A 2D Cryptographic Hash Function Incorporating Homomorphic Encryption for Secure Digital Signatures

User authentication is a critical aspect of any information exchange system which verifies the identities of individuals seeking access to sensitive information. Conventionally, this approachrelies on establishing robust digital signature protocols which employ asymmetric encryption techniques involving a key pair consisting of a public key and its matching private key. In this article, a user verification platform constructed using integrated circuits (ICs) with atomically thin two-dimensional (2D) monolayer molybdenum disulfide (MoS2 ) memtransistors is presented. First, generation of secure cryptographic keys is demonstrated by exploiting the inherent stochasticity of carrier trapping and detrapping at the 2D/oxide interface trap sites. Subsequently, the ability to manipulate the functionality of logical NOR is leveraged to create a secure one-way hash function which when homomorphically operated upon with NAND, XOR, OR, NOT, and AND logic circuits generate distinct digital signatures. These signatures when subsequently decrypted, verify the authenticity of the receiver while ensuring complete preservation of data integrity and confidentiality as the underlying information is never revealed. Finally, the advantages of implementing a NOR-based hashing techniques in comparison to the conventional XOR-based encryption method are established. This demonstration highlights the potential of 2D-based ICs in developing critical hardware information security primitives.

Keyboard Data Protection Technique Using GAN in Password-Based User Authentication: Based on C/D Bit Vulnerability

In computer systems, user authentication technology is required to identify users who use computers. In modern times, various user authentication technologies, including strong security features based on ownership, such as certificates and security cards, have been introduced. Nevertheless, password-based authentication technology is currently mainly used due to its convenience of use and ease of implementation. However, according to Verizon's "2022 Data Breach Investigations Report", among all security incidents, security incidents caused by password exposures accounted for 82%. Hence, the security of password authentication technology is important. Consequently, this article analyzes prior research on keyboard data attacks and defense techniques to draw the fundamental reasons for keyboard data attacks and derive countermeasures. The first prior research is about stealing keyboard data, an attack that uses machine learning to steal keyboard data to overcome the limitations of a C/D bit attack. The second prior research is an attack technique that steals keyboard data more efficiently by expanding the features of machine learning used in the first prior research. In this article, based on previous research findings, we proposed a keyboard data protection technique using GAN, a Generative Adversarial Network, and verified its feasibility. To summarize the results of performance evaluation with previous research, the machine learning-based keyboard data attack based on the prior research exhibited a 96.7% attack success rate, while the study's proposed method significantly decreased the attack success rate by approximately 13%. Notably, in all experiments, the average decrease in the keyboard data classification performance ranged from a minimum of -29% to a maximum of 52%. When evaluating performance based on maximum performance, all performance indicators were found to decrease by more than 50%.

Time Until Proof of Credentials Significantly Decreases With the Use of Blockchain Technology and the Document Management System

Background and objective Physician credentialing and verification in the medical education setting are challenging for the modern workforce. The credentials verification process may be time-consuming and challenging for participants. Blockchain technology is a potential resource for authenticating records with reduced administrative burden and time spent. This study investigates whether the use of blockchain technology reduces the time until verification of a participant's credentials. Methods An anonymous letter designation was assigned to 23 medical students. All students enrolled in, and completed, a course designed and run by the Edward Via College of Osteopathic Medicine at Auburn (VCOM) as part of the routine medical education curriculum. At the completion of the training, a credentials certificate was produced, which showed course completion. The anonymous letter designation was utilized in the creation of the certificates. The letter designations were shared with an anonymous investigator. No student names were shared with the investigator. The investigator posed as an employing/credentialing entity and contacted VCOM to record the time required to verify the credentials certificate indicating course completion. The elapsed time until credentials verification was completed for each student in the current system (CS) was recorded. Subsequently, the credentials certificate was minted as a blockchain-based, non-fungible token (NFT) and uploaded to a document software management system. An investigator again posed as an employing/credentialing entity and utilized this system to verify the credentials of the 23 students in the study using the NFT system. The times elapsed until verification of credentials were recorded as the NFT pathway. Data from the NFT pathway and non-NFT pathway were compiled and reviewed. Results Data were normally distributed per the Andersen-Darling Test. A t-test (Welch's method) was performed. The mean time of 111,214 seconds (30.89 hours or 1.29 days) in the CS varied significantly from the mean time of 14 seconds in the NFT blockchain system (p<0.01). The standard deviation of 56,568 seconds in CS varied significantly from 9.9178 seconds in the NFT blockchain (p<0.01).  Conclusions The NFT/blockchain system reduces the mean time until the credential verification is completed and reduces the variance seen in time until credentialing is completed. The NFT/blockchain system may significantly bring down the administrative burden and time spent in the credentialing process.

Fortifying Smart Home Security: A Robust and Efficient User-Authentication Scheme to Counter Node Capture Attacks

In smart home environments, the interaction between a remote user and devices commonly occurs through a gateway, necessitating the need for robust user authentication. Despite numerous state-of-the-art user-authentication schemes proposed over the years, these schemes still suffer from security vulnerabilities exploited by the attackers. One severe physical attack is the node capture attack, which allows adversaries to compromise the security of the entire scheme. This research paper advances the state of the art by conducting a security analysis of user-authentication approaches regarding their vulnerability to node capture attacks resulting in revelations of several security weaknesses. To this end, we propose a secure user-authentication scheme to counter node capture attacks in smart home environments. To validate the effectiveness of our proposed scheme, we employ the BAN logic and ProVerif tool for verification. Lastly, we conduct performance analysis to validate the lightweight nature of our user-authentication scheme, making it suitable for IoT-based smart home environments.

Efficient Convolutional Neural Network-Based Keystroke Dynamics for Boosting User Authentication

The safeguarding of online services and prevention of unauthorized access by hackers rely heavily on user authentication, which is considered a crucial aspect of security. Currently, multi-factor authentication is used by enterprises to enhance security by integrating multiple verification methods rather than relying on a single method of authentication, which is considered less secure. Keystroke dynamics is a behavioral characteristic used to evaluate an individual's typing patterns to verify their legitimacy. This technique is preferred because the acquisition of such data is a simple process that does not require any additional user effort or equipment during the authentication process. This study proposes an optimized convolutional neural network that is designed to extract improved features by utilizing data synthesization and quantile transformation to maximize results. Additionally, an ensemble learning technique is used as the main algorithm for the training and testing phases. A publicly available benchmark dataset from Carnegie Mellon University (CMU) was utilized to evaluate the proposed method, achieving an average accuracy of 99.95%, an average equal error rate (EER) of 0.65%, and an average area under the curve (AUC) of 99.99%, surpassing recent advancements made on the CMU dataset.

Electrocardiogram (ECG)-Based User Authentication Using Deep Learning Algorithms

Personal authentication security is an essential area of research in privacy and cybersecurity. For individual verification, fingerprint and facial recognition have proved particularly useful. However, such technologies have flaws such as fingerprint fabrication and external impediments. Different AI-based technologies have been proposed to overcome forging or impersonating authentication concerns. Electrocardiogram (ECG)-based user authentication has recently attracted considerable curiosity from researchers. The Electrocardiogram is among the most reliable advanced techniques for authentication since, unlike other biometrics, it confirms that the individual is real and alive. This study utilizes a user authentication system based on electrocardiography (ECG) signals using deep learning algorithms. The ECG data are collected from users to create a unique biometric profile for each individual. The proposed methodology utilizes Convolutional Neural Networks (CNNs) and Long Short-Term Memory (LSTM) to analyze the ECG data. The CNNs are trained to extract features from the ECG data, while the LSTM networks are used to model the temporal dependencies in the data. The evaluation of the performance of the proposed system is conducted through experiments. It demonstrates that it effectively identifies users based on their ECG data, achieving high accuracy rates. The suggested techniques obtained an overall accuracy of 98.34% for CNN and 99.69% for LSTM using the Physikalisch-Technische Bundesanstalt (PTB) database. Overall, the proposed system offers a secure and convenient method for user authentication using ECG data and deep learning algorithms. The approach has the potential to provide a secure and convenient method for user authentication in various applications.

An Improved Lightweight User Authentication Scheme for the Internet of Medical Things

The Internet of Medical Things (IoMT) is used in the medical ecosystem through medical IoT sensors, such as blood glucose, heart rate, temperature, and pulse sensors. To maintain a secure sensor network and a stable IoMT environment, it is important to protect the medical IoT sensors themselves and the patient medical data they collect from various security threats. Medical IoT sensors attached to the patient's body must be protected from security threats, such as being controlled by unauthorized persons or transmitting erroneous medical data. In IoMT authentication, it is necessary to be sensitive to the following attack techniques. (1) The offline password guessing attack easily predicts a healthcare administrator's password offline and allows for easy access to the healthcare worker's account. (2) Privileged-insider attacks executed through impersonation are an easy way for an attacker to gain access to a healthcare administrator's environment. Recently, previous research proposed a lightweight and anonymity preserving user authentication scheme for IoT-based healthcare. However, this scheme was vulnerable to offline password guessing, impersonation, and privileged insider attacks. These attacks expose not only the patients' medical data such as blood pressure, pulse, and body temperature but also the patients' registration number, phone number, and guardian. To overcome these weaknesses, in the present study we propose an improved lightweight user authentication scheme for the Internet of Medical Things (IoMT). In our scheme, the hash function and XOR operation are used for operation in low-spec healthcare IoT sensor. The automatic cryptographic protocol tool ProVerif confirmed the security of the proposed scheme. Finally, we show that the proposed scheme is more secure than other protocols and that it has 266.48% better performance than schemes that have been previously described in other studies.

EEG Authentication System Based on One- and Multi-Class Machine Learning Classifiers

In the current Information Age, it is usual to access our personal and professional information, such as bank account data or private documents, in a telematic manner. To ensure the privacy of this information, user authentication systems should be accurately developed. In this work, we focus on biometric authentication, as it depends on the user's inherent characteristics and, therefore, offers personalized authentication systems. Specifically, we propose an electrocardiogram (EEG)-based user authentication system by employing One-Class and Multi-Class Machine Learning classifiers. In this sense, the main novelty of this article is the introduction of Isolation Forest and Local Outlier Factor classifiers as new tools for user authentication and the investigation of their suitability with EEG data. Additionally, we identify the EEG channels and brainwaves with greater contribution to the authentication and compare them with the traditional dimensionality reduction techniques, Principal Component Analysis, and χ2 statistical test. In our final proposal, we elaborate on a hybrid system resistant to random forgery attacks using an Isolation Forest and a Random Forest classifiers, obtaining a final accuracy of 82.3%, a precision of 91.1% and a recall of 75.3%.

An Enhanced User Authentication and Key Agreement Scheme for Wireless Sensor Networks Tailored for IoT

A security protocol for wireless transmission is essential to defend sensitive information from malicious enemies by providing a variety of facilities such as privacy of the user's information, secure session key, associated authentication, and user-repeal facility when a person's authorizations are suddenly disclosed. Singh et al. proposed an improved user authentication and key agreement system for wireless sensor networks (WSNs). Authors are sure that their protocol is secure from various attacks. Here, we find several security pitfalls in their scheme, such as an offline password-guessing attack, failure to protect the session key, and a man-in-the-middle attack. To remove the identified pitfalls found in Singh et al.'s scheme, we design an enhanced authentication scheme for WSNs tailored for IoT. We prove the reliability of our proposed protocol using the real or random (RoR) model. We also evaluate the proposed scheme with the associated schemes and show its superior efficacy as compared to its counterparts.

A Personalized User Authentication System Based on EEG Signals

Conventional biometrics have been employed in high-security user-authentication systems for over 20 years now. However, some of these modalities face low-security issues in common practice. Brainwave-based user authentication has emerged as a promising alternative method, as it overcomes some of these drawbacks and allows for continuous user authentication. In the present study, we address the problem of individual user variability, by proposing a data-driven Electroencephalography (EEG)-based authentication method. We introduce machine learning techniques, in order to reveal the optimal classification algorithm that best fits the data of each individual user, in a fast and efficient manner. A set of 15 power spectral features (delta, theta, lower alpha, higher alpha, and alpha) is extracted from three EEG channels. The results show that our approach can reliably grant or deny access to the user (mean accuracy of 95.6%), while at the same time poses a viable option for real-time applications, as the total time of the training procedure was kept under one minute.

User Authentication Method Based on Keystroke Dynamics and Mouse Dynamics with Scene-Irrelated Features in Hybrid Scenes

In order to improve user authentication accuracy based on keystroke dynamics and mouse dynamics in hybrid scenes and to consider the user operation changes in different scenes that aggravate user status changes and make it difficult to simulate user behaviors, we present a user authentication method entitled SIURUA. SIURUA uses scene-irrelated features and user-related features for user identification. First, features are extracted based on keystroke data and mouse movement data. Next, scene-irrelated features that have a low correlation with scenes are obtained. Finally, scene-irrelated features are fused with user-related features to ensure the integrity of the features. Experimental results show that the proposed method has the advantage of improving user authentication accuracy in hybrid scenes, with an accuracy of 84% obtained in the experiment.

Deep Residual Networks for User Authentication via Hand-Object Manipulations

With the ubiquity of wearable devices, various behavioural biometrics have been exploited for continuous user authentication during daily activities. However, biometric authentication using complex hand behaviours have not been sufficiently investigated. This paper presents an implicit and continuous user authentication model based on hand-object manipulation behaviour, using a finger-and hand-mounted inertial measurement unit (IMU)-based system and state-of-the-art deep learning models. We employed three convolutional neural network (CNN)-based deep residual networks (ResNets) with multiple depths (i.e., 50, 101, and 152 layers) and two recurrent neural network (RNN)-based long short-term memory (LSTMs): simple and bidirectional. To increase ecological validity, data collection of hand-object manipulation behaviours was based on three different age groups and simple and complex daily object manipulation scenarios. As a result, both the ResNets and LSTMs models acceptably identified users’ hand behaviour patterns, with the best average accuracy of 96.31% and F1-score of 88.08%. Specifically, in the simple hand behaviour authentication scenarios, more layers in residual networks tended to show better performance without showing conventional degradation problems (the ResNet-152 > ResNet-101 > ResNet-50). In a complex hand behaviour scenario, the ResNet models outperformed user authentication compared to the LSTMs. The 152-layered ResNet and bidirectional LSTM showed an average false rejection rate of 8.34% and 16.67% and an equal error rate of 1.62% and 9.95%, respectively.

Improved Practical Vulnerability Analysis of Mouse Data According to Offensive Security based on Machine Learning in Image-Based User Authentication

The objective of this study was to verify the feasibility of mouse data exposure by deriving features to improve the accuracy of a mouse data attack technique using machine learning models. To improve the accuracy, the feature appearing between the mouse coordinates input from the user was analyzed, which is defined as a feature for machine learning models to derive a method of improving the accuracy. As a result, we found a feature where the distance between the coordinates is concentrated in a specific range. We verified that the mouse data is apt to being stolen more accurately when the distance is used as a feature. An accuracy of over 99% was achieved, which means that the proposed method almost completely classifies the mouse data input from the user and the mouse data generated by the defender.

Study of Out-Of-Hospital Access to HIS System: A Security Perspective

In light of the need for Extramural Hospital Information System (HIS) access through mobile devices outside the hospital, this research analyzes situational information security threats, including the circumstances in which a mobile device may get lost and personal data may be stolen. Moreover, the system needs to be implemented in accordance with the regulations. Based on the security threat analysis, it is proposed to use a security control module to provide a security-enabled HIS proxy module, two-way authentication module, and One-Time Password (OTP). The sending module and cryptographic technology computing module with Micro SD encryption card form a set of HIS extension system, which includes the SMS OTP method to simultaneously verify the two-way authentication mechanism of a user and the device that the user owns.

Secure and Efficient Three-Factor Protocol for Wireless Sensor Networks

Wireless sensor networks are widely used in many applications such as environmental monitoring, health care, smart grid and surveillance. Many security protocols have been proposed and intensively studied due to the inherent nature of wireless networks. In particular, Wu et al. proposed a promising authentication scheme which is sufficiently robust against various attacks. However, according to our analysis, Wu et al.’s scheme has two serious security weaknesses against malicious outsiders. First, their scheme can lead to user impersonation attacks. Second, user anonymity is not preserved in their scheme. In this paper, we present these vulnerabilities of Wu et al.’s scheme in detail. We also propose a new scheme to complement their weaknesses. We improve and speed up the vulnerability of the Wu et al. scheme. Security analysis is analyzed by Proverif and informal analysis is performed for various attacks.

An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks

As an essential part of Internet of Things (IoT), wireless sensor networks (WSNs) have touched every aspect of our lives, such as health monitoring, environmental monitoring and traffic monitoring. However, due to its openness, wireless sensor networks are vulnerable to various security threats. User authentication, as the first fundamental step to protect systems from various attacks, has attracted much attention. Numerous user authentication protocols armed with formal proof are springing up. Recently, two biometric-based schemes were proposed with confidence to be resistant to the known attacks including offline dictionary attack, impersonation attack and so on. However, after a scrutinization of these two schemes, we found them not secure enough as claimed, and then demonstrated that these schemes suffer from various attacks, such as offline dictionary attack, impersonation attack, no user anonymity, no forward secrecy, etc. Furthermore, we proposed an enhanced scheme to overcome the identified weaknesses, and proved its security via Burrows-Abadi-Needham (BAN) logic and the heuristic analysis. Finally, we compared our scheme with other related schemes, and the results showed the superiority of our scheme.

An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System

In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients' physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu-Chung's scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP.

Improving Biometric-Based Authentication Schemes with Smart Card Revocation/Reissue for Wireless Sensor Networks

User authentication in wireless sensor networks is more difficult than in traditional networks owing to sensor network characteristics such as unreliable communication, limited resources, and unattended operation. For these reasons, various authentication schemes have been proposed to provide secure and efficient communication. In 2016, Park et al. proposed a secure biometric-based authentication scheme with smart card revocation/reissue for wireless sensor networks. However, we found that their scheme was still insecure against impersonation attack, and had a problem in the smart card revocation/reissue phase. In this paper, we show how an adversary can impersonate a legitimate user or sensor node, illegal smart card revocation/reissue and prove that Park et al.’s scheme fails to provide revocation/reissue. In addition, we propose an enhanced scheme that provides efficiency, as well as anonymity and security. Finally, we provide security and performance analysis between previous schemes and the proposed scheme, and provide formal analysis based on the random oracle model. The results prove that the proposed scheme can solve the weaknesses of impersonation attack and other security flaws in the security analysis section. Furthermore, performance analysis shows that the computational cost is lower than the previous scheme.

Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks

Secure communication is a significant issue in wireless sensor networks. User authentication and key agreement are essential for providing a secure system, especially in user-oriented mobile services. It is also necessary to protect the identity of each individual in wireless environments to avoid personal privacy concerns. Many authentication and key agreement schemes utilize a smart card in addition to a password to support security functionalities. However, these schemes often fail to provide security along with privacy. In 2015, Chang et al. analyzed the security vulnerabilities of previous schemes and presented the two-factor authentication scheme that provided user privacy by using dynamic identities. However, when we cryptanalyzed Chang et al.’s scheme, we found that it does not provide sufficient security for wireless sensor networks and fails to provide accurate password updates. This paper proposes a security-enhanced authentication and key agreement scheme to overcome these security weaknesses using biometric information and an elliptic curve cryptosystem. We analyze the security of the proposed scheme against various attacks and check its viability in the mobile environment.

Performance Analysis of Motion-Sensor Behavior for User Authentication on Smartphones

The growing trend of using smartphones as personal computing platforms to access and store private information has stressed the demand for secure and usable authentication mechanisms. This paper investigates the feasibility and applicability of using motion-sensor behavior data for user authentication on smartphones. For each sample of the passcode, sensory data from motion sensors are analyzed to extract descriptive and intensive features for accurate and fine-grained characterization of users’ passcode-input actions. One-class learning methods are applied to the feature space for performing user authentication. Analyses are conducted using data from 48 participants with 129,621 passcode samples across various operational scenarios and different types of smartphones. Extensive experiments are included to examine the efficacy of the proposed approach, which achieves a false-rejection rate of 6.85% and a false-acceptance rate of 5.01%. Additional experiments on usability with respect to passcode length, sensitivity with respect to training sample size, scalability with respect to number of users, and flexibility with respect to screen size were provided to further explore the effectiveness and practicability. The results suggest that sensory data could provide useful authentication information, and this level of performance approaches sufficiency for two-factor authentication on smartphones. Our dataset is publicly available to facilitate future research.

A User Authentication Scheme Based on Elliptic Curves Cryptography for Wireless Ad Hoc Networks

The feature of non-infrastructure support in a wireless ad hoc network (WANET) makes it suffer from various attacks. Moreover, user authentication is the first safety barrier in a network. A mutual trust is achieved by a protocol which enables communicating parties to authenticate each other at the same time and to exchange session keys. For the resource-constrained WANET, an efficient and lightweight user authentication scheme is necessary. In this paper, we propose a user authentication scheme based on the self-certified public key system and elliptic curves cryptography for a WANET. Using the proposed scheme, an efficient two-way user authentication and secure session key agreement can be achieved. Security analysis shows that our proposed scheme is resilient to common known attacks. In addition, the performance analysis shows that our proposed scheme performs similar or better compared with some existing user authentication schemes.

E-SAP: efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks

A wireless medical sensor network (WMSN) can sense humans’ physiological signs without sacrificing patient comfort and transmit patient vital signs to health professionals’ hand-held devices. The patient physiological data are highly sensitive and WMSNs are extremely vulnerable to many attacks. Therefore, it must be ensured that patients’ medical signs are not exposed to unauthorized users. Consequently, strong user authentication is the main concern for the success and large scale deployment of WMSNs. In this regard, this paper presents an efficient, strong authentication protocol, named E-SAP, for healthcare application using WMSNs. The proposed E-SAP includes: (1) a two-factor (i.e., password and smartcard) professional authentication; (2) mutual authentication between the professional and the medical sensor; (3) symmetric encryption/decryption for providing message confidentiality; (4) establishment of a secure session key at the end of authentication; and (5) professionals can change their password. Further, the proposed protocol requires three message exchanges between the professional, medical sensor node and gateway node, and achieves efficiency (i.e., low computation and communication cost). Through the formal analysis, security analysis and performance analysis, we demonstrate that E-SAP is more secure against many practical attacks, and allows a tradeoff between the security and the performance cost for healthcare application using WMSNs.

RUASN: a robust user authentication framework for wireless sensor networks

In recent years, wireless sensor networks (WSNs) have been considered as a potential solution for real-time monitoring applications and these WSNs have potential practical impact on next generation technology too. However, WSNs could become a threat if suitable security is not considered before the deployment and if there are any loopholes in their security, which might open the door for an attacker and hence, endanger the application. User authentication is one of the most important security services to protect WSN data access from unauthorized users; it should provide both mutual authentication and session key establishment services. This paper proposes a robust user authentication framework for wireless sensor networks, based on a two-factor (password and smart card) concept. This scheme facilitates many services to the users such as user anonymity, mutual authentication, secure session key establishment and it allows users to choose/update their password regularly, whenever needed. Furthermore, we have provided the formal verification using Rubin logic and compare RUASN with many existing schemes. As a result, we found that the proposed scheme possesses many advantages against popular attacks, and achieves better efficiency at low computation cost.