Skip to main content
SpringerLink
Log in

Dynamic ID-based remote user mutual authentication scheme with smartcard using Elliptic Curve Cryptography

  • Published:
Journal of Electronics (China)

Abstract

In the literature, several dynamic ID-based remote user mutual authentication schemes are implemented using password, smartcard and Elliptic Curve Cryptography (ECC), however, none of them provides resilience against different attacks. Therefore, there is a great need to design an efficient scheme for practical applications. In this paper, we proposed such a scheme in order to provide desired security attributes and computation efficiencies. Compared with other existing techniques, our scheme is more efficient and secured. In addition, our scheme is provably secure in the random oracle model under the hardness assumption of computational Diffie-Hellman problem.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. L. Lamport. Password authentication with insecure communication. Communications of the ACM, 24 (1981)11, 770–772.

    Article  MathSciNet  Google Scholar 

  2. C. L. Lin and T. Hwang. A password authentication scheme with secure password updating. Computers and Security, 22(2003)1, 68–72.

    Article  Google Scholar 

  3. E. J. Yoon, E. K. Ruy, and K. Y. Roo. A secure user authentication scheme using hash functions. ACM Operating Systems Review, 38(2004)2, 62–68.

    Article  Google Scholar 

  4. M. Peyravian and C. Jeffries. Secure remote user access over insecure networks. Computer Communications, 29(2006)5, 660–667.

    Article  Google Scholar 

  5. M. S. Hwang and L. H. Li. A new remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronic, 46(2000)1, 28–30.

    Article  Google Scholar 

  6. M. Kumar. New remote user authentication scheme with smart cards. IEEE Transactions on Consumer Electronics, 50(2004)2, 597–600.

    Article  Google Scholar 

  7. R. Lu and Z. Cao. Efficient remote user authentication scheme using smart card. Computer Networks, 49 (2005)4, 535–540.

    Article  MATH  Google Scholar 

  8. H. T. Liaw, J. F. Lin, and W. C. Wu. An efficient and complete remote user authentication scheme using smart cards. Mathematical and Computer Modelling, 44(2006)1–2, 223–228.

    Article  MathSciNet  MATH  Google Scholar 

  9. I. E. Liao, C. C. Lee, and M. S. Hwang. A password authentication scheme over insecure networks. Journal of Computer and System Sciences, 72(2006)4, 727–740.

    Article  MathSciNet  MATH  Google Scholar 

  10. M. L. Das, A. Saxena, V. P. Gulati, and D. B. Phatak. A novel remote client authentication protocol using bilinear pairings. Computer and Security, 25(2006)3, 184–189.

    Article  Google Scholar 

  11. T. Goriparthi, M. L. Das, and A. Saxena. An improved bilinear pairing based remote user authentication scheme. Computer Standards and Interfaces, 31(2009), 181–185.

    Article  Google Scholar 

  12. I. E. Liao, C. C. Lee, and M. S. Hwang. Security enhancement for a dynamic ID-based remote user authentication scheme. Proceedings of the International Conference on Next Generation Web Services Practices (NWeSP’05), 2005, Seoul, Korea, 22–26.

  13. M. L. Das, A. Saxena, and V. P. Gulati. A dynamic ID-based remote user authentication scheme. IEEE Transactions on Consumer Electronics, 50(2004)2, 629–631.

    Article  Google Scholar 

  14. W. C. Ku, and S. T. Chang. Impersonation attack on a dynamic ID-based remote user authentication scheme using smart cards. IEICE Transactions on Communications, E88(2005)B5, 2165–2167.

    Article  Google Scholar 

  15. X. Zhang, Q. Feng, and M. Li. A modified dynamic ID-based remote user authentication scheme. Proceedings of the International Conference on Communications, Circuits and Systems, Vol. 3, 2006, Guilin, China, 1602–1604.

  16. Y-C. Lee, G-K. Chang, W-C. Kuo, and J-L. Chu. Improvement of the dynamic ID-based remote user authentication scheme. Proceedings of the Seventh International Conference on Machine Learning and Cybernetics, Kunming, China, 2008, 3283–3287.

  17. Y. Y. Wang, J. Y. Liu, F. X. Xiao, and J. Dan. A more efficient and secure dynamic ID-based remote user authentication scheme. Computer Communications, 32(2009)4, 583–585.

    Article  Google Scholar 

  18. Y-F. Chang and H-C. Chang. Security of dynamic ID-based remote user authentication scheme. Proceedings of the Fifth International Joint Conference on INC, IMC, IDC, 2009, Seoul, Korea, 2108–2110.

  19. H. Y. Chien, and C. H. Chen. A remote authentication scheme preserving user anonymity. Proceedings of the 19th International Conference on Advanced Information Networking and Applications, Vol. 2, 2005, Taiwan, China, 245–248.

  20. A. K. Awasthi. Comments on a secure dynamic ID- based remote user authentication scheme. Transaction on Ccryptology, 1(2004)2, 15–16.

    MathSciNet  Google Scholar 

  21. M. A. Ahmed, D. R. Lakshmi, and S. A. Sattar. Cryptanalysis of a more efficient and secure dynamic ID-based remote user authentication scheme. International Journal of Network Security & Its Applications, 1(2009)3, 32–37.

    Google Scholar 

  22. M. K. Khan, S. K. Kim, and K. Alghathbar. Cryptanalysis and security enhancement of a’more efficient & secure dynamic ID-based remote user authentication scheme. Computer Communications, 34(2009)3, 305–309.

    Article  Google Scholar 

  23. D. He, J. Chen, and J. Hu. Weaknesses of a dynamic ID-based remote user authentication scheme. Cryptology ePrint Archive: Report 2010/314, 2010.

  24. Y. P. Liao and S. S. Wang. A secure dynamic ID-based remote user authentication scheme for multi-server environment. Computer Standards & Interfaces, 31 (2009)1, 24–29.

    Article  Google Scholar 

  25. H. C. Hsiang, and W. K. Shih. Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards and Interfaces, 31(2009)6, 1118–1123.

    Article  Google Scholar 

  26. M. H. Shao and Y. C. Chin. A novel approach to dynamic ID-based remote user authentication scheme for multi-server environment. Proceedings of the 4th International Conference on Network and System Security, 2010, Melbourne, Austrelia, 548–553.

  27. Z. Tan. Cryptanalysis of two ID-based password authentication schemes for multi-server environments. International Journal of Digital Content Technology and its Applications, 5(2011)1, 87–94.

    Article  Google Scholar 

  28. J. H. Yang and C. C. Chang. An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Computes and Security, 28(2009)3–4, 138–143.

    Article  Google Scholar 

  29. E-J. Yoon and K-Y. Yoo. Robust ID-based remote mutual authentication with key agreement scheme for mobile devices on ECC. Proceedings of the International Conference on Computational Science and Engineering, 2009, Vancouver, Canada, 633–640.

  30. T-H. Chen, Y-C. Chen, and W-K. Shih. An advanced ECC ID-based remote mutual authentication scheme for mobile devices. Proceedings of the 7th International Conference on Ubiquitous, Autonomic and Trusted Computing, 2010, Xi’an, Shaanxi, China, 116–120.

  31. S. H. Islam and G. P. Biswas. A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Journal of Systems and Software, 84(2011)11, 1892–1898.

    Article  Google Scholar 

  32. V. S. Miller. Use of elliptic curves in cryptography. in: Proceedings of the Proceeding on Advances in Cryptology (Crypto’85), Springer-Verlag, LNCS, Vol. 218, New York, USA, 1985, 417–426.

    Chapter  Google Scholar 

  33. N. Koblitz. Elliptic curve cryptosystem. Mathematics of Computation, 48(1987)177, 203–209.

    Article  MathSciNet  MATH  Google Scholar 

  34. D. Hankerson, A. Menezes, and S. Vanstone. Guide to elliptic curve cryptography. Springer-Verlag, New York, USA, 2004.

    MATH  Google Scholar 

  35. S. H. Islam and G. P. Biswas. A pairing-free identity- based authenticated group key agreement protocol for imbalanced mobile networks. Annals of Telecommunications, 67(2012)11–12, 547–558.

    Article  Google Scholar 

  36. S. H. Islam and G. P. Biswas. Provably secure and pairing-free certificateless digital signature scheme using elliptic curve cryptography. International Journal of Computer Mathematics, 90(2013)11, 2244–2258.

    Article  MATH  Google Scholar 

  37. V. Shoup. Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint Archieve, Report 2004/332, 2004.

  38. M. Bellare, and P. Rogaway. Random oracles are practical: a paradigm for designing efficient protocols. Proceedings of the 1st ACM Conference on Computer and Communications Security, 1993, Fairfax, VA, USA, 62–73.

  39. J. Xu, W-T. Zhu and D-G. Feng. An improved smartcard based password authentication scheme with provable security. Computer Standard and Interfaces, 32(2009)4, 723–728.

    Article  Google Scholar 

  40. S. Blake-Wilson, D. Johnson, and A. Menezes. Key agreement protocols and their security analysis. Proceedings of the 6th IMA International Conference on Cryptography and Coding, Springer-Verlag, LNCS, Vol. 1335, 1987, 30–45.

    Google Scholar 

  41. R. Canetti and H. Krawczyk. Analysis of key exchange protocols and their use for building secure channels. Proceedings of the Advances in Cryptology (Eurocrypt’01), Springer-Verlag, LNCS, Vol. 2045, 2001, 453–474

    Google Scholar 

  42. Z. Cheng, M. Nistazakis, R. Comley, and L. Vasiu. On the indistinguishability-based security model of key agreement protocols-simple cases. Cryptology ePrint Archieve, Report 2005/129, 2005.

    Google Scholar 

  43. S. Wang, Z. Cao, K-K. R. Choo, and L. Wang. An improved identity-based key agreement protocol and its security proof. Information Sciences, 179(2009)3, 307–318.

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Information Systems, Birla Institute of Technology and Science, Pilani, Rajasthan, 333031, India

    S. K. Hafizul Islam

  2. Department of Computer Science and Engineering, Indian School of Mines, Dhanbad, Jharkhand, 826004, India

    G. P. Biswas

Authors
  1. S. K. Hafizul Islam
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. G. P. Biswas
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to S. K. Hafizul Islam.

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Hafizul Islam, S.K., Biswas, G.P. Dynamic ID-based remote user mutual authentication scheme with smartcard using Elliptic Curve Cryptography. J. Electron.(China) 31, 473–488 (2014). https://doi.org/10.1007/s11767-014-4002-0

Download citation

  • Received:

  • Revised:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11767-014-4002-0

Key words

CLC index

Search

Navigation