Enhanced authentication and key exchange for end to end security in mobile commerce using wireless public key infrastructure

Purpose – The purpose of the study is to develop a secure, efficient, and enhanced user authentication mechanism to achieve reliable and authenticated connection. In online transactions, users and resources are located at different places, and the sensitive information is to be protected andtransferredusing thesuitable,reliablemechanism. Design/methodology/approach – One of the latest approach to handle the requirement is by a Public Key Infrastructure (PKI) or its variant Wireless Public Key Infrastructure (WPKI). Fundamental management techniques are required to be very secure and vital since they are one of the points of attack in public key cryptosystem. Entity authentication and key agreement (AKA) is a critical cryptographic problem in wireless communication, where a mutual entity authentication plays a vital role in the establishment of the secure and authentic connection. This paper proposes an efficient and enhanced AKA scheme (EAKA) with the end-to-end security and verifies the proposed system for protection using automated validation of internet security protocols and applications. An efficient way for the implementation of an enhanced version of the protocol is proposed using alattice-based cryptographic algorithm. Findings – The time consumed for the proposed research work shows that it is practical and acceptable. Originality/value – The proposedre search work is an efficient and enhanced user authentication mechanism

[1]  Im-Yeong Lee,et al.  Anonymous Authentication Scheme based on NTRU for the Protection of Payment Information in NFC Mobile Environment , 2013, J. Inf. Process. Syst..

[2]  Balachandra Muniyal,et al.  Automated User Authentication in Wireless Public Key Infrastructure for Mobile Devices Using Aadhar Card , 2019, IEEE Access.

[3]  Benjamin Richard,et al.  Achieving Better Privacy for the 3GPP AKA Protocol , 2016, Proc. Priv. Enhancing Technol..

[4]  Rong Chen,et al.  Research on NTRU Algorithm for Mobile Java Security , 2009, 2009 International Conference on Scalable Computing and Communications; Eighth International Conference on Embedded Computing.

[5]  R. Sunitha,et al.  Enhanced authentication technique for next generation 3GPP networks , 2014, 2014 International Conference on Contemporary Computing and Informatics (IC3I).

[6]  Ashok Kumar Das,et al.  2PAKEP: Provably Secure and Efficient Two-Party Authenticated Key Exchange Protocol for Mobile Environment , 2018, IEEE Access.

[7]  Zhenfeng Zhang,et al.  Security Analysis of an ID-Based Two-Server Password-Authenticated Key Exchange , 2017, IEEE Communications Letters.

[8]  Hai Jiang,et al.  Analysis and acceleration of NTRU lattice-based cryptographic system , 2014, 15th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD).

[9]  Antanas Cenys,et al.  Modeling of enterprise management structure for data leakage evaluation , 2018, Inf. Secur. J. A Glob. Perspect..

[10]  Maryline Laurent-Maknavicius,et al.  A lattice based authentication for low-cost RFID , 2012, 2012 IEEE International Conference on RFID-Technologies and Applications (RFID-TA).

[11]  Dariush Abbasinezhad-Mood,et al.  Efficient Anonymous Password-Authenticated Key Exchange Protocol to Read Isolated Smart Meters by Utilization of Extended Chebyshev Chaotic Maps , 2018, IEEE Transactions on Industrial Informatics.

[12]  Zhiyong Feng,et al.  Optimal deployment density for maximum coverage of drone small cells , 2018 .

[13]  Huanguo Zhang,et al.  Quantum polynomial-time fixed-point attack for RSA , 2018, China Communications.