Secure Authenticated Key Exchange Protocol for Credential Services

Remote user authentication and key agreement system through smartcard is a viable practical solution to validate the eligibility of a remote user and thus to provide a secure communication. This paper suggests a Secure Authenticated Key Exchange Protocol (SAKEP) for Credential Services. The major intrinsic worth of this scheme include that, the system do not require any verification table and the user is at liberty to choose and change the password. Further, with this system, the computation and communication costs are lower as the scheme adopts one-way hash functions, block ciphers and smartcard. In addition, the proposed scheme offers mutual authentication between the server and the user by a nonce-based plan and is free from timesynchronisation problem. The proposed scheme is secured against Id-theft, also resists to replay attacks, stolen verifier attacks, guessing attacks, reflection attack, and offers forward secrecy and known-key security.