An enhanced privacy preserving remote user authentication scheme with provable security

被引:75
作者
Chaudhry, Shehzad Ashraf [1 ]
Farash, Mohammad Sabzinejad [2 ]
Naqvi, Husnain [1 ]
Kumari, Saru [3 ]
Khan, Muhammad Khurram [4 ]
机构
[1] Int Islam Univ Islamabad, Dept Comp Sci & Software Engn, Islamabad, Pakistan
[2] Kharazmi Univ, Dept Math & Comp Sci, Tehran, Iran
[3] Ch Charan Singh Univ, Dept Math, Meerut 250004, Uttar Pradesh, India
[4] King Saud Univ, Ctr Excellence Informat Assurance, Riyadh 11451, Saudi Arabia
来源
SECURITY AND COMMUNICATION NETWORKS | 2015年 / 8卷 / 18期
关键词
authentication; provable security; symmetric key cryptography; smart card stolen attack; anonymity violation; ProVerif; SMART-CARD; PASSWORD AUTHENTICATION; EFFICIENT; CRYPTANALYSIS; ANONYMITY;
D O I
10.1002/sec.1299
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Very recently, Kumari et al. proposed a symmetric key and smart card-based remote user password authentication scheme to enhance Chung et al.'s scheme. They claimed their enhanced scheme to provide anonymity while resisting all known attacks. In this paper, we analyze that Kumari et al.' s scheme is still vulnerable to anonymity violation attack as well as smart card stolen attack. Then we propose a supplemented scheme to overcome security weaknesses of Kumari et al.'s scheme. We have analyzed the security of the proposed scheme in random oracle model which confirms the robustness of the scheme against all known attacks. We have also verified the security of our scheme using automated tool ProVerif. Copyright (C) 2015 John Wiley & Sons, Ltd.
引用
收藏
页码:3782 / 3795
页数:14
相关论文
共 43 条
[1]  
An YH, 2013, INT CONF ADV COMMUN, P1072
[2]  
[Anonymous], 2013, INT J COMMUNICATION, DOI DOI 10.1002/dac.2499
[3]   An efficient and secure authentication and key agreement scheme for session initiation protocol using ECC [J].
Arshad, Hamed ;
Nikooghadam, Morteza .
MULTIMEDIA TOOLS AND APPLICATIONS, 2016, 75 (01) :181-197
[4]   EVENT BOUNDARY DETECTION USING AUDIO-VISUAL FEATURES AND WEB-CASTING TEXTS WITH IMPRECISE TIME INFORMATION [J].
Bayar, Mujdat ;
Alan, Ozgur ;
Akpinar, Samet ;
Sabuncu, Orkunt ;
Cicekli, Nihan K. ;
Alpaslan, Ferda N. .
2010 IEEE INTERNATIONAL CONFERENCE ON MULTIMEDIA AND EXPO (ICME 2010), 2010, :578-583
[5]   REMOTE PASSWORD AUTHENTICATION WITH SMART CARDS [J].
CHANG, CC ;
WU, TC .
IEE PROCEEDINGS-E COMPUTERS AND DIGITAL TECHNIQUES, 1991, 138 (03) :165-168
[6]   A robust and efficient dynamic identity-based multi-server authentication scheme using smart cards [J].
Chang, Chin-Chen ;
Cheng, Ting-Fang ;
Hsueh, Wei-Yuan .
INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS, 2016, 29 (02) :290-306
[7]   Untraceable dynamic-identity-based remote user authentication scheme with verifiable password update [J].
Chang, Ya-Fen ;
Tai, Wei-Liang ;
Chang, Hung-Chin .
INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS, 2014, 27 (11) :3430-3440
[8]   Cryptanalysis and Improvement of an Improved Two Factor Authentication Protocol for Telecare Medical Information Systems [J].
Chaudhry, Shehzad Ashraf ;
Naqvi, Husnain ;
Shon, Taeshik ;
Sher, Muhammad ;
Farash, Mohammad Sabzinejad .
JOURNAL OF MEDICAL SYSTEMS, 2015, 39 (06)
[9]   Comment on 'Robust and efficient password authenticated key agreement with user anonymity for session initiation protocol-based communications' [J].
Chaudhry, Shehzad Ashraf .
IET Communications, 2015, 9 (07) :1034-1034
[10]  
Chen CT, 2014, SECURITY COMMUNICATI, V8, P1608
12345