nach oben

Wireless Personal Communications

Erschienen in:

01.09.2014

Analysis and Improvement of a Robust Smart Card Based-Authentication Scheme for Multi-Server Architecture

verfasst von: Dianli Guo, Fengtong Wen

Erschienen in: Wireless Personal Communications | Ausgabe 1/2014

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Recently, Pippal et al. proposed an authentication scheme for multi-server architecture and claimed that their scheme had many advantages compared to the previous schemes, such as security, reliability, etc. In this paper, we reanalyze the security of their scheme and demonstrate that their scheme is vulnerable to impersonation attack even if the adversary doesn’t know the information stored in the user’s smart card. Moreover, the adversary can proceed off-line password guessing attack if the user’s smart card is compromised. In order to eliminate those shortcomings, we propose an improved multi-server authentication scheme which can preserve user anonymity. We demonstrate the completeness of the proposed scheme through the BAN logic. Compared with other related protocols, the security analysis and performance evaluation show that our proposed scheme can provide stronger security.

Vorheriger Artikel QoS-Driven Power Allocation Under Peak and Average Interference Constraints in Cognitive Radio Networks

Nächster Artikel AODV_RR: A Maximum Transmission Range Based Ad Hoc on-Demand Distance Vector Routing in MANET

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Lamport, L. (1981). Password authentication with insecure communication. Communications of the ACM, 24(11), 770–772.CrossRefMathSciNet

Das, M., Saxena, A., & Gulati, V. (2004). A dynamic ID-based remote user authentication scheme. IEEE Transactions on Consumer Electronics, 50(2), 665–667.CrossRef

Wen, F. (2013). A robust uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. Journal of Medical Systems, 37, 9980. doi:10.1007/s10916-013-9980-1.CrossRef

Wen, F., & Li, X. (2011). An improved dynamic ID-based remote user authentication with key agreement scheme. Computers and Electrical Engineering, 38(2), 381–387.CrossRef

Wen, F., Susilo, W., & Yang, G. (2013). A secure and effective anonymous user authentication scheme for roaming service in global mobility networks. Wireless Personal Communications, 73(3), 993–1004.CrossRef

Li, L., Lin, I., & Hwang, M. (2001). A remote password authentication scheme for multiserver architecture using neural networks. IEEE Transactions on Neural Network, 12(6), 1498–1504.CrossRef

Lin, I., Hwang, M., & Li, L. (2003). A new remote user authentication scheme for multi-server architecture. Future Generation Computer System, 19(1), 13–22.CrossRefMATH

Cao, X., & Zhong, S. (2006). Breaking a remote user authentication scheme for multiserver architecture. IEEE Communications Letters, 10(8), 580–581.CrossRef

Juang, W. (2004). Efficient multi-server password authenticated key agreement using smart cards. IEEE Transactions on Consumer Electronics, 50(1), 251–255.CrossRef

10.

Tsai, J. (2008). Efficient multi-server authentication scheme based on one-way hash function without verification table. Computers and Security, 27(3–4), 115–121.CrossRef

11.

Liao, Y., & Wang, S. (2009). A secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards and Interface, 19(1), 13–22.

12.

Hsiang, H., & Shih, W. (2009). Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards and Interface, 31(6), 1118–1123.CrossRef

13.

Sood, S., Sarje, A., & Singh, K. (2011). A secure dynamic identity based authentication protocol for multi-server architecture. Journal of Network and Computer Applications, 34(2), 609–618.CrossRef

14.

Lee, C., Lin, T., & Chang, R. (2011). A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards. Expert Systems with Applications, 38(11), 13863–13870.

15.

Li, X., Xiong, Y., Ma, J., & Wang, W. (2012). An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. Journal of Network and Computer Applications, 35(2), 763–769.CrossRef

16.

Li, X., Ma, J., Wang, W., Xiong, Y., & Zhang, J. (2012). A novel smart card and dynamic ID based remote user authentication scheme for multi-server environments. Mathematical and Computer Modelling, 58(1–2), 85–95.

17.

Guo, D., & Wen, F. (2013). A more secure dynamic ID based remote user authentication scheme for multi-server environment. Journal of Computational Information Systems, 9(2), 407–414.

18.

Wang, B., & Ma, M. (2013). A smart card based efficient and secured multi-server authentication scheme. Wireless Personal Communications, 68, 361–378.CrossRef

19.

He, D., & Wu, S. (2013). Security flaws in a smart card based authentication scheme for multi-server environment. Wireless Personal Communications, 70(1), 323–329.CrossRef

20.

Pippal, R., Jaidhar, C., & Tapaswi, S. (2013). Robust smart card authentication scheme for multi-server architecture. Wireless Personal Communications, 72, 729–745.CrossRef

21.

Tsai, J., Lo, N., & Wu, T. (2012). A new password-based multi-server authentication scheme robust to password guessing attacks. Wireless Personal Communications, 71, 1977–1988.CrossRef

22.

Kocher, P., Jaffe, J., & Jun, B. (1999). Differential power analysis: 19th Annual international cryptology conference, (pp. 388–397).

23.

Messerges, T., Dabbish, E., & Sloan, R. (2002). Examining smart card security under the threat of power analysis attacks. IEEE Transactions on Computers, 5(51), 541–552.CrossRefMathSciNet

24.

Charvet, X., Pelletier, H. (2005). Improving the DPA attack using Wavelet transform. In: NIST Physical Security Testing Workshop, Vol. 46.

25.

Jasper G. J., van Woudenberg, J., Witteman, M., & Bakker, B. (2011). Improving differential power analysis by elastic alignment. In: Proceedings of the 11th international conference on topics in cryptology: CT-RSA 2011, (pp. 104–119).

26.

Burrows, M., Abadi, M., & Needham, R. (1990). A logic of authentication. ACM Transactions on Computer Systems, 8(1), 18–36.CrossRef

27.

Chang, Y., Yu, S., & Shiao, D. (2013). A uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. Journal of Medical Systems, 37(3), 1–16.MATH

Titel: Analysis and Improvement of a Robust Smart Card Based-Authentication Scheme for Multi-Server Architecture
verfasst von: Dianli Guo
Fengtong Wen
Publikationsdatum: 01.09.2014
Verlag: Springer US
Erschienen in: Wireless Personal Communications / Ausgabe 1/2014
Print ISSN: 0929-6212
Elektronische ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-014-1762-7

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Kryptowährungen/© gopixa / Getty Images / iStock, MG4 aus China auf dem Prüfstand im ADAC-Technik-Zentrum in Landsberg am Lech/© ADAC e.V., Chassis eines Elektrofahrzeugs/© chesky / stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Sustainibility Finance/© Robert Kneschke / stock.adobe.com / Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 1/2014

Provisioning Quality of Service of Wireless Telemedicine for E-Health Services: A Review

Dynamic Channel Allocation to Interfered Cellular Networks

Multipartite Secret Sharing Based on CRT

Frequency Reuse Techniques with a Distributed Antenna System

Performance Evaluation of Non-prioritized and Prioritized Call Admission Control Schemes in Wireless Cellular Networks

Reliability Analysis for a Data Flow in Event-Driven Wireless Sensor Networks

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.