and = and dispatches to the mobile device(PWD 2)upon receipt of the message mobile check if , if true, it sends confirmation to the user (PWD 3) chooses new password and biometric and compute , and (PWD 4)Receiving the message mobile device calculates and and send and (PWD 5) computes , , and update .

5. The Security Analysis

To describe the security of the proposed scheme, we have scrutinized the scheme through formal and informal security analysis in the following subsections.

5.1. Authentication Proof Based on the Burrows–Abadi–Needham Logic (BAN Logic)

The security of the proposed scheme is formally analyzed in the standard model using the widely accepted Burrows–Abadi–Needham logic [24].

5.1.1. Postulates for BAN Logic

Some of the logical postulates of BAN logic and the meaning related to the postulates are given below in Table 2.

5.1.2. Security Goal Establishment

Established security goals and logical notations of the BAN logic are given below in Table 3.

:

5.1.3. Proposed Schemes Idealized Form

(M1) : (M2) :

5.1.4. Assumptions

(A1)(A2)(A3)(A4)(A5)(A6)

Step 1. According to message 1:

Step 2. From the message meaning rule according to P1 and A3:

Step 3. According to the freshness rule with A1, we get

Step 4. From the nonce verification rule with P2 and P3, we get

Step 5. According to the belief rule with P4, we get

Step 6. From the jurisdiction rule with P5 and A5, we get

Step 7. According to M2, we obtain

Step 8. From the message meaning rule with P7 and A4, we get

Step 9. According to the freshness rule with A2, we get

Step 10. From the nonce verification rule with P9 and P10, we get

Step 11. According to the belief rule with P10, we get

Step 12. From the jurisdiction rule with P11 and A6, we get

According to to , we proved that our scheme attains secure mutual authentication among and .

5.2. Informal Security Analysis

To assess the security of the introduced scheme, also we have inspected the scheme through informal security analysis procedures.

5.2.1. Mutual Authentication

Our proposed scheme provides mutual authentication by making verification on both sides of participating entities. License server receives the login request messages from , license server verifies the authenticity of the user by verifying the . If the condition is true, authenticates and sends to . receives the response messages from , verifies whether . If the condition is true, then, authenticates ; otherwise, terminates the request. Hence, the proposed scheme successfully achieves mutual authentication property.

5.2.2. Replay Attack

Suppose that hijacks the messages and in a selective session and tries to replay these hijacked messages after a while. As it is evident that the all message contains current timestamps and , the acceptance of the timeliness and will be declined at the and . Furthermore, value is fixed very small and due to which it will be very difficult for the attacker to replay the hijacked messages within limit of the . Hence, the proposed scheme is stealth against the replay attack.

5.2.3. Stolen Mobile Device Attack

Suppose that has stolen mobile device [25, 26] of user or has lost the mobile device due to some reason. Then, A can extract the credentials from mobile device memory using the power analysis attacks. After getting all these parameters, the attacker will not be able to get useful parameters and , as these are protected through a collision-resistant hash function. Therefore, if any mobile device will be lost/stolen will not affect the proposed authentication mechanism.

5.2.4. Anonymity and Untraceability

In the proposed scheme, all the messages and in each session are explicit and nonrepeated, also all the message includes current timestamps and , and random nonces and . Hence, will not be able to trace and . Moreover, even any single message does not contain identities and . Hence, the anonymity [27, 28] is guaranteed in the proposed scheme.

5.2.5. Denial-of-Service Attack

In the login and authentication phase, when a valid user inputs his/her identity , password , and imprints biometric into the mobile device. Mobile device retrieves the saved secret biometric key corresponding to as . Further mobile device computes and checks if values are the same or not. If the condition is not met, the session is terminated immediately, and in case of success, the session proceeds normally. Therefore, in case of denial-of-service attack [29, 30], the proposed scheme will resist it.

5.2.6. Man-in-the-Middle Attack

In this type of attack, grabs the messages being exchanged when the communication is taking place and tries to alter those messages to make other valid messages, to deceive the recipient from guessing the altered messages, and he/she considered these altered messages as normal as other original messages. Suppose grabs the messages and . Due to lack of the some parameters knowledge such as , , and , the attacker will be unable to forge these messages and . Hence, the proposed scheme opposes man-in-the-middle attack [31].

5.2.7. User Impersonation Attack

Assume an attacker tries to impersonate a message on behalf of a user to license server . gets from mobile device and during the communication. At the moment, if tries to construct message, but it will not possible as he/she does not know these parameters , and , due to which it will be hard to produce these for attacker.

5.2.8. License Server Impersonation Attack

Assume an attacker tries to impersonate a message on behalf of a license server to user . gets from mobile device and during the communication. At the moment, if tries to construct a reply message on the behalf of the license server , but it will not possible as he/she does not know these parameters , and , due to which it will be hard to produce these for an attacker. Hence, the proposed scheme is secure against impersonation attacks.

5.3. Automated Security Verification through ProVerif

The ProVerif is an automated security verification tool utilized to visualize the key agreement scheme to check mutual authentication and confidentiality of the session key among the participant entities of the authentication scheme [32–34]. To verify the security of the proposed scheme, we have simulated and verified it through ProVerif. For the sake of the experiment, we have used two events and to check the authentication codes of each entity, respectively. The participant uses two events, which are beginUi(bitstring) and endUi(bitstring) to authenticate the license server . Similarly, the beginSj(bitstring) and endSj(bitstring) events are used by the license server to authenticate the user . The outcomes of the queries executed show that both participants are successfully communicating with each other. The simulation results are shown in Figure 6, which exhibits that the mutual authentication is successful and communication between the valid participants is secure from the reach of any potential attacker .

6. The Comparisons

This section provides security attributes and performance comparisons among proposed and relevant schemes [10, 13, 14], in the corresponding subsections produced below.

6.1. Security Attributes

This subsection provides the security attribute comparisons of the proposed with relevant schemes presented in [10, 13, 14]. The comparisons of the proposed with recent, related, and compered schemes [10, 13, 14] are depicted in Table 4. Referring to Table 4, all the compared proposals [10, 13, 14] are deficient of at least one security attribute. As per Table 4, the scheme of Mishra et al. [10] is already argued in [14] that it does not provide mutual authentication and resistance to impersonation. Moreover, the scheme of [10] is prone to theft/stolen mobile device attacks. The scheme of Yu et al. [14] does not provide anonymity of the mobile/user. Similarly, in this paper, we proved that the scheme of Yu et al. [14] has incorrect login and authentication phase, which can work with only one user, and it has weaknesses against privileged insider and impersonation attacks and due to these crucial issues, it cannot extend mutual authentication among a user and a license server.

6.2. Computation Cost

For computation cost, we consider the experiment executed through the MIRACL library over a mobile phone Redmo-Note-v8 with 4 GB RAM and octa-core processor with 2.01 GHz. The operating system underlying Redmo-Note-v8 is v-9-Andriod-MIUI-V:11.0.7. Moreover, to simulate a license server, we consider the running time computed over an HP:Elite-Book: P-8460 processor with 2.7 GHz Intel-R-Core TM with 4 GB RAM and over LTS-16 Ubuntu-OS. Here, we denote for the execution time of a hash operation and for computation of a biohash/fuzzy extraction operation. The for mobile device and for license server. Likewise, over the mobile device. To complete a round of authentication in the proposed DRM scheme, the user executes operations, the server executes , and the whole process completes in ms. The scheme of Yu et al. [14] completes the same in ms. Likewise, in the scheme of Lee et al. [13], the and compute execution of a round in ms, and the scheme of Mishra et al. [10] completes the process in ms. The proposed scheme has a slightly higher computation cost. However, only the proposed scheme provides the required security features.

6.3. Communication Cost

The proposed and the relevant scheme are mainly based on hash functions in addition to an exclusive-or. We adopted SHA-1 whose length is 160 bits, all other parameters including identities, pseudoidentities, timestamps, and passwords are fixed at 32 bit-size. In proposed, the user initiates the request by sending , and the size of request message is bits. The response message sent by server has the size . Therefore, the total communication cost of the proposed scheme is 1216 bits. The communication costs of the schemes of Yu et al. [14], Lee et al. [13], and Mishra et al. [10] are 1120 bits, 1120 bits, and 832 bits, respectively. The computation and communication costs along with running times of each of the proposed and schemes of Yu et al., Lee et al., and Mishra et al. are also depicted in Table 5.

7. Conclusion

In this paper, we first reviewed and then cryptanalyzed a recent authentication scheme presented by Yu et al. for digital rights management systems (DRM-S). We have proven that the scheme of Yu et al. lacks scalability due to faulty design and is prone to privileged insiders and impersonation attacks. Based on the only symmetric hash function and xor, an improved scheme of DRM-S is then proposed. The proposed scheme can cope with the changing security requirements of the DRM-S, which is proved through formal BAN and informal textual explanations. The proposed DRM-S authentication scheme completes the process of authentication among a user and a license server in ms and by exchanging 1216 bits among a user and a license server.

Data Availability

No data is available for this study

Conflicts of Interest

The authors declare that they have no conflicts of interest.

Authors’ Contributions

Sajid Hussain and Yousaf Bin Zikria are the co-first authors. Farruh Ishmanov and Shehzad Ashraf Chaudhry are the corresponding authors.

Acknowledgments

This research was conducted by the Research Grant of Kwangwoon University, Seoul, Korea, in 2021 and in part by Taif University Researchers Supporting Project number (TURSP-2020/126), Taif University, Taif, Saudi Arabia.

References

L. L. Win, T. Thomas, and S. Emmanuel, “Privacy enabled digital rights management without trusted third party assumption,” IEEE Transactions on Multimedia, vol. 14, no. 3, pp. 546–554, 2012.
View at: Publisher Site | Google Scholar
E. H. Wu, S. Chuang, C.-Y. Shih, H.-C. Hsueh, S.-S. Huang, and H.-P. Huang, “A flexible and lightweight user-demand drm system for multimedia contents over multiple portable device platforms,” Software: Practice and Experience, vol. 47, no. 10, pp. 1417–1441, 2017.
View at: Publisher Site | Google Scholar
Z. Ma, M. Jiang, H. Gao, and Z. Wang, “Blockchain for digital rights management,” Future Generation Computer Systems, vol. 89, pp. 746–764, 2018.
View at: Publisher Site | Google Scholar
C.-C. Lee, C.-T. Li, Z.-W. Chen, S.-D. Chen, and Y.-M. Lai, “A novel authentication scheme for anonymity and digital rights management based on elliptic curve cryptography,” International Journal of Electronic Security and Digital Forensics, vol. 11, no. 1, pp. 96–117, 2019.
View at: Publisher Site | Google Scholar
D. Mishra, M. S. Obaidat, S. Rana, D. Dharminder, A. Mishra, and B. Sadoun, “Chaos-based content distribution framework for digital rights management system,” IEEE Systems Journal, vol. 15, no. 1, pp. 570–576, 2021.
View at: Publisher Site | Google Scholar
T. Gaber, A. Ahmed, and A. Mostafa, “Privdrm: a privacy-preserving secure digital right management system,” in Proceedings of the Evaluation and Assessment in Software Engineering, pp. 481–486, Trondheim, Norway, 2020.
View at: Google Scholar
C.-L. Chen, “A secure and traceable e-drm system based on mobile device,” Expert Systems with Applications, vol. 35, no. 3, pp. 878–886, 2008.
View at: Publisher Site | Google Scholar
C.-C. Chang, J.-H. Yang, and D.-W. Wang, “An efficient and reliable e-drm scheme for mobile environments,” Expert Systems with Applications, vol. 37, no. 9, pp. 6176–6181, 2010.
View at: Publisher Site | Google Scholar
C.-C. Chang, S.-C. Chang, and J.-H. Yang, “A practical secure and efficient enterprise digital rights management mechanism suitable for mobile environment,” Security and Communication Networks, vol. 6, no. 8, 984 pages, 2013.
View at: Publisher Site | Google Scholar
D. Mishra, A. K. Das, and S. Mukhopadhyay, “An anonymous and secure biometric-based enterprise digital rights management system for mobile environment,” Security and Communication Networks, vol. 8, no. 18, 3404 pages, 2015.
View at: Publisher Site | Google Scholar
Y. Zhang, M. K. Khan, J. Chen, and D. He, “Provable secure and efficient digital rights management authentication scheme using smart card based on elliptic curve cryptography,” Mathematical Problems in Engineering, vol. 2015, Article ID 807213, 16 pages, 2015.
View at: Publisher Site | Google Scholar
J. Jung, D. Kang, D. Lee, and D. Won, “An improved and secure anonymous biometric-based user authentication with key agreement scheme for the integrated epr information system,” PLoS One, vol. 12, no. 1, article e0169414, 2017.
View at: Publisher Site | Google Scholar
C.-C. Lee, C.-T. Li, Z.-W. Chen, and Y.-M. Lai, “A biometric-based authentication and anonymity scheme for digital rights management system,” Information Technology and Control, vol. 47, no. 2, pp. 262–274, 2018.
View at: Publisher Site | Google Scholar
S. J. Yu, K. S. Park, Y. H. Park, H. P. Kim, and Y. H. Park, “A lightweight threefactor authentication protocol for digital rights management system,” Peer-to-Peer Networking and Applications, vol. 13, no. 5, p. 1340, 2020.
View at: Publisher Site | Google Scholar
M. Tanveer, G. Abbas, Z. H. Abbas, M. Bilal, A. Mukherjee, and K. S. Kwak, “Lake-6sh: lightweight user authenticated key exchange for 6lowpan-based smart homes,” IEEE Internet of Things Journal, vol. 1, 2021.
View at: Publisher Site | Google Scholar
Z. Ali, S. A. Chaudhry, K. Mahmood, S. Garg, Z. Lv, and Y. B. Zikria, “A clogging resistant secure authentication scheme for fog computing services,” Computer Networks, vol. 185, article 107731, 2021.
View at: Publisher Site | Google Scholar
M. A. Saleem, S. K. H. Islam, S. Ahmed, K. Mahmood, and M. Hussain, “Provably secure biometric-based client-server secure communication over unreliable networks,” Journal of Information Security and Applications, vol. 58, article 102769, 2021.
View at: Publisher Site | Google Scholar
R. Canetti and H. Krawczyk, “Analysis of key-exchange protocols and their use for building secure channels,” in International Conference on the Theory and Applications of Cryptographic Techniques, pp. 453–474, Innsbruck, Austria, 2001.
View at: Google Scholar
D. Dolev and A. C. Yao, “On the security of public key protocols,” IEEE Transactions on Information Theory, vol. 29, no. 2, pp. 198–208, 1983.
View at: Publisher Site | Google Scholar
M. F. Ayub, S. Shamshad, K. Mahmood, S. K. H. Islam, R. M. Parizi, and K.-K. R. Choo, “A provably secure twofactor authentication scheme for usb storage devices,” IEEE Transactions on Consumer Electronics, vol. 66, no. 4, pp. 396–405, 2020.
View at: Publisher Site | Google Scholar
S. A. Chaudhry, A. Irshad, K. Yahya, N. Kumar, M. Alazab, and Y. B. Zikria, “Rotating behind privacy: an improved lightweight authentication scheme for cloud-based iot environment,” ACM Transactions on Internet Technology, vol. 21, no. 3, pp. 1–19, 2021.
View at: Publisher Site | Google Scholar
M. Tanveer, A. U. Khan, N. Kumar, and M. M. Hassan, “Ramp-iod: a robust authenticated key management protocol for the internet of drones,” IEEE Internet of Things Journal, vol. 1, 2022.
View at: Google Scholar
S. A. Chaudhry, “Designing an efficient and secure message exchange protocol for internet of vehicles,” Networks, vol. 2021, article 5554318, pp. 1–9, 2021.
View at: Publisher Site | Google Scholar
M. Burrows, M. Abadi, and R. M. Needham, “A logic of authentication,” Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences, vol. 426, no. 1871, pp. 233–271, 1989.
View at: Google Scholar
K. Mahmood, J. Arshad, S. A. Chaudhry, and S. Kumari, “An enhanced anonymous identity-based key agreement protocol for smart grid advanced metering infrastructure,” International Journal of Communication Systems, vol. 32, no. 16, article e4137, 2019.
View at: Publisher Site | Google Scholar
T. Maitra, M. S. Obaidat, R. Amin, S. K. H. Islam, S. A. Chaudhry, and D. Giri, “A robust elgamal-based password-authentication protocol using smart card for client-server communication,” International Journal of Communication Systems, vol. 30, no. 11, article e3242, 2017.
View at: Publisher Site | Google Scholar
F. Wu, X. Li, L. Xu, P. Vijayakumar, and N. Kumar, “A novel three-factor authentication protocol for wireless sensor networks with iot notion,” IEEE Systems Journal, vol. 15, no. 1, pp. 1120–1129, 2021.
View at: Publisher Site | Google Scholar
X. Li, J. Tan, A. Liu, P. Vijayakumar, N. Kumar, and M. Alazab, “A novel uav-enabled data collection scheme for intelligent transportation system through uav speed control,” IEEE Transactions on Intelligent Transportation Systems, vol. 22, no. 4, pp. 2100–2110, 2021.
View at: Publisher Site | Google Scholar
T. Liu, F. Wu, X. Li, and C. Chen, “A new authentication and key agreement protocol for 5g wireless networks,” Telecommunication Systems, vol. 78, no. 3, pp. 317–329, 2021.
View at: Publisher Site | Google Scholar
T. Y. Wu, L. Yang, Q. Meng, X. Guo, and C.-M. Chen, “Fog-driven secure authentication and key exchange scheme for wearable health monitoring system,” Security and Communication Networks, vol. 2021, Article ID 8368646, 14 pages, 2021.
View at: Publisher Site | Google Scholar
T.-Y. Wu, Y. Q. Lee, C. M. Chen, Y. Tian, and N. A. Al-Nabhan, “An enhanced pairing-based authentication scheme for smart grid communications,” Journal of Ambient Intelligence and Humanized Computing, pp. 1–13, 2021.
View at: Publisher Site | Google Scholar
B. Blanchet, B. Smyth, V. Cheval, and M. Sylvestre, “Proverif 2.00: automatic cryptographic protocol verifier, user manual and tutoria,” January 2022, https://bblanche.gitlabpages.inria.fr/proverif/manual.pdf.
View at: Google Scholar
S. A. Chaudhry, “Correcting "PALK: password-based anonymous lightweight key agreement framework for smart grid",” International Journal of Electrical Power & Energy Systems, vol. 125, article 106529, 2021.
View at: Publisher Site | Google Scholar
Q. Xie, B. Hu, N. Dong, and D. S. Wong, “Anonymous three-party password-authenticated key exchange scheme for telecare medical information systems,” PLoS One, vol. 9, no. 7, article e102747, 2014.
View at: Publisher Site | Google Scholar

Copyright

Copyright © 2022 Sajid Hussain et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

517

Downloads

517

Citations