An ID-based authentication scheme to achieve the security of smart card

被引：0

作者：

Xu N. ^{[1
]}

Huang H. ^{[1
]}

Li Z. ^{[1
]}

Wang Y. ^{[1
]}

Sha C. ^{[1
]}

机构：

[1] Jiangsu High Technology Research Key Laboratory for Wireless Sensor Networks, College of Computer, Nanjing University of Posts and Telecommunications, Nanjing

来源：

International Journal of Security and Networks | 2018年 / 13卷 / 01期

基金：

中国国家自然科学基金;

关键词：

Computational efficiency; ID-based authentication; Password authentication; Security; Smart card;

D O I：

10.1504/IJSN.2018.090641

中图分类号：

学科分类号：

摘要：

When customers enjoy the benefits from pervasive electronic applications such as mobile payment and online transaction, what we cannot ignore is that the adversaries may infringe privacy by cracking the authentication information. As an effective countermeasure, considerable smart-card-based ID authentication schemes have been proposed. However, these methods are found actually more or less vulnerable to certain attacks. Therefore, we propose a scheme based on smart card's mutual authentication mechanism, which can completely hide all the information concerned with the user's ID and defeat most known attacks launched by the adversaries. When the user uses the same identity and password to register different accounts, the attacker cannot obtain the user's password even if he or she knows the user's corresponding identity and cannot achieve a password-guessing attack. Compared with several prevalent schemes, without sacrificing the computational efficiency, our solution can achieve higher security. Copyright © 2018 Inderscience Enterprises Ltd.

引用

页码：42 / 50

页数：8

共 19 条

[1]

Chen B.L., Kuo W.C., Wuu L.C., Robust smart-card-based remote user password authentication scheme, International Journal of Communication Systems, 27, 27, pp. 377-389, (2014)

[2]

Chen C., Lightweight and provably secure user authentication with anonymity for the global mobility network, International Journal of Communication Systems, 24, 3, pp. 347-362, (2011)

[3]

Fu Z.J., Ren K., Shu J.G., Sun X.M., Huang F.X., Enabling personalized search over encrypted outsourced data with efficiency improvement, IEEE Transactions on Parallel and Distributed Systems, 27, 9, pp. 2546-3255, (2015)

[4]

Lamport L., Password authentication with insecure communication, Communications of The ACM, 24, 11, pp. 770-772, (1981)

[5]

Lee S.W., Kim H.S., Yoo K.Y., Improvement of Chien et al.'s remote user authentication scheme using smart cards, Computer Standards and Interfaces, 27, 2, pp. 181-183, (2005)

[6]

Lei M., Xiao Y., Vrbsky S.V., Li C.-C., Virtual password using random linear functions for on-line services, ATMs, and pervasive computing, Elsevier Journal of Computer Communications, 31, 18, pp. 4367-4375, (2008)

[7]

Lei M., Xiao Y., Vrbsky S.V., Li C.-C., Liu L., A virtual password scheme to protect passwords, Proc. of IEEE ICC, pp. 1536-1540, (2008)

[8]

Li F., Xin X., Hu Y., ID-based threshold proxy signcryption scheme from bilinear pairings, International Journal of Security and Networks, 3, 3, pp. 206-215, (2008)

[9]

Madhusudan R., Valiveti A., Cryptanalysis of remote user authentication scheme with key agreement, International Conference on. IEEE Computer, Communications, and Control Technology (I4CT'15), pp. 476-480, (2015)

[10]

Messerges T.S., Dabblish E.A., Sloan R.H., Examining smart-card security under the threat of power analysis attacks, IEEE Transactions on Computers, 51, 5, pp. 541-552, (2002)

← 1 2 →