A novel remote user authentication scheme using bilinear pairings
Introduction
Password authentication is an important technique to verify the legitimacy of a user. The technique is regarded as one of the most convenient methods for remote user authentication. Based on the computation complexity, password-based authentication schemes are classified into two broad categories, viz. hash-based (Menezes et al., 1996) authentication and public-key based authentication (IEEE P1363.2 Draft D12, 2003).
In 1981, Lamport introduced the first well-known hash-based password authentication scheme. Lamport's scheme suffers from high hash overhead and password resetting problems. Later, Shimizu et al. (1998) overcome the weakness of Lamport (1981) and proposed a modified scheme. Thereafter, many schemes and improvements (Lee et al., 2002, Peyravian and Zunic, 2000, Ku et al., 2003, Ku, 2004) on hash-based remote user authentication, have been proposed. These schemes take low computation cost and are computationally viable for implementation in a handheld device like smart card; however, the schemes primarily suffer from password guessing, stolen-verifier and denial-of-service attacks (Ku et al., 2003, Hsieh et al., 2003). In contrast, public-key based authentication schemes require high computation cost for implementation, but meet higher security requirements. So far, several research works on public-key based remote user authentication (Chang and Wu, 1993, Chang and Liao, 1994, Hwang and Yeh, 2002, Shen et al., 2003) have been done. Unfortunately, many times, a paper typically breaks a previous scheme and proposes a new one (Ku et al., 2003, Hsieh et al., 2003), which someone breaks later and, in turn, proposes a new one, and so on. Most of such work, though quite important and useful, essentially provides an incremental advance to the same basic theme (Peyravian and Zunic, 2000).
Recently, the bilinear pairings (Boneh and Franklin, 2001), namely the Weil pairing and the Tate pairing of algebraic curves have been found as important applications (Boneh and Franklin, 2001, Hess, 2003) in cryptography and allowed us to construct identity (ID) based cryptographic schemes. In 1984, Shamir introduced the concept of ID-based cryptosystem; however, the practical ID-based schemes (Boneh and Franklin, 2001, Cocks, 2001) were found in 2001.
In this paper, we present a remote user authentication scheme using the properties of bilinear pairings. In our scheme, the user is assigned a smart card, which is being personalized by some parameters during the user registration process. The use of smart card not only makes the scheme secure but also prevents the users from distribution of their login-IDs, which effectively prevents the scenario of many logged in users with the same login-ID. The characteristics of our scheme are summarised as follows:
- -
The user's smart card generates a dynamic login request and sends it to the remote system for login to the system. The login request is computed by the smart card internally without any human intervention and the login request is composed by the user system's timestamp. Thus, an adversary cannot predict the next login request with the help of current login request.
- -
The users can choose and change their preferred passwords freely without any assistance from the remote system. During the user registration process, the remote system stores a secret component and other parameters in a smart card, and then sends it to the user securely. With the help of the smart card and its secret component the user can change his password without any assistance from remote system.
- -
The remote system does not maintain any password or verifier table for the verification of user login request. The login request verification requires user identity, remote system public-key corresponding to the remote system's secret key.
- -
The scheme prevents the scenario of many logged in users with the same login-ID. Typically, a registered user can share his password or secret component with others, thus all who know the password or secret component with respect to the user's login-ID, can login to the remote system. This generally happens in digital library, where a subscriber can share his login-ID and password with others, and many users (who knows login-ID and password) can download or view the digital document. In our scheme, the login request is generated by the smart card using its stored secret component without any human intervention. It is extremely difficult to extract the secret component from the smart card, and thus the user cannot share it with others. Even if the legitimate user's password is shared with others, the other person cannot login to the system without the smart card. Once a valid user logs into the remote system, his smart card will be inside the terminal until the user logs out. If the user pulls out the card from the terminal after login the remote system, the login session will be immediately expired. Thus, the scheme can successfully prevent the scenario of many logged in users with the same login-ID.
- -
The scheme can resist the replay, forgery and insider attacks.
The rest of the paper is organised as follows. In the next section, we give some preliminaries of bilinear pairings. In the section following that, we propose our scheme and analyse the scheme in Section Correctness, performance and security. Finally we conclude the paper in last section.
Section snippets
Bilinear pairings
Suppose G1 is an additive cyclic group generated by P, whose order is a prime q, and G2 is a multiplicative cyclic group of the same order. A map is called a bilinear mapping if it satisfies the following properties:
- 1.
Bilinear: for all P, Q ∈ G1 and a,
- 2.
Non-degenerate: there exist P, Q ∈ G1 such that
- 3.
Computable: there is an efficient algorithm to compute for all P, Q ∈ G1.
We note that G1 is the group of points on an elliptic curve and G2 is a
Proposed scheme
There are three entities in the proposed scheme, namely the user, user's smart card and the remote system. The scheme consists of mainly three phases – the setup phase, the registration phase and the authentication phase.
Correctness
The verification step (V2) of a login request is verified by the following:
Performance
In order to compare the performance of our scheme with the existing public-key based remote user authentication schemes, we consider the schemes (Chang and Liao, 1994, Shen et al., 2003) which are based on ElGamal's (1985) signature scheme and used smart
Conclusion
We proposed a remote user authentication scheme using the properties of bilinear pairings. The scheme prevents the adversary from forgery attacks by employing a dynamic login request in every login session. The use of smart card not only makes the scheme secure but also prevents the users from distribution of their login-IDs, which effectively prohibits the scenario of many logged in users with the same login-ID. Moreover, the scheme provides a flexible password change option, where the users
Manik Lal Das received his M. Tech. degree in 1998. He is working in Institute for Development and Research in Banking Technology, Hyderabad as Research Officer and pursuing his Ph.D. degree in K. R. School of Information Technology, Indian Institute of Technology, Bombay, India. He has published over 15 research articles in refereed Journal Conferences. He is a member of Cryptology Research Society of India and Indian Society for Technical Education. His research interests include Cryptography
References (21)
- et al.
A remote password authentication scheme based upon ElGamal's signature scheme
Computers & Security
(1994) - et al.
Methods for protecting password transmission
Computers & Security
(2000) - et al.
Efficient algorithms for pairing-based cryptosystems
- et al.
Identity-based encryption from the Weil pairing
- et al.
Remote password authentication with smart cards
IEE Proceedings – E
(1993) An identity based encryption scheme based on quadratic residues
A public key cryptosystem and signature scheme based on the discrete logarithms
IEEE Transaction on Information Theory
(1985)- et al.
A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves
Mathematics of Computation
(1994) Efficient identity based signature schemes based on pairings
- et al.
On the security of some password authentication protocols
Informatica
(2003)
Cited by (114)
An efficient anonymous mutual authentication technique for providing secure communication in mobile cloud computing for smart city applications
2019, Sustainable Cities and SocietyCitation Excerpt :But, the authentication procedure of Hughes (2004) did not offer user secrecy and user untraceability. As more authentication methods depend on bilinear pairing or ECC (Ahmad et al., 2017; Chen, Yeh, & Shih, 2011; Das, Saxena, Gulati, & Phafstak, 2006; Goriparthia, Das, & Saxena, 2009; Khan Pathan, Hong, & Hee, 2009; Sun, Wen, Zhang, & Jin, 2013), they are mainly intended for client–server atmosphere. However, bilinear pairing or ECC are not fit for disseminated services atmosphere wherein the various service providers battle with other to provide various services.
An efficient provably-secure identity-based authentication scheme using bilinear pairings for Ad hoc network
2017, Journal of Information Security and ApplicationsCitation Excerpt :These schemes are generally built using elliptic curve cryptography (ECC) and bilinear pairings [14,25–27], due to their capability to offer short key size and achieve high performance [28,29]. Das et al.[30] presented a remote client authentication protocol using bilinear pairings for smart card application. However, the scheme was later shown to be insecure against forgery attack [31].
An improved authentication protocol for distributed mobile cloud computing services
2017, International Journal of Critical Infrastructure ProtectionCitation Excerpt :However, the authentication protocol of Li et al. [18] does not provide user untraceability and user anonymity [15,37]. Furthermore, most authentication schemes based on elliptic curve or identity-based cryptosystems [5,6,13,16,34] are designed for client–server environments and are, therefore, inappropriate for distributed service environments. In an attempt to address these security and implementation challenges, Tsai and Lo [35] have proposed an authentication protocol based on bilinear pairing for distributed mobile cloud computing services that can execute with highly-constrained computational resources.
Computationally efficient and secure anonymous authentication scheme for cloud users
2024, Personal and Ubiquitous ComputingCluster optimization using metaheuristic JAYA algorithm for secure VANETs
2022, Autonomous Vehicles: Smart Vehicles for CommunicationSecure transmission technique for data in IoT edge computing infrastructure
2022, Complex and Intelligent Systems
Manik Lal Das received his M. Tech. degree in 1998. He is working in Institute for Development and Research in Banking Technology, Hyderabad as Research Officer and pursuing his Ph.D. degree in K. R. School of Information Technology, Indian Institute of Technology, Bombay, India. He has published over 15 research articles in refereed Journal Conferences. He is a member of Cryptology Research Society of India and Indian Society for Technical Education. His research interests include Cryptography and Information Security.
Ashutosh Saxena received his M.Sc. (1990), M. Tech. (1992) and Ph.D. in Computer Science (1999) from Devi Ahilya University, Indore. Presently, he is working as Associate Professor in Institute for Development and Research in Banking Technology, Hyderabad. He is on the Editorial Committees of various International Journals and Conferences, and is a Life Member of Computer Society of India and Cryptology Research Society of India and Member of IEEE Computer Society. He has authored and co-authored more than 50 research paper published in National/International Journals and Conferences. His main research interest is in the areas of Authentication Technologies, Smart Cards, Key Management and Security Issues in Banking.
Ved P. Gulati received his Ph.D. degree from Indian Institute of Technology, Kanpur, India. Presently, he is a consultant advisor in Tata Consultancy Services, Hyderabad, India. He was Director of Institute for Development and Research in Banking Technology, Hyderabad, India from 1997 to 2004. He is a member of IEEE, Cryptology Research Society of India and Computer Society of India. His research Interests include Payment Systems, Security Technologies, and Financial Networks.
Deepak B. Phatak received his Ph.D. degree from Indian Institute of Technology, Bombay, India. He is Subrao M. Nilekani Chair Professor with K. R. School of Information Technology, Indian Institute of Technology Bombay, India. His research interests include Data Bases, System performance evaluation, Smart Cards and Information Systems.