An enhanced privacy preserving remote user authentication scheme with provable security

Ubiquitous networks provide roaming service for mobile nodes enabling them to use the services extended by their home networks in a foreign network. A mutual authentication scheme between the roamed mobile node and the foreign network is needed to be performed through the home network. Various authentication schemes have been developed for such networks, but most of them failed to achieve security in parallel to computational efficiency. Recently, Shin et al. and Wen et al. separately proposed two efficient authentication schemes for roaming service in ubiquitous networks. Both argued their schemes to satisfy all the security requirements for such systems. However, in this paper, we show that Shin et al.'s scheme is susceptible to: (i) user traceability; (ii) user impersonation; (iii) service provider impersonation attacks; and (iv) session key disclosure. Furthermore, we show that Wen et al.'s scheme is also insecure against: (i) session key disclosure; and (ii) known session key attacks. To conquer the security problems, we propose an improved authentication scheme with anonymity for consumer roaming in ubiquitous networks. The proposed scheme not only improved the security but also retained a lower computational cost as compared with existing schemes. We prove the security of proposed scheme in random oracle model. of 20Step 1: MN ! FA: M 1 D ¹M V 1 ; M V 2 ; M V 3 º MN inputs his identity ID MN and password P W MN . MN then computes h.ID M jjh.P W MN // and checks if the result and A MN stored in his mobile device are of 20 4 Mobile node chooses its identity ID MN , password P W MN , and a random number d . Further, MN computes f D h.ID MN kP W MN kd /. Finally, MN sends ID MN and f to the HA by using some secure channel. HA computes K MN D h.ID MN jjx/˚f using secret x. Further, HA pledges a counter ct r MN D 0 for MN and forms a record .ID MN ; ct r MN / in his database. HA then engraves the smart card (SC MN ) with K MN , ct r MN , h.:/, and n. HA issues the smart card (SC MN ) to MN. After obtaining the smart card (SC MN ), MN computes f D h.ID MN˚P W MN˚d / and writes f on SC MN . Finally, the SC MN contains ¹ct r MN ; K MN ; f ; n; d , h.:/º. Login and authentication phaseThe procedure for login and authentication is outlined in Figure 3; the same is illustrated as follows: (1) MN ! FA W M 1 . MN inserts his smart card (SC MN ) in the reader and enters his identity ID MN and password P W MN . SC MN computes f 0 D h.ID MN˚P W MN˚d / and then verifies whether f 0 D f or not. If f 0 ¤ f , the login phase terminates immediately. Otherwise, SC MN computes K MN D K MN˚h .ID MN kP W MN kd /. Then SC MN generates random n MN and computes ct r MN D ct r MN C 1 and V 1 D .ID MN jj K MN jjn MN jjct r MN jjID FA / 2 modn. Finally, MN sends the M 1 D .V 1 ; ct r MN ; ID HA / to FA.Figure 3. Wen et al.'s scheme [38]. Proposition 5 (Secure key establishment)The improved scheme provides secure key establishment. ProofAfter completion of the protocol, the MN, FA, and HA will establish a common session key SK FA D SK MN ...

show abstract

“…The session key (13) computed by the adversary is equal to the session key established between MN and FA, because…”

Section: Session Key Disclosurementioning

confidence: 99%

A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security

Farash

Chaudhry

Heydari

et al. 2015

Int J Communication

Self Cite

View full text Add to dashboard Cite

show abstract

“…Since the sensitive patient information is transmitted through an open channel, so there is a big concern of message security against various types of active and passive attacks. To make secure communication between medical professional and patient, user authentication with session key agreement protocols [1,2,3,4,5] are widely used. In such protocols, after sharing a common session research articles suggested different solutions, but still none of the solutions are sufficient to provide known security features as discussed in the Sections 1.1 and 1.2.…”

Section: Introductionmentioning

confidence: 99%

A robust and anonymous patient monitoring system using wireless medical sensor networks

Amin

Islam

Biswas

et al. 2018

Future Generation Computer Systems

Self Cite

274

196

View full text Add to dashboard Cite

“…In order to design a secure authentication scheme [7,12,15], many researchers used different cryptographic tools such as hash function [3,4,8], chaotic maps [23], RSA cryptosystem [16], elliptic curve cryptography (ECC) [9], bilinear pairing [1,22], ElGamal and some others operation like XOR and concatentation. It is known that both public key cryptosystem such as (ECC) and RSA provide same level of security.…”

Section: Introductionmentioning

confidence: 99%

An Efficient and Practical Smart Card Based Anonymity Preserving User Authentication Scheme for TMIS using Elliptic Curve Cryptography

et al. 2015

Self Cite

View full text Add to dashboard Cite

In the last few years, numerous remote user authentication and session key agreement schemes have been put forwarded for Telecare Medical Information System, where the patient and medical server exchange medical information using Internet. We have found that most of the schemes are not usable for practical applications due to known security weaknesses. It is also worth to note that unrestricted number of patients login to the single medical server across the globe. Therefore, the computation and maintenance overhead would be high and the server may fail to provide services. In this article, we have designed a medical system architecture and a standard mutual authentication scheme for single medical server, where the patient can securely exchange medical data with the doctor(s) via trusted central medical server over any insecure network. We then explored the security of the scheme with its resilience to attacks. Moreover, we formally validated the proposed scheme through the simulation using Automated Validation of Internet Security Schemes and Applications software whose outcomes confirm that the scheme is protected against active and passive attacks. The performance comparison demonstrated that the proposed scheme has lower communication cost than the existing schemes in literature. In addition, the computation cost of the proposed scheme is nearly equal to the exiting schemes. The proposed scheme not only efficient in terms of different security attacks, but it also provides an efficient login, mutual authentication, session key agreement and verification and password update phases along with password recovery.

show abstract

An enhanced privacy preserving remote user authentication scheme with provable security

Cited by 76 publications

References 46 publications

A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security

A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security

A robust and anonymous patient monitoring system using wireless medical sensor networks

An Efficient and Practical Smart Card Based Anonymity Preserving User Authentication Scheme for TMIS using Elliptic Curve Cryptography

Contact Info

Product

Resources

About