Robust smart-cards-based user authentication scheme with user anonymity

Security and Communication Networks

Volumn 5, Issue 2, 2012, Pages 236-248

  Wu, Shuhua ^a,b   Zhu, Yuefei ^a   Pu, Qiong ^b  

^a ZHENGZHOU INFORMATION SCIENCE AND TECHNOLOGY INSTITUTE   (China)

^b INFORMATION ENGINEERING UNIVERSITY   (China)

Author keywords

Authentication; Key agreement; Smart card; User anonymity

Indexed keywords

SMART CARDS;

AUTHENTICATION SCHEME; COMMUNICATION COST; KEY AGREEMENT; RANDOM ORACLE MODEL; SECURITY WEAKNESS; USER ANONYMITY; USER AUTHENTICATION SCHEME;

AUTHENTICATION;

EID: 84863056589     PISSN: 19390114     EISSN: 19390122     Source Type: Journal    
DOI: 10.1002/sec.315     Document Type: Article

References (39)

1. Yang G, Wonga DS, Wang H, Deng X. Two-factor mutual authentication based on smart cards and passwords. Journal of Computer and System Sciences 2008; 74(7): 1160-1172.
2. Chien HY, Jan JK, Tseng YM. An efficient and practical solution to remote authentication: smart card. Computers and Security 2002; 21(4): 372-375.
3. Liao IE, Lee CC, Hwang MS. A password authentication scheme over insecure networks. Journal of Computer and System Sciences 2006; 72(4): 727-740.
4. Yoon EJ, Ryu EK, Yoo KY. Efficient remote user authentication scheme based on generalized ElGamal signature scheme. IEEE Transactions on Consumer Electronics 2004; 50(2): 568-570.
5. Yoon EJ, Yoo KY. New authentication scheme based on a one-way hash function and DiffieCHellman key exchange. In Proceedngs of 4th International Conference of Cryptology and Network Security(CANS 2005), 2005; LNCS 3810; 147-160.
6. Lamport L. Password authentication with insecure communication. Communications of the ACM 1981; 24(11): 770-771.
7. Hwang MS. Cryptanalysis of remote login authentication scheme. Computer Communications 1999; 22(8): 742-744.
8. Hwang MS, Lee CC, Tang YL. An improvement of SPLICE/AS in WIDE against guessing attack. International Journal of Information 2001; 12(2): 297-302.
9. Scott M. Cryptanalysis of an id-based password authentication scheme using smart cards and fingerprints. SIGOPS Operations System Review 2004; 38(2): 73-75.
10. Wang B, Li JH, Tong ZP. Cryptanalysis of an enhanced timestamp-based password authentication scheme. Computers and Security 2003; 22(7): 643-645.
11. Wang RC, Juang WS, Lei CL. Robust authentication and key agreement scheme preserving the privacy of secret key. Computer Communications 2011; 34(3): 274-280.
12. Juang WS, Nien WK. Efficient password authenticated key agreement using bilinear pairings. Mathematical and Computer Modelling 2008; 47(11-12): 1238-1245.
13. Kim SK, Chung MG. More secure remote user authentication scheme. Computer Communications 2009; 32(6): 1018-1021.
14. Wang RC, Juang WS, Lei CL. A simple and efficient key exchange scheme against the smart card loss problem. In Proceedings of the 2007 IFIP International Conference on Embedded and Ubiquitous Computing, 2007; LNCS 4809; 728-744.
15. Sun DZ, Huai JP, Sun JZ, Li JX. Cryptanalysis of a mutual authentication scheme based on nonce and smart cards. Computer Communications 2009; 32(6): 1015-1017.
16. Kocher P, Jaffe J, Jun B. Differential power analysis. In Proceedings of Advances in Cryptology(CRYPTO 1999), 1999; 388-397.
17. Messerges TS, Dabbish EA, Sloan RH. Examining smart card security under the threat of power analysis attacks. IEEE Transactions on Computers 2002; 51(5): 541-552.
18. Tsai JL, Wu TC, Tsai KY. New dynamic ID authentication scheme using smart cards. International Journal of Communication Systems 2010; 23(12): 1449-1462.
19. Quisquater JJ. Side channel attacks-state-of-the-art. Technical report..
20. Mangard S, Oswald E, Popp T. Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer-Verlag: Berlin, Germany, 2007.
21. Messerges TS, Dabbish EA, Sloan RH. Investigations of power analysis attacks on smartcards. In Proceedings of UENIX Workshop on Smartcard Technology, 1999.
22. Oswald E. On side-channel attacks and the application of algorithmic countermeasures. PhD Thesis, Graz University of Technology, 2003.
23. Junee R. Power analysis attacks: a weakness in cryptographic smart cards and microprocessors. Thesis, University of Sydney, 2002.
24. Boyd C, Montague P, Nguyen K. Elliptic curve based password authenticated key exchange protocols. In Proceedings of 28th Australasian Conference on Information Security and Privacy (ACISP), 2001; LNCS 2119: 487-501. Springer-Verlag: Berlin, Germany.
25. Boyd C, Mathuria A. Protocols for Authentication and Key Establishment. Springer-Verlag: Berlin, Germany, 2003.
26. Hankerson D, Menezes A, Vanstone S. Guide to elliptic curve cryptography. Springer-Verlag: New York, NY, 2004.
27. Koblitz N. Elliptic curve cryptosystem. Mathematics of Computation 1987; 48: 203-209.
28. Bresson E, Chevassut O, Pointcheval D. New security results on encrypted key exchange. In Proceedings of PKC 2004, March 2004; LNCS 294: 145-158.
29. Wong DS, Fuentes HH, Chan AH. The performance measurement of cryptographic primitives on palm device. In Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC 2001), 2001; 92-101.
30. Argyroudis PG, Verma R, Tewari H, O'Mahony D. Performance analysis of cryptographic protocols on handheld devices. In Proceedings of Proceedings of the 3rd IEEE International Symposium on Network Computing and Applications (NCA 2004), September 2004; 169-174.
31. Passing M, Dressler F. Experimental performance evaluation of cryptographic algorithms. In Proceedings of the 3rd IEEE International Conference on Mobile Adhoc and Sensor Systems (MASS), 2006; 882-887.
32. Passing M, Dressler F. Practical evaluation of the performance impact of security mechanisms in sensor networks. In Proceedings of the 31st IEEE Conference on Local Computer Networks, 2006; 623-629.
33. Doomun MR, Soyjaudah KS, Bundhoo D. Energy consumption and computational analysis of Rijndael-AES. In Proceedings of the Third IEEE International Conference in Central Asia on Internet the Next Generation of Mobile, Wireless and Optical Communications Networks (ICI 2007), Uzbekistan, 2007; 1-6.
34. Potlapally NR, Ravi S, Raghunathan A, Jha NK. A study of the energy consumption characteristics of cryptographic algorithms and security protocols. IEEE Transactions on Mobile Computing 2006; 5(2): 128-143.
35. Chien HY. Practical anonymous user authentication scheme with security proof. Computers and Security 2008; 27: 216-223.
36. Bellare M, Rogaway P. Provably secure session key distribution - the three party case. In Proceedings of 28th Annual ACM Symposium on Theory of Computing, 22-24 May 1996; 57-66s.
37. Katz J, MacKenzie PD, Taban G, Gligor VD. Two-server password-only authenticated key exchange. In Proceedings of ACNS 2005; LNCS 3531: 1-16.
38. Canetti R, Halevi S, Katz J, Lindell Y, MacKenzie P. Universally composable password-based key exchange. In Proceedings of EUROCRYPT, 2005; LNCS 3494: 404-421..
39. Pointcheval D. Provable security for public key schemes. Contemporary Cryptology (Advanced Courses in Mathematics - CRM Barcelona), 2005; 133-189.