面向多服务器架构的认证协议分析与改进

doi:10.3969/j.issn.1001-2400.2013.06.029

Abstract

Abstract:

Cryptanalysis of Li et al.'s authentication protocol shows that it is vulnerable to masquerade attack, session key disclosure attack and forge smart card attack. To overcome these security flaws, an improved protocol is presented. This protocol proves secure against some possible attacks. Besides, the improved scheme maintains the features of identity anonymity, concise registration, simple operation, and so on.

Key words: authentication, smart cards, multi-server, anonymity, Dynamic ID

WAN Tao;LIAO Weichuan;MA Jianfeng. Analysis and improvement of an authentication protocol for the multi-server architecture[J].J4, 2013, 40(6): 174-179.

References

［1］朱辉, 李晖, 王育民. 一种Canetti-Krawczyk模型下的快速认证协议［J］. 西安电子科技大学学报, 2009, 36(1): 156-161.
Zhu Hui, Li Hui. Wang Yumin. Fast Authentication Protocol Based on the Canetti-Krawczyk Model［J］. Journal of Xidian University, 2009, 36(1): 156-161.
［2］任方, 马建峰, 郝选文. 物联网感知层一种基于属性的访问控制机制［J］. 西安电子科技大学学报, 2012, 39(2): 66-72.
Ren Fang, Ma Jianfeng, Hao Xuanwen. Attribute-based Access Control Scheme for the Perceptive Layer of the Internet of Things［J］. Journal of Xidian University, 2012, 39(2): 66-72.
［3］ Lee Y S, Kim E, Seok S J, et al. A Smartcard-Based User Authentication Scheme to Ensure the PFS in Multi-Server Environments［J］. IEICE Transactions on Communications, 2012, E95-B(2): 619-622.
［4］ Juang W S. Efficient Multi-server Password Authenticated Key Agreement Using Smart Cards［J］. IEEE Transactions on Consumer Electronics, 2004, 50(1): 251-255.
［5］ Liao Y P, Hsiao C M. A Novel Multi-server Remote User Authentication Scheme Using Self-certified Public Keys for Mobile Clients［J］. Future Generation Computer Systems, 2013, 29(3): 886-900.
［6］ Tsai J L. Efficient Multi-server Authentication Scheme Based on One-way Hash Function without Verification Table［J］. Computers ＆ Security, 2008, 27(3-4): 115-121.
［7］ Lee C C, Lin T H, Chang R X. A Secure Dynamic ID Based Remote User Authentication Scheme for Multi-server Environment Using Smart Cards［J］. Expert Systems with Applications, 2011, 38(11): 13863-13870.
［8］ Liao Y P, Wang S S. A Secure Dynamic ID Based Remote User Authentication Scheme for Multi-server Environment［J］. Computer Standards ＆ Interfaces, 2009, 31(1): 24-29.
［9］ Hsiang H C, Shih W K. Improvement of the Secure Dynamic ID Based Remote User Authentication Scheme for Multi-server Environment［J］. Computer Standards ＆ Interfaces, 2009, 31(6): 1118-1123.
［10］ Sood S K, Sarje A K, Singh K. A Secure Dynamic Identity Based Authentication Protocol for Multi-server Architecture［J］. Journal of Network and Computer Applications, 2011, 34(2): 609-618.
［11］ Li X, Xiong Y P, Ma J, et al. An Efficient and Security Dynamic Identity Based Authentication Protocol for Multi-server Architecture Using Smart Cards［J］. Journal of Network and Computer Applications, 2012, 35(2): 763-769.

[1]	SONG Cheng,JIN Tong,NI Shuiping,HE Junyi,DU Shouheng. K-anonymous location privacy protection scheme for the mobile terminal [J]. Journal of Xidian University, 2021, 48(3): 138-145.
[2]	LI Xiaowei,YANG Dengqi,ZHENG Xin,ZHU Xingwen,CHEN Benhui,ZHANG Yuqing. Cross-domain authentication and the key agreement protocol in VANETs [J]. Journal of Xidian University, 2021, 48(1): 141-148.
[3]	FAN Meiyue,DONG Qingkuan,WANG Lei,YANG Can. TTP-free weighted muti-owner RFID tag authentication protocol [J]. Journal of Xidian University, 2021, 48(1): 133-140.
[4]	SI Chengxiang,GAO Feng,ZHU Liehuang,GONG Guopeng,ZHANG Can,CHEN Zhuo,LI Ruiguang. Covert data transmission mechanism based on dynamic label in blockchain [J]. Journal of Xidian University, 2020, 47(5): 94-102.
[5]	LIU Jiao;SUN Cong;MA Jianfeng;JIAO Zhengda. Remote authorization protocol for vehicle diagnosis using trusted platform measurements [J]. Journal of Xidian University, 2017, 44(3): 49-54+119.
[6]	YAN Yushuang;TAN Shichong;ZHAO Dawei. Probability-based location anonymity algorithm [J]. J4, 2015, 42(6): 75-80.
[7]	XU Jie;DANG Lanjun;SHI Guangming. Efficient mobile IP registration protocol with AAA using pairing-free certificateless public key cryptography [J]. J4, 2014, 41(2): 51-57.
[8]	TONG Ming;WU Yangcheng;ZHANG Jianlong;LUAN Yingzi. Multiple watermarking framework of video content oriented AVS [J]. J4, 2013, 40(4): 6-13.
[9]	REN Fang1;MA Jianfeng1,2;HAO Xuanwen1. Attribute-based access control scheme for the perceptive layer of the Internet of Things [J]. J4, 2012, 39(2): 66-72.
[10]	LI Huixian. Design and analysis of the light-weight mutual authentication protocol for RFID [J]. J4, 2012, 39(1): 172-178.
[11]	ZHANG Ronglin;LIU Eryun;ZHAO Heng;PANG Liaojun. Improved cancelable fingerprint fuzzy vault system [J]. J4, 2011, 38(4): 173-180.
[12]	LIU Jinye;GU Lize;LUO Shoushan;YANG Yixian;CUI Jun;WU Xingyao. Anonymous authentication scheme for mobile communication [J]. J4, 2011, 38(1): 176-183.
[13]	DU Zhi-qiang;SHEN Yu-long;MA Jian-feng;ZHOU Li-hua. Practical broadcast authentication protocol for sensor networks [J]. J4, 2010, 37(2): 305-310+325.
[14]	ZHU Hui;LI Hui;WANG Yu-min. Fast authentication protocol based on the Canetti-Krawczyk model [J]. J4, 2009, 36(1): 156-161.
[15]	LI Long-hai1;2;XIAO Guo-zhen2. Mix Net with revocable anonymity [J]. J4, 2008, 35(4): 639-644.

Analysis and improvement of an authentication protocol for the multi-server architecture

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Metrics

Comments

Recommended 10