Search

Your search keyword '"Farash, Mohammad"' showing total 111 results
Start Over Author "Farash, Mohammad"
111 results on '"Farash, Mohammad"'

30. An Enhanced and Provably Secure Chaotic Map-Based Authenticated Key Agreement in Multi-Server Architecture.

Author

Irshad, Azeem, Chaudhry, Shehzad, Xie, Qi, Li, Xiong, Farash, Mohammad, Kumari, Saru, and Wu, Fan

Subjects
CLIENT/SERVER computing, DATA security, COMPUTER access control
Abstract

In the multi-server authentication (MSA) paradigm, a subscriber might avail multiple services of different service providers, after registering from registration authority. In this approach, the user has to remember only a single password for all service providers, and servers are relieved of individualized registrations. Many MSA-related schemes have been presented so far, however with several drawbacks. In this connection, recently Li et al. in Wirel. Pers. Commun., (2016). doi: presented a chaotic map-based multi-server authentication scheme. However, we observed that Li et al. suffer from malicious server insider attack, stolen smart card attack, and session-specific temporary information attack. This research work is based on improving security of Li et al.'s protocol in minimum possible computation cost. We also evaluate the security for the contributed work which is provable under formal security analysis employing random oracle model and BAN Logic. [ABSTRACT FROM AUTHOR]

Published
2018
Full Text
View/download PDF

41. An improved one-to-many authentication scheme based on bilinear pairings with provable security for mobile pay-TV systems.

Author

Heydari, Mohammad, Sajad Sadough, Seyed, Chaudhry, Shehzad, Farash, Mohammad, and Mahmood, Khalid

Subjects
SUBSCRIPTION television, ELLIPTIC curves, BILINEAR forms, BIOMETRIC identification, CELL phones
Abstract

In 2012, Wang and Qin proposed an authentication mechanism in order to get access control for mobile pay-TV organization to enhance the Sun and Leu's technique. Wang and Qin declared that their technique satisfies the security expectations or requirements intended for mobile pay-TV system. However, this work indicates that Wang and Qin's scheme suffers from a nontrivial weakness. Successful impersonation attack is easily possible from an adversary who can impersonate mobile set (MS) to cheat the head-end system (HS). An adversary does not even need secret information to do so. As a remedy, we proposed an enhanced authentication technique for mobile pay-TV systems by taking a slight change in Wang and Qin's scheme. The proposed scheme maintains the merits and covers the demerits of the previous schemes. [ABSTRACT FROM AUTHOR]

Published
2017
Full Text
View/download PDF

42. Cryptanalysis and improvement of a three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps.

Author

Farash, Mohammad Sabzinejad, Attari, Mahmoud Ahmadian, and Kumari, Saru

Subjects
*CRYPTOGRAPHY, *COMPUTER passwords, *COMPUTER access control, *COMPUTER network protocols, *ANONYMITY, *CHAOTIC communication
Abstract

Three-party password-authenticated key exchange (3PAKE) protocols allow two clients to agree on a secret session key through a server via a public channel. 3PAKE protocols have been designed using different arithmetic aspects including chaotic maps. Recently, Lee et al. proposed a 3PAKE protocol using Chebyshev chaotic maps and claimed that their protocol has low computation and communication cost and can also resist against numerous attacks. However, this paper shows that in spite of the computation and communication efficiency of the Lee et al. protocol, it is not secure against the modification attack. To conquer this security weakness, we propose a simple countermeasure, which maintains the computation and communication efficiency of the Lee et al. protocol. Copyright © 2014 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]

Published
2017
Full Text
View/download PDF

43. An improved password-based authentication scheme for session initiation protocol using smart cards without verification table.

Author

Farash, Mohammad Sabsinejad

Subjects
*COMPUTER passwords, *COMPUTER access control, *COMPUTER network protocols, *VERIFICATION of computer systems, *COMPUTER security
Abstract

Authentication schemes have been widely deployed access control and mobility management in various communication networks. Especially, the schemes that are based on multifactor authentication such as on password and smart card come to be more practical. One of the standard authentication schemes that have been widely used for secure communication over the Internet is session initiation protocol (SIP). The original authentication scheme proposed for SIP was vulnerable to some crucial security weaknesses. To overcome the security problems, various improved authentication schemes have been developed, especially based on elliptic curve cryptography (ECC). Very recently, Zhang et al. proposed an improved authentication scheme for SIP based on ECC using smart cards to overcome the security flaws of the related protocols. Zhang et al. claimed that their protocol is secure against all known security attacks. However, this paper indicates that Zhang et al. protocol is still insecure against impersonation attack. We show that an active attacker can easily masquerade as a legal server to fool users. As a remedy, we also improve Zhang et al. protocol by imposing a little extra computation cost. Copyright © 2014 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]

Published
2017
Full Text
View/download PDF

44. A pairing-free certificateless digital multisignature scheme using elliptic curve cryptography.

Author

Hafizul Islam, SK, Sabzinejad Farash, Mohammad, Biswas, G.P., Khurram Khan, Muhammad, and Obaidat, Mohammad S.

Subjects
*SIGNATURES (Writing), *ELLIPTIC curve cryptography, *IDENTITY (Psychology), *HASHING, *ORACLE software
Abstract

In a digital multisignature scheme, two or more signers are allowed to produce a single signature on a common message, which can be verified by anyone. In the literature, many schemes are available based on the public key infrastructure or identity-based cryptosystem with bilinear pairing and map-to-point (MTP) hash function. The bilinear pairing and the MTP function are time-consuming operations and they need a large super-singular elliptic curve group. Moreover, the cryptosystems based on them are difficult to implement and less efficient for practical use. To the best of our knowledge, certificateless digital multisignature scheme without pairing and MTP hash function has not yet been devised and the same objective has been fulfilled in this paper. Furthermore, we formally prove the security of our scheme in the random oracle model under the assumption that ECDLP is hard. [ABSTRACT FROM PUBLISHER]

Published
2017
Full Text
View/download PDF

45. Single round-trip SIP authentication scheme with provable security for Voice over Internet Protocol using smart card.

Author

Kumari, Saru, Wu, Fan, Li, Xiong, Farash, Mohammad, Jiang, Qi, Khan, Muhammad, and Das, Ashok

Subjects
BIOMETRIC identification, COMPUTER access control, VOCODER, INTERNET protocols, SMART cards
Abstract

In recent years, Voice over Internet Protocol (VoIP) has gained more and more popularity as an application of the Internet technology. For various IP applications including VoIP, the topic of Session Initiation Protocol (SIP) has attracted major concern from researchers. SIP is an advanced signaling protocol operating on Internet Telephony. SIP uses digest authentication protocols such as Simple Mail Transport Protocol (SMTP) and Hyper Text Transport Protocol (HTTP). When a user seeks SIP services, authentication plays an important role in providing secure access to the server only to the authorized access seekers. Being an insecure-channel-based protocol, a SIP authentication protocol is susceptible to adversarial threats. Therefore, security is a big concern in SIP authentication mechanisms. This paper reveals the security vulnerabilities of two recently proposed SIP authentication schemes for VoIP, Irshad et al.'s scheme [ Multimed. Tools. Appl. doi:] and Arshad and Nikooghadam's scheme [ Multimed. Tools. Appl. DOI ], the later scheme is based on the former scheme. Irshad et al.'s scheme suffers from password guessing, user impersonation and server spoofing attacks. Arshad and Nikooghadam's scheme can be threatened with server spoofing and stolen verifier attack. None of these two schemes achieve mutual authentication. It also fails to follow the single round-trip authentication design of Irshad et al.'s scheme. To overcome these weaknesses, we propose a provable secure single round-trip SIP authentication scheme for VoIP using smart card. We formally prove the security of the scheme in random oracle and demonstrate through discussion its resistance to various attacks. The comparative analysis shows that the proposed SIP authentication scheme offers superior performance with a little extra computational cost. [ABSTRACT FROM AUTHOR]

Published
2016
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results