Top

Published in:

2021 | OriginalPaper | Chapter

Design of Robust Smartcard-Based User Anonymous Authentication Protocol with AVISPA Simulation

Authors : Rifaqat Ali, Preeti Chandrakar

Published in: Architectural Wireless Networks Solutions and Security Issues

Publisher: Springer Singapore

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Recently, Byun presented a privacy maintaining smartcard-based authentication protocol with provable security. We analyze and identify that his scheme is suffering from online password guessing threat, replay threat, and privileged insider threat. It is also not providing user-anonymity and password change phase. To eliminate these above-mentioned security issues, we have designed an extended user anonymous authenticated session key agreement protocol using smartcard. The scalability of our scheme is measured in both formal and informal ways. The formal validation of our scheme has done using Burrows-Abadi-Needham (BAN) logic. Also, simulation is done by automated validation of Internet security protocols and applications (AVISPA) tool. Informal security analysis ensures that our scheme resists to various kinds of fraudulent attacks. The proposed scheme does not only hold up aforementioned security attacks, but also achieves some security features like user-anonymity and easy-to-use password change phase. Our protocol is comparatively more efficient than other schemes in the terms of costs and estimated time.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter An Authentication Model with High Security for Cloud Database

next chapter Data Security in Cloud Computing Using Abe-Based Access Control

Roy S, Karjee J, Rawat U, Dey N et al (2016) Symmetric key encryption technique: a cellular automata based approach in wireless sensor networks. Procedia Comput Sci 78:408–414CrossRef

Dey N, Ashour AS, Shi F, Fong SJ, Sherratt RS (2017) Developing residential wireless sensor networks for ecg healthcare monitoring. IEEE Trans Consum Electron 63(4):442–449CrossRef

Chandrakar P, Sinha S, Ali R (2019) Cloud-based authenticated protocol for healthcare monitoring system. J Ambient Intell Hum Comput: 1–17

Ali R, Chandrakar P, Kumar A (2020) On the security weaknesses in password-based anonymous authentication scheme for e-health care. In: Design frameworks for wireless networks. Springer, pp 23–40

Chandrakar P (2019) A secure remote user authentication protocol for healthcare monitoring using wireless medical sensor networks. Int J Ambient Comput Intell (IJACI) 10(1):96–116CrossRef

Chandrakar P, Om H (2018) An efficient two-factor remote user authentication and session key agreement scheme using rabin cryptosystem. Arab J Sci Eng 43(2):661–673CrossRef

Ali R, Pal AK (2018) An efficient three factor-based authentication scheme in multiserver environment using ECC. Int J Commun Syst 31(4):e3484CrossRef

Lamport L (1981) Password authentication with insecure communication. Commun ACM 24(11):770–772MathSciNetCrossRef

Li C-T, Hwang M-S (2010) An efficient biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 33(1):1–5CrossRef

10.

Li X, Niu J-W, Ma J, Wang W-D, Liu C-L (2011) Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 34(1):73–79CrossRef

11.

Das AK (2011) Cryptanalysis and further improvement of a biometric-based remote user authentication scheme using smart cards. arXiv preprint arXiv:1103.3159

12.

Turkanović M, Brumen B, Hölbl M (2014) A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the internet of things notion. Ad Hoc Netw 20:96–112CrossRef

13.

Karuppiah M, Saravanan R (2014) A secure remote user mutual authentication scheme using smart cards. J Inf Secur Appl 19(4–5):282–294

14.

Kalra S, Sood SK (2015) Secure authentication scheme for iot and cloud servers. Pervasive Mob Comput 24:210–223CrossRef

15.

Farash MS, Turkanović M, Kumari S, Hölbl M (2016) An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the internet of things environment. Ad Hoc Netw 36:152–176CrossRef

16.

Kaul SD, Awasthi AK (2016) Security enhancement of an improved remote user authentication scheme with key agreement. Wirel Pers Commun 89(2):621–637CrossRef

17.

Kumari S, Khan MK, Li X (2014) An improved remote user authentication scheme with key agreement. Comput Electr Eng 40(6):1997–2012CrossRef

18.

Kumari S, Gupta MK, Khan MK, Li X (2014) An improved timestamp-based password authentication scheme: comments, cryptanalysis, and improvement. Secur Commun Netw 7(11):1921–1932CrossRef

19.

Chaudhry SA, Farash MS, Naqvi H, Kumari S, Khan MK (2015) An enhanced privacy preserving remote user authentication scheme with provable security. Secur Commun Netw 8(18):3782–3795CrossRef

20.

Radhakrishnan N, Karuppiah M, Pandi V, Bhuiyan MZA (2017) Security on a lightweight authentication scheme with user untraceability. International conference on security, privacy and anonymity in computation, communication and storage. Springer, pp 489–496

21.

Yeh K-H (2015) A lightweight authentication scheme with user untraceability. Front Inf Technol Electron Eng 16(4):259–271CrossRef

22.

Wu F, Xu L, Kumari S, Li X, Das AK, Shen J (2018) A lightweight and anonymous rfid tag authentication protocol with cloud assistance for e-healthcare applications. J Ambient Intell Hum Comput 9(4):919–930CrossRef

23.

Kumari S, Karuppiah M, Das AK, Li X, Wu F, Kumar N (2018) A secure authentication scheme based on elliptic curve cryptography for iot and cloud servers. J Supercomput 74(12):6428–6453CrossRef

24.

Karuppiah M, Das AK, Li X, Kumari S, Wu F, Chaudhry SA, Niranchana R (2019) Secure remote user mutual authentication scheme with key agreement for cloud environment. Mob Netw Appl 24(3):1046–1062CrossRef

25.

Qi M, Chen J (2017) An efficient two-party authentication key exchange protocol for mobile environment. Int J Commun Syst 30(16):e3341CrossRef

26.

Byun JW (2015) Privacy preserving smartcard-based authentication system with provable security. Secur Commun Netw 8(17):3028–3044CrossRef

27.

Awasthi AK, Srivastava K, Mittal R (2011) An improved timestamp-based remote user authentication scheme. Comput Electr Eng 37(6):869–874CrossRef

28.

Islam SH (2016) Design and analysis of an improved smartcard-based remote user password authentication scheme. Int J Commun Syst 29(11):1708–1719CrossRef

29.

Khan MK, Kumari S (2013) An authentication scheme for secure access to healthcare services. J Med Syst 37(4):9954CrossRef

30.

Li X, Niu J, Khan MK, Liao J (2013) An enhanced smart card based remote user password authentication scheme. J Netw Comput Appl 36(5):1365–1371CrossRef

31.

Burrows M, Abadi M, Needham RM (1989) A logic of authentication. Proc R Soc Lond A 426(1871):233–271MathSciNetCrossRef

32.

Chandrakar P, Om H (2017) Cryptanalysis and improvement of a biometric-based remote user authentication protocol usable in a multiserver environment. Trans Emerg Telecommun Technol 28(12):e3200CrossRef

33.

Chen B-L, Kuo W-C, Wuu L-C (2014) Robust smart-card-based remote user password authentication scheme. Int J Commun Syst 27(2):377–389CrossRef

34.

Bin Muhaya FT (2015) Cryptanalysis and security enhancement of zhu’s authentication scheme for telecare medicine information system. Secur Commun Netw 8(2):149–158

35.

Chaturvedi A, Mishra D, Mukhopadhyay S (2013) Improved biometric-based three-factor remote user authentication scheme with key agreement using smart card. In: International conference on information systems security. Springer, pp 63–77

36.

Islam SH, Khan MK (2014) Cryptanalysis and improvement of authentication and key agreement protocols for telecare medicine information systems. J Med Syst 38(10):135CrossRef

37.

Jiang Q, Ma J, Li G, Yang L (2014) An efficient ticket based authentication protocol with unlinkability for wireless access networks. Wirel Pers Commun 77(2):1489–1506CrossRef

Title: Design of Robust Smartcard-Based User Anonymous Authentication Protocol with AVISPA Simulation
Authors: Rifaqat Ali
Preeti Chandrakar
Publisher: Springer Singapore
Book: Architectural Wireless Networks Solutions and Security Issues
Print ISBN: 978-981-16-0385-3

Electronic ISBN: 978-981-16-0386-0

Copyright Year: 2021
DOI: https://doi.org/10.1007/978-981-16-0386-0_3

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"