An enhanced smart card and dynamic ID based remote multi-server user authentication scheme

被引:0
作者
Nitish Andola
Sourabh Prakash
Raghav Gahlot
S. Venkatesan
Shekhar Verma
机构
[1] Jaypee Institute of Information Technology,Computer Science & Engineering and Information Technology
[2] Indian Institute of Information Technology Allahabad,undefined
来源
Cluster Computing | 2022年 / 25卷
关键词
Authentication; Access control; AVISPA; BAN logic; CUDA; Multi-server environment; Smart card;
D O I
暂无
中图分类号
学科分类号
摘要
Organizations often use smart card-based user authentication for remote access. The research community has put forward dynamic identity based remote user authentication schemes for distributed multi-server environment to safeguard the connection between user and server. Recently, Qiu et al. proposed an efficient smart card based remote user authentication scheme for the multi-server environment, in which they uphold their scheme provides mutual authentication and key agreement, user-anonymity, resistance against various kind of attacks. This paper will manifest that if the adversary is successful in stealing a smart card, then their schemes are vulnerable to masquerade attack, server spoofing attack, and password guessing attack. We overcome their flaws and propose an enhanced anonymous scheme where whenever the user wants to log into a server, the user identity is changed dynamically before login. And also, the scheme resists all possible attacks. We compared our scheme with respect to the related scheme, used BAN logic for verification of correctness of mutual key agreement and AVISPA to prove scheme is safe. We have provided formal security proofs for our scheme.
引用
收藏
页码:3699 / 3717
页数:18
相关论文
共 85 条
[21]  
Juang WS(2018)Secure and lightweight remote patient authentication scheme with biometric inputs for mobile healthcare environments J. Ambient Intell. Humaniz. Comput. 84 38-54
[22]  
Juang WS(2017)Security and privacy challenges in mobile cloud computing: survey and way ahead J. Netw. Comput. Appl. 13 978-1002
[23]  
Chen ST(2019)An improved lightweight two-factor authentication and key agreement protocol with dynamic identity based on elliptic curve cryptography KSII Trans. Internet Inf. Syst. 38 20-30
[24]  
Liaw HT(2015)Secure and efficient smart-card-based remote user authentication scheme for multiserver environment Can. J. Electr. Comput. Eng. 56 2284-2291
[25]  
Lamport L(2009)Improvements of Juang’s password-authenticated key agreement scheme using smart cards IEEE Trans. Ind. Electron. 27 115-121
[26]  
Lee CC(2008)Efficient multi-server authentication scheme based on one-way hash function without verification table Comput. Secur. 27 39-51
[27]  
Lin TH(2004)A smart card-based remote scheme for password authentication in multi-server Internet services Comput. Stand. Interfaces 20 390-395
[28]  
Chang RX(2018)A new remote authentication scheme for anonymous users using elliptic curves cryptosystem Int. J. Netw. Secur. undefined undefined-undefined
[29]  
Lee WB(undefined)undefined undefined undefined undefined-undefined
[30]  
Chang CC(undefined)undefined undefined undefined undefined-undefined
123456789