Design and Analysis of Bilinear Pairing Based Mutual Authentication and Key Agreement Protocol Usable in Multi-server Environment

Wireless Personal Communications

Volumn 84, Issue 1, 2015, Pages 439-462

  Amin, Ruhul ^a   Biswas, G P ^a  

^a INDIAN SCHOOL OF MINES   (India)

Author keywords

Bilinear pairing; Biometric template; Security attacks; Three factor; User anonymity; User authentication

Indexed keywords

BIOMETRICS; INTERNET PROTOCOLS; MOBILE SECURITY; NETWORK ARCHITECTURE; NETWORK SECURITY; PUBLIC KEY CRYPTOGRAPHY; SMART CARDS; TRANSPORTATION;

BILINEAR PAIRING; BIOMETRIC TEMPLATE; SECURITY ATTACKS; THREE FACTOR; USER ANONYMITY; USER AUTHENTICATION;

AUTHENTICATION;

EID: 84938999815     PISSN: 09296212     EISSN: 1572834X     Source Type: Journal    
DOI: 10.1007/s11277-015-2616-7     Document Type: Article

References (46)

1. Amin, R. (2013). Cryptanalysis and an efficient secure ID-based remote user authentication using smart card. International Journal of Computer Applications, 75(13), 43–48.
2. Amin, R., & Biswas, G. P. (2015). A novel user authentication and key agreement protocol for accessing multi-medical server usable in TMIS. Journal of Medical Systems, 39(3), 33. doi:10.1007/s10916-015-0217-3.
3. Amin, R., & Biswas, G. P. (2015). Remote access control mechanism using rabin public key cryptosystem. In Information systems design and intelligent applications, advances in intelligent systems and computing (vol. 339, pp. 525–533). Springer. doi:10.1007/978-81-322-2250-7_52.
4. Amin, R., Maitra, T., & Giri, D. (2013). An improved efficient remote user authentication scheme in multi-server environment using smart card. International Journal of Computer Applications, 69(22), 1–6.
5. Awasthi, A. K., & Lal, S. (2004). An enhanced remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics, 50(2), 583–586.
6. Badra, M., & Urien, P. (2004). Introducing smartcards to remote authenticate passwords using public key encryption. In Advances in wired and wireless communication, 2004 IEEE/Sarnoff symposium on (pp. 123–126). doi:10.1109/SARNOF.2004.1302856.
7. Boneh, D., & Franklin, M. (2001). Identity-based encryption from the weil pairing. In Advances in cryptology CRYPTO 2001, lecture notes in computer science (vol. 2139, pp. 213–229). Springer, Berlin. doi:10.1007/3-540-44647-8_13.
8. Boyd, C., & Mathuria, A. (2003). In Protocols for authentication and key establishment. doi:10.1007/978-3-662-09527-0.
9. Burrows, M., Abadi, M., & Needham, R. (1990). A logic of authentication. ACM Transactions on Computer Systems, 8(1), 18–36. doi:10.1145/77648.77649.
10. Chang, C. C., & Wu, T. C. (1991). Remote password authentication with smart cards. IEE Proceedings E Computers and Digital Techniques, 138(3), 165–168.
11. Chang, Y. F., Yu, S. H., & Shiao, D. R. (2013). A uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. Journal of Medical Systems, 37(2), 1–9. doi:10.1007/s10916-012-9902-7.
12. Lee, C.-C., Lai, Y.-M., & Li, C. T. (2011). An improved secure dynamic ID based remote user authentication scheme for multi-server environment. Expert Systems with Applications, 38(11), 203–209.
13. Cheon, J. H., & Lee, D. H. (2002). Diffie-hellman problems and bilinear maps. Cryptology ePrint Archive: Report 2002.
14. Chien, H. Y., Jan, J. K., & Tseng, Y. M. (2002). An efficient and practical solution to remote authentication: Smart card. Computers and Security, 21(4), 372–375. doi:10.1016/S0167-4048(02)00415-7.
15. Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., & Shalmani, M. (2008). On the power of power analysis in the real world: A complete break of the keeloq code hopping scheme. In Advances in cryptology CRYPTO 2008, lecture notes in computer science (vol. 5157, pp. 203–220). Springer, Berlin. doi:10.1007/978-3-540-85174-5_12.
16. Frey, G., & Rück, H. G. (1994). A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves. Mathematics of computation, 62(206), 865–874. doi:10.2307/2153546.
17. Geng, J., & Zhang, L. (2008). A dynamic ID-based user authentication and key agreement scheme for multi-server environment using bilinear pairings. In Power electronics and intelligent transportation system, 2008. PEITS ’08. Workshop on (pp. 33–37). doi:10.1109/PEITS.2008.35.
18. Hsiang, H. C., & Shih, W. K. (2009). Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards and Interfaces, 31(6), 1118–1123. doi:10.1016/j.csi.2008.11.002.
19. Hsieh, W. B., & Leu, J. S. (2014). An anonymous mobile user authentication protocol using self-certified public keys based on multi-server architectures. The Journal of Supercomputing, 70(1), 133–148. doi:10.1007/s11227-014-1135-8.
20. Islam, S. (2014). A provably secure ID-based mutual authentication and key agreement scheme for mobile multi-server environment without esl attack. Wireless Personal Communications, 79(3), 1975–1991. doi:10.1007/s11277-014-1968-8.
21. Jin, A. T. B., Ling, D. N. C., & Goh, A. (2004). Biohashing: Two factor authentication featuring fingerprint data and tokenised random number. Pattern Recognition, 37(11), 2245–2255.
22. Juang, W. S. (2004). Efficient multi-server password authenticated key agreement using smart cards. IEEE Transactions on Consumer Electronics, 50(1), 251–255. doi:10.1109/TCE.2004.1277870.
23. Kocher, P., Jaffe, J., & Jun, B. (1999). Differential power analysis. In Advances in cryptology CRYPTO 99, lecture notes in computer science (vol. 1666, pp. 388–397).
24. Lee, W. B., & Chang, C. C. (2000). User identification and key distribution maintaining anonymity for distributed computer network. Computer and System Science, 15(4), 211–214.
25. Lee, C. C., Lin, T. H., & Chang, R. X. (2011). A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards. Expert Systems with Applications, 38(11), 13,863–13,870. doi:10.1016/j.eswa.2011.04.190.
26. Li, X., Ma, J., Wang, W., Xiong, Y., & Zhang, J. (2010). A novel smart card and dynamic ID based remote user authentication scheme for multi-server environments. Mathematical and Computer Modelling 58(1–2), 85–95 (2013). doi:10.1016/j.mcm.2012.06.033. Financial IT and security and international symposium on computational electronics.
27. Li, X., Niu, J., Kumari, S., Liao, J., & Liang, W. (2015). An enhancement of a smart card authentication scheme for multi-server architecture. Wireless Personal Communications, 80(1), 175–192. doi:10.1007/s11277-014-2002-x.
28. Li, X., Qiu, W., Zheng, D., Chen, K., & Li, J. (2010). Anonymity enhancement on robust and efficient password-authenticated key agreement using smart cards. IEEE Transactions on Industrial Electronics, 57(2), 793–800. doi:10.1109/TIE.2009.2028351.
29. Li, X., Xiong, Y., Ma, J., & Wang, W. (2012). An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. Journal of Network and Computer Applications, 35(2), 763–769. doi:10.1016/j.jnca.2011.11.009.
30. Liao, Y. P., & Hsiao, C. M. (2013). A novel multi-server remote user authentication scheme using self-certified public keys for mobile clients. Future Generation Computer Systems, 29(3), 886–900.
31. Liao, Y. P., & Wang, S. S. (2009). A secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards and Interfaces, 31(1), 24–29. doi:10.1016/j.csi.2007.10.007.
32. Lin, I. C., Hwang, M. S., & Li, L. H. (2003). A new remote user authentication scheme for multi-server architecture. Future Generation Computer Systems, 19(1), 13–22. doi:10.1016/S0167-739X(02)00093-6.
33. Lumini, A., & Nanni, L. (2007). An improved biohashing for human authentication. Pattern Recognition, 40(3), 1057–1065. doi:10.1016/j.patcog.2006.05.030.
34. Menezes, A., Vanstone, S., & Okamoto, T. (1991). Reducing elliptic curve logarithms to logarithms in a finite field. In Proceedings of the twenty-third annual ACM symposium on theory of computing, STOC ’91 (pp. 80–89). doi:10.1145/103418.103434.
35. Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.
36. Pippal, R., Jaidhar, C., & Tapaswi, S. (2013). Robust smart card authentication scheme for multi-server architecture. Wireless Personal Communications, 72(1), 729–745. doi:10.1007/s11277-013-1039-6.
37. Shao, M.H., & Chin, Y.C. (2010). A novel approach to dynamic ID-based remote user authentication scheme for multi-server environment. In Proceedings of the 2010 fourth international conference on network and system security, NSS ’10 (pp. 548–553). IEEE Computer Society, Washington, DC, USA. doi:10.1109/NSS.2010.95.
38. Sood, S. K., Sarje, A. K., & Singh, K. (2011). A secure dynamic identity based authentication protocol for multi-server architecture. Journal of Network and Computer Applications, 34(2), 609–618. doi:10.1016/j.jnca.2010.11.011. Efficient and Robust Security and Services of Wireless Mesh Networks.
39. Tsai, J. L., Wu, T. C., & Tsai, K. Y. (2010). New dynamic ID authentication scheme using smart cards. International Journal of Communication Systems, 23(3), 1449–1462.
40. Tseng, Y. M., Wu, T. Y., & Wu, J. (2008). A pairing-based user authentication scheme for wireless clients with smart card. Informatics, 19(2), 285–302.
41. Tsuar, W. J., Chang, C. C., & Wu, W. L. (2001). A flexible user authentication scheme for multi-server internet services. In Networking ICN 2001, lecture notes in computer science (vol. 2093, pp. 174–183). Springer, Berlin. doi:10.1007/3-540-47728-4_18.
42. Turkanovic, M., Brumen, B., & Hölbl, M. (2014). A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the internet of things notion. Ad Hoc Networks, 20, 96–112. doi:10.1016/j.adhoc.2014.03.009.
43. Wang, B., & Ma, M. (2013). A smart card based efficient and secured multi-server authentication scheme. Wireless Personal Communications, 68(2), 361–378. doi:10.1007/s11277-011-0456-7.
44. Wei, J., Liu, W., & Hu, X. (2014). Cryptanalysis and improvement of a robust smart card authentication scheme for multi-server architecture. Wireless Personal Communications, 77(3), 2255–2269. doi:10.1007/s11277-014-1636-z.
45. Xu, J., Zhu, W. T., & Feng, D. G. (2009). An improved smart card based password authentication scheme with provable security. Computer Standards and Interfaces, 31(4), 723–728. doi:10.1016/j.csi.2008.09.006.
46. Zhao, D., Peng, H., Li, S., & Yang, Y. (2013) An efficient dynamic ID based remote user authentication scheme using self-certified public keys for multi-server environment. CoRR abs/1305.6350. http://arxiv.org/abs/1305.6350