A Secure Authenticated Key Exchange Protocol for Credential Services (original) (raw)
Related papers
Secure Authenticated Key Exchange Protocol for Credential Services
DESIDOC Journal of Library & Information Technology, 2009
Remote user authentication and key agreement system through smartcard is a viable practical solution to validate the eligibility of a remote user and thus to provide a secure communication. This paper suggests a Secure Authenticated Key Exchange Protocol (SAKEP) for Credential Services. The major intrinsic worth of this scheme include that, the system do not require any verification table and the user is at liberty to choose and change the password. Further, with this system, the computation and communication costs are lower as the scheme adopts one-way hash functions, block ciphers and smartcard. In addition, the proposed scheme offers mutual authentication between the server and the user by a nonce-based plan and is free from timesynchronisation problem. The proposed scheme is secured against Id-theft, also resists to replay attacks, stolen verifier attacks, guessing attacks, reflection attack, and offers forward secrecy and known-key security.
An Enhanced Remote User Authentication Scheme
Engineering, 2014
Remote user authentication schemes are used to verify the legitimacy of remote users' login request. Recently, several dynamic user authentication schemes have been proposed. It can be seen that, these schemes have weaknesses because of using timestamps. The implement of strict and safe time synchronization is very difficult and increases network overhead. In this paper, we propose a new dynamic user authentication based on nonce. Mutual authentication is performed using a challenge-response handshake between user and server, and it avoids the problems of synchronism between smart card and the remote server. Besides, the scheme provides user's anonymity and session key agreement. Finally, the security analysis and performance evaluation show that the scheme can resist several attacks, and our proposal is feasible in terms of computation cost and communication cost.
An Enhanced Secure Remote User Authentication Scheme without Verification Table
International Journal of Computer Applications, 2015
With the significant advances in communication networks over the last few decades, smart cards have been widely used in many e-commerce applications and network security protocols due to their low cost, portability, efficiency and cryptographic properties. In this paper, we analyze Sood et al."s smart card based authentication scheme and demonstrate that the scheme is vulnerable to masquerade user attack, offline password guessing attack, time concurrency weaknesses and fails to achieve mutual authentication. A secure dynamic identity based remote user authentication scheme without verification tables, is proposed in this paper and the scheme resolves the aforementioned problems of Sood et al."s scheme. The computation cost of the proposed scheme is comparable to Sood et al."s scheme and it is highly secure taking into consideration the complexity of calculating discrete logarithms and the resistance to various attacks.
A Review on Remote User Authentication Schemes Using Smart Cards
2013
Remote user authentication is a mechanism in which the remote server verifies the legitimacy of a user over an insecure communication channel. Password based authentication schemes have been widely deployed to verify the legitimacy of remote users as password authentication is one of the simplest and the most convenient authentication mechanism over insecure networks. In remote user authentication scheme, the user is assigned a smart card, which is being personalized by some parameters and provide the legal users to use the resources of the remote system. Until now, there have been ample of remote user authentication schemes published in the literature and each published schemes have its own merits and demerits. Recently, many schemes proposed are based on the one-way hash function. The computational complexity of their schemes is superior to the discrete logarithm-problem-based schemes. In our paper, we have defined all the security requirements and the goals. An ideal password aut...
A new remote user authentication scheme using smart cards
IEEE Transactions on Consumer Electronics, 2000
In this article, we propose a new remote user authentication scheme using smart cards. The scheme is based on the ElGamal's public key cryptosystem. Our scheme does not require a system to maintain a password table for verifying the legitimacy of the login users. In addition, our scheme can withstand message replaying attack.
Cryptanalysis and an Efficient Secure ID-based Remote User Authentication using Smart Card
International Journal of Computer Applications, 2013
Remote User authentication protocol is used for verifying the legitimacy of a remote user over insecure network environments. Recently, many secure ID based remote user authentication scheme using smart card have been proposed in the literature. In 2012, Ratan-Sanjay [1] proposed secure ID based remote user authentication scheme using smart card and claimed that their scheme can avoid all types of security flaws and feasible in terms of computation and storage cost. But We have pointed out that their scheme is insecure against user impersonation attack, server masquerading attack, off-line password guessing attack, off-line identity guessing attack, session key recovery attack and smart card stolen attack. So, their scheme can not be used for practical implementation in terms of security. Further, their scheme takes more computation and communication cost than the proposed scheme. To overcome these weakness, we have proposed an efficient secure ID based remote user authentication scheme using smart card based on cryptographic one way hash function. The proposed scheme resists all possible attacks and provides better computation and communication cost than Ratan-Sanjay's [1] scheme published earlier.
20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06), 2006
Sun proposed an efficient remote authentication scheme using smart cards which ensures low communication and computation cost, but the user cannot choose his/her password at will. Thus, Wu and Chieu presented an improvement. However, Yang and Wang pointed out that Wu and Chieu's scheme is vulnerable to the password guessing and forgery attacks. To preserve the advantage of Sun's scheme and Wu and Chieu's scheme and to amend the security weakness, we propose an improvement in this paper. Moreover, our scheme needs no time concurrency mechanism and ensures mutual authentication.
A nonce-based mutual authentication system with smart card
2009
User authentication is an important security mechanism for recognizing legal remote users. We propose an available and secure authentication scheme for service provider to verify users without using verification table. It can resist most of the attacks by improving nonce-based mutual authentication mechanism, and ensure the security by dynamic session key. User may change his password freely. Our scheme compared with other related schemes for security efficiency.
A Provably Secure and Efficient Remote Password Authentication Scheme Using Smart Cards
Computers, Materials & Continua
Communication technology has advanced dramatically amid the 21 st century, increasing the security risk in safeguarding sensitive information. The remote password authentication (RPA) scheme is the simplest cryptosystem that serves as the first line of defence against unauthorised entity attacks. Although the literature contains numerous RPA schemes, to the best of the authors' knowledge, only few schemes based on the integer factorisation problem (IFP) and the discrete logarithm problem (DLP) that provided a provision for session key agreement to ensure proper mutual authentication. Furthermore, none of the previous schemes provided formal security proof using the random oracle model. Therefore, this study proposed an improved RPA scheme with session key establishment between user and server. The design of the proposed RPA scheme is based on the widely established Dolev-Yao adversary model. Moreover, as the main contribution, a novel formal security analysis based on formal definitions of IFP and DLP under the random oracle model was presented. The proposed scheme's performance was compared to that of other similar competitive schemes in terms of the transmission/computational cost and time complexity. The findings revealed that the proposed scheme required higher memory storage costs in smart cards. Nonetheless, the proposed scheme is more efficient regarding the transmission cost of login and response messages and the total time complexity compared to other scheme of similar security attributes. Overall, the proposed scheme outperformed the other RPA schemes based on IFP and DLP. Finally, the potential application of converting the RPA scheme to a user identification (UI) scheme is considered for future work. Since RPA and UI schemes are similar, the proposed approach can be expanded to develop a provably secure and efficient UI scheme based on IFP and DLP.
International Journal of Communication Networks and Distributed Systems, 2017
To prove the legitimacy among the users and to ensure the secure communication over the insecure network the remote user authentication using smart card and password is one of the simplest and efficient mechanisms. In this context, Kumari et al. proposed an improved remote user authentication scheme and claimed, their scheme is more user friendly, can resist various possible attacks at very low cost than existing ones. Unfortunately, during our research we have found this is not the case, their scheme cannot sustain against all those attacks for which the scheme was meant. In this paper, we have pointed out that their scheme not only can suffer from user anonymity problem but also fails to resist against offline password guessing attack, server masquerading attack and can create the risk of session key agreement too. Then, while retaining the original merits of their scheme we propose an efficient and modified scheme to overcome from aforesaid weaknesses, but at low computational cost.