A Provably Secure ID-Based Mutual Authentication and Key Agreement Scheme for Mobile Multi-Server Environment Without ESL Attack

Wireless Personal Communications

Volumn 79, Issue 3, 2014, Pages 1975-1991

  Hafizul Islam, S K H ^a  

^a BIRLA INSTITUTE OF TECHNOLOGY AND SCIENCE   (India)

Author keywords

Bilinear pairing; Elliptic curve cryptography; ESL attack; Hash function; ID based cryptography; Mobile client; Multi server authentication

Indexed keywords

AUTHENTICATION; HASH FUNCTIONS; PUBLIC KEY CRYPTOGRAPHY; RANDOM NUMBER GENERATION;

BILINEAR PAIRING; ELLIPTIC CURVE CRYPTOGRAPHY; ESL ATTACK; ID-BASED CRYPTOGRAPHY; MOBILE CLIENT; MULTI-SERVER;

NETWORK ARCHITECTURE;

EID: 84920258664     PISSN: 09296212     EISSN: 1572834X     Source Type: Journal    
DOI: 10.1007/s11277-014-1968-8     Document Type: Article

References (44)

1. He, D. (2012). Cryptanalysis of an authenticated key agreement protocol for wireless mobile communications. ETRI Journal, 34(3), 482–484.
2. He, D. (2012). An efficient remote user authentication and key exchange protocol for mobile client-server environment from pairings. Ad Hoc Networks, 10(6), 1009–1016.
3. He, D., Chen, J., & Hu, J. (2012). An ID-based client authentication with key agreement protocol for mobile client-server environment on ECC with provable security. Information Fusion, 13(3), 223–230.
4. He, D., Chen, J., & Zhang, R. (2012). A more secure authentication scheme for telecare medicine information systems. Journal of Medical Systems, 36(3), 1989–1995.
5. He, D., Chen, J., & Hu, J. (2011). Further improvement of Juang et al. ’s password-authenticated key agreement scheme using smart cards. Kuwait Journal of Science & Engineering, 38(2A), 55–68.
6. He, D., Chen, J., & Hu, J. (2012). Improvement on a smart card based password authentication scheme. Journal of Internet Technology, 13(3), 405–410.
7. He, D., Chen, J., & Chen, Y. (2012). A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Security and Communication Networks. doi:10.1002/sec.506.
8. He, D., Chen, Y., & Chen, J. (2012). Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol. Nonlinear Dynamics, 69(3), 1149–1157.
9. Tsai, J. L. (2008). Efficient multi-server authentication scheme based on one-way hash function without verification table. Computers and Security, 27(3–4), 115–121.
10. Geng, J., & Zhang, L. (2008). A dynamic ID-based user authentication and key agreement scheme for multi-server environment using bilinear pairings. In Proceedings of the power electronics and intelligent transportation system, pp. 33–37.
11. Liao, Y. P., & Wang, S. S. (2009). A secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards and Interfaces, 31(1), 24–29.
12. Hsiang, H. C., & Shih, W. K. (2009). Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards and Interfaces, 31(6), 1118–1123.
13. Lee, C.-C., Lin, T.-H., & Chang, R.-X. (2011). A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards. Expert Systems with Applications, 38, 13863–13870.
14. Lee, S. G. (2009). Cryptanalysis of multiple-server password-authenticated key agreement scheme using smart cards. Cryptology ePrint Archive 2009; Report 2009/490.
15. Chuang, Y. H., & Tseng, Y. M. (2009). Security weaknesses of two dynamic ID-based user authentication and key agreement schemes for multi-server environment. In Proceedings of the national computer symposium (NCS2009), vol. 5, pp. 250–257.
16. Sood, S. K., Sarje, A., & Singh, K. (2011). A secure dynamic identity based authentication protocol for multi-server architecture. Journal of Network and Computer Applications, 34, 609–618.
17. Li, X., Xiong, Y., Ma, J., & Wang, W. (2012). An efficient and secure dynamic identity based authentication protocol for multi-server architecture using smartcards. Journal of Network and Computer Applications, 35, 763–769.
18. Han, W. (2012). Weaknesses of a dynamic identity based authentication protocol for multi-server architecture. arXiv preprint archive 2012. http://arxiv.org/ftp/arxiv/papers/1201/1201.0883.pdf.
19. Li, X., Ma, J., Wang, W., Xiong, Y., & Zhang, J. (2013). A novel smart card and dynamic ID based remote user authentication scheme for multi-server environments. Mathematical and Computer Modelling, 58, 85–95.
20. Zhaoa, D., Peng, H., Li, S., & Yang, Y. (2013). An efficient dynamic ID based remote user authentication scheme using self-certified public keys for multi-server environment. arXiv preprint archive 2013. http://arxiv.org/pdf/1305.6350.pdf.
21. Wang, B., & Ma, M. (2013). A smart card based efficient and secured multi-server authentication scheme. Wireless Personal Communications, 68, 361–378.
22. He, D., & Wu, S. (2013). Security flaws in a smart card based authentication scheme for multi-server environment. Wireless Personal Communications, 70, 323–329.
23. Chuang, Y.-H., & Tseng, Y.-M. (2013). Towards generalized ID-based user authentication for mobile multi-server environment. Intrnational Journal of Communication Systems, 25, 447–406.
24. Han, W., & Zhu, Z. (2013). An ID-based mutual authentication with key agreement protocol for multi-server environment on elliptic curve cryptosystem. Intrnational Journal of Communication Systems. doi:10.1002/dac.2405.
25. Cao, X., & Zhong, S. (2006). Breaking a remote user authentication scheme for multi-server architecture. IEEE Communications Letters, 10(8), 580–581.
26. Shamir, A. (1984). Identity-based cryptosystems and signature schemes. In Proceedings of the advances in cryptology (CRYPTO’84), LNCS 196, Springer, Berlin, pp. 47–53.
27. Boneh, D., & Franklin, M. (2003). Identity-based encryption from the Weil pairing. SIAM Journal on Computing, 32, 586–615.
28. Tseng, Y.-M., Tsai, T.-T., & Huang, S.-S. (2013). Leakage-free ID-based signature. The Computer Journal. doi:10.1093/comjnl/bxt116.
29. Canetti, R., & Krawczyk, H. (2001). Analysis of key exchange protocols and their use for building secure channels. In Proceedings of advances in cryptology (Eurocrypt’01), LNCS, pp. 453–474.
30. Cheng, Z., Nistazakis, M., Comley, R., & Vasiu, L. (2005). On the indistinguishability-based security model of key agreement protocols-simple cases, Cryptology ePrint Archieve, Report 2005/129.
31. Mandt, T., & Tan, C. (2008). Certificateless authenticated two-party key agreement protocols. In Proceedings of the ASIAN’08, LNCS 4435, pp. 37–44.
32. Islam, S. H., & Biswas, G. P. (2011). Comments on ID-based client authentication with key agreement protocol on ECC for mobile client-server environment. In Proceedings of the international conference on advanced in computing and communications (ACC 2011), CCIS 191, Springer, Berlin, pp. 628–635.
33. Islam, S. H., & Bisws, G. P. (2011). A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Journal of Systems and Software, 84, 1892–1898.
34. LaMacchia, B., Lauter, K., & Mityagin, A. (2007). Stronger security of authenticated key exchange. In Proceeding of the ProvSec’07, pp. 1–16.
35. Swanson, C. M. (2008). Security in key agreement: Two-party certificateless schemes. Master’s thesis, University of Waterloo, Canada.
36. Islam, S. H., & Biswas, G. P. (2013). Design of improved password authentication and update scheme based on elliptic curve cryptography. Mathematical and Computer Modelling, 57, 2703–2717.
37. Islam, S. H., & Biswas, G. P. (2012). A pairing-free identity-based authenticated group key agreement protocol for imbalanced mobile networks. Annals of Telecommunications, 67(11–12), 547–558.
38. Hou, M., Xu, Q., Shanqing, G., & Jiang, H. (2010). Cryptanalysis of identity-based authenticated key agreement protocols from parings. Journal of Networks, 5(7), 826–855.
39. Ballare, M., & Rogaway, P. (1993). Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM conference on computer and communications security (CCS’93), pp. 62–73.
40. Pippal, R. S., Jaidhar, C. D., & Tapaswi, S. (2013). Robust smart card authentication scheme for multi-server architecture. Wireless Personal Communications, 72, 729–745.
41. Tsai, J.-L., Lo, N.-W., & Wu, T.-C. (2013). A new password-based multi-server authentication scheme robust to password guessing attacks. Wireless Personal Communications, 71, 1977–1988.
42. Miller, V. S. (1985). Use of elliptic curves in cryptography. In Proceeding of the advances in cryptology (Crypto’85), pp. 417–426.
43. Koblitz, N. (1987). Elliptic curve cryptosystem. Journal of Mathematics of Computation, 48(177), 203–209.
44. Pointcheval, D., & Stern, J. (2000). Security arguments for digital signatures and blind signatures. Journal of Cryptology, 13, 361–396.