Computer Science

Computer Science ›› 2019, Vol. 46 ›› Issue (11A): 409-413.

• Information Security • Previous Articles     Next Articles

Forward-secure RSA-based Multi-server Authentication Protocol

DU Hao-rui, CHEN Jian-hua, QI Ming-ping, PENG Cong, FAN Qing   

  1. (School of Mathematics and Statistics,Wuhan University,Wuhan 430072,China)
  • Online:2019-11-10 Published:2019-11-20

PDF (PC)

632

Abstract: The design of secure and practical key agreement protocol under multi-server is a hot topic in the field of information security.Based on the general principles of protocol design,this paper discussed the research of an anonymous multi-server key authentication protocol scheme based on biological characteristics designed by Wang et al.It pointed out that server counterfeiting attack,smart card loss attack and session key leakage attack can be realized in this protocol.At the same time,due to the failure of user anonymity,it is easy to leak user privacy,so it is not suitable for practical application.To remedy these shortcomings,a key improvement protocol based on RSA was proposed.In the registration stage,RC and server share different keys and time markers,which can effectively resist server counterfeiting attacks and achieve anonymity and untraceable ability.In the login phase,the protocol uses public key technology to rea-lize the login and forward security of users’ dynamic identity.In the authentication stage,the protocol includes three times of mutual authentication,does freshness detection of messages,and realizes mutual authentication to prevent replay attacks and so on.Finally,the security analysis and efficiency analysis of the possible attacks prove that the improved protocol can resist the attacks of losing smart card,anonymity and so on.At the same time,it maintains a simple operation.

Key words: Anonymity, Forward security, Key agreement, Multi-server, RSA

CLC Number: 

  • TP309
[1]TSUAR W J.A flexible user authentication scheme for multi-server internet services[C]∥Proc.of the Int’l Conf.on Networking (ICN 2001).LNCS 2093,2001:174-183.
[2]LI C T.Secure smart card based password authenticationscheme with user anonymity[J].Information Technology & Control,2011,40(40):157-162.
[3]WU Z Y,CHANG D L,LIN T C,et al.A reliable dynamic user-remote password authentication scheme over insecure network[C]∥Processing of the 26th International Conference on Advanced Information Networking and Applications.Washington DC:IEEE Computer Society,2012:25-28.
[4]LI X,MA J,WANG W D,et al.A novel smart card and dynamic ID based remote user authentication scheme for multi-server Environments[J].Mathematical & Computer Modelling,2013,58 (1/2):85-95.
[5]CHEN B L,KUO W C,WU C L.Robust smart-card-based remote user password authentication scheme[J].International Journal of Communication Systems,2014,27(2):377-389.
[6]KUMARI S,KHAN M K.More secure smart card-based remote user pass-word authentication scheme with user anonymity[J].Security & Communication Networks,2014,7(11):2039-2053.
[7]XU L L.An improved and provable remote user authentication scheme based on elliptic curve cryptosystem with user anonymity[J].Security & Communication Networks,2015,8(2):245-260.
[8]LIC T,H WANG.An efficient biometric-based remoteuser authentication scheme using smart cards [J].Journal of Net work and Computer Applications,2010,33(1):1-5.
[9]YOON E J,YOO K Y.Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem[J].The Journal of Supercomputing,2013,63(1):235-255.
[10]KIM H,JEON W,LEE K,et al.Cryptanalysis and improvement of a biometrics-based multi-server authentication with key agreement scheme[C]∥Proc.of the 12th Int’l Conf.on Computational Science and Its Applications (ICCSA 2012).IEEE,2012:391-406.
[11]HE D B,WANG D.Robustbiometrics-based authenticationscheme for multi-serve environmental[J].IEEE Systems Journal,2005,9(3):816-823.
[12]ODELU V,DAS A K,GOSWAMI A.Crytanalysis on robust bi-ometrics-based authentication scheme for multi-server environment [EB/OL].http://eprint.iacr.org/2014/715.
[13]CHUANG M C,CHEN M C.An anonymous multi-server authenticated key agreement scheme based on trust computingsuingsmart cards and biometric [J].Expert Systems with Applications,2014,41(4):1411-1418.
[14]MISHRA D,DAS A,MUKHOPADHYAY S.A secure user anonymity-preserving biometric-based multi-sever authenticated key agreement scheme using smart cards [J].Expert Systems with Applications,2014,41(18):8129-8143.
[15]王瑞兵,陈建华,张媛媛.一个匿名的基于生物特征的多服务器的密钥认证协议方案的研究[J].计算机应用研究,2016,33(7):2190-2196.
[16]CHAUDHRY S A.A secure biometric based based multi-server authentication scheme for social multimedia network [J].Multi-media Tools & Applications,2016,75(20):1-21.
[17]XIA P Z,CHEN J H.Three-factor authentication scheme formulti-servers environments based on elliptic curve cryptography [J].Application Research of Computers,2017,34(10):3061-3067.
[18]殷秋实,陈建华.多服务器环境下基于椭圆曲线密码的改进的身份认证协议[J].计算机科学,2018,45(6):111-116.
[19]汪定,李文婷,王平.对三个多服务器环境下匿名认证协议的分析[J].软件学报,2018,29(7):1937-1952.
[20]汪定,马春光,翁臣,等.一种适于受限资源环境的远程用户认证方案的分析与改进[J].电子与信息学报,2012,34(10):2520-2526.
[21]WAN T,LIU Z X,MA J F.Authentication and key agreement protocol for multi-server architecture[J].Journal of Computer Research and Development,2016,53(11):2446-2453.
[22]AMIN R.Cryptanalysis and efficient dynamic ID based remoteuser authentication scheme in multi-server environment ssing smart card[J].Int’l Journal of Network Security,2016,18(1):172-181.
[23]REDDY A G,YOON E J,DAS A K,et al.Design of mutually authenticated key agreement protocol resistant to impersonation attacks for multi-server environment[J].IEEE Access,2017,5:3622-3639.
[1] ZHANG Jia, DONG Shou-bin. Cross-domain Recommendation Based on Review Aspect-level User Preference Transfer [J]. Computer Science, 2022, 49(9): 41-47.
[2] CAO Xiao-wen, LIANG Mei-yu, LU Kang-kang. Fine-grained Semantic Reasoning Based Cross-media Dual-way Adversarial Hashing Learning Model [J]. Computer Science, 2022, 49(9): 123-131.
[3] LIU Xin, WANG Jun, SONG Qiao-feng, LIU Jia-hao. Collaborative Multicast Proactive Caching Scheme Based on AAE [J]. Computer Science, 2022, 49(9): 260-267.
[4] JIAN Qi-rui, CHEN Ze-mao, WU Xiao-kang. Authentication and Key Agreement Protocol for UAV Communication [J]. Computer Science, 2022, 49(8): 306-313.
[5] HAO Zhi-rong, CHEN Long, HUANG Jia-cheng. Class Discriminative Universal Adversarial Attack for Text Classification [J]. Computer Science, 2022, 49(8): 323-329.
[6] SUN Qi, JI Gen-lin, ZHANG Jie. Non-local Attention Based Generative Adversarial Network for Video Abnormal Event Detection [J]. Computer Science, 2022, 49(8): 172-177.
[7] YUAN Wei-lin, LUO Jun-ren, LU Li-na, CHEN Jia-xing, ZHANG Wan-peng, CHEN Jing. Methods in Adversarial Intelligent Game:A Holistic Comparative Analysis from Perspective of Game Theory and Reinforcement Learning [J]. Computer Science, 2022, 49(8): 191-204.
[8] DAI Zhao-xia, LI Jin-xin, ZHANG Xiang-dong, XU Xu, MEI Lin, ZHANG Liang. Super-resolution Reconstruction of MRI Based on DNGAN [J]. Computer Science, 2022, 49(7): 113-119.
[9] WU Zi-bin, YAN Qiao. Projected Gradient Descent Algorithm with Momentum [J]. Computer Science, 2022, 49(6A): 178-183.
[10] XU Guo-ning, CHEN Yi-peng, CHEN Yi-ming, CHEN Jin-yin, WEN Hao. Data Debiasing Method Based on Constrained Optimized Generative Adversarial Networks [J]. Computer Science, 2022, 49(6A): 184-190.
[11] YAN Meng, LIN Ying, NIE Zhi-shen, CAO Yi-fan, PI Huan, ZHANG Lan. Training Method to Improve Robustness of Federated Learning [J]. Computer Science, 2022, 49(6A): 496-501.
[12] YIN Xiu, LIU Xi-lin, LIU Xi-yu. Study on Computing Capacity of Novel Numerical Spiking Neural P Systems with MultipleSynaptic Channels [J]. Computer Science, 2022, 49(6A): 223-231.
[13] YIN Wen-bing, GAO Ge, ZENG Bang, WANG Xiao, CHEN Yi. Speech Enhancement Based on Time-Frequency Domain GAN [J]. Computer Science, 2022, 49(6): 187-192.
[14] XU Hui, KANG Jin-meng, ZHANG Jia-wan. Digital Mural Inpainting Method Based on Feature Perception [J]. Computer Science, 2022, 49(6): 217-223.
[15] LUO Jun-ren, ZHANG Wan-peng, LU Li-na, CHEN Jing. Survey on Online Adversarial Planning for Real-time Strategy Game [J]. Computer Science, 2022, 49(6): 287-296.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.