An efficient and secure multi-server authentication scheme with key agreement

Remote user authentication is used to validate the legitimacy of a remote log-in user. Due to the rapid growth of computer networks, many network environments have been becoming multi-server based. Recently, much research has been focused on proposing remote password authentication schemes based on smart cards for securing multi-server environments. Each of these schemes used either a nonce or a timestamp technique to prevent the replay attack. However, using the nonce technique to withstand the replay attack is potentially susceptible to the man-in-the-middle attack. Alternatively, when employing the timestamp method to secure remote password authentication, it will require the cost of implementing clock synchronization. In order to solve the above two issues, this paper proposes a self-verified timestamp technique to help the smart-card-based authentication scheme not only effectively achieve password-authenticated key agreement but also avoid the difficulty of implementing clock synchronization in multi-server environments. A secure authenticated key agreement should accomplish both mutual authentication and session key establishment. Therefore, in this paper we further give the formal proof on the execution of the proposed authenticated key agreement scheme.     

一个前向安全的基于口令认证的三方密钥交换协议

目前,文献中提出的基于口令认证的密钥交换协议,很多都是针对两方的情形设计的,即通信双方为客户与服务器,它们通过一个预先共享的口令来进行认证的密钥交换.随着现代通信环境的快速变化,需要能为任意客户间构建一个端到端的安全信道,这种应用的情形与那些文献中所考虑的有很大区别.针对这种情形,文中提出了一个可证前向安全的基于口令认证的三方密钥交换协议,使通信双方在认证服务器的帮助下能相互进行认证并建立一个会话密钥.与前人提出的基于口令认证的三方密钥交换协议相比,该协议在计算代价和通信代价上都较有效,因而更适用于资源受限的环境.此协议的安全性是在口令型的选择基Gap Diffie-Hellman问题难解的假设前提下在随机谕示模型下证明的.     

An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem

Recently, remote user authentication schemes are implemented on elliptic curve cryptosystem (ECC) to reduce the computation loads for mobile devices. However, most remote user authentication schemes on ECC are based on public-key cryptosystem, in which the public key in the system requires the associated certificate to prove its validity. Thus, the user needs to perform additional computations to verify the certificate in these schemes. In addition, we find these schemes do not provide mutual authentication or a session key agreement between the user and the remote server. Therefore, we propose an ID-based remote mutual authentication with key agreement scheme on ECC in this paper. Based upon the ID-based concept, the proposed scheme does not require public keys for users such that the additional computations for certificates can be reduced. Moreover, the proposed scheme not only provides mutual authentication but also supports a session key agreement between the user and the server. Compared with the related works, the proposed scheme is more efficient and practical for mobile devices.     

可证明安全的基于身份的认证密钥协商协议

提出了一种具有私钥产生中心(private key generator,PKG)前向安全性的基于身份的认证密钥协商协议,协议中给出了一种利用用户双方的长期私钥和临时私钥联合计算共享密钥的方法.在标准模型下证明了协议的安全性,并且分析得出,即使攻击者能够同时获得双方的临时私钥或同时获得双方的长期私钥,共享密钥仍然是安全的.性能分析表明,该协议较好地平衡了计算复杂度和安全性这两个协议评价指标.     

SAS-SIP: A secure authentication scheme based on ECC and a fuzzy extractor for session initiation protocol

The session initiation protocol is used for communication purposes in a client-server environment, where for each time session the client and server agree upon a shared secret session key through an authentication system. After establishing the connection between client and server for a session, both the parties use a session key to encrypt/decrypt messages for communicating within that session securely. Therefore, authentication plays a vital role in sharing the secret session key. Recently, Chaudhry et al. proposed an authentication scheme; yet this paper shows that Chaudhry et al.’s scheme has inefficient login and password change phases, respectively, and does not take care of the users’ anonymity. Therefore, this study proposes an enhanced scheme, referred to as the secure authentication scheme for session initiation protocol (SAS-SIP) to eliminate the drawbacks of the scheme proposed by Chaudhry et al. In addition, the proposed SAS-SIP uses fuzzy extractors to incorporate biometric data along with the password to enhance the degree of security in the authentication system. After performing the security analysis through a random oracle model, this paper concludes that SAS-SIP is secure from secret information retrieval of communicators to the attacker. Furthermore, it has a better trade-off among several measurement costs along with security.     

Remote user authentication and key agreement for mobile client–server environments on elliptic curve cryptography

In recent years, with the rapid advance of wireless mobile networks, secure and efficient authentication mechanisms that can operate over insecure wireless channels have become increasingly essential. To improve the efficiency in the energy-limited mobile devices, many authentication schemes using elliptic curve cryptography (ECC) have been presented. However, these schemes are still inefficient in terms of computation cost and communication overhead. Moreover, they suffer from various attacks, making them impractical due to their inherent design. To address their weaknesses, we propose a more efficient ID-based authentication scheme on ECC for mobile client–server environments with considering security requirements. The proposed scheme not only provides mutual authentication but also achieves session key agreement between the client and the server. Through a rigorous formal security proof under random oracle model, it has been indicated that the proposed protocol is secure against security threats. The informal security analysis shows that our scheme can resist well-known attacks and provides user anonymity. Performance analysis and comparison results demonstrate that our scheme outperforms the related competitive works and is more suitable for practical application in mobile client–server environments.     

A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards

Advancement in communication technology provides a scalable platform for various services, where a remote user can access the server from anywhere without moving from its place. It provides a unique opportunity for online services such that a user does not need to be physically present at the service center. These services adopt authentication and key agreement protocols in order to ensure authorized and secure access to the resources. Most of the authentication schemes proposed in the literature support a single-server environment, where the user has to register with each server. If a user wishes to access multiple application servers, he/she requires to register with each server. The multi-server authentication introduces a scalable platform such that a user can interact with any server using single registration. Recently, Chuang and Chen proposed an efficient multi-server authenticated key agreement scheme based on a user’s password and biometrics (Chuang and Chen, 2014). Their scheme is a lightweight, which requires the computation of only hash functions. In this paper, we first analyze Chuang and Chen’s scheme and then identify that their scheme does not resist stolen smart card attack which causes the user’s impersonation attack and server spoofing attack. We also show that their scheme fails to protect denial-of-service attack. We aim to propose an efficient improvement on Chuang and Chen’s scheme to overcome the weaknesses of their scheme, while also retaining the original merits of their scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against various known attacks including the attacks found in Chuang and Chen’s scheme. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against the replay and man-in-the-middle attacks. In addition, our scheme is comparable in terms of the communication and computational overheads with Chuang and Chen’s scheme and other related existing schemes.     

An novel three-party authenticated key exchange protocol using one-time key

Three-party authenticated key exchange protocol (3PAKE) is an important cryptographic technique for secure communication which allows two parties to agree a new secure session key with the help of a trusted server. In this paper, we propose a new three-party authenticated key exchange protocol which aims to achieve more efficiency with the same security level of other existing 3PAKE protocols. Security analysis and formal verification using AVISPA tools show that the proposed protocol is secure against various known attacks. Comparing with other typical 3PAKE protocols, the proposed protocol is more efficient with less computation complexity.     

基于混沌映射的用户匿名三方口令认证密钥协商协议

在基于混沌的三方口令认证密钥协商协议中,用户通过低熵的口令实现相互认证和共享会话密钥,以避免在身份认证过程中公钥基础设施或存储用户长期密钥的安全威胁。通过分析Lee提出的基于混沌映射的口令认证密钥协商协议,发现其协议不能进行口令变更,而且仅适用于用户和服务器之间的两方通信。为了改进此方案,提出两个基于切比雪夫混沌映射的用户匿名三方口令认证密钥协商协议,包括基于时钟同步的密钥协商方案和基于随机数的密钥协商方案。其中基于时钟同步的用户匿名三方口令认证密钥协商协议通信量少,基于随机数的用户匿名三方口令认证密钥协商协议更容易实现。两个方案的优点是用户仅选择一个简单的口令进行相互认证和密钥协商,服务器不需要再保护用户口令表,避免了口令相关的攻击,而且在相互认证过程中用户使用临时身份和哈希函数,实现用户匿名性,在增强协议安全性的同时,减少了通信过程中消息的数量,提高了协议的执行效率,具有完美前向安全,并用BAN逻辑证明了其安全性。     

An ID-based client authentication with key agreement protocol for mobile client-server environment on ECC with provable security

Recently, lots of remote user authentication schemes are implemented on elliptic curve cryptosystem (ECC) to reduce the computation loads for mobile devices. However, most of those remote user authentication schemes on ECC suffer from different attacks and can not provide provable security. Therefore, we propose an ID-based remote mutual authentication with key agreement scheme on ECC in this paper. The proposed scheme not only provides mutual authentication but also supports a session key agreement between the user and the server. The scheme also provides the known session key security, the perfect forward secrecy, the no key-compromise impersonation, the no unknown key-share and the no key control. Compared with the related works, the proposed scheme is more efficient and practical for mobile devices. We also give a security proof under the random oracle.     

一种基于身份的会议密钥协商方案

目前提出的密钥协商协议大部分都是基于Diffie-Hellman交互,对协商信息进行认证,并在成员之间建立一个会话密钥,实施安全通信。本文找出了文献[1]中的两个安全漏洞,利用双线性映射性质,提出了一种基于用户ID的会议密钥协商方案。此方案能够有效地抵抗重放攻击、合谋攻击、假冒攻击、中间人攻击,与文献[1]的方法相比,具有更高的安全性和效率,在多对多网络通信中有着很强的实用性。     

身份基认证密钥协商协议

安全有效地传递信息是计算机安全通信研究领域的主要目标。为了使得用户间能在公开网络进行安全通信,文中提出了一种新的两轮双方认证密钥协商协议,通过分析新协议的安全属性指出了构造双方认证密钥协商的一些原则。该协议实现了通信双方的相互身份认证功能,使通信双方能确认对方的身份,同时还提供了密钥协商的功能。     

WSN中基于ECC的轻量级认证密钥协商协议

为解决无线传感器网络密钥管理与认证协议设计中由于节点频繁移动所带来的计算量、存储量等资源消耗过大问题,提出了一种基于ECC的轻量级认证密钥协商协议。该协议主要用于网络中任意用户节点之间,以及用户节点与网络之间的双向认证和会话密钥的协商。方案采用ECC进行会话密钥协商,结合AES对称密钥加密技术保证信息传输过程的保密性。与传统的密钥协商协议相比,能够在更小的密钥量下提供更大的安全性,并减少了对节点计算量和存储量的需求。该协议在ID-BJM安全模型下证明了其安全性。分析结果表明,该协议满足前后向安全性和PKG前向安全性。     

Attribute-based authentication on the cloud for thin clients

We propose two new authentication schemes for the cloud that support private attribute-based authentication services. The basic scheme is non-anonymous attribute-based authentication scheme. The extended scheme of the basic scheme is fully anonymous attribute-based authentication scheme to realize full anonymity and unlinkability services. In the proposed schemes, a user is authenticated by the remote server if the intersection of the set of his/her assigned attributes and the server’s required attributes exceeds a satisfactory predefined level. Unlike existing attribute-based encryption and signature schemes that require the user to perform significant amount of elliptic curve bilinear pairings and modular exponentiations, and require the user to hold a significantly long decryption/signature key, in our schemes the user is not required to perform any bilinear pairings. With a fixed length private key, independent of the number of attributes, the cloud user performs only few exponentiations by which he/she is able to authenticate himself/herself to the remote server and establish a session key with the server with the condition that he/she satisfies a predefined level of the server’s attributes requirement. Therefore, our schemes are suitable for implementation on devices with limited resources. We provide the rigorous security of the proposed schemes and complexity analysis of our schemes. Finally, the security and performance comparisons of our schemes with the existing related schemes show that our schemes outperform other existing schemes.     

移动自组网中跨域两方认证密钥协商协议研究

针对基于身份的移动自组网认证密钥协商协议中,会话两方属于不同私钥生成中心（PKG）的情况,利用双线性对的性质和椭圆曲线离散对数问题,提出了一种跨域两方认证密钥协商协议,并采用应用pi演算和ProVerif自动化验证工具对其安全属性进行形式化分析。分析结果表明,提出的协议实现了保密性、身份认证性以及密钥一致性确认,同时又具有较好的性能,非常适用于资源有限的移动自组网。     

基于身份可证安全的双方密钥协商协议*

针对双方认证和密钥协商协议中会话双方属于不同密钥产生中心的情况,利用双线性对性质和BDH假设,基于可证安全的eCK模型提出一种基于身份可证安全的双方密钥协商协议。该协议从测试会话在随机谕示模型中是否存在相应的匹配会话两个方面,对提出的协议方案进行了安全性证明：若BDH假设不可解,则本方案是安全的认证密钥协商协议。     

An enhanced smart card based remote user password authentication scheme

Smart card based password authentication is one of the simplest and efficient authentication mechanisms to ensure secure communication in insecure network environments. Recently, Chen et al. have pointed out the weaknesses of some password authentication schemes and proposed a robust smart card based remote user password authentication scheme to improve the security. As per their claims, their scheme is efficient and can ensure forward secrecy of the session key. However, we find that Chen et al.'s scheme cannot really ensure forward secrecy, and it cannot detect the wrong password in login phase. Besides, the password change phase of Chen et al.'s scheme is unfriendly and inefficient since the user has to communicate with the server to update his/her password. In this paper, we propose a modified smart card based remote user password authentication scheme to overcome the aforementioned weaknesses. The analysis shows that our proposed scheme is user friendly and more secure than other related schemes.     

Simple password-based three-party authenticated key exchange without server public keys

Password-based three-party authenticated key exchange protocols are extremely important to secure communications and are now extensively adopted in network communications. These protocols allow users to communicate securely over public networks simply by using easy-to-remember passwords. In considering authentication between a server and user, this study categorizes password-based three-party authenticated key exchange protocols into explicit server authentication and implicit server authentication. The former must achieve mutual authentication between a server and users while executing the protocol, while the latter only achieves authentication among users. This study presents two novel, simple and efficient three-party authenticated key exchange protocols. One protocol provides explicit server authentication, and the other provides implicit server authentication. The proposed protocols do not require server public keys. Additionally, both protocols have proven secure in the random oracle model. Compared with existing protocols, the proposed protocols are more efficient and provide greater security.     

面向云端的电子病历数据管理研究

信息技术和大数据的发展推动了医疗记录的信息化。在这样的背景下,电子病历（EMR）系统作为其中的代表,改变了医疗数据的管理模式,但也带来了诸如身份认证和隐私保护等问题。针对这些问题,提出了一个基于身份的可认证密钥协商协议,通过密钥协商服务器执行此核心协议得到的会话密钥将用来对数据进行加密处理,并由安全高效的签名算法保证数据的真实性,最终实现医疗数据的安全管理。在e-CK模型下,利用可证明安全理论证明了该方案具有完美的前向安全性,能够抵御未知密钥共享攻击和密钥泄露模仿攻击等。此外,通过隐式的认证算法,EMR方案中的核心密钥协商协议能够支持共享密钥的属性认证。