Abstract
In the literature, several dynamic ID-based remote user mutual authentication schemes are implemented using password, smartcard and Elliptic Curve Cryptography (ECC), however, none of them provides resilience against different attacks. Therefore, there is a great need to design an efficient scheme for practical applications. In this paper, we proposed such a scheme in order to provide desired security attributes and computation efficiencies. Compared with other existing techniques, our scheme is more efficient and secured. In addition, our scheme is provably secure in the random oracle model under the hardness assumption of computational Diffie-Hellman problem.
Similar content being viewed by others
References
L. Lamport. Password authentication with insecure communication. Communications of the ACM, 24 (1981)11, 770–772.
C. L. Lin and T. Hwang. A password authentication scheme with secure password updating. Computers and Security, 22(2003)1, 68–72.
E. J. Yoon, E. K. Ruy, and K. Y. Roo. A secure user authentication scheme using hash functions. ACM Operating Systems Review, 38(2004)2, 62–68.
M. Peyravian and C. Jeffries. Secure remote user access over insecure networks. Computer Communications, 29(2006)5, 660–667.
M. S. Hwang and L. H. Li. A new remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronic, 46(2000)1, 28–30.
M. Kumar. New remote user authentication scheme with smart cards. IEEE Transactions on Consumer Electronics, 50(2004)2, 597–600.
R. Lu and Z. Cao. Efficient remote user authentication scheme using smart card. Computer Networks, 49 (2005)4, 535–540.
H. T. Liaw, J. F. Lin, and W. C. Wu. An efficient and complete remote user authentication scheme using smart cards. Mathematical and Computer Modelling, 44(2006)1–2, 223–228.
I. E. Liao, C. C. Lee, and M. S. Hwang. A password authentication scheme over insecure networks. Journal of Computer and System Sciences, 72(2006)4, 727–740.
M. L. Das, A. Saxena, V. P. Gulati, and D. B. Phatak. A novel remote client authentication protocol using bilinear pairings. Computer and Security, 25(2006)3, 184–189.
T. Goriparthi, M. L. Das, and A. Saxena. An improved bilinear pairing based remote user authentication scheme. Computer Standards and Interfaces, 31(2009), 181–185.
I. E. Liao, C. C. Lee, and M. S. Hwang. Security enhancement for a dynamic ID-based remote user authentication scheme. Proceedings of the International Conference on Next Generation Web Services Practices (NWeSP’05), 2005, Seoul, Korea, 22–26.
M. L. Das, A. Saxena, and V. P. Gulati. A dynamic ID-based remote user authentication scheme. IEEE Transactions on Consumer Electronics, 50(2004)2, 629–631.
W. C. Ku, and S. T. Chang. Impersonation attack on a dynamic ID-based remote user authentication scheme using smart cards. IEICE Transactions on Communications, E88(2005)B5, 2165–2167.
X. Zhang, Q. Feng, and M. Li. A modified dynamic ID-based remote user authentication scheme. Proceedings of the International Conference on Communications, Circuits and Systems, Vol. 3, 2006, Guilin, China, 1602–1604.
Y-C. Lee, G-K. Chang, W-C. Kuo, and J-L. Chu. Improvement of the dynamic ID-based remote user authentication scheme. Proceedings of the Seventh International Conference on Machine Learning and Cybernetics, Kunming, China, 2008, 3283–3287.
Y. Y. Wang, J. Y. Liu, F. X. Xiao, and J. Dan. A more efficient and secure dynamic ID-based remote user authentication scheme. Computer Communications, 32(2009)4, 583–585.
Y-F. Chang and H-C. Chang. Security of dynamic ID-based remote user authentication scheme. Proceedings of the Fifth International Joint Conference on INC, IMC, IDC, 2009, Seoul, Korea, 2108–2110.
H. Y. Chien, and C. H. Chen. A remote authentication scheme preserving user anonymity. Proceedings of the 19th International Conference on Advanced Information Networking and Applications, Vol. 2, 2005, Taiwan, China, 245–248.
A. K. Awasthi. Comments on a secure dynamic ID- based remote user authentication scheme. Transaction on Ccryptology, 1(2004)2, 15–16.
M. A. Ahmed, D. R. Lakshmi, and S. A. Sattar. Cryptanalysis of a more efficient and secure dynamic ID-based remote user authentication scheme. International Journal of Network Security & Its Applications, 1(2009)3, 32–37.
M. K. Khan, S. K. Kim, and K. Alghathbar. Cryptanalysis and security enhancement of a’more efficient & secure dynamic ID-based remote user authentication scheme. Computer Communications, 34(2009)3, 305–309.
D. He, J. Chen, and J. Hu. Weaknesses of a dynamic ID-based remote user authentication scheme. Cryptology ePrint Archive: Report 2010/314, 2010.
Y. P. Liao and S. S. Wang. A secure dynamic ID-based remote user authentication scheme for multi-server environment. Computer Standards & Interfaces, 31 (2009)1, 24–29.
H. C. Hsiang, and W. K. Shih. Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards and Interfaces, 31(2009)6, 1118–1123.
M. H. Shao and Y. C. Chin. A novel approach to dynamic ID-based remote user authentication scheme for multi-server environment. Proceedings of the 4th International Conference on Network and System Security, 2010, Melbourne, Austrelia, 548–553.
Z. Tan. Cryptanalysis of two ID-based password authentication schemes for multi-server environments. International Journal of Digital Content Technology and its Applications, 5(2011)1, 87–94.
J. H. Yang and C. C. Chang. An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Computes and Security, 28(2009)3–4, 138–143.
E-J. Yoon and K-Y. Yoo. Robust ID-based remote mutual authentication with key agreement scheme for mobile devices on ECC. Proceedings of the International Conference on Computational Science and Engineering, 2009, Vancouver, Canada, 633–640.
T-H. Chen, Y-C. Chen, and W-K. Shih. An advanced ECC ID-based remote mutual authentication scheme for mobile devices. Proceedings of the 7th International Conference on Ubiquitous, Autonomic and Trusted Computing, 2010, Xi’an, Shaanxi, China, 116–120.
S. H. Islam and G. P. Biswas. A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Journal of Systems and Software, 84(2011)11, 1892–1898.
V. S. Miller. Use of elliptic curves in cryptography. in: Proceedings of the Proceeding on Advances in Cryptology (Crypto’85), Springer-Verlag, LNCS, Vol. 218, New York, USA, 1985, 417–426.
N. Koblitz. Elliptic curve cryptosystem. Mathematics of Computation, 48(1987)177, 203–209.
D. Hankerson, A. Menezes, and S. Vanstone. Guide to elliptic curve cryptography. Springer-Verlag, New York, USA, 2004.
S. H. Islam and G. P. Biswas. A pairing-free identity- based authenticated group key agreement protocol for imbalanced mobile networks. Annals of Telecommunications, 67(2012)11–12, 547–558.
S. H. Islam and G. P. Biswas. Provably secure and pairing-free certificateless digital signature scheme using elliptic curve cryptography. International Journal of Computer Mathematics, 90(2013)11, 2244–2258.
V. Shoup. Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint Archieve, Report 2004/332, 2004.
M. Bellare, and P. Rogaway. Random oracles are practical: a paradigm for designing efficient protocols. Proceedings of the 1st ACM Conference on Computer and Communications Security, 1993, Fairfax, VA, USA, 62–73.
J. Xu, W-T. Zhu and D-G. Feng. An improved smartcard based password authentication scheme with provable security. Computer Standard and Interfaces, 32(2009)4, 723–728.
S. Blake-Wilson, D. Johnson, and A. Menezes. Key agreement protocols and their security analysis. Proceedings of the 6th IMA International Conference on Cryptography and Coding, Springer-Verlag, LNCS, Vol. 1335, 1987, 30–45.
R. Canetti and H. Krawczyk. Analysis of key exchange protocols and their use for building secure channels. Proceedings of the Advances in Cryptology (Eurocrypt’01), Springer-Verlag, LNCS, Vol. 2045, 2001, 453–474
Z. Cheng, M. Nistazakis, R. Comley, and L. Vasiu. On the indistinguishability-based security model of key agreement protocols-simple cases. Cryptology ePrint Archieve, Report 2005/129, 2005.
S. Wang, Z. Cao, K-K. R. Choo, and L. Wang. An improved identity-based key agreement protocol and its security proof. Information Sciences, 179(2009)3, 307–318.
Author information
Authors and Affiliations
Corresponding author
About this article
Cite this article
Hafizul Islam, S.K., Biswas, G.P. Dynamic ID-based remote user mutual authentication scheme with smartcard using Elliptic Curve Cryptography. J. Electron.(China) 31, 473–488 (2014). https://doi.org/10.1007/s11767-014-4002-0
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11767-014-4002-0