Design and Analysis of Bilinear Pairing Based Mutual Authentication and Key Agreement Protocol Usable in Multi-server Environment

Amin, Ruhul; Biswas, G. P.

doi:10.1007/s11277-015-2616-7

Cited by 76 publications

(87 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In 2009, Liao and wang [22] put forward a multiserver authentication protocol; however, Chen et al [23] showed that the protocol in [22] suffers from forward secrecy problem. Further, Hsiang and Shih [24] demonstrated that the protocol in [22] cannot defy some common attacks [13], and then they enhanced it to remedy the identified weaknesses. Lee et al [25] designed an enhanced and efficient multiserver authentication protocol after pointing out the security weakness of the protocol in [24].…”

Section: Literature Reviewsmentioning

confidence: 99%

“…In this regard, two-factor authentication protocols using smart-card and password are widely used and designing a robust and efficient two-factor authentication protocol is a critical task. The concept of client-server communication over insecure networks has been introduced for single server environment, and many researchers have proposed numerous authentication protocols [1][2][3] using hash function [4][5][6], RSA cryptosystem [7][8][9], elliptic curve [10], chaotic map [11,12], and bilinear pairing [13]. However, these protocols are unsuitable for multiserver communications.…”

Section: Introductionmentioning

confidence: 99%

“…However, these protocols are unsuitable for multiserver communications. For this purpose, lots of authentication protocols [13][14][15][16][17] have been put forward for multiserver architecture. In multiserver communications, there are three entities such as a user, a registration center, and a number of application servers.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Two-Factor RSA-Based Robust Authentication System for Multiserver Environments

Amin¹,

Islam²,

Khan³

et al. 2017

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

The concept of two-factor multiserver authentication protocol was developed to avoid multiple number of registrations using multiple smart-cards and passwords. Recently, a variety of two-factor multiserver authentication protocols have been developed. It is observed that the existing RSA-based multiserver authentication protocols are not suitable in terms of computation complexities and security attacks. To provide lower complexities and security resilience against known attacks, this article proposes a twofactor (password and smart-card) user authentication protocol with the RSA cryptosystem for multiserver environments. The comprehensive security discussion proved that the known security attacks are eliminated in our protocol. Besides, our protocol supports session key agreement and mutual authentication between the application server and the user. We analyze the proof of correctness of the mutual authentication and freshness of session key using the BAN logic model. The experimental outcomes obtained through simulation of the Automated Validation of Internet Security Protocols and Applications (AVISPA) S/W show that our protocol is secured. We consider the computation, communication, and storage costs and the comparative explanations show that our protocol is flexible and efficient compared with protocols. In addition, our protocol offers security resilience against known attacks and provides lower computation complexities than existing protocols. Additionally, the protocol offers password change facility to the authorized user.

show abstract

Section: Literature Reviewsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Two-Factor RSA-Based Robust Authentication System for Multiserver Environments

Amin¹,

Islam²,

Khan³

et al. 2017

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

show abstract

“…Amin et al [6] pointed out the shortage of Hsieh's protocol that cannot resist the server spoofing attack and unable to hide the true identity of the user, but Amin's scheme needed a trusted third party in the authentication process. He et al [7] used self-certified public key mechanism to realize the anonymity of user authentication, and mutual authentication was achieved by verifying the non-forged messages, but the scheme did not achieve malicious user identity tracking and recovery, and the three information interaction increased the communication pressure.…”

Section: Introductionmentioning

confidence: 99%

“…Hsieh et al [5] proposed an anonymous protocol using self-certified public key technology and bilinear pairing for mobile user, the user and the service provider needed three message interaction to realize authentication and key agreement, but a lot of calculation was required. Amin et al [6] pointed out the shortage of Hsieh's protocol that cannot resist the server spoofing attack and unable to hide the true identity of the user, but Amin's scheme needed a trusted third party in the authentication process. He et al [7] used self-certified public key mechanism to realize the anonymity of user authentication, and mutual authentication was achieved by verifying the non-forged messages, but the scheme did not achieve malicious user identity tracking and recovery, and the three information interaction increased the communication pressure.…”

Section: Introductionmentioning

confidence: 99%

Controllable and Anonymous Authentication Scheme for Space Networks

Hu¹,

Du²,

Cao³

2017

ITM Web Conf.

View full text Add to dashboard Cite

This paper analyzed the existing anonymous authentication schemes which have the weakness of high calculation and communication cost and weak security. So we designed a secure and efficient anonymous authentication scheme to meet the need of the space network, which has the characteristic of resource limited, high exposure and intermittent connectivity. At first we proposed a signature algorithm based on certificateless public key cryptosystem and one-off public key, and then presented an anonymous authentication scheme according to the proposed signature algorithm, it needs two message interaction to complete the mutual authentication and key agreement. When the user has the illegal behavior, the service provider can reveal the illegal user's real identity through cooperation with the trusted center. Compared with the similar literature, the proposed scheme achieves high security with low computation and communication cost. (Abstract) IntroductionThe space network structures with double plane of heaven and earth, which is based on the ground network and expanding with space-based network. The network consists of space-based backbone network, space-based access network, ground-based node network [1], so it has characteristics of heterogeneity, intermittent connectivity and high exposure. Compared with the traditional network, the space network is more easily attacked by eavesdropping, tampering and replay attack. The deployment of access authentication and privacy protection for the security of the space network is essential [2]. The space network of highly exposure makes it necessary for user real identity authentication when it needs to use the space network service. At the same time, network authentication needs to achieve anonymity and traceability in order to prevent the disclosure of privacy. What's more, it is necessary to reduce the computational overhead of the user and service provider for the resource limited space networks [2]. Last but not the least, the need to reduce the message length and minimize the number of interactions should also be considered for the characteristics of intermittent connectivity. Scholars at home and abroad have done a lot of research on anonymous authentication in the wireless networks. Liu et al. [3] proposed an anonymous authentication scheme using certificateless public key cryptosystem to achieve mutual authentication using MAC, and it used bilinear pairing to build the user index to achieve the connection between user identity and the index. Shim[4] presented a signature algorithm for vehicular sensor networks based on bilinear pairings, and a mutual authentication scheme was presented based on the algorithm, but it still required a large amount of calculation and had the key escrow problem. Hsieh et al.[5] proposed an anonymous protocol using self-certified public key technology and bilinear pairing for mobile user, the user and the service provider needed three message interaction to realize authentication and key agreement, but a lot of calculation was re...

show abstract

A robust ElGamal‐based password‐authentication protocol using smart card for client‐server communication

Maitra

Obaidat

Amin

et al. 2016

Int J Communication

Self Cite

View full text Add to dashboard Cite

Smart card-based client-server authentication protocol is well popular for secure data exchange over insecure and hostile networks. Recently, Lee et al. put forward an authentication protocol by utilizing ElGamal cryptosystem and proved that it can withstand known security threats. This article evinces that the protocol of Lee et al. is unwilling to protect various important security vulnerabilities such as forgery attack and off-line password-guessing attack. To vanquish these loopholes, this article presents a robust authentication protocol for client-server communication over any insecure networks. The security explanation of our protocol has done through the formal and informal mechanism and its outcome makes sure that the designed protocol is strong enough to resist the known vulnerabilities. In addition, we have simulated our protocol using ProVerif online software and its results certify that our protocol is safe against private information of the client and server. This paper also has made performance estimation of the presented protocol and others, and the outcome favors the presented protocol. KEYWORDS authentication, forgery attack, identity, password, smart card 1 Int J Commun Syst. 2017;30:e3242.wileyonlinelibrary.com/journal/dac

show abstract

Design and Analysis of Bilinear Pairing Based Mutual Authentication and Key Agreement Protocol Usable in Multi-server Environment

Cited by 76 publications

References 39 publications

A Two-Factor RSA-Based Robust Authentication System for Multiserver Environments

A Two-Factor RSA-Based Robust Authentication System for Multiserver Environments

Controllable and Anonymous Authentication Scheme for Space Networks

A robust ElGamal‐based password‐authentication protocol using smart card for client‐server communication

Contact Info

Product

Resources

About