Skip to main content
SpringerLink
Log in

A provably secure biometrics-based authenticated key agreement scheme for multi-server environments

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

An authentication scheme handling multiple servers offers a feasible environment to users to conveniently access the rightful services from various servers using one-time registration. The practical realization of distribution of online services efficiently and transparently in multiple-server systems has come true by virtue of multi-server user authentication schemes. Due to distinguished properties like, difficulty to forge or copy, in-feasibility to lose or guess or forget, etc., biometrics have been widely preferred as a third authenticating factor in password and smart card based user authentication protocols. In this paper, we design a new biometrics-based multi-server authentication scheme based on trusted multiple-servers. We harness the concept of fuzzy extractor to provide the proper matching of biometric patterns. We evaluate our scheme through informal discussions on performance and also using Burrows-Abadi-Needham logic (BAN-logic) & random oracle model for formal security analysis. We also compose a comparative assessment of our scheme and the related ones. Outcome of the analysis and assessment shows our scheme an edge above many related and contemporary schemes.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. Abdalla M, Fouque P, Pointcheval D (2005) Password-based authenticated key exchange in the three-party setting. PKC 2005: 8th international workshop on theory and practice in public key cryptography, lecture notes in computer science 3386:65–84

  2. Bakrawy L, Ghali N, Hassanien A, Kim TH (2011) A fast and secure one-way hash function. Sec Technol Comm Comp Inform Sci 259:85–93

    Article  Google Scholar 

  3. Bergamo P, D’Arco P, De Santis A, Kocarev L (2005) Security of public-key cryptosystems based on Chebyshev polynomials. IEEE Trans Circ Sys 52(7):1382–1393

    Article  MathSciNet  MATH  Google Scholar 

  4. Boyko V, Mackenzie P, Patel S (2000) Provably secure password-based authenticated key exchange protocols using Diffie-Hellman, Advances in Cryptology - EUROCRYPT2000. Lect Notes Comput Sci 1807:156–171

    Article  MATH  Google Scholar 

  5. Burrows M, Abadi M, Needham R (1990) A logic of authentication. ACM Trans Comput Syst 8:18–36

    Article  MATH  Google Scholar 

  6. Chang CC, Le HD (2015) A provably secure, efficient and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Trans Wirel Commun 15(1):357–366

    Article  Google Scholar 

  7. Chen TY, Lee CC, Hwang MS, Jan JK (2013) Towards secure and efficient user authentication scheme using smart card for multi-server environments. J Supercomput 66:1008–1032

    Article  Google Scholar 

  8. Chuang MC, Chen MC (2014) An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. Expert Syst Appl 41(4):1411–1418

    Article  Google Scholar 

  9. Crypto++ Library 5.6.1. (2013) Available at: http://www.cryptopp.com/

  10. Dodis Y, Reyzin L, Smith A (2004) Fuzzy extractors: how to generate strong keys from biometrics and other noisy data, Advances in Cryptology-EUROCRYPT2004. Lect Notes Comput Sci 3027:523–540

    Article  MATH  Google Scholar 

  11. Fu Z, Sun X, Liu Q, Zhou L, Shu J (2015) Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Trans Commun E98-B(1):190–200

    Article  Google Scholar 

  12. Fu Z, Ren K, Shu J, Sun X, Huang F (2016a) Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Trans Parallel Distributed Sys 27(9):2546–2559

    Article  Google Scholar 

  13. Fu Z, Wu X, Guan C, Sun X, Ren K (2016b) Towards efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement. IEEE Trans Inform Forensics Sec 11(2):2706–2716

    Article  Google Scholar 

  14. Guo P, Wang J, Li B, Lee S (2014) A variable threshold-value authentication architecture for wireless mesh networks. J Inter Technol 15(6):929–936

    Google Scholar 

  15. Gura N, Patel A, Wander A, Eberle H, Shantz SC (2004) Comparing elliptic curve cryptography and RSA on 8-bit CPUs. Lect Notes Comput Sci 3156:119–132

    Article  MATH  Google Scholar 

  16. Han S, Chang E (2009) Chaotic map based key agreement with/out clock synchronization. Chaos, Solitons Fractals 39(3):1283–1289

    Article  MathSciNet  MATH  Google Scholar 

  17. He D, Wang D (2015) Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst J 9(3):816–823

    Article  Google Scholar 

  18. Hong SM, Oh SY, Yoon H (1996) New modular multiplication algorithms for fast modular exponentiation. Lect Notes Comput Sci 1070:166–177

    Article  MATH  Google Scholar 

  19. Hsiang HC, Shih WK (2009) Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment. Com Standards Inter 31(6):1118–1123

    Article  Google Scholar 

  20. Juang WS (2004) Efficient multi-server password authenticated key agreement using smart cards. IEEE Trans Consum Electron 50(1):251–255

    Article  MathSciNet  Google Scholar 

  21. Kaufman C (2005) Internet key exchange (IKEv2) protocol. RFC 4306, December 2005

  22. Kim S, Lim S, Won D (2002) Cryptanalysis of flexible remote password authentication scheme of ICN’01. Electron Lett 38(24):1519–1520

    Article  Google Scholar 

  23. Kocarev L, Tasev Z (2003) Public-key encryption based on Chebyshev maps. In: Proceedings of the International Symposium on Circuits and Systems (ISCAS’03) 3:28–31

  24. Kocher P, Jaffe J, Jun B. (1999) Differential power analysis. Advances in Cryptology (CRYPTO’99) 388–397

  25. Ku WC (2005) Weaknesses and drawbacks of a password authentication scheme using neural networks for multiserver architecture. IEEE Trans Neural Net 16(4):1002–1005

    Article  Google Scholar 

  26. W.C. Ku, S.T. Chang, M.H. Chiang, Weaknesses of a remote user authentication scheme using smart cards for multi-server architecture, IEICE Trans Commun E88-B(8) (2005) 3451–3454.

  27. Kumari S, Khan MK, Li X (2014) An improved remote user authentication scheme with key agreement. Comput Electr Eng 40(6):1997–2012

    Article  Google Scholar 

  28. Lee TF (2015) Provably Secure Anonymous Single-Sign-On Authentication Mechanisms Using Extended Chebyshev Chaotic Maps for Distributed Computer Networks. IEEE Syst J PP(99):1–8

    Article  Google Scholar 

  29. Lee WB, Chang CC (2000) User identification and key distribution maintaining anonymity for distributed computer network. Comput Syst Sci Eng 15(4):211–214

    Google Scholar 

  30. Lee JS, Chang YF, Chang CC (2008) A novel authentication protocol for multi-server architecture without smart cards. Inter J Innova Comp, Inform Control 4(6):1357–1364

    Google Scholar 

  31. Lee CC, Lin T-H, Chang R-X (2011) A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards. Expert Syst Appl 38(11):13863–13870

    Google Scholar 

  32. Leu J-S, Hsieh W-B (2014) Efficient and secure dynamic ID-based remote user authentication scheme for distributed systems using smart cards. IET Inf Secur 8(2):104–113

    Article  Google Scholar 

  33. Li LH, Lin IC, Hwang MS (2001) A remote password authentication scheme for multi-server architecture using neural networks. IEEE Trans Neural Net 12(6):1498–1504

    Article  Google Scholar 

  34. Li X, Niu J, Ma J, Wang W, Liu C (2011) Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 34(1):73–79

    Article  Google Scholar 

  35. Li X, Xiong Y, Ma J, Wang W (2012) An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. J Netw Comput Appl 35(2):763–769

    Article  Google Scholar 

  36. Li CT, Lee CC, Weng CC, Fan CI (2013) An extended multi-server-based user authentication and key agreement scheme with user anonymity. KSII Trans Inter Inform Sys 7(1):119–131

    Google Scholar 

  37. Liao YP, Wang SS (2009) A secure dynamic ID based remote user authentication scheme for multiserver environment. Com Standards Inter 31(1):24–29

    Article  Google Scholar 

  38. Lin IC (2008) A neural network system for authenticating remote users in multi-server architecture. Int J Commun Syst 21:435–445

    Article  Google Scholar 

  39. Lin IC, Hwang MS, Li LH (2003) A new remote user authentication scheme for multi-server architecture. Futur Gener Comput Syst 19:13–22

    Article  MATH  Google Scholar 

  40. Martin KM (2012) Everyday cryptography: fundamental principles and applications. Oxford University Press, Oxford, p 495 Chapter 13

    Book  MATH  Google Scholar 

  41. Mason JC, Handscomb JC (2003) Chebyshev polynomials. Chapman & Hall, London

    MATH  Google Scholar 

  42. Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552

    Article  MathSciNet  Google Scholar 

  43. Mishra D, Das AK, Mukhopadhyay S (2014) A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Syst Appl 41(18):8129–8143

    Article  Google Scholar 

  44. Mitchell C (2005) Trusted computing. Institution of Electrical Engineers, London

    Book  Google Scholar 

  45. Schneier B (1996) Applied cryptography protocols algorithms and source code in C, Second edn. John Wiley and Sons Inc., Hoboken

    MATH  Google Scholar 

  46. Shen H, Gao CZ, He DD, Wu LB (2015) New biometrics-based authentication scheme for multi-server environment in critical systems. J Ambient Intell Humaniz Comput 6(6):825–834

    Article  Google Scholar 

  47. Sood SK, Sarje AK, Singh K (2011) A secure dynamic identity based authentication protocol for multi-server architecture. J Netw Comput Appl 34(2):609–618

    Article  Google Scholar 

  48. Tsai JL (2008) Efficient multi-server authentication scheme based on one-way hash function without verification table. Comp Sec 27:115–121

    Article  Google Scholar 

  49. Tsai JL, Lo NW, Wu TC (2013) A new password-based multi-server authentication scheme robust to password guessing attacks. Wirel Pers Commun 71:1977–1988

    Article  Google Scholar 

  50. Tsaur WJ (2001) A flexible user authentication scheme for multi-server internet services, Networking-ICN, Lecture Notes in Computer Science, vol 2093. Springer, Berlin, pp 174–183

    MATH  Google Scholar 

  51. Tsaur WJ, Wu CC, Lee WB (2005) An enhanced user authentication scheme for multi-server internet services. Appl Math Comput 170:258–266

    MathSciNet  MATH  Google Scholar 

  52. Tsaur WJ, Li JH, Lee WB (2012) An efficient and secure multi-server authentication scheme with key agreement. J Syst Softw 85(4):876–882

    Article  Google Scholar 

  53. Wang RC, Juang WS, Lei WS (2009) User authentication scheme with privacy-preservation for multiserver environment. IEEE Commun Lett 13(2):157–159

    Article  Google Scholar 

  54. Xia Z, Wang X, Sun X, Wang Q (2015) A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Trans Parallel Distributed Sys 27(2):340–352

    Article  Google Scholar 

  55. Xue K, Hong P, Ma C (2014) A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture. J Comput Syst Sci 80:195–206

    Article  MathSciNet  MATH  Google Scholar 

  56. Yeh KH, Lo NW (2010) A novel remote user authentication scheme for multi-server environment without using smart cards. Intern J Innova Comp Inform Control 6(8):3467–3478

    Google Scholar 

  57. Yoon E, Yoo K (2013) Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. J Supercomput 63(1):235–255

    Article  Google Scholar 

  58. Zhang L (2008) Cryptanalysis of the public key encryption based on multiple chaotic systems. Chaos, Solitons Fractals 37(3):669–674

    Article  MathSciNet  MATH  Google Scholar 

  59. Zhang L, Tang S, Zhu S (2016) An energy efficient authenticated key agreement protocol for SIP-based green VoIP networks. J Netw Comput Appl 59:126–133

    Article  Google Scholar 

  60. Zhu H, Hao X, Zhang Y, Jiang M (2015) A biometrics-based multi-server key agreement scheme on chaotic maps cryptosystem. J Inform Hiding Multimed Signal Processing 6(2):211–224

    Google Scholar 

  61. Zhu H, Zhang Y, Sun Y (2016) Provably secure multi-server privacy-protection system based on Chebyshev chaotic maps without using symmetric cryptography. Intern J Net Sec 18(5):803–815

    Google Scholar 

Download references

Acknowledgements

The authors would like to acknowledge the anonymous reviewers and the Editor for the constructive and helpful suggestions. Dr. Xiong Li is supported by the National Natural Science Foundation of China under Grant No. 61300220.

Author information

Authors and Affiliations

  1. Department of Mathematics, Chaudhary Charan Singh University, Meerut, C-3, Meerut, Uttar Pradesh, 282002, India

    Saru Kumari

  2. Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad, 500032, India

    Ashok Kumar Das

  3. School of Computer Science and Engineering, Hunan University of Science and Technology, Xiangtan, 411201, China

    Xiong Li

  4. Department of Computer Science and Engineering, Xiamen Institute of Technology, Huaqiao University, Xiamen, 361021, China

    Fan Wu

  5. Center of Excellence in Information Assurance, King Saud University, Riyadh, Kingdom of Saudi Arabia

    Muhammad Khurram Khan

  6. School of Computer Science and Technology, Xidian University, Xi’an, 710071, Shaanxi, People’s Republic of China

    Qi Jiang

  7. Department of Computer Science and Information Systems, Birla Institute of Technology and Science, Pilani, Rajasthan, 333031, India

    S. K. Hafizul Islam

Authors
  1. Saru Kumari
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ashok Kumar Das
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xiong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Fan Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Muhammad Khurram Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Qi Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. S. K. Hafizul Islam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Saru Kumari.

Ethics declarations

Conflict of interest

Authors declare that there is no conflict of interests regarding the publication of this article.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kumari, S., Das, A.K., Li, X. et al. A provably secure biometrics-based authenticated key agreement scheme for multi-server environments. Multimed Tools Appl 77, 2359–2389 (2018). https://doi.org/10.1007/s11042-017-4390-x

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-017-4390-x

Keywords

Search

Navigation