nach oben

Erschienen in:

2021 | OriginalPaper | Buchkapitel

Design of Robust Smartcard-Based User Anonymous Authentication Protocol with AVISPA Simulation

verfasst von : Rifaqat Ali, Preeti Chandrakar

Erschienen in: Architectural Wireless Networks Solutions and Security Issues

Verlag: Springer Singapore

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Recently, Byun presented a privacy maintaining smartcard-based authentication protocol with provable security. We analyze and identify that his scheme is suffering from online password guessing threat, replay threat, and privileged insider threat. It is also not providing user-anonymity and password change phase. To eliminate these above-mentioned security issues, we have designed an extended user anonymous authenticated session key agreement protocol using smartcard. The scalability of our scheme is measured in both formal and informal ways. The formal validation of our scheme has done using Burrows-Abadi-Needham (BAN) logic. Also, simulation is done by automated validation of Internet security protocols and applications (AVISPA) tool. Informal security analysis ensures that our scheme resists to various kinds of fraudulent attacks. The proposed scheme does not only hold up aforementioned security attacks, but also achieves some security features like user-anonymity and easy-to-use password change phase. Our protocol is comparatively more efficient than other schemes in the terms of costs and estimated time.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel An Authentication Model with High Security for Cloud Database

Nächstes Kapitel Data Security in Cloud Computing Using Abe-Based Access Control

Roy S, Karjee J, Rawat U, Dey N et al (2016) Symmetric key encryption technique: a cellular automata based approach in wireless sensor networks. Procedia Comput Sci 78:408–414CrossRef

Dey N, Ashour AS, Shi F, Fong SJ, Sherratt RS (2017) Developing residential wireless sensor networks for ecg healthcare monitoring. IEEE Trans Consum Electron 63(4):442–449CrossRef

Chandrakar P, Sinha S, Ali R (2019) Cloud-based authenticated protocol for healthcare monitoring system. J Ambient Intell Hum Comput: 1–17

Ali R, Chandrakar P, Kumar A (2020) On the security weaknesses in password-based anonymous authentication scheme for e-health care. In: Design frameworks for wireless networks. Springer, pp 23–40

Chandrakar P (2019) A secure remote user authentication protocol for healthcare monitoring using wireless medical sensor networks. Int J Ambient Comput Intell (IJACI) 10(1):96–116CrossRef

Chandrakar P, Om H (2018) An efficient two-factor remote user authentication and session key agreement scheme using rabin cryptosystem. Arab J Sci Eng 43(2):661–673CrossRef

Ali R, Pal AK (2018) An efficient three factor-based authentication scheme in multiserver environment using ECC. Int J Commun Syst 31(4):e3484CrossRef

Lamport L (1981) Password authentication with insecure communication. Commun ACM 24(11):770–772MathSciNetCrossRef

Li C-T, Hwang M-S (2010) An efficient biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 33(1):1–5CrossRef

10.

Li X, Niu J-W, Ma J, Wang W-D, Liu C-L (2011) Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 34(1):73–79CrossRef

11.

Das AK (2011) Cryptanalysis and further improvement of a biometric-based remote user authentication scheme using smart cards. arXiv preprint arXiv:1103.3159

12.

Turkanović M, Brumen B, Hölbl M (2014) A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the internet of things notion. Ad Hoc Netw 20:96–112CrossRef

13.

Karuppiah M, Saravanan R (2014) A secure remote user mutual authentication scheme using smart cards. J Inf Secur Appl 19(4–5):282–294

14.

Kalra S, Sood SK (2015) Secure authentication scheme for iot and cloud servers. Pervasive Mob Comput 24:210–223CrossRef

15.

Farash MS, Turkanović M, Kumari S, Hölbl M (2016) An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the internet of things environment. Ad Hoc Netw 36:152–176CrossRef

16.

Kaul SD, Awasthi AK (2016) Security enhancement of an improved remote user authentication scheme with key agreement. Wirel Pers Commun 89(2):621–637CrossRef

17.

Kumari S, Khan MK, Li X (2014) An improved remote user authentication scheme with key agreement. Comput Electr Eng 40(6):1997–2012CrossRef

18.

Kumari S, Gupta MK, Khan MK, Li X (2014) An improved timestamp-based password authentication scheme: comments, cryptanalysis, and improvement. Secur Commun Netw 7(11):1921–1932CrossRef

19.

Chaudhry SA, Farash MS, Naqvi H, Kumari S, Khan MK (2015) An enhanced privacy preserving remote user authentication scheme with provable security. Secur Commun Netw 8(18):3782–3795CrossRef

20.

Radhakrishnan N, Karuppiah M, Pandi V, Bhuiyan MZA (2017) Security on a lightweight authentication scheme with user untraceability. International conference on security, privacy and anonymity in computation, communication and storage. Springer, pp 489–496

21.

Yeh K-H (2015) A lightweight authentication scheme with user untraceability. Front Inf Technol Electron Eng 16(4):259–271CrossRef

22.

Wu F, Xu L, Kumari S, Li X, Das AK, Shen J (2018) A lightweight and anonymous rfid tag authentication protocol with cloud assistance for e-healthcare applications. J Ambient Intell Hum Comput 9(4):919–930CrossRef

23.

Kumari S, Karuppiah M, Das AK, Li X, Wu F, Kumar N (2018) A secure authentication scheme based on elliptic curve cryptography for iot and cloud servers. J Supercomput 74(12):6428–6453CrossRef

24.

Karuppiah M, Das AK, Li X, Kumari S, Wu F, Chaudhry SA, Niranchana R (2019) Secure remote user mutual authentication scheme with key agreement for cloud environment. Mob Netw Appl 24(3):1046–1062CrossRef

25.

Qi M, Chen J (2017) An efficient two-party authentication key exchange protocol for mobile environment. Int J Commun Syst 30(16):e3341CrossRef

26.

Byun JW (2015) Privacy preserving smartcard-based authentication system with provable security. Secur Commun Netw 8(17):3028–3044CrossRef

27.

Awasthi AK, Srivastava K, Mittal R (2011) An improved timestamp-based remote user authentication scheme. Comput Electr Eng 37(6):869–874CrossRef

28.

Islam SH (2016) Design and analysis of an improved smartcard-based remote user password authentication scheme. Int J Commun Syst 29(11):1708–1719CrossRef

29.

Khan MK, Kumari S (2013) An authentication scheme for secure access to healthcare services. J Med Syst 37(4):9954CrossRef

30.

Li X, Niu J, Khan MK, Liao J (2013) An enhanced smart card based remote user password authentication scheme. J Netw Comput Appl 36(5):1365–1371CrossRef

31.

Burrows M, Abadi M, Needham RM (1989) A logic of authentication. Proc R Soc Lond A 426(1871):233–271MathSciNetCrossRef

32.

Chandrakar P, Om H (2017) Cryptanalysis and improvement of a biometric-based remote user authentication protocol usable in a multiserver environment. Trans Emerg Telecommun Technol 28(12):e3200CrossRef

33.

Chen B-L, Kuo W-C, Wuu L-C (2014) Robust smart-card-based remote user password authentication scheme. Int J Commun Syst 27(2):377–389CrossRef

34.

Bin Muhaya FT (2015) Cryptanalysis and security enhancement of zhu’s authentication scheme for telecare medicine information system. Secur Commun Netw 8(2):149–158

35.

Chaturvedi A, Mishra D, Mukhopadhyay S (2013) Improved biometric-based three-factor remote user authentication scheme with key agreement using smart card. In: International conference on information systems security. Springer, pp 63–77

36.

Islam SH, Khan MK (2014) Cryptanalysis and improvement of authentication and key agreement protocols for telecare medicine information systems. J Med Syst 38(10):135CrossRef

37.

Jiang Q, Ma J, Li G, Yang L (2014) An efficient ticket based authentication protocol with unlinkability for wireless access networks. Wirel Pers Commun 77(2):1489–1506CrossRef

Titel: Design of Robust Smartcard-Based User Anonymous Authentication Protocol with AVISPA Simulation
verfasst von: Rifaqat Ali
Preeti Chandrakar
Verlag: Springer Singapore
Buch: Architectural Wireless Networks Solutions and Security Issues
Print ISBN: 978-981-16-0385-3

Electronic ISBN: 978-981-16-0386-0

Copyright-Jahr: 2021
DOI: https://doi.org/10.1007/978-981-16-0386-0_3

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Die Gewinner und Laudatoren des Sustainability Award in Automotive 2024/© Uli Regenscheit | ATZlive, Search Icon, Banner Hanser, Additiv gefertigte Teile/© Marina_Skoropadskaya | Getty Images | iStock, Warnschild "Land unter"/© Bluedesign / Fotolia, Gardiner von Trapp/© Alpega Group, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade, chassis.tech plus 2023/© [M] ATZlive / TÜV SÜD PRODUCT SERVICE GMBH, adäsion-Webinar-Matinee/© krystiannawrocki_ Getty Images

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.