Secure Remote User Mutual Authentication Scheme with Key Agreement for Cloud Environment

被引:0
作者
Marimuthu Karuppiah
Ashok Kumar Das
Xiong Li
Saru Kumari
Fan Wu
Shehzad Ashraf Chaudhry
R. Niranchana
机构
[1] VIT University,School of Computing Science and Engineering
[2] International Institute of Information Technology,Center for Security, Theory and Algorithmic Research
[3] Hunan University of Science and Technology,School of Computer Science and Engineering
[4] Ch. Charan Singh University,Department of Mathematics
[5] Xiamen Institute of Technology,School of Computer Science and Engineering
[6] International Islamic University Islamabad,Department of Computer Science and Engineering
来源
Mobile Networks and Applications | 2019年 / 24卷
关键词
Smart card; Authentication; User anonymity; Mutual authentication; Key agreement; ROR model; Security;
D O I
暂无
中图分类号
学科分类号
摘要
Authentication schemes are widely used mechanisms to thwart unauthorized access of resources over insecure networks. Several smart card based password authentication schemes have been proposed in the literature. In this paper, we demonstrate the security limitations of a recently proposed password based authentication scheme, and show that their scheme is still vulnerable to forgery and offline password guessing attacks and it is also unable to provide user anonymity, forward secrecy and mutual authentication. With the intention of fixing the weaknesses of that scheme, we present a secure authentication scheme. We show that the proposed scheme is invulnerable to various attacks together with attacks observed in the analyzed scheme through both rigorous formal and informal security analysis. Furthermore, the security analysis using the widely-accepted Real-Or-Random (ROR) model ensures that the proposed scheme provides the session key (SK) security. Finally, we carry out the performance evaluation of the proposed scheme and other related schemes, and the result favors that the proposed scheme provides better trade-off among security and performance as compared to other existing related schemes.
引用
收藏
页码:1046 / 1062
页数:16
相关论文
共 142 条
[1]  
Lamport L(1981)Password authentication with insecure communication Commun ACM 24 770-772
[2]  
Harn L(1989)Password authentication using public-key cryptography Computers and Mathematics with Applications 18 1001-1017
[3]  
Huang D(1991)A dynamic password authentication method using a one-way function Systems and Computers in Japan 22 32-40
[4]  
Laih CS(1997)An authentication protocol without trusted third party IEEE Commun Lett 1 87-89
[5]  
Shimizu A(2000)Simple and secure password authentication protocol (sas) IEICE Trans Commun 83 1363-1365
[6]  
Shieh S-P(1991)Remote password authentication with smart cards IEE Proceedings Computers and Digital Techniques 138 165-168
[7]  
Yang W-H(2000)A new remote user authentication scheme using smart cards IEEE Trans Consum Electron 46 28-30
[8]  
Sun H-M(2000)Cryptanalysis of a remote user authentication scheme using smart cards IEEE Trans Consum Electron 46 992-993
[9]  
Sandirigama M(2003)Some forgery attacks on a remote user authentication scheme using smart cards Informatica 14 289-294
[10]  
Shimizu A(2004)Security of a remote user authentication scheme using smart cards IEICE Trans Commun 87 192-194
12345678910