scholarly journals An Anonymous User Authentication with Key Agreement Scheme without Pairings for Multiserver Architecture Using SCPKs

2013 ◽  
Vol 2013 ◽  
pp. 1-8 ◽  
Author(s):  
Peng Jiang ◽  
Qiaoyan Wen ◽  
Wenmin Li ◽  
Zhengping Jin ◽  
Hua Zhang
Keyword(s):  
Key Agreement ◽  
User Authentication ◽  
Privacy Concern ◽  
User Privacy ◽  
Network Applications ◽  
Remote User Authentication ◽  
Multiple Servers ◽  
Multi Server ◽  
Remote User ◽  
Server Architecture

With advancement of computer community and widespread dissemination of network applications, users generally need multiple servers to provide different services. Accordingly, the multiserver architecture has been prevalent, and designing a secure and efficient remote user authentication under multiserver architecture becomes a nontrivial challenge. In last decade, various remote user authentication protocols have been put forward to correspond to the multi-server scenario requirements. However, these schemes suffered from certain security problems or their cost consumption exceeded users’ own constrained ability. In this paper, we present an anonymous remote user authentication with key agreement scheme for multi-server architecture employing self-certified public keys without pairings. The proposed scheme can not only retain previous schemes’ advantages but also achieve user privacy concern. Moreover, our proposal can gain higher efficiency by removing the pairings operation compared with the related schemes. Through analysis and comparison with the related schemes, we can say that our proposal is in accordance with the scenario requirements and feasible to the multi-server architecture.

scholarly journals Robust Multiple Servers Architecture Based Authentication Scheme Preserving Anonymity

Sensors ◽  
2019 ◽  
Vol 19 (14) ◽  
pp. 3144 ◽  
Author(s):  
Huawei Wang ◽  
Dianli Guo ◽  
Hua Zhang ◽  
Qiaoyan Wen
Keyword(s):  
User Authentication ◽  
Security Analysis ◽  
Authentication Scheme ◽  
Impersonation Attack ◽  
User Privacy ◽  
Dynamic Id ◽  
Multiple Servers ◽  
And Performance ◽  
Multi Server ◽  
Server Architecture

Recently, many dynamic ID based remote user authentication schemes using smart card have been proposed to improve the security in multiple servers architecture authentication systems. In 2017, Kumari and Om proposed an anonymous multi-server authenticated key agreement scheme, which is believed to be secure against a range of network attacks. Nevertheless, in this paper we reanalyze the security of their scheme, and show that the scheme is vulnerable to impersonation attack and server spoofing attack launched by any adversary without knowing any secret information of the victim users. In addition, their protocol fails to achieve the claimed user privacy protection. For handling these aforementioned shortcomings, we introduce a new biometric-based authentication scheme for multi-server architecture preserving user anonymity. Besides, Burrows—Abadi—Needham (BAN)-logic validated proof and discussion on possible attacks demonstrate the completeness and security of our scheme, respectively. Further, the comparisons in terms of security analysis and performance evaluation of several related protocols show that our proposal can provide stronger security without sacrificing efficiency.

Sign in / Sign up

Export Citation Format

Share Document