nach oben

The Journal of Supercomputing

Erschienen in:

01.07.2014

A secure and efficient identity-based authenticated key exchange protocol for mobile client–server networks

verfasst von: Mohammad Sabzinejad Farash, Mahmoud Ahmadian Attari

Erschienen in: The Journal of Supercomputing | Ausgabe 1/2014

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Recently, Chou et al. (J Supercomput 66(2): 973–988, 2013) proposed two identity-based key exchange protocols using elliptic curves for mobile environments. The first one is an two-party authentication key exchange protocol to establish a session key between a client and a remote server. The second one is an extended version for three-party setting to establish a session key between two clients with the help of a trusted server. However, this paper finds the first one vulnerable to impersonation attack and key-compromise impersonation attack, and the second one insecure against impersonation attack. To overcome the weaknesses, we propose an improved identity-based two-party authentication key exchange protocol using elliptic curves. The rigorous analysis shows that our scheme achieves more security than related protocols.

Vorheriger Artikel Offloading data encryption to GPU in database systems

Nächster Artikel User subscription-based resource management for Desktop-as-a-Service platforms

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Lee CC, Lin TH, Tsai CS (2009) A new authenticated group key agreement in a mobile environment. Ann Telecommun 64(11–12):735–744. doi:10.1007/s12243-009-0096-z CrossRef

Farash MS, Bayat M, Attari MA (2011) Vulnerability of two multiple-key agreement protocols. Comput Electr Eng 37(2):199–204CrossRefMATH

Farash MS, Attari MA, Bayat M (2012) A certificateless multiple-key agreement protocol without one-way hash functions based on bilinear pairings. IACSIT Int J Eng Technol 4(3):321–325CrossRef

Farash MS, Attari MA, Atani RE, Jami M (2013) A new efficient authenticated multiple-key exchange protocol from bilinear pairings. Comput Electr Eng 39(2):530–541CrossRef

Farash MS, Attari MA (2013) Provably secure and efficient identity-based key agreement protocol for independent PKGs using ECC. ISC Int J Inform Secur 5(1):1–15

Farash MS, Attari MA (2014) A pairing-free ID-based key agreement protocol with different PKGs. Int J Netw Secur 16(2):143–148MathSciNet

Bayat M, Farash MS, Movahed A (2010). A novel secure bilinear pairing based remote user authentication scheme with smart card. In: Proceeding of the IEEE/IFIP international conference on embedded and ubiquitous computing (EUC), pp 578–582

Farash MS, Attari MA (2013) An enhanced authenticated key agreement for session initiation protocol. Inform Technol Control 42(4):333–342CrossRef

Farash MS, Attari MA (2013) Cryptanalysis and improvement of a chaotic maps-based key agreement protocol using Chebyshev sequence membership testing. Nonlinear Dyn. doi:10.1007/s11071-013-1204-1

10.

Islam SH, Biswas GP (2012) An improved ID-based client authentication with key agreement scheme on ECC for mobile client–server environments. Theor Appl Inform 24(4):293–312. doi:10.2478/v10179-012-0018-z CrossRef

11.

Tang H, Liu X (2012) Cryptanalysis of Arshad et al’.s ECC-based mutual authentication scheme for session initiation protocol. Multimed Tool Appl 65(3):321–333. doi:10.1007/s11042-012-1001-8 CrossRef

12.

Xie Q (2012) A new authenticated key agreement for session initiation protocol. Int J Commun Syst 25(1):47–54. doi:10.1002/dac.1286 CrossRef

13.

Yoon E, Choi S, Yoo K (2012) A secure and efficiency ID-based authenticated key agreement scheme based on elliptic curve cryptosystem for mobile devices. Int J Innov Comput Inform Control 8(4):2637–2653

14.

Yang JH, Chang CC (2009) An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Comput Secur 28(3):138–143. doi:10.1016/j.cose.2008.11.008 CrossRef

15.

Yoon E, Yoo K (2009) Robust ID-based remote mutual authentication with key agreement protocol for mobile devices on ECC. In: Proceeding of 2009 international conference on computational science and engineering, pp 633–640. doi:10.1109/CSE.2009.363

16.

He D, Chen J, Hu J (2011) An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security. Inform Fusion 13(3):223–230. doi:10.1016/j.inffus.2011.01.001 CrossRef

17.

Chou CH, Tsai KY, Lu CF (2013) Two ID-based authenticated schemes with key agreement for mobile environments. J Supercomput 66(2):973–988. doi:10.1007/s11227-013-0962-3 CrossRef

18.

Islam SH, Biswas GP (2011) A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. J Syst Softw 84(11):1892–1898. doi:10.1016/j.jss.2011.06.061 CrossRef

19.

Zhao J, Gu D (2012) Provably secure three-party password-based authenticated key exchange protocol. Inform Sci 184(1):310–323CrossRefMATHMathSciNet

20.

Wu S, Pu Q, Wang S, He D (2012) Cryptanalysis of a communication-efficient three-party password authenticated key exchange protocol. Inform Sci 215:83–96. doi:10.1016/j.ins.2012.06.005 CrossRefMATHMathSciNet

21.

Yoon EJ, Yoo KY (2011) Cryptanalysis of a simple three-party password-based key exchange protocol. Int J Commun Syst 24(4):532–542. doi:10.1002/dac.1168 CrossRef

22.

Wu S, Chen K, Zhu Y (2013) Enhancements of a three-party password-based authenticated key exchange protocol. Int Arab J Inform Technol 10(3):215–221

23.

Tallapally S (2012) Security enhancement on simple three party pake protocol. Inform Technol Control 41(1):15–22. doi:10.5755/j.01.itc.41.1.842 CrossRef

24.

Liu T, Pu Q, Zhao Y, Wu S (2013) ECC-based password-authenticated key exchange in the three-party setting. Arab J Sci Eng 38(8):2069–2077. doi:10.1007/s13369-013-0543-z CrossRefMathSciNet

25.

Yoon EJ, Yoo KY (2008) Improving the novel three-party encrypted key exchange protocol. Comput Stand Interfaces 30(5):309–314. doi:10.1016/j.csi.2007.08.018 CrossRef

26.

Yang JH, Chang CC (2009) An efficient three-party authenticated key exchange protocol using elliptic curve cryptography for mobile-commerce environments. J Syst Softw 82(9):1497–1502. doi:10.1016/j.jss.2009.03.075 CrossRef

27.

Chen TH, Lee WB, Chen HB (2008) A round-and computation-efficient three-party authenticated key exchange protocol. J Syst Softw 81(9):1581–1590. doi:10.1016/j.jss.2007.11.720 CrossRefMathSciNet

28.

Tan Z (2010) An enhanced three-party authentication key exchange protocol for mobile commerce environments. J Commun 5(5):436–443. doi:10.4304/jcm.5.5.436-443 CrossRef

29.

He D, Chen Y, Chen J (2013) An ID-based three-party authenticated key exchange protocol using elliptic curve cryptography for mobile-commerce environments. Arab J Sci Eng 38(8):2055–2061CrossRefMathSciNet

30.

Farash MS, Attari MA (2014) An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps. Nonlinear Dyn. doi:10.1007/s11071-014-1304-6

Titel: A secure and efficient identity-based authenticated key exchange protocol for mobile client–server networks
verfasst von: Mohammad Sabzinejad Farash
Mahmoud Ahmadian Attari
Publikationsdatum: 01.07.2014
Verlag: Springer US
Erschienen in: The Journal of Supercomputing / Ausgabe 1/2014
Print ISSN: 0920-8542
Elektronische ISSN: 1573-0484
DOI: https://doi.org/10.1007/s11227-014-1170-5

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Weitere Artikel der Ausgabe 1/2014

Two-dimensional patterns and images reconstruction with use of cellular automata

A personalized IPTV channel-recommendation mechanism based on the MapReduce framework

Characterizing and modeling cloud applications/jobs on a Google data center

Scalable CAIM discretization on multiple GPUs using concurrent kernels

Offloading data encryption to GPU in database systems

A localization algorithm for large scale mobile wireless sensor networks: a learning approach