nach oben

Wireless Personal Communications

Erschienen in:

08.10.2016

An Improved Remote User Authentication Scheme Using Elliptic Curve Cryptography

verfasst von: Shehzad Ashraf Chaudhry, Husnain Naqvi, Khalid Mahmood, Hafiz Farooq Ahmad, Muhammad Khurram Khan

Erschienen in: Wireless Personal Communications | Ausgabe 4/2017

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Internet of Things has drastically expanded the global network for information exchange, because thousands of communication devices are becoming part of the global network. Besides the numerous benefits of global network expansion, secure communication and authentication among the comprising elements of the global network is also posing great challenges. Recently, Huang et al. proposed a key agreement scheme in order to facilitate user authenticity using elliptic curve cryptography. Huang et al. further emphasized the scheme is secure. Nevertheless, comprehensive analysis in this paper, demonstrates that Huang et al. scheme has correctness issues and is prone to impersonation/forgery attack. Then an improved scheme is presented to tenacity the said glitches existent in Huang et al.’s scheme. The security analysis of proposed scheme is substantiated in random oracle model. Furthermore, a simulation of proposed scheme is carried out by automated formal tool ProVerif. The performance and security assessments show that the scheme presented in this paper withstand impersonation attack and offers adequate security while reducing significant computation cost as compared with Huang et al.’s scheme. Hence, due to better performance and security, the proposed scheme is the appropriate one for security sensitive and resource constrained environments.

Vorheriger Artikel Malicious Events Grouping via Behavior Based Darknet Traffic Flow Analysis

Nächster Artikel Prediction of Speech Quality Based on Resilient Backpropagation Artificial Neural Network

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Lamport, L. (1981). Password authentication with insecure communication. Communications of the ACM, 24(11), 770–772.MathSciNetCrossRef

Sun, D.-Z., Huai, J.-P., Sun, J.-Z., Li, J.-X., Zhang, J.-W., & Feng, Z.-Y. (2009). Improvements of Juang’s password-authenticated key agreement scheme using smart cards. IEEE Transactions on Industrial Electronics, 56(6), 2284–2291.CrossRef

Lu, R., Lin, X., Liang, X., & Shen, X. (2012). A dynamic privacy-preserving key management scheme for location-based services in vanets. IEEE Transactions on Intelligent Transportation Systems, 13(1), 127–139.CrossRef

Zhao, D., Peng, H., Li, L., & Yang, Y. (2014). A secure and effective anonymous authentication scheme for roaming service in global mobility networks. Wireless Personal Communications, 78(1), 247–269.CrossRef

Lu, Y., Li, L., Peng, H., & Yang, Y. (2015). An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem. Journal of medical systems, 39(3), 1–8.CrossRef

He, D., & Wang, D. (2015). Robust biometrics-based authentication scheme for multi-server environment. IEEE Systems Journal, 9(3), 816–823.CrossRef

He, D., & Zeadally, S. (2015). Authentication protocol for an ambient assisted living system. IEEE Communications Magazine, 53(1), 71–77.CrossRef

He, D. (2012). An efficient remote user authentication and key agreement protocol for mobile client-server environment from pairings. Ad Hoc Networks, 10(6), 1009–1016.CrossRef

Farash, M. S., & Attari, M. A. (2014). A secure and efficient identity-based authenticated key exchange protocol for mobile client-server networks. The Journal of Supercomputing, 69(1), 395–411.CrossRef

10.

Farash, M. S., & Attari, M. A. (2016). An anonymous and untraceable password-based authentication scheme for session initiation protocol using smart cards. International Journal of Communication Systems, 29(13), 1956–1967.CrossRef

11.

Farash, M. S., & Attari, M. A. (2014). Cryptanalysis and improvement of a chaotic map-based key agreement protocol using chebyshev sequence membership testing. Nonlinear Dynamics, 76(2), 1203–1213.MathSciNetCrossRefMATH

12.

Irshad, A., Sher, M., Rehman, E., Ch, S. A., Hassan, M. U., & Ghani, A. (2015). A single round-trip sip authentication scheme for voice over internet protocol using smart card. Multimedia Tools and Applications, 74(11), 3967–3984.CrossRef

13.

Wu, L., Zhang, Y., Li, L., & Shen, J. (2016). Efficient and anonymous authentication scheme for wireless body area networks. Journal of Medical Systems, 40(6), 1–12. doi:10.1007/s10916-016-0491-8.CrossRef

14.

Jin, C., Xu, C., Zhang, X., & Li, F. (2015). A secure ECC-based RFID mutual authentication protocol to enhance patient medication safety. Journal of Medical Systems, 40(1), 1–6. doi:10.1007/s10916-015-0362-8.

15.

Jiang, Q., Ma, J., & Tian, Y. (2014). Cryptanalysis of smart-card-based password authenticated key agreement protocol for session initiation protocol of Zhang et al. International Journal of Communication Systems. doi:10.1002/dac.2767.

16.

Zhang, L., Tang, S., & Cai, Z. (2014). Robust and efficient password authenticated key agreement with user anonymity for session initiation protocol-based communications. IET Communications, 8(1), 83–91.CrossRef

17.

Chiou, S.-Y., Ying, Z., & Liu, J. (2016). Improvement of a privacy authentication scheme based on cloud for medical environment. Journal of Medical Systems, 40(4), 1–15. doi:10.1007/s10916-016-0453-1.CrossRef

18.

Tsai, J.-L. (2008). Efficient multi-server authentication scheme based on one-way hash function without verification table. Computers and Security, 27(3), 115–121.CrossRef

19.

Lu, R., Lin, X., Zhu, H., Liang, X., & Shen, X. (2012). Becan: a bandwidth-efficient cooperative authentication scheme for filtering injected false data in wireless sensor networks. IEEE Transactions on Parallel and Distributed Systems, 23(1), 32–43.CrossRef

20.

Liao, Y.-P., & Wang, S.-S. (2009). A secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards and Interfaces, 31(1), 24–29.CrossRef

21.

Lee, C.-C., Lin, T.-H., & Chang, R.-X. (2011). A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards. Expert Systems with Applications, 38(11), 13863–13870.

22.

Wang, D., & Wang, P. (2014). On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions. Computer Networks, 73, 41–57.CrossRef

23.

Wang, D., He, D., Wang, P., & Chu, C. (2015). Anonymous two-factor authentication in distributed systems: Certain goals are beyond attainment. IEEE Transactions on Dependable and Secure Computing, 12(4), 428–442.CrossRef

24.

Juang, W.-S., Chen, S.-T., & Liaw, H.-T. (2008). Robust and efficient password-authenticated key agreement using smart cards. IEEE Transactions on Industrial Electronics, 55(6), 2551–2556.CrossRef

25.

Xu, J., Zhu, W.-T., & Feng, D.-G. (2009). An improved smart card based password authentication scheme with provable security. Computer Standards and Interfaces, 31(4), 723–728.CrossRef

26.

Lee, S.-W., Kim, H.-S., & Yoo, K.-Y. (2005). Improvement of Chien et al’.s remote user authentication scheme using smart cards. Computer Standards and Interfaces, 27(2), 181–183.CrossRef

27.

Lee, N.-Y., & Chiu, Y.-C. (2005). Improved remote authentication scheme with smart card. Computer Standards and Interfaces, 27(2), 177–180.CrossRef

28.

Sood, S. K., Sarje, A. K., & Singh, K. (2010). An improvement of Xu et al.’s authentication scheme using smart cards. In Proceedings of the third annual ACM Bangalore conference, ACM (p. 15).

29.

Song, R. (2010). Advanced smart card based password authentication protocol. Computer Standards and Interfaces, 32(5), 321–325.CrossRef

30.

Chen, B.-L., Kuo, W.-C., & Wuu, L.-C. (2014). Robust smart-card-based remote user password authentication scheme. International Journal of Communication Systems, 27(2), 377–389.CrossRef

31.

Qu, J., & Tan, X.-L. (2014). Two-factor user authentication with key agreement scheme based on elliptic curve cryptosystem. Journal of Electrical and Computer Engineering, 2014, 16.CrossRef

32.

Huang, B., Khan, M. K., Wu, L., Muhaya, F. T. B., & He, D. (2015). An efficient remote user authentication with key agreement scheme using elliptic curve cryptography. Wireless Personal Communications, 85(1), 225–240.CrossRef

33.

Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., & Shalmani, M. (2008). On the power of power analysis in the real world: A complete break of the keeloq code hopping scheme. In D. Wagner (Ed.), Advances in cryptology, CRYPTO 2008, Vol. 5157, lecture notes in computer science (pp. 203–220). Berlin: Springer. doi:10.1007/978-3-540-85174-5_12.

34.

Dolev, D., & Yao, A. C. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 198–208. doi:10.1109/TIT.1983.1056650.MathSciNetCrossRefMATH

35.

Cao, X., & Zhong, S. (2006). Breaking a remote user authentication scheme for multi-server architecture. IEEE Communications Letters, 10(8), 580–581. doi:10.1109/LCOMM.2006.1665116.CrossRef

36.

Kocher, P., Jaffe, J., & Jun, B. (1999). Differential power analysis. In Proceedings of the advances in cryptology (pp. 388–397). Santa Barbara.

37.

Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.MathSciNetCrossRef

38.

Huang, B., Khan, M., Wu, L., Muhaya, F., & He, D. (2015). An efficient remote user authentication with key agreement scheme using elliptic curve cryptography. Wireless Personal Communications. doi:10.1007/s11277-015-2735-1.

39.

Mishra, D., Das, A. K., & Mukhopadhyay, S. (2014). A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Systems with Applications, 41(18), 8129–8143.CrossRef

40.

Mir, O., & Nikooghadam, M. (2015). A secure biometrics based authentication with key agreement scheme in telemedicine networks for e-health services. Wireless Personal Communications, 83(4), 2439–2461.CrossRef

41.

Chaudhry, S. A., Farash, M. S., Naqvi, H., Kumari, S., & Khan, M. K. (2015). An enhanced privacy preserving remote user authentication scheme with provable security. Security and Communication Networks. doi:10.1002/sec.1299.

42.

Xie, Q., Hu, B., Dong, N., & Wong, D. S. (2014). Anonymous three-party password-authenticated key exchange scheme for telecare medical information systems. PLoS One, 9(7), 1–6.

43.

Abadi, M., & Rogaway, P. (2000). Reconciling two views of cryptography. In Proceedings of the IFIP International Conference on Theoretical Computer Science (pp. 3–22). Springer.

Titel: An Improved Remote User Authentication Scheme Using Elliptic Curve Cryptography
verfasst von: Shehzad Ashraf Chaudhry
Husnain Naqvi
Khalid Mahmood
Hafiz Farooq Ahmad
Muhammad Khurram Khan
Publikationsdatum: 08.10.2016
Verlag: Springer US
Erschienen in: Wireless Personal Communications / Ausgabe 4/2017
Print ISSN: 0929-6212
Elektronische ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-016-3745-3

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Beijing Auto Show 2024: Deutsche Hersteller wollen angreifen./© EKH-Pictures / Generated with AI / Stock.adobe.com, Buchstaben, die aus einem Megaphon kommen/© MicroStockHub/Getty Images/iStock, Digitale Lieferkette/© zapp2photo / stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Sustainibility Finance/© Robert Kneschke / stock.adobe.com / Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 4/2017

A k-hop Scalable Management Scheme for Large Scale Mobile Ad Hoc Networks

A Low Duty Cycle MAC Protocol for Directional Wireless Sensor Networks

Analyse the Academic Performance of Students Using ANN Classification with Modified Pillar K-means and IWFA

Priority-Aware Packet Pre-marking for DiffServ Architecture Based on H.264/SVC Video Stream Structure

Design and Performance Analysis of Soft Decision-Based Network-Assisted Interference Cancellation and Suppression Scheme

Mathematical Modeling of n-Sided Polygon Metamaterial Split Ring Resonators for 5.8 GHz ISM Band Applications

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.