A Robust IoT-Based Three-Factor Authentication Scheme for Cloud Computing Resistant to Session Key Exposure

Wang, Feifei; Xu, Guosheng; Wang, Yuejie; Peng, Junhao

doi:10.1155/2020/3805058

Cited by 26 publications

(23 citation statements)

References 37 publications

(74 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In 1991, Frank et al [43] presented a key agreement protocol that completely relies on HTTP. Conversely, Yang et al [41] presented that Frank et al were uncertain to withstand the vulnerabilities such as redirection, replay attack, and man-in-themiddle. Yang et al constructed a competent user authentication, which resolves the key issues of Frank et al Of late, several authentication mechanisms, namely two-factor [41], three-factor [11], identity-based [8], etc.…”

Section: Research Motivationmentioning

confidence: 99%

“…Conversely, Yang et al [41] presented that Frank et al were uncertain to withstand the vulnerabilities such as redirection, replay attack, and man-in-themiddle. Yang et al constructed a competent user authentication, which resolves the key issues of Frank et al Of late, several authentication mechanisms, namely two-factor [41], three-factor [11], identity-based [8], etc. have been constructed using pairing-based, factoring and discrete logarithm, elliptic-curve (EC) cryptography [22], and chaotic-map [40].…”

Section: Research Motivationmentioning

confidence: 99%

“…Hence, it is widely identified to be chaotic-map based authentication schemes to achieve less computation and communication efficiencies than ECC or RSA-based authentication protocol. Many chaotic-map based authentication protocols are susceptible to desynchronization [41] and denial-of-service (DoS) attack [11]. Moreover, their schemes cannot offer client anonymity [46] and revocation mechanism for stolen or lost smartcard [11].…”

Section: Research Motivationmentioning

confidence: 99%

See 2 more Smart Citations

Chaotic-map based authenticated security framework with privacy preservation for remote point-of-care

Deebak

Al‐Turjman²,

Nayyar

2020

Multimed Tools Appl

View full text Add to dashboard Cite

Section: Research Motivationmentioning

confidence: 99%

Section: Research Motivationmentioning

confidence: 99%

Section: Research Motivationmentioning

confidence: 99%

See 1 more Smart Citation

Chaotic-map based authenticated security framework with privacy preservation for remote point-of-care

Deebak

Al‐Turjman²,

Nayyar

2020

Multimed Tools Appl

View full text Add to dashboard Cite

“…As far as we know, we are the first to apply Chebyshev chaotic map to SIP. Chebyshev chaotic map has been used in many environments to achieve identity verification, such as medical information system environment [25], cloud computing environment [26], and IOT environment [27]. Compared with other lightweight authentication schemes, Chebyshev chaotic map has higher level of efficiency and security.…”

Section: A Related Workmentioning

confidence: 99%

An Improved Three-Factor Session Initiation Protocol Using Chebyshev Chaotic Map

2020

View full text Add to dashboard Cite

Session Initiation Protocol (SIP) is the most widely used signalling protocol for controlling communication, establishing, maintaining, and terminating sessions on the Internet. However, since sensitive information is often transmitted through open channels, a security authentication scheme is essential. Recently, Islam et al. proposed an authentication scheme for SIP, and argued that the scheme is immune to known attacks. However, we discover that their scheme fails to achieve user anonymity, and it cannot even resist impersonation attack. Therefore, this study proposes an enhanced mutual authentication scheme to eliminate the drawbacks of the scheme proposed by Islam et al. In addition, our proposed scheme is based on extended chaotic map, which avoids computationally expensive elliptic curve point multiplication. Then, we use Burrows-Abadi-Needham logic to prove that the proposed scheme achieves secure mutual authentication, and we use the Real-Or-Random model to analyze the formal security verification of the session key. Finally, we compare the performance and the security features of the proposed scheme with some existing schemes. Therefore, we provide better safety and efficiency than related schemes and the proposed scheme is suitable for SIP.

show abstract

“…Recently, numerous user authentication schemes are proposed [4][5][6][7]. Most recently, Shuai et al [8] designed a new anonymous authentication scheme for a smart home environment.…”

Section: Introductionmentioning

confidence: 99%

Security Analysis on “Anonymous Authentication Scheme for Smart Home Environment with Provable Security”

Dong

Zhou

et al. 2020

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

As an important application of the Internet of Things, smart home has greatly facilitated our life. Since the communication channels of smart home are insecure and the transmitted data are usually sensitive, a secure and anonymous user authentication scheme is required. Numerous attempts have been taken to design such authentication schemes. Recently, Shuai et al. (Computer & Security 86(2019):132146) designed an anonymous authentication scheme for smart home using elliptic curve cryptography. They claimed that the proposed scheme is secure against various attacks and provides ideal attributes. However, we show that their scheme cannot resist inside attack and offline dictionary attack and also fails to achieve forward secrecy. Furthermore, we give some suggestions to enhance the security of the scheme. These suggestions also apply to other user authentication schemes with similar flaws.

show abstract

A Robust IoT-Based Three-Factor Authentication Scheme for Cloud Computing Resistant to Session Key Exposure

Cited by 26 publications

References 37 publications

Chaotic-map based authenticated security framework with privacy preservation for remote point-of-care

Chaotic-map based authenticated security framework with privacy preservation for remote point-of-care

An Improved Three-Factor Session Initiation Protocol Using Chebyshev Chaotic Map

Security Analysis on “Anonymous Authentication Scheme for Smart Home Environment with Provable Security”

Contact Info

Product

Resources

About