Abstract
As the era of pervasive and ubiquitous computing comes close, hand-held and smart devices are expected to achieve the dream of all time everywhere computing. Remote user authentication is important to verify the legitimacy of a login user over an insecure communication channel. Furthermore, in order to protect user privacy such that others cannot trace login users by eavesdropping the communication messages, several researchers proposed some dynamic ID-based remote user authentication schemes for providing user anonymity. On the other hand, the denial-of-service (DoS) attacks may make legal users unable to access a remote server by intercepting the authentication message which a login user sends to the remote server. It will make the latest user identities kept by login user and the remote server differ from each other. To ensure user anonymity and prevent such DoS attacks, we propose an extended chaotic map and dynamic ID-based user authentication scheme against DoS attacks. The proposed scheme is suitable for use in pervasive computing environments such as online financial authentication since it can ensure security while maintaining efficiency.
Similar content being viewed by others
References
Aaha, D., Mukherjee, A.: Pervasive computing: a paradigm of the 21st century. Computers 36(3), 25–31 (2003)
Bergamo, P., D’Arco, P., De Santis, A., Kocarev, L.: Security of public-key cryptosystems based on Chebyshev polynomials. IEEE Trans. Biomed. Circuits Syst. 52(7), 1382–1393 (2005)
Das, M.L., Saxena, A., Gulati, P.: A dynamic id-based remote user authentication scheme. IEEE Trans. Consum. Electron. 50(2), 629–631 (2004)
Han, S., Chang, E.: Chaotic map based key agreement with/out clock synchronization. Chaos Solitons Fractals 39(3), 1283–1289 (2009)
He, D., Chen, Y., Chen, J.: Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol. Nonlinear Dyn. 69(3), 1149–1157 (2012)
Hölbl, M., Welzer, T., Brumen, B.: Attacks and improvement of an efficient remote mutual authentication and key agreement scheme. Cryptologia 34(1), 52–59 (2010)
Hwang, M.S., Li, L.H.: A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(1), 28–30 (2000)
Juang, W.S., Chen, S.T., Liaw, H.T.: Robust and efficient password-authenticated key agreement using smart cards. IEEE Trans. Consum. Electron. 55(6), 251–256 (2008)
Kar, J.: ID-based deniable authentication protocol based on Diffie–Hellman problem on elliptic curve. Int. J. Netw. Secur. 15(5), 357–364 (2013)
Khan, M.K., Kim, S.K., Alghathbar, K.: Cryptanalysis and security enhancement of a more efficient and secure dynamic ID-based remote user authentication scheme. Comput. Commun. 34(3), 305–309 (2011)
Kim, S.K., Chung, M.G.: More secure remote user authentication scheme. Comput. Commun. 32(6), 1018–1021 (2009)
Koblitz, K.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Proceedings of Advances in Cryptology, pp. 388–397 (1999)
Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)
Lee, C.C., Chen, C.L., Wu, C.Y., Huang, S.Y.: An extended chaotic maps-based key agreement protocol with user anonymity. Nonlinear Dyn. 69(1–2), 79–87 (2012)
Lee, C.C., Hsu, C.W.: A secure biometric-based remote user authentication with key agreement protocol using extended chaotic maps. Nonlinear Dyn. 71(1–2), 201–211 (2013)
Lee, C.C., Li, C.T., Hsu, C.W.: A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps. Nonlinear Dyn. 73(1–2), 125–132 (2013)
Li, C.T., Hwang, M.S.: An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33(1), 1–5 (2010)
Li, C.T., Hwang, M.S.: An online biometrics-based secret sharing scheme for multiparty cryptosystem using smart cards. Int. J. Innov. Comput. Inf. Control 6(5), 2181–2188 (2010)
Li, C.T., Lee, C.C.: A robust remote user authentication scheme using smart card. Inf. Technol. Control 40(3), 236–245 (2011)
Li, C.T., Lee, C.C.: A novel user authentication and privacy preserving scheme with smart cards for wireless communications. Math. Comput. Model. 55(1–2), 35–44 (2012)
Li, C.T.: A new password authentication and user anonymity scheme based on elliptic curve cryptography and smart card. IET Inf. Secur. 7(1), 3–10 (2013)
Li, C.T., Lee, C.C., Weng, C.Y., Fan, C.I.: An extended multi-server-based user authentication and key agreement scheme with user anonymity. KSII Trans. Internet Inf. Syst. 7(1), 119–131 (2013)
Liao, I.E., Lee, C.C., Hwang, M.S.: A password authentication scheme over insecure networks. J. Comput. Syst. Sci. 72(4), 727–740 (2006)
Mason, J.C., Handscomb, D.C.: Chebyshev Polynomials. Chapman & Hall/CRC Press, London (2003)
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5), 541–552 (2002)
Naveed, M., Habib, W., Masud, U., Ullah, U., Ahmad, G.: Reliable and low cost RFID based authentication system for large scale deployment. Int. J. Netw. Secur. 14(3), 173–179 (2012)
Ramasamy, R., Muniyandi, A.P.: An efficient password authentication scheme for smart card. Int. J. Netw. Secur. 14(3), 180–186 (2012)
National Institute of Standards and Technology: US department of commerce, secure hash standard. In: US Federal Information Processing Standard Publication, pp. 180–182 (2002)
Wang, Y.Y., Liu, J.Y., Xiao, F.X., Dan, J.: A more efficient and secure dynamic ID-based remote user authentication scheme. Comput. Commun. 32(4), 583–585 (2009)
Xu, J., Zhu, W., Feng, D.: An improved smart card based password authentication scheme with provable security. Comput. Stand. Interfaces 31(4), 723–728 (2009)
Yang, L., Ma, J.F., Jiang, Q.: Mutual authentication scheme with smart cards and password under trusted computing. Int. J. Netw. Secur. 14(3), 156–163 (2012)
Zhang, L.: Cryptanalysis of the public key encryption based on multiple chaotic systems. Chaos Solitons Fractals 37(3), 669–674 (2008)
Acknowledgements
The authors would like to thank the anonymous referee for their valuable suggestions and comments. Moreover, this research was partially supported by the National Science Council, Taiwan, ROC, under contract No.: NSC 101-2221-E-165-002 and NSC 102-2221-E-030-003.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Li, CT., Lee, CC. & Weng, CY. An extended chaotic maps based user authentication and privacy preserving scheme against DoS attacks in pervasive and ubiquitous computing environments. Nonlinear Dyn 74, 1133–1143 (2013). https://doi.org/10.1007/s11071-013-1029-y
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11071-013-1029-y