Cryptanalysis and improvement of ‘a robust smart‐card‐based remote user password authentication scheme’

With the use of smart card in user authentication mechanisms, the concept of two‐factor authentication came into existence. This was a forward move towards more secure and reliable user authentication systems. It elevated the security level by requiring a user to possess something in addition to know something. In 2010, Sood et al. and Song independently examined a smart‐card‐based authentication scheme proposed by Xu et al. They showed that in the scheme of Xu et al., an internal user of the system can turn hostile to impersonate other users of the system. Both of them also proposed schemes to improve the scheme of Xu et al. Recently, Chen et al. identified some security problems in the improved schemes proposed by Sood et al. and Song. To fix these problems, Chen et al. presented another scheme, which they claimed to provide mutual authentication and withstand lost smart card attack. Undoubtedly, in their scheme, a user can also verify the legitimacy of server, but we find that the scheme fails to resist impersonation attacks and privileged insider attack. We also show that the scheme does not provide important features such as user anonymity, confidentiality to air messages, and revocation of lost/stolen smart card. Besides, the scheme defies the very purpose of two‐factor security. Furthermore, an attacker can guess a user's password from his or her lost/stolen smart card. To meet these challenges, we propose a user authentication method with user anonymity. We show through analysis and comparison that the proposed scheme exhibits enhanced efficiency in contrast to related schemes, including the scheme of Chen et al. Copyright © 2013 John Wiley & Sons, Ltd.     

An anonymous and untraceable password‐based authentication scheme for session initiation protocol using smart cards

Recently, Zhang et al. proposed a password‐based authenticated key agreement for session initiation protocol (Int J Commun Syst 2013, doi:10.1002/dac.2499). They claimed that their protocol is secure against known security attacks. However, in this paper, we indicate that the protocol by Zhang et al. is vulnerable to impersonation attack whereby an active adversary without knowing the user's password is able to introduce himself/herself as the user. In addition, we show that the protocol by Zhang et al. suffers from password changing attack. To overcome the weaknesses, we propose an improved authentication scheme for session initiation protocol. The rigorous analysis shows that our scheme achieves more security than the scheme by Zhang et al. Copyright © 2014 John Wiley & Sons, Ltd.     

Design of a user anonymous password authentication scheme without smart card

Recently, Jiang et al. and He et al. independently found security problems in Chen et al.'s remote user authentication scheme for non‐tamper‐proof storage devices like Universal Serial Bus stick and proposed improvements. Nonetheless, we detect that the schemes proposed by Jiang et al. and He et al. overlook a user's privacy. We also observe that Jiang et al.'s scheme is vulnerable to insider attack and denial of service attacks and lacks forward secrecy. We point out that the password changing facility in He et al.'s scheme is equivalent to undergoing registration, whereas in Jiang et al.'s scheme, it is unsuitable. Moreover, the login phase of both the schemes is incapable to prevent the use of wrong password leading to the computation of an unworkable login request. Therefore, we design a new scheme with user anonymity to surmount the identified weaknesses. Without adding much in communication/computational cost, our scheme provides more security characteristics and keeps the merits of the original schemes. As compared with its predecessor schemes, the proposed scheme stands out as a more apt user authentication method for common storage devices. We have also presented a formal proof of security of the proposed scheme based on the logic proposed by Burrows, Abadi and Needham (BAN logic). Copyright © 2014 John Wiley & Sons, Ltd.     

基于智能卡的动态身份认证机制

由于每次登录时用户提交的认证信息都是固定不变的,传统的口令认证机制容易遭受回放攻击。本文根据一个关于互素数的定理,提出了一种基于智能卡的动态身份认证机制。用户每次登录时,智能卡根据从服务器发来的challenge和事先嵌入智能卡的参数信息,为合法用户计算当前的认证信息。由于每次用户提交的认证信息都是动态可变的,从而有效地防止了回放攻击。     

Improvement of robust smart‐card‐based password authentication scheme

Smart‐card‐based password authentication scheme is one of the commonly used mechanisms to prevent unauthorized service and resource access and to remove the potential security threats over the insecure networks and has been investigated extensively in the last decade. Recently, Chen et al. proposed a smart‐card‐based password authentication scheme and claimed that the scheme can withstand offline password guessing attacks even if the information stored in the smart card is extracted by the adversary. However, we observe that the scheme of Chen et al. is insecure against offline password guessing attacks in this case. To remedy this security problem, we propose an improved authentication protocol, which inherits the merits of the scheme of Chen et al. and is free from the security flaw of their scheme. Compared with the previous schemes, our improved scheme provides more security guarantees while keeping efficiency. Copyright © 2013 John Wiley & Sons, Ltd.     

RFID匿名认证协议的设计

在分析RFID协议安全需求的基础上,基于通用可组合安全模型,设计了一个低成本的RFID匿名认证协议,在标准模型下证明了RFID匿名认证协议的安全性.设计的协议提供匿名、双向认证和并发安全,并且协议的实现对于一般的RFID结构都是切实可行的.     

A secure and enhanced elliptic curve cryptography‐based dynamic authentication scheme using smart card

In remote system security, 2‐factor authentication is one of the security approaches and provides fundamental protection to the system. Recently, numerous 2‐factor authentication schemes are proposed. In 2014, Troung et al proposed an enhanced dynamic authentication scheme using smart card mainly to provide anonymity, secure mutual authentication, and session key security. By the analysis of Troung et al's scheme, we observed that Troung et al' s scheme does not provide user anonymity, perfect forward secrecy, server's secret key security and does not allow the user to choose his/her password. We also identified that Troung et al's scheme is vulnerable to replay attack. To fix these security weaknesses, a robust authentication scheme is proposed and analyzed using the formal verification tool for measuring the robustness. From the observation of computational efficiency of the proposed scheme, we conclude that the scheme is more secure and easy to implement practically.     

A lightweight password‐based authentication protocol using smart card

With its simplicity and feasibility, password‐based remote user authentication becomes a popular way to control remote access to network. These years, numerous password‐based authentication schemes have been proposed. Recently, Maitra et al proposed a smart card–based scheme which claims to be resistant to various attacks. Unfortunately, we found some important flaws in this scheme. Therefore, in this paper, we will demonstrate that the scheme of Maitra et al is not secure enough as claimed: neither resisting against off‐line password guessing attack and insider attack nor preserve forward secrecy. To overcome those flaws, we put forward an improved new scheme which not only is resistant to all known attacks but also provides many attractive attributes, such as user revocation and re‐register. Also, we compared the scheme with other related schemes, the result proved the superiority of our scheme. Particularly, we show a new way (beyond the conventional Deffie‐Hellman approach) to achieve forward secrecy. Furthermore, we put some efforts into exploring the design principle of authentication schemes.     

Cryptanalysis and security enhancement of a remote user authentication scheme using smart cards

With the broad implementations of the electronic business and government applications,robust system security and strong privacy protection have become essential requirements for remote user authentication schemes.Recently,Chen et al.pointed out that Wang et al.’s scheme is vulnerable to the user impersonation attack and parallel session attack,and proposed an enhanced version to overcome the identified security flaws.In this paper,however,we show that Chen et al.’s scheme still cannot achieve the claimed security goals and report its following problems:(1) It suffers from the offline password guessing attack,key compromise impersonation attack and known key attack;(2) It fails to provide forward secrecy;(3) It is not easily repairable.As our main contribution,a robust dynamic ID-based scheme based on non-tamper resistance assumption of the smart cards is presented to cope with the aforementioned defects,while preserving the merits of different related schemes.The analysis demonstrates that our scheme meets all the proposed criteria and eliminates several grave security threats that are difficult to be tackled at the same time in previous scholarship.     

An enhanced secure delegation-based anonymous authentication protocol for PCSs

Rapid development of wireless networks brings about many security problems in portable communication systems (PCSs), which can provide mobile users with an opportunity to enjoy global roaming services. In this regard, designing a secure user authentication scheme, especially for recognizing legal roaming users, is indeed a challenging task. It is noticed that there is no delegation-based protocol for PCSs, which can guarantee anonymity, untraceability, perfect forward secrecy, and resistance of denial-of-service (DoS) attack. Therefore, in this article, we put forward a novel delegation-based anonymous and untraceable authentication protocol, which can guarantee to resolve all the abovementioned security issues and hence offer a solution for secure communications for PCSs.     

标准模型下可证明安全的RFID双向认证协议

目前RFID(radio frequency identification)系统安全问题日益突出,为了实现RFID系统信息安全与隐私保护,在标准模型提出了一个基于HB协议的RFID双向安全认证协议。利用规约技术证明协议的安全性,将攻击者的困难规约到伪随机函数与真正随机函数的不可区分性上。协议仅使用轻量级的伪随机发生器以及向量点乘运算,具有较高的安全性和效率。通过从安全性及性能两方面与其他认证协议进行比较,表明协议适用于低成本及存储资源受限的RFID标签。     

A robust ElGamal‐based password‐authentication protocol using smart card for client‐server communication

Smart card‐based client‐server authentication protocol is well popular for secure data exchange over insecure and hostile networks. Recently, Lee et al. put forward an authentication protocol by utilizing ElGamal cryptosystem and proved that it can withstand known security threats. This article evinces that the protocol of Lee et al. is unwilling to protect various important security vulnerabilities such as forgery attack and off‐line password‐guessing attack. To vanquish these loopholes, this article presents a robust authentication protocol for client‐server communication over any insecure networks. The security explanation of our protocol has done through the formal and informal mechanism and its outcome makes sure that the designed protocol is strong enough to resist the known vulnerabilities. In addition, we have simulated our protocol using ProVerif online software and its results certify that our protocol is safe against private information of the client and server. This paper also has made performance estimation of the presented protocol and others, and the outcome favors the presented protocol.     

基于博弈论的身份认证协议的分析——NGUYEN L H方案的改进

NGUYEN L H在博弈论思想的指导下来对身份认证协议进行了修改,协议参与方在进行协议交互之前以一定的概率α来发送无用数据,使得攻击者攻击协议所获得的收益比不攻击协议所获得的收益还要小,以此保证了协议的安全性。但该方案存在2个缺陷：考虑的攻击者过于强大,且仅仅考虑了其收益,忽略了其发起攻击所要消耗的代价;没有考虑诚实节点在什么条件下才会选择发送无用数据。针对这2个缺陷对NGUYEN L H方案进行改进,给出了更具有一般意义的α值。同时引入了攻击概率β,给出了诚实节点发送无用数据的前提条件以及在不同的β值下α的取值范围。相对于原方案,改进方案的结论更具有一般性,且更全面。同时,通过 P2P下面的一个具体案例分析证明了所提结论的正确性。     

Revised anonymous authentication protocol for adaptive client‐server infrastructure

Rapid evolution in information and communication technologies has facilitated us to experience mobile communication in our daily routine. Mobile user can only avail the services from the server, once he/she is able to accomplish authentication process successfully. In the recent past, several researchers have contributed diverse authentication protocols for mobile client‐server environment. Currently, Lu et al designed two‐factor protocol for authenticating mobile client and server to exchange key between them. Lu et al emphasized that their scheme not only offers invincibility against potential security threats but also offers anonymity. Although this article reveals the facts that their protocol is vulnerable against client and server impersonation, man‐in‐the‐middle, server key breach, anonymity violation, client traceability, and session‐specific temporary attacks, therefore, we have enhanced their protocol to mitigate the above mention vulnerabilities. The enhanced protocol's security strength is evaluated through formal and informal security analysis. The security analysis and performance comparison endorses the fact that our protocol is able to offer more security with least possible computation complexity.     

Cryptanalysis of smart‐card‐based password authenticated key agreement protocol for session initiation protocol of Zhang et al.

As the core signaling protocol for multimedia services, such as voice over internet protocol, the session initiation protocol (SIP) is receiving much attention and its security is becoming increasingly important. It is critical to develop a roust user authentication protocol for SIP. The original authentication protocol is not strong enough to provide acceptable security level, and a number of authentication protocols have been proposed to strengthen the security. Recently, Zhang et al. proposed an efficient and flexible smart‐card‐based password authenticated key agreement protocol for SIP. They claimed that the protocol enjoys many unique properties and can withstand various attacks. However, we demonstrate that the scheme by Zhang et al. is insecure against the malicious insider impersonation attack. Specifically, a malicious user can impersonate other users registered with the same server. We also proposed an effective fix to remedy the flaw, which remedies the security flaw without sacrificing the efficiency. The lesson learned is that the authenticators must be closely coupled with the identity, and we should prevent the identity from being separated from the authenticators in the future design of two‐factor authentication protocols. Copyright © 2014 John Wiley & Sons, Ltd.     

Security flaws in two improved remote user authentication schemes using smart cards

Understanding security failures of cryptographic protocols is the key to both patching existing protocols and designing future schemes. In this paper, we analyze two recent proposals in the area of password‐based remote user authentication using smart cards. First, we point out that the scheme of Chen et al. cannot achieve all the claimed security goals and report its following flaws: (i) it is vulnerable to offline password guessing attack under their nontamper resistance assumption of the smart cards; and (ii) it fails to provide forward secrecy. Then, we analyze an efficient dynamic ID‐based scheme without public‐key operations introduced by Wen and Li in 2012. This proposal attempts to overcome many of the well‐known security and efficiency shortcomings of previous schemes and supports more functionalities than its counterparts. Nevertheless, Wen–Li's protocol is vulnerable to offline password guessing attack and denial of service attack, and fails to provide forward secrecy and to preserve user anonymity. Furthermore, with the security analysis of these two schemes and our previous protocol design experience, we put forward three general principles that are vital for designing secure smart‐card‐based password authentication schemes: (i) public‐key techniques are indispensable to resist against offline password guessing attack and to preserve user anonymity under the nontamper resistance assumption of the smart card; (ii) there is an unavoidable trade‐off when fulfilling the goals of local password update and resistance to smart card loss attack; and (iii) at least two exponentiation (respectively elliptic curve point multiplication) operations conducted on the server side are necessary for achieving forward secrecy. The cryptanalysis results discourage any practical use of the two investigated schemes and are important for security engineers to make their choices correctly, whereas the proposed three principles are valuable to protocol designers for advancing more robust schemes. Copyright © 2012 John Wiley & Sons, Ltd.     

A chaotic map‐based anonymous multi‐server authenticated key agreement protocol using smart card

Authenticated key agreement protocols play an important role for network‐connected servers to authenticate remote users in Internet environment. In recent years, several authenticated key agreement protocols for single‐server environment have been developed based on chaotic maps. In modern societies, people usually have to access multiple websites or enterprise servers to accomplish their daily personal matters or duties on work; therefore, how to increase user's convenience by offering multi‐server authentication protocol becomes a practical research topic. In this study, a novel chaotic map‐based anonymous multi‐server authenticated key agreement protocol using smart card is proposed. In this protocol, a legal user can access multiple servers using only a single secret key obtained from a trusted third party, known as the registration center. Security analysis shows this protocol is secure against well‐known attacks. In addition, protocol efficiency analysis is conducted by comparing the proposed protocol with two recently proposed schemes in terms of computational cost during one authentication session. We have shown that the proposed protocol is twice faster than the one proposed by Khan and He while preserving the same security properties as their protocol has. Copyright © 2014 John Wiley & Sons, Ltd.     

Cryptanalysis and security enhancement of a robust two‐factor authentication and key agreement protocol

Two‐factor user authentication scheme allows a user to use a smart card and a password to achieve mutual authentication and establish a session key between a server and a user. In 2012, Chen et al. showed that the scheme of Sood et al. does not achieve mutual authentication and is vulnerable to off‐line password guessing and smart card stolen attacks. They also found that another scheme proposed by Song is vulnerable to similar off‐line password guessing and smart card stolen attacks. They further proposed an improved scheme. In this paper, we first show that the improved scheme of Chen et al. still suffers from off‐line password guessing and smart card stolen attacks, does not support perfect forward secrecy, and lacks the fairness of session key establishment. We then propose a new security‐enhanced scheme and show its security and authentication using the formal verification tool ProVerif, which is based on applied pi calculus. Copyright © 2014 John Wiley & Sons, Ltd.     

Secure anonymous authentication scheme without verification table for mobile satellite communication systems

An authentication scheme is one of the most basic and important security mechanisms for satellite communication systems because it prevents illegal access by an adversary. Lee et al. recently proposed an efficient authentication scheme for mobile satellite communication systems. However, we observed that this authentication scheme is vulnerable to a denial of service (DoS) attack and does not offer perfect forward secrecy. Therefore, we propose a novel secure authentication scheme without verification table for mobile satellite communication systems. The proposed scheme can simultaneously withstand DoS attacks and support user anonymity and user unlinkability. In addition, the proposed scheme is based on the elliptic curve cryptosystem, has low client‐side and server‐side computation costs, and achieves perfect forward secrecy. Copyright © 2013 John Wiley & Sons, Ltd.     

Smart card–based password authenticated key agreement protocol using chaotic maps

In 2015, Lee proposed time stamp–based and nonce‐based password authenticated key agreement protocols based on the Chebyshev chaotic map to enhance the security of relevant schemes. However, in this paper, we demonstrate that Lee's protocols are vulnerable to user impersonation and stolen verifier attacks. To overcome these security problems, we thus provide an improved version using a smart card. Security analysis and comparisons show that the proposed protocol is more secure and maintains better performance. Furthermore, we perform a formal verification of the proposed protocol using the widely accepted AVISPA tool for error detection.