Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

An efficient anonymous authentication protocol in multiple server communication networks (EAAM)

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

In a multi-server authentication environment, a user only needs to register once at a central registration place before accessing the different services on the different registered servers. Both, from a user point of view as for the management and maintenance of the infrastructure, these types of environments become more and more popular. Smartcard- or smartphone-based approaches lead to more secure systems because they offer two- or three-factor authentication, based on the strict combination of the user’s password, the user’s biometrics and the possession of the device. In this paper, we propose an efficient anonymous authentication protocol in multiple server communication networks, called the EAAM protocol, which is able to establish user anonymity, mutual authentication, and resistance against known security attacks. The novelty of the proposed scheme is that it does not require a secure channel during the registration between the user and the registration center and is resistant to a curious but honest registration system. These features are established in a highly efficient way with the minimum amount of communication flows between user and server during the establishment of the secret shared key and by using light-weight cryptographic techniques such as Chebyshev chaotic map techniques and symmetric key cryptography. The performance and security of the protocol are analyzed and compared with the latest new proposals in this field.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Hwang M, Li L (2000) A new remote user authentications scheme using smart cards. IEEE Trans Consum Electron 46(1):28–30

    Article  Google Scholar 

  2. He D, Zeadally S, Wang H, Liu Q (2017) Lightweight data aggregation scheme against internal attackers in smart grid using elliptic curve cryptography. Wirel Commun Mob Comput 2017:11

    Article  Google Scholar 

  3. Li L, Peng H, Kurths J, Yang Y, Schellnhuber HJ (2014) Chaos-order transition in foraging behavior of ants. PNAS 111(23):8392–8397

    Article  Google Scholar 

  4. Tashi J (2014) J., Comparative analysis of smart card authentication schemes. IOSR J Comput Eng 16(1):91–97

    Google Scholar 

  5. Huang X, Xiang Y, Chonka A, Zhou J, Deng RH (2011) A generic framework for three-factor authentication: preserving security and privacy in distributed systems. IEEE Trans Parallel Distrib Syst 22(8):1390–1397

    Article  Google Scholar 

  6. Dodis Y, Reyzin L, Smith A (2004) Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Proceedings of EUROCRYPT, pp 523–540

  7. Banerjee S, Dutta MP, Bhunia CT (2015) An Improved smart card based anonymous multi-server remote user authentication scheme. Int J Smart Home 9(5):11–22

    Article  Google Scholar 

  8. Baruah KCH, Banerjee S, Dutta MP, Bhunia CT (2015) An improved biometric-based multi-server authentication scheme using smart card. Int J Secur Appl 9(1):397–408

    Google Scholar 

  9. Li CT, Hwang MS (2010) An efficient biometrics based remote user authentication scheme using smart cards. J Netw Comput Appl 33(1):1–5

    Article  Google Scholar 

  10. Chuang MC, Chen MC (2014) An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. Expert Syst Appl 41(4):1411–1418

    Article  MathSciNet  Google Scholar 

  11. Mishra D, Das AK, Mukhopadhyay S (2014) A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Syst Appl 41(18):8129–8143

    Article  Google Scholar 

  12. Das AK (2011) Analysis and improvement on an efficient biometric based remote user authentication scheme using smart cards. IET Inf Secur 5(3):145–151

    Article  Google Scholar 

  13. An Y (2012) Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards. J Biomed Biotechnol 2012:6

    Article  Google Scholar 

  14. Khan MK, Kumari S (2013) An improved biometrics-based remote authentication scheme with user anonymity. J Biomed Biotechnol 9

  15. Wen F, Susilo W, Yang G (2015) Analysis and improvement on a biometric-based user authentication scheme using smart cards. Wireless Pers Commun 80:1747–1760

    Article  Google Scholar 

  16. Braeken A, Porambage P (2015) Efficient anonym smart card based authentication scheme for multi-server. Architecture 9(9):177–184

    Google Scholar 

  17. Pippal RS, Wu S (2013) Robust smart card authentication scheme for multi-server architecture. Wireless Pers Commun 72(1):729–745

    Article  Google Scholar 

  18. Wei J, Liu W, Hu X (2014) Cryptanalysis and improvement of a robust smart card authentication scheme for multi-server architecture. Wireless Pers Commun 77(1):2255–2269

    Article  Google Scholar 

  19. Lin H, Wen F, Du C (2015) A novel and anonymous key agreement multi-server architecture. J Comput Inf Syst 11(8):3011–3018

    Google Scholar 

  20. Yoon E, Yoo K (2013) Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. J Supercomput 63(1):235–255

    Article  Google Scholar 

  21. Kim H, Jeon W, Lee K, Lee Y, Won D (2012) Cryptanalysis and improvement of a biometrics-based multi-server authentication with key agreement scheme. In: Proceedings of 12th International Conference on Computational Science and its Applications (ICCSA 2012), Salvador de Bahia, pp 391–406

  22. He D, Wang D (2015) Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst J 9(3):816–823

    Article  Google Scholar 

  23. Odelu V, Das AK, Goswami A (2015) A secure biometrics-based multiserver authentication protocol using smart cards. IEEE Trans Inf Forensics Secur 10(9):1953–1966

    Article  Google Scholar 

  24. Jiang Q, Khan MK, Lu X, Ma J, He D (2016) A privacy preserving three-factor authentication protocol for e-health clouds. J Supercomput 72:1–24

    Article  Google Scholar 

  25. Jiang Q, Ma J, Li G, Yang L (2014) An efficient ticket based authentication protocol with unlinkability for wireless access networks. Wireless Pers Commun 77(2):1489–1506

    Article  Google Scholar 

  26. Liao YP, Hsiao CM (2013) A novel multi-server remote user authentication scheme using selfcertified public keys for mobile clients. Future Gener Comput Syst 29(3):886–900

    Article  Google Scholar 

  27. Amin R, Biswas GP (2016) Design and analysis of bilinear pairing based mutual authentication and key agreement protocol usable in multi-server environment. Wirel Pers Commun 84(1):439–462

    Article  Google Scholar 

  28. Guo C, Chang C-C (2013) Chaotic maps-based password authenticated key agreement using smart cards. Commun Nonlinear Sci Numer Simul 18(6):1433–1440

    Article  MathSciNet  MATH  Google Scholar 

  29. Hao X, Wang J, Yang Q, Yan X, Li P (2013) A chaotic map based authentication scheme for telecare medicine information systems. J Med Syst 37(2):1–7

    Article  Google Scholar 

  30. Jiang Q, Ma J, Lu X, Tian Y (2014) Robust chaotic map based authentication and key agreement scheme with strong anonymity for telecare medicine information systems. J Med Syst 38(2):1–8

    Article  Google Scholar 

  31. Lee CC, Chen CC, Wu CY, Huang S-Y (2012) An extended chaotic maps-based key agreement protocol with user anonymity. Nonlinear Dyn 69(1–2):79–87

    Article  MathSciNet  MATH  Google Scholar 

  32. Lee CC, Hsu CW (2013) A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. Nonlinear Dyn 71(1–2):201–211

    Article  MathSciNet  Google Scholar 

  33. Islam SKH (2014) Provably secure dynamic identity-based three-factor password authentication scheme using extended chaotic maps. Nonlinear Dyn 78(3):2261–2276

    Article  Google Scholar 

  34. Khan MK, Zhang J, Wang X (2008) Chaotic hash-based fingerprint biometric remote user authentication scheme on mobile devices. Chaos Solitons Fractals 35(3):519–524

    Article  Google Scholar 

  35. He D, Chen Y, Chen J (2012) Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol. Nonlinear Dyn 69(3):1149–1157

    Article  MathSciNet  MATH  Google Scholar 

  36. Lee CC, Lou DC, Li CT (2013) An extended chaotic maps based protocol with key agreement for multiserver environments. Nonlinear Dyn 76(1):853–866

    Article  MathSciNet  MATH  Google Scholar 

  37. Chatterjee S, Roy S, Das AK, Chattopadhyay S, Kumar N, Vasilakos AV (2016) Secure biometric-based authentication scheme using Chebyshev chaotic map for multi-server environment. In: IEEE Transactions on Dependable and Secure Computing

  38. Irshad A, Sher M, Chaudhary SA, Naqvi H, Farash MS (2016) An efficient and anonymous multi-server authenticated key agreement based on chaotic map without engaging Registration Centre. J Supercomput 72(4):1623–1644

    Article  Google Scholar 

  39. Hsieh WB, Leu JS (2014) An anonymous mobile user authentication protocol using self-certified public keys based on multi-server architectures. J Supercomput 70(1):133–148

    Article  Google Scholar 

  40. Zhao D, Peng H, Li YYS (2013) An efficient dynamic ID based remote user authentication scheme using self-certified public keys for multi-server environment. CoRR abs/1305.6350

  41. Tseng YM, Wu TY, Wu J (2008) A pairing-based user authentication scheme for wireless clients with smart card. Informatics 19(2):285–302

    Google Scholar 

  42. Geng J, Zhang L (2008) A dynamic id-based user authentication and key agreement scheme for multi-server environment using bilinear pairings. In: Workshop on Power Electronics and Intelligent Transportation System (PEITS 2008), Guangzhou, pp 33–37

  43. Bergamo P, Arco P, Santis A, Kocarev L (2005) Security of public key cryptosystems based on Chebyshev polynomials. IEEE Trans Circ Syst 52:1382–1393

    Article  MathSciNet  MATH  Google Scholar 

  44. Kocarev L, Lian S (2011) Chaos-based cryptography: theory, algorithms and applications. Springer, Berlin ISBN 978-3-642-20542-2

    Book  MATH  Google Scholar 

  45. Zhang L (2008) Cryptanalysis of the public key encryption based on multiple chaotic systems. Chaos Solitons Fractals 37(3):669–674

    Article  MathSciNet  MATH  Google Scholar 

  46. Chain K, Kuo WC (2013) A new digital signature scheme based on chaotic maps. Nonlinear Dyn 74(4):1003–1012

    Article  MathSciNet  MATH  Google Scholar 

  47. Dodis Y, Reyzin L, Smith A (2004) Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. FSIAM J Comput 38(1):97–139

    Article  MathSciNet  MATH  Google Scholar 

  48. Jin A, Ling D, Goh A (2004) Biohashing: two factor authentication featuring fingerprint data and tokenised random number. Pattern Recogn 37(11):2245–2255

    Article  Google Scholar 

  49. Ratha NK, Connell JH, Bolle RM (2001) Enhancing security and privacy in biometrics-based authentication systems. IBM Syst J 40(3):614–634

    Article  Google Scholar 

  50. Porambage P, Braeken A, Schmitt C, Gurtov AV, Ylianttila M, Stiller B (2015) Group key establishment for enabling secure multicast communication in wireless sensor networks deployed for IoT applications. IEEE Access 3:1503–1511

    Article  Google Scholar 

  51. Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552

    Article  MathSciNet  Google Scholar 

  52. Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Proceedings of Advances in Cryptology—CRYPTO99, LNCS, vol 1666. Springer, Santa Barbara, pp 388–397

  53. He D, Kumar N, Lee JH, Sherratt RS (2014) Enhanced three-factor security protocol for consumer USB mass storage devices. IEEE Trans Consum Electron 60(1):30–37

    Article  Google Scholar 

  54. Lee TF (2015) Provably secure anonymous single-sign-on authentication mechanisms using extended Chebyshev chaotic maps for distributed computer networks. IEEE Syst J PP(99):1–8

  55. Malina HJ, Fujdiak R, Hosek J (2016) On perspective of security and privacy-preserving solutions in the internet of things. Comput Netw 102(19):83–95

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. INDI and ETRO Department, Vrije Universiteit Brussel, Brussels, Belgium

    An Braeken

  2. Department of Computer Science, University of Oxford, Oxford, England

    Pardeep Kumar

  3. Centre for Wireless Communications, University of Oulu, Oulu, Finland

    Madhusanka Liyanage

  4. School of Electronics and Telecommunications, Hanoi University of Science and Technology, Hanoi, Vietnam

    Ta Thi Kim Hue

Authors
  1. An Braeken
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pardeep Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Madhusanka Liyanage
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ta Thi Kim Hue
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to An Braeken.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Braeken, A., Kumar, P., Liyanage, M. et al. An efficient anonymous authentication protocol in multiple server communication networks (EAAM). J Supercomput 74, 1695–1714 (2018). https://doi.org/10.1007/s11227-017-2190-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-017-2190-8

Keywords

Search

Navigation