PROJECT TITLE :

Security Analysis of a Single Sign-On Mechanism for Distributed Computer Networks - 2013

ABSTRACT:

Single sign-on (SSO) is a new authentication mechanism that enables a legal user with a single credential to be authenticated by multiple service providers in a distributed computer network. Recently, Chang and Lee proposed a new SSO scheme and claimed its security by providing well-organized security arguments. In this paper, however, we demonstrative that their scheme is actually insecure as it fails to meet credential privacy and soundness of authentication. Specifically, we present two impersonation attacks. The first attack allows a malicious service provider, who has successfully communicated with a legal user twice, to recover the user's credential and then to impersonate the user to access resources and services offered by other service providers. In another attack, an outsider without any credential may be able to enjoy network services freely by impersonating any legal user or a nonexistent user. We identify the flaws in their security arguments to explain why attacks are possible against their SSO scheme. Our attacks also apply to another SSO scheme proposed by Hsu and Chuang, which inspired the design of the Chang-Lee scheme. Moreover, by employing an efficient verifiable encryption of RSA signatures proposed by Ateniese, we propose an improvement for repairing the Chang-Lee scheme. We promote the formal study of the soundness of authentication as one open problem.


Did you like this research project?

To get this research project Guidelines, Training and Code... Click Here


MTechProjects.com offering final year Java Based Information Security MTech Projects, Information Security IEEE Projects, IEEE Information Security Projects, Information Security MS Projects, Java Based Information Security BTech
PROJECT TITLE :Big Data Based Security Analytics for Protecting Virtualized Infrastructures in Cloud Computing - 2018ABSTRACT:Virtualized infrastructure in cloud computing has become an enticing target for cyberattackers to
PROJECT TITLE :Transmit-Power Minimization for NOMA-Enabled Traffic Offloading With Security Provisioning - 2018ABSTRACT:Non-orthogonal multiple access (NOMA) has been proposed as an effective technique to deal with the enormous
PROJECT TITLE :Beamforming Optimization for Physical Layer Security in MISO Wireless Networks - 2018ABSTRACT:A wireless network of multiple transmitter-user pairs overheard by an eavesdropper, where the transmitters are equipped
PROJECT TITLE :Cost-Optimal Caching for D2D Networks With User Mobility: Modeling, Analysis, and Computational Approaches - 2018ABSTRACT:Caching well-liked files at the user equipments (UEs) provides an efficient way to alleviate

Ready to Complete Your Academic MTech Project Work In Affordable Price ?

Project Enquiry