A secure three factor-based fully anonymous user authentication protocol for multi-server environment

被引：0

作者：

Mahor, Vinod Kumar ^{[1
]}

Padmavathi, R. ^{[2
]}

Chatterjee, Santanu ^{[1
]}

Dewangan, Sanshray Kumar ^{[2
]}

Kumar, Manish ^{[2
]}

机构：

[1] Def Res & Dev Org, Res Ctr Imarat, Hyderabad 500069, India

[2] Natl Inst Technol, Dept Comp Sci & Engn, Warangal 506004, Andhra Pradesh, India

来源：

INTERNATIONAL JOURNAL OF AD HOC AND UBIQUITOUS COMPUTING | 2020年 / 34卷 / 01期

关键词：

authentication; multi-server authentication; security; smart card; Lagrange interpolation; single sign-on; AVISPA; BAN logic; PASSWORD AUTHENTICATION; PROVABLY SECURE; SCHEME; IMPROVEMENT; BIOMETRICS;

D O I：

10.1504/IJAHUC.2020.107506

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

A single sign-on authentication scheme is required protocol in multi-server environment. Recently, an authentication protocol based on Lagrange interpolation polynomial to satisfy multi-server environment with low computational and communication cost is proposed. In this paper, we have analysed the above scheme and show that their scheme is vulnerable to various attacks like insider attack, server impersonation attack, user impersonation attack and stolen smart card attack. We also show that their scheme fails to provide server anonymity, user revocation in case smart card is lost/stolen or users authentication parameters are revealed. We have also proposed enhanced multi-server authentication protocol using biometric-based smart card and Lagrange interpolation which is more secure. The proposed protocol is analysed using BAN logic to show that the proposed protocol provides secure authentication. In addition, we have simulated our scheme using widely accepted and used AVISPA tool to prove that our scheme is secure against passive and active attacks. The proposed protocol provides high security and anonymity along with low communication and computational cost and various security functions.

引用

页码：45 / 60

页数：16

共 50 条

[31] Cryptanalysis of Provably Secure Authentication Scheme for Multi-Server Environment
Sudhakar, T.
Natarajan, V.
2018 10TH INTERNATIONAL CONFERENCE ON ADVANCED COMPUTING (ICOAC), 2018, : 43 - 46
[32] An ECC Based Secure Authentication and Key Exchange Scheme in Multi-server Environment
Tomar, Ashish
Dhar, Joydip
WIRELESS PERSONAL COMMUNICATIONS, 2019, 107 (01) : 351 - 372
[33] An ECC Based Secure Authentication and Key Exchange Scheme in Multi-server Environment
Ashish Tomar
Joydip Dhar
Wireless Personal Communications, 2019, 107 : 351 - 372
[34] Advanced remote user authentication protocol for multi-server architecture based on ECC
Kalra, Sheetal
Sood, Sandeep
JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2013, 18 (2-3) : 98 - 107
[35] A Provably Secure Multi-server Based Authentication Scheme
Kuo-Hui Yeh
Wireless Personal Communications, 2014, 79 : 1621 - 1634
[36] An anonymous mobile user authentication protocol using self-certified public keys based on multi-server architectures
Wen-Bin Hsieh
Jenq-Shiou Leu
The Journal of Supercomputing, 2014, 70 : 133 - 148
[37] An anonymous mobile user authentication protocol using self-certified public keys based on multi-server architectures
Hsieh, Wen-Bin
Leu, Jenq-Shiou
JOURNAL OF SUPERCOMPUTING, 2014, 70 (01): : 133 - 148
[38] A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards
Lee, Cheng-Chi
Lin, Tsung-Hung
Chang, Rui-Xiang
EXPERT SYSTEMS WITH APPLICATIONS, 2011, 38 (11) : 13863 - 13870
[39] An Enhanced Secure Anonymous Authentication Scheme Based on Smart Cards and Biometrics for Multi-Server Environments
Kuo, Wen-Chung
Wei, Hong-Ji
Chen, Yu-Hui
Cheng, Jiin-Chiou
2015 10TH ASIA JOINT CONFERENCE ON INFORMATION SECURITY (ASIAJCIS), 2015, : 1 - 5
[40] A Provably Secure Multi-server Based Authentication Scheme
Yeh, Kuo-Hui
WIRELESS PERSONAL COMMUNICATIONS, 2014, 79 (03) : 1621 - 1634

← 1 2 3 4 5 →