A Secure Authentication Scheme for Teleservices Using Multi-Server Architecture

被引：1

作者：

Kumar, Sachin ^{[1
]}

Agarwal, Kadambri ^{[2
]}

Gupta, Amit Kumar ^{[3
]}

Kumari, Saru ^{[4
]}

Sain, Mangal ^{[5
]}

机构：

[1] Ajay Kumar Garg Engn Coll, Dept Comp Sci & Engn, Ghaziabad 201015, India

[2] ABES Engn Coll, Dept Comp Sci & Engn, Ghaziabad 201009, India

[3] KIET Grp Inst, Dept Comp Applicat, Ghaziabad 201206, India

[4] Chaudhary Charan Singh Univ, Dept Math, Meerut 250004, Uttar Pradesh, India

[5] Dongseo Univ, Div Comp Engn, 47 Jurye Ro, Busan 47011, South Korea

来源：

ELECTRONICS | 2022年 / 11卷 / 18期

关键词：

internet security; multi-server; smart card; authentication; PROTOCOL; BIOMETRICS;

D O I：

10.3390/electronics11182839

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The telecommunications industry covers various sectors and services such as broadband, telecom equipment, telecom infrastructure, telephone service providers, mobile virtual network operators, 5G, and the white space spectrum. Smart Cards may be chosen as one of the best mechanisms for authorized access to these services in the telecom sector. Recently, Jin Kwak proposed a scheme based on dynamic identity for authentication purposes, mentioning that the scheme does not suffer from security breaches and attacks. This paper illustrates Jin Kwak's technique and finds that it violates the purpose contrary to his claim. Due to a design issue in his scheme, an adversary may guess the password in a polynomial time and impersonate a legal user. Furthermore, other attacks, including replay attack, are also possible, as the time stamp was not protected in this scheme. We propose an improved version of this scheme, and it is free from various attacks, including password guessing by hiding the identity of the user and replay attacks by using the time stamp securely. The results mentioned in performance and efficiency comparison show a faster scheme than many existing schemes.

引用

页数：13

共 50 条

[1] On the security of an authentication scheme for multi-server architecture
[J]. He, D. (hedebiao@163.com), 1600, Inderscience Publishers, 29, route de Pre-Bois, Case Postale 856, CH-1215 Geneva 15, CH-1215, Switzerland (05): : 3 - 4
[2] On the security of an authentication scheme for multi-server architecture
He, Debiao
Chen, Jianhua
Shi, Wenbo
Khan, Muhammad Khurram
[J]. INTERNATIONAL JOURNAL OF ELECTRONIC SECURITY AND DIGITAL FORENSICS, 2013, 5 (3-4) : 288 - 296
[3] A Provably Secure Multi-server Based Authentication Scheme
Kuo-Hui Yeh
[J]. Wireless Personal Communications, 2014, 79 : 1621 - 1634
[4] A Provably Secure Multi-server Based Authentication Scheme
Yeh, Kuo-Hui
[J]. WIRELESS PERSONAL COMMUNICATIONS, 2014, 79 (03) : 1621 - 1634
[5] An efficient and secure multi-server password authentication scheme using smart cards
Chang, CC
Lee, JS
[J]. 2004 INTERNATIONAL CONFERENCE ON CYBERWORLDS, PROCEEDINGS, 2004, : 417 - 422
[6] Cryptanalysis of Provably Secure Authentication Scheme for Multi-Server Environment
Sudhakar, T.
Natarajan, V.
[J]. 2018 10TH INTERNATIONAL CONFERENCE ON ADVANCED COMPUTING (ICOAC), 2018, : 43 - 46
[7] Design and Analysis of a Provably Secure Multi-server Authentication Scheme
Dheerendra Mishra
[J]. Wireless Personal Communications, 2016, 86 : 1095 - 1119
[8] An efficient and secure multi-server authentication scheme with key agreement
Tsaur, Woei-Jiunn
Li, Jia-Hong
Lee, Wei-Bin
[J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2012, 85 (04) : 876 - 882
[9] Design and Analysis of a Provably Secure Multi-server Authentication Scheme
Mishra, Dheerendra
[J]. WIRELESS PERSONAL COMMUNICATIONS, 2016, 86 (03) : 1095 - 1119
[10] A new remote user authentication scheme for multi-server architecture
Lin, IC
Hwang, MS
Li, LH
[J]. FUTURE GENERATION COMPUTER SYSTEMS, 2003, 19 (01) : 13 - 22

← 1 2 3 4 5 →