An Advanced ECC ID-Based Remote Mutual Authentication Scheme for Mobile Devices

Chen, Tien-Ho; Chen, Yen-Chiu; Shih, Wei-Kuan

doi:10.1109/uic-atc.2010.18

Cited by 16 publications

(12 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This section evaluates the performance of the proposed scheme in terms computation cost of proposed scheme with other schemes [2,3,4,5,6]. To estimate the computation cost of proposed scheme, the following notations are defined: PM is the time complexity to execute elliptic curve scalar point multiplication, H is the time complexity to execute hash operation and PA is the time complexity to execute elliptic curve scalar point addition.…”

Section: Comparision With Other Schemementioning

confidence: 99%

See 1 more Smart Citation

An Efficient and More Secure ID Based Mutual Authentication Scheme Based on ECC for Mobile Devices

Burde¹,

Dakhore²

2014

Computer Science &Amp; Information Technology ( CS &Amp; IT )

View full text Add to dashboard Cite

show abstract

Section: Comparision With Other Schemementioning

confidence: 99%

“…However, the security of mobile communication has topped the list of concerns for mobile phone users. In 2009, Yang [6] proposed a system combining elliptic curve and identity-based cryptosystems to enhance security. They claimed that their system's secure against various attacks, such as replay attack, impersonation attack.…”

Section: Introductionmentioning

confidence: 99%

An Efficient and More Secure ID Based Mutual Authentication Scheme Based on ECC for Mobile Devices

Burde¹,

Dakhore²

2014

Computer Science &Amp; Information Technology ( CS &Amp; IT )

View full text Add to dashboard Cite

show abstract

“…Recently, several ID-based client authentication schemes [5,[9][10][11][19][20][21][22][23] have been found in literature. However, these are vulnerable to various attacks such as replay attack [5,11,20,21], privileged-insider attack [14,[23][24][25], impersonation attack [5,9], lost/stolen smartcard attack [23,24], known session-specific temporary information attack [5,11,12,14,25], and many logged-in users' attack [5,11,12,14,25].…”

Section: Related Workmentioning

confidence: 99%

“…However, these are vulnerable to various attacks such as replay attack [5,11,20,21], privileged-insider attack [14,[23][24][25], impersonation attack [5,9], lost/stolen smartcard attack [23,24], known session-specific temporary information attack [5,11,12,14,25], and many logged-in users' attack [5,11,12,14,25]. In addition, some of these schemes are faces from the problem of users' anonymity [5,11,14,25], perfect forward security [5,9] and clock synchronization [9][10][11]25]. In 2011, Debiao et al [14] proposed an ID-based client authentication with key agreement scheme on ECC for mobile client-server environments.…”

Section: Related Workmentioning

confidence: 99%

“…Recently, ECC [3,4]-based public key cryptosystem has attracted a great attention due to its shorter length key such as 160 bit ECC-based key provides same level of security as of 1024 bit RSA-based key, low storage and faster computation. Thus, several ECC-based client authentication schemes [5][6][7][8][9][10][11][12][13][14][15] have been proposed by the researchers to reduce the computation and communication loads on mobile devices. Despite the suitability of ECC-based scheme for low-power mobile devices, ECC-based cryptosystem has some other limitations like PKI-based cryptosystem.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

An improved ID-based client authentication with key agreement scheme on ECC for mobile client-server environments

Islam¹,

Biswas²

2012

Theoretical and Applied Informatics

View full text Add to dashboard Cite

In wireless mobile networks, a client can move between different locations while staying connected to the network and access the remote server over the mobile networks by using their mobile devices at anytime and anywhere. However, the wireless network is more prone to some security attacks, as it does not have the ingrained physical security like wired networks. Thus, the client authentication is required while accessing the remote server through wireless network. Based on elliptic curve cryptosystem (ECC) and identity-based cryptography (IBC), Debiao et al. proposed an ID-based client authentication with key agreement scheme to reduce the computation and communication loads on the mobile devices. The scheme is suitable for mobile client-server environments, is secure against different attacks and provides mutual authentication with session key agreement between a client and the remote server as they claimed. Unfortunately, this paper demonstrates that Debiao et al.'s scheme is vulnerable some cryptographic attacks, and proposed an improved ID-based client authentication with key agreement scheme using ECC. The proposed scheme is secure based on Elliptic Curve Discrete Logarithm Problem (ECDLP) and Computational DiffieHelmann Problem (CDHP). The detail analysis shows that our scheme overcomes the drawbacks of Debiao et al.'s scheme and achieves more functionality for the client authentication with lesser computational cost than other schemes.

show abstract

An improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks

Wen

Zhang

et al. 2013

Int J Network Mgmt

View full text Add to dashboard Cite

SUMMARY In this paper, we cryptanalyze Rhee et al.'s ‘Remote user authentication scheme without using smart cards’, and prove that their scheme is not completely secure against user impersonation attack. The security flaw is caused by mathematical homomorphism of the registration information. In addition, their scheme lacks key agreement procedures for generating the session key to encrypt the communication messages after mutual authentication. Furthermore, a modification is proposed to improve the security, practicability and robustness of such scheme. Firstly, we introduce elliptic curve cryptosystem to enhance the security. Secondly, in order to improve the practicability, our improvement is much more easily implemented using portable devices in global mobility networks; moreover, a synchronized clock system, traditional password table or ancillary equipment are not required in our improvement. Finally, the proposed scheme not only achieves mutual authentication, but also provides the procedure for key agreement and update of secrets for users and servers to increase the robustness. Copyright © 2013 John Wiley & Sons, Ltd.

show abstract

An Advanced ECC ID-Based Remote Mutual Authentication Scheme for Mobile Devices

Cited by 16 publications

References 31 publications

An Efficient and More Secure ID Based Mutual Authentication Scheme Based on ECC for Mobile Devices

An Efficient and More Secure ID Based Mutual Authentication Scheme Based on ECC for Mobile Devices

An improved ID-based client authentication with key agreement scheme on ECC for mobile client-server environments

An improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks

Contact Info

Product

Resources

About