Visible to the public Biblio

Filters: Author is Hassan, Mehmood  [Clear All Filters]
2022-02-04
Sultan, Aiman, Hassan, Mehmood, Mansoor, Khwaja, Ahmed, Syed Saddam.  2021.  Securing IoT Enabled RFID Based Object Tracking Systems: A Symmetric Cryptography Based Authentication Protocol for Efficient Smart Object Tracking. 2021 International Conference on Communication Technologies (ComTech). :7—12.
Supply chain management systems (SCM) are the most intensive and statistical RFID application for object tracking. A lot of research has been carried out to overcome security issues in the field of online/offline object tracking as well as authentication protocols involving RFID technology. Due to advancements with the Internet of Things (IoT) and embedded systems in object tracking schemes the latest research manages to deliver information about the object’s location as well as provide particulars about the state of an object. Recent research presented a proposal for an authentication and online object tracking protocol focusing on solutions for privacy issues for device identification, end-to-end authentication, and secure online object tracking. However, recent schemes have been found to be vulnerable to traceability attacks. This paper presents an enhanced end-to-end authentication scheme where the identity of the user is kept anonymous so that its actions can not be tracked, eliminating attacks related to traceability. The security of the proposed protocol is formally analyzed using the attack model of the automated security testing tool, ProVerif. The proposed scheme outperforms competing schemes based on security.
2021-10-12
Hassan, Mehmood, Sultan, Aiman, Awan, Ali Afzal, Tahir, Shahzaib, Ihsan, Imran.  2020.  An Enhanced and Secure Multiserver-based User Authentication Protocol. 2020 International Conference on Cyber Warfare and Security (ICCWS). :1–6.
The extensive use of the internet and web-based applications spot the multiserver authentication as a significant component. The users can get their services after authenticating with the service provider by using similar registration records. Various protocol schemes are developed for multiserver authentication, but the existing schemes are not secure and often lead towards various vulnerabilities and different security issues. Recently, Zhao et al. put forward a proposal for smart card and user's password-based authentication protocol for the multiserver environment and showed that their proposed protocol is efficient and secure against various security attacks. This paper points out that Zhao et al.'s authentication scheme is susceptive to traceability as well as anonymity attacks. Thus, it is not feasible for the multiserver environment. Furthermore, in their scheme, it is observed that a user while authenticating does not send any information with any mention of specific server identity. Therefore, this paper proposes an enhanced, efficient and secure user authentication scheme for use in any multiserver environment. The formal security analysis and verification of the protocol is performed using state-of-the-art tool “ProVerif” yielding that the proposed scheme provides higher levels of security.
2020-02-17
Hassan, Mehmood, Mansoor, Khwaja, Tahir, Shahzaib, Iqbal, Waseem.  2019.  Enhanced Lightweight Cloud-assisted Mutual Authentication Scheme for Wearable Devices. 2019 International Conference on Applied and Engineering Mathematics (ICAEM). :62–67.
With the emergence of IoT, wearable devices are drawing attention and becoming part of our daily life. These wearable devices collect private information about their wearers. Mostly, a secure authentication process is used to verify a legitimate user that relies on the mobile terminal. Similarly, remote cloud services are used for verification and authentication of both wearable devices and wearers. Security is necessary to preserve the privacy of users. Some traditional authentication protocols are proposed which have vulnerabilities and are prone to different attacks like forgery, de-synchronization, and un-traceability issues. To address these vulnerabilities, recently, Wu et al. (2017) proposed a cloud-assisted authentication scheme which is costly in terms of computations required. Therefore this paper proposed an improved, lightweight and computationally efficient authentication scheme for wearable devices. The proposed scheme provides similar level of security as compared to Wu's (2017) scheme but requires 41.2% lesser computations.