Computer Science ›› 2018, Vol. 45 ›› Issue (6): 111-116.doi: 10.11896/j.issn.1002-137X.2018.06.019

• Information Security • Previous Articles     Next Articles

Improved Identity Authentication Protocol Based on Elliptic Curve Cryptographyin Multi-server Environment

YIN Qiu-shi, CHEN Jian-hua   

  1. School of Mathematics & Statistics,Wuhan University,Wuhan 430072,China
  • Received:2017-04-12 Online:2018-06-15 Published:2018-07-24

Abstract: Based on the model of user’s name and password,most of the traditional identity authentication protocols are derived from the mathematical difficult problems.They often rely on the complexity of password,the performance of random generator and large computational cost to ensure the security of the communication,so they are lack of high efficiency and practicality.In order to avoid above problems successfully,based on the introduction of biological factors and fuzzy extractor,this paper proposed an improved identity authentication protocol based on elliptic curve cryptography and verified key authentication formally in both sides through Burrows-Abadi-Needham (short for BAN),and then carried out security analysis.Compared with other related protocols in performance,the proposed scheme is more secure and practical.

Key words: BAN logic, Elliptic curve cryptography, Fuzzy extractor, Identity authentication, Multi-server environment

CLC Number: 

  • TP309
[1]CHANG C,LEE J.An efficient and secure multi-server pass-word authentication scheme using smart card[C]//International Conference on Innovative Computing Information and Control.2012:725-728.
[2]FAN C L,CHAN Y C,ZHANG Z K.Robust remote authentication scheme with smart cards[J].Computers & Security,2005,24(8):619-628.
[3]LI C T,HWANG M S.An efficient biometrics-based remote user authentication scheme using smart cards[J].Journal of Network and Computer Applications,2010,33(1):1-5.
[4]LIAO Y P,HSIAO C M.A novel multi-server remote user authentication scheme using self-certified public keys for mobile clients[J].Future Generation Computer Systems,2013,29(3):886-900.
[5]TSENG Y M,WU T Y,WU J D.A pairing-based user authentication scheme for wireless clients with smart card[J].Informa-tics,2008,19(2):285-302.
[6]CHAUDHRY S A.A secure biometric based multi-server authentication scheme for social multimedia networks[J].Multimedia Tools & Applications,2016,75(20):1-21.
[7]XIA P Z,CHEN J H.Three-factor authentication scheme for multi-server environments based on elliptic curve cryptography [J].Application Research of Computers,2017,34(10):3061-3067.(in Chinese)
夏鹏真,陈建华,一个基于椭圆曲线密码的多服务器环境下三因子认证协议[J].计算机应用研究,2017,34(10):3061-3067.
[8]WANG D,WANG P.Two Birds with One Stone:Two-Factor Authentication with Security Beyond Conventional Bound[J].IEEE Transactions on Dependable and Secure Computing,2016,PP(99):1.
[9]WANG D.Robust biometric-based user authentication scheme multi-server environment[J].IEEE Systems Journal,2015,9(3):816-823.
[10]DODIS Y,REYZIN L.Fuzzy extractors:how to generate strong keys from biometrics and other noisy data[M]//Advances in Cryptology-EUROCRYPT 2004.Berlin:Springer,2004:523-540.
[11]KOBLITZ N.Elliptic curve Cryptosystem[M]//Mathematics Computing,1987:203-209.
[12]MILLER V.Uses of elliptic curves in cryptography[M]//Advances in Cryptology-CRYPTO’85 Proceedings.Berlin:Springer,1986:417-426.
[13]DOLEV D,YAO A C.On the security of public Key Protocols[J].IEEE Transactions on Information Theory,1981,29(2):198-208.
[14]KOCHER P,JAFFE J,JUN B.Differential power analysis[C]//19th Annual International Cryptology Conference.Berlin:Springer,1999:388-397.
[15]MESSER T,DAB E,SLOAN R.Examining smart-card security under the threat of power analysis attacks[J].IEEE Transactions on Computers,2002,51(5):541-552.
[16]BRIER E,CLAVIER C,OLIVIER F.Correlation power analysis with a leakage model[C]//Proceedings of the 6th International Conference on Cryptographic Hardware and Embedded Systems.Berlin:Springer,2004:16-29.
[17]GAO Y,CHENG S L.Building network security channel-Virtual network technology [J].Traffic Information and Security,2001,19(1):30-32.(in Chinese)
高岩,程胜利.构筑网络安全信道-虚拟专用网技术[J].交通信息与安全,2001,19(1):30-32.
[18]GUO D,WEN Q,LI W.Analysis and Improvement of Chaotic Map Based Mobile Dynamic ID Authentication Key Agreement Scheme[J].Wireless Personal Communications an International Journal,2015,83(1):35-48.
[19]YANG S P.Formal Analysis of Security Protocol and BAN logic[D].Guiyang:Guizhou University,2007.(in Chinese)
杨世平,安全协议及其BAN逻辑分析研究[D].贵阳:贵州大学,2007.
[20]KILINC H H,YANIK T.A survey of SIP Authentication and Key Agreement Schemes IEEE Communications[J].Surveys &Tutorials,2014,16(2):1005-1023.
[21]YANG L,MA J F.Trusted Mutual Authentication Scheme with Smart Cards and Passwords[J].Journal of University of Electronic Science and Technology of China,2011,40(1):128-133.(in Chinese)
杨力,马建峰.可信的智能卡口令双向认证方案[J].电子科技大学学报,2011,40(1):128-133.
[22]WANG Y F.A Smart Card Password Authentication Scheme Study [J].Computer Applications and Software,2011,28(9):295-297.(in Chinese)
王亚飞.一种基于智能卡口令认证方案的研究[J].计算机应用与软件,2011,28(9):295-297.
[1] ZONG Si-jie, QIN Tian, HE Long-bing. Analysis and Application of Secure Boot Algorithm Based on IOT Chip [J]. Computer Science, 2021, 48(11A): 552-556.
[2] CAO Meng, YU Yang, LIANG Ying, SHI Hong-zhou. Key Technologies and Development Trends of Big Data Trade Based on Blockchain [J]. Computer Science, 2021, 48(11A): 184-190.
[3] YOU Wen-zhu, GE Hai-bo. High-performance FPGA Implementation of Elliptic Curve ECC on Binary Domain [J]. Computer Science, 2020, 47(8): 127-131.
[4] WU Yu-hong and HU Xiang-dong. Study on Security of Industrial Internet Network Transmission [J]. Computer Science, 2020, 47(6A): 360-363.
[5] CHEN Meng-dong, GUO Dong-sheng, XIE Xiang-hui, WU Dong. Design and Implementation of Rule Processor Based on Heterogeneous Computing Platform [J]. Computer Science, 2020, 47(4): 312-317.
[6] CHENG Qing-feng, LI Yu-ting, LI Xing-hua, JIANG Qi. Research on Application of Cryptography Technology for Edge Computing Environment [J]. Computer Science, 2020, 47(11): 10-18.
[7] ZHANG Xiang-yang,SUN Zi-wen. Automatic Error Correction CRO PUF Key Generation Scheme [J]. Computer Science, 2020, 47(1): 302-308.
[8] ZHAO Jiao-jiao, MA Wen-ping, LUO Wei, LIU Xiao-xue. Hierarchical Hybrid Authentication Model Based on Key Sharing [J]. Computer Science, 2019, 46(2): 115-119.
[9] LI Lu-lu, DONG Qing-kuan, CHEN Meng-meng. Cloud-based Lightweight RFID Group Tag Authentication Protocol [J]. Computer Science, 2019, 46(1): 182-189.
[10] XU Yang ,YUAN Jin-sha, GAO Hui-sheng ,ZHAO Zhen-bing. Authentication Protocol for Smart Meter Based on Quadratic Residues [J]. Computer Science, 2018, 45(7): 158-161.
[11] LIU Xin-yu, LI Lang, XIAO Bing-bing. Attribute-based Proxy Re-encryption Technology and Fault-tolerant Mechanism Based Data Retrieval Scheme [J]. Computer Science, 2018, 45(7): 162-166.
[12] YANG Dong-ju and FENG Kai. Distributed and Unified Authentication Optimization Mechanism Based on Cache [J]. Computer Science, 2018, 45(3): 300-304.
[13] ZHOU Chang-chun, TIAN Xiao-li, ZHANG Ning, YANG Yun-jun and LI Duo. Research on Identity Authentication Technology in Cloud Computing [J]. Computer Science, 2016, 43(Z6): 339-341.
[14] XU Tai-zhong, YANG Tian-chi, CHENG Juan and SHAO Qi-feng. Design Method of SRAM-PUF Based on Error Correcting Code Fuzzy Extractor [J]. Computer Science, 2016, 43(Z11): 373-376.
[15] WU Wei-min, CHEN Dong-xin, LAI Wen-xin and SU Qing. Research and Implementation of EFI OS Loader Security Reinforcement Technology [J]. Computer Science, 2016, 43(9): 188-191.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!