Top

Information Systems Frontiers

Published in:

01-03-2014

Enhanced Dynamic Authentication Scheme (EDAS)

Authors: Toan-Thinh Truong, Minh-Triet Tran, Anh-Duc Duong

Published in: Information Systems Frontiers | Issue 1/2014

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

With non-stop growth in network environments, communication security is necessary. A strong protocol guarantees that users and service providers are secure against many kinds of attacks, such as impersonation and replay attack. Sood et al. proposed an authentication scheme based on dynamic identity to prevent transactions from being intercepted by malicious users. Although they claimed that their scheme has advantages over previous schemes with the same approach, we prove that their scheme is vulnerable to impersonation attack and stolen verification attack, and can be affected by clock synchronization. Therefore we propose a novel authentication scheme to enhance security and overcome limitations existing in Sood’s scheme. Our security analysis shows that our proposed method can efficiently resist known types of attacks. Experimental results also show that the method can be implemented and processed in real-time thus applicable for not only regular computers but also mobile devices.

previous article Phone2Cloud: Exploiting computation offloading for energy saving on smartphones in mobile cloud computing

next article A scalable approach for content based image retrieval in cloud datacenter

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Boyd, C., & Choo, K. (2005). Security of two-party identity-based key agreement. Expert Systems with Applications, 3715, 229–243.

Burrows, M., Abadi, M., Needham, R. (1990). A logic of authentication. ACM Transactions on Computer System, 8, 18–36.CrossRef

Canetti, R., & Krawczyk, H. (2001). Analysis of key exchange schemes and their use for building secure channels. In Advances in cryptology-eurocrypt (pp. 451–472) Verlag: Springer.

Cao, X., Kou, W., Dang, L., Zhao, B. (2008). Identity-based multi-user broadcast authentication in wireless sensor networks. Computer Communications, 31, 659667.CrossRef

Chen, C.-L., Lee, C.-C., Hsu, C.-Y. (2011). Mobile device integration of a fingerprint biometric remote authentication scheme. International Journal of Communication Systems. doi:10.1002/dac.1277.

Cheng, Z., Nistazakis, M., Comley, R., Vasiu, L. (2005). On the indistinguishability-based security model of key agreement schemes-simple cases. In Cryptology ePrint Archive, Report.

Cheng, Z.-Y., Liu, Y., Chang, C.-C., Chang, S.-C. (2012). A smart card based authentication scheme for remote user login and verification. International Journal of Innovative Computing, Information and Control, 8(8), 5499–5511.

Das, M.L., Saxena, A., Gulati, V.P. (2004). A dynamic id-based remote user authentication scheme. IEEE Transactions on Consumer Electronics, 50(2), 629–631.CrossRef

Debiao, H., Jianhua, C., Jin, H. (2011). An id-based client authentication with key agreement protocol for mobile clientserver environment on ecc with provable security. Information Fusion.

ElGamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information, 31, 469–472.CrossRef

Hankerson, D., Menezes, A.J., Vanstone, S. (2003). Guide to Elliptic Curve Cryptography. Secaucus: Springer-Verlag.

Hwang, M.S., Lee, C.C., Tang, Y.L. (2002). A simple remote user authentication scheme. Mathematical and Computer Modelling, 36, 103–107.CrossRef

Islam, S.H., & Biswas, G.P. (2011). A more efficient and secure id-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Journal of Systems and Software, 84(11), 1892–1898.CrossRef

Khan, M.K., & Zhang, J. (2007). Improving the security of ’a flexible biometrics remote user authentication scheme. Computer Standards and Interfaces, 29(1), 82–85.CrossRef

Khana, M.K., Kimb, S.-K., Alghathbara, K. (2010). Cryptanalysis and security enhancement of a more efficient & secure dynamic id-based remote user authentication scheme. Computer Communications, 34(3), 305–309.CrossRef

Koblitz, N. (1987). Elliptic curve cryptosystem. Mathematics of Computation, 48, 203–209.CrossRef

Kocher, P., Jaffe, J., Jun, B. (1999). Differential power analysis. In Proceddings CRYPTO (pp. 388–397). Springer Verlag.

Ku, W., & Chang, S. (2005). Impersonation attack on a dynamic id-based remote user authentication scheme using smart cards. IEICE Transactions on Communications, E88-B(5), 2165–2167.CrossRef

Lamport, L. (1981). Password authentication with insecure communication. Communications of the ACM, 24, 770–772.CrossRef

Lee, C.C., Hwang, M.S., Yang, W.P. (2002). Flexible remote user authentication scheme using smart cards. IEEE Transactions on Neural Network, 36(3), 46–52.

Lee, C.-C., Lin, T.-H., Chang, R.-X. (2011). A secure dynamic id based remote user authentication scheme for multi-server environment using smart cards. Expert Systems with Applications, 38(11), 13 863–13 870.

Lee, J.K., Ryu, S.R., Yoo, K.Y. (2002). Fingerprint-based remote user authentication scheme using smart cards. Electronics Letters, 38, 554–555.CrossRef

Li, C.-T., & Hwang, M.-S. (2010). An efficient biometrics-based remote user authentication scheme using smart cards. Journal of Network and Computer Applications, 33(1), 1–5.CrossRef

Li, F., Xin, X., Hu, Y. (2008). Indentity-based broadcast signcryption. Computer Standards and Interfaces, 30(12), 89–94.CrossRef

Li, L.H., Lin, I.C., Hwang, M.S. (2001). A remote password authentication scheme for multi-server architecture using neural networks. IEEE Transactions on Neural Network, 12(6), 1498–1504.CrossRef

Li, X., Niu, J., Ma, J., Wang, W., Liu, C.-L. (2011). Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. Journal Network and Computer Applications, 34(1), 73–79.CrossRef

Liao, I.E., Lee, C.C., Hwang, M.S. (2005). Security enhancement for a dynamic id-based remote user authentication scheme. International Conference on Next Generation Web Services Practices, 6(2), 517–522.

Lin, C.-H., & Lai, Y.-Y. (2004). A flexible biometrics remote user authentication scheme. Computer Standards and Interfaces, 27(1), 19–23.CrossRef

Liou, Y., Lin, J., Wang, S. (2006). A new dynamic id-based remote user authentication scheme using smart cards. In Proceedings of 16th information security conference (pp. 198–205).

Messerges, T.S., Dabbish, E.A., Sloan, R.H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.CrossRef

Miller, V.S. (1986). Use of elliptic curves in cryptography. Proceedings of CRYPTO85, 218, 417–426.

Oh, J.-B., Yoon, E.-J., Yoo, K.-Y. (2007). An efficient id-based authenticated key agreement protocol with pairings. 4742, 446–456. doi:10.1007/978-3-540-74742-0_41.

Rivest, R.L., Shamir, A., Adleman, L. (1978). A method for obtaining digital signatures and public key cryptosystems. Communications of the ACM, 21(2), 120–126.CrossRef

Ryu, E., Yoon, E., Yoo, K. (2004). An efficient id-based authenticated key agreement protocol. NETWORKING, 3042.

Shamir, A. (1984). Identity based cryptosystems and signature schemes. Proceedings of CRYPTO84 (pp. 47–53). LNCS, Springer-Verlag.

Shen, J.-J., Lin, C.-W., Hwang, M.-S. (2003). A modified remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics, 49(2), 414–416.CrossRef

Shih, H. (2008). Cryptanalysis on two password authentication schemes. Master Thesis.

Shim, K. (2003). Efficient id-based authenticated key agreement protocol based on the weil pairing. Electron, 39(8), 653–654.

Sood, S.K., Sarje, A.K., Singh, K. (2010). An improvement of liou et al.s authentication scheme using smart cards. International Journal of Computer Applications, 1(8), 16–23.CrossRef

Sun, H., & Hsieh, B. (2003). Security analysis of shims authenticated key agreement protocols from parings. Cryptology ePrint Archive, Report 2003/113.

Tsai, J.-L., Wu, T.-C., Tsai, K.-Y. (2010). New dynamic id authentication scheme using smart cards. International Journal Communication Systems, 23(12), 1449–1462.CrossRef

Yang, J.-H., & Chang, C.-C. (2009). An id-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Computers and Security, 28(3–4), 138–143.CrossRef

Yoon, E.J., & Yoo, K.Y. (2006). Improving the dynamic id-based remote mutual authentication scheme. First International Workshop on Information Security, 4277, 499–507.

Yoon, E.-J., & Yoo, K.-Y. (2009). Robust id-based remote mutual authentication with key agreement scheme for mobile devices on ecc. IEEE International Conference on Computational Science and Engineering, 2, 633–640.

Title: Enhanced Dynamic Authentication Scheme (EDAS)
Authors: Toan-Thinh Truong
Minh-Triet Tran
Anh-Duc Duong
Publication date: 01-03-2014
Publisher: Springer US
Published in: Information Systems Frontiers / Issue 1/2014
Print ISSN: 1387-3326
Electronic ISSN: 1572-9419
DOI: https://doi.org/10.1007/s10796-013-9461-6

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 1/2014

A scalable approach for content based image retrieval in cloud datacenter

A cost-aware auto-scaling approach using the workload prediction in service clouds

Fully automated resource retrieval in telecommunications and internet converged environments

Dynamic intelligence towards merging cloud and communication services

A self-similar super-peer overlay construction scheme for super large-scale P2P applications

Phone2Cloud: Exploiting computation offloading for energy saving on smartphones in mobile cloud computing

Premium Partner