Anonymous authentication protocol based on elliptic curve Diffie-Hellman for wireless access networks

Hsieh, Wen-Bin; Leu, Jenq-Shiou

doi:10.1002/wcm.2252

Cited by 38 publications

(22 citation statements)

References 26 publications

(30 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As reported in [31,32] the average execution time of a modular exponentiation, an elliptic curve point multiplication and a hash function operation is 522 ms, 63.075 ms, and 0.5 ms, respectively. Moreover, it is assumed that the time of performing an exclusive-or operation is negligible.…”

Section: Authentication Phasementioning

confidence: 96%

See 1 more Smart Citation

On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems

et al. 2015

View full text Add to dashboard Cite

Telecare medicine information systems (TMISs) aim to deliver appropriate healthcare services in an efficient and secure manner to patients. A secure mechanism for authentication and key agreement is required to provide proper security in these systems. Recently, Bin Muhaya demonstrated some security weaknesses of Zhu's authentication and key agreement scheme and proposed a security enhanced authentication and key agreement scheme for TMISs. However, we show that Bin Muhaya's scheme is vulnerable to off-line password guessing attacks and does not provide perfect forward secrecy. Furthermore, in order to overcome the mentioned weaknesses, we propose a new two-factor anonymous authentication and key agreement scheme using the elliptic curve cryptosystem. Security and performance analyses demonstrate that the proposed scheme not only overcomes the weaknesses of Bin Muhaya's scheme, but also is about 2.73 times faster than Bin Muhaya's scheme.

show abstract

Section: Authentication Phasementioning

confidence: 96%

“…In order to provide a precise performance comparison, the experiment data reported in [31,32] are used. As reported in [31,32] the average execution time of a modular exponentiation, an elliptic curve point multiplication and a hash function operation is 522 ms, 63.075 ms, and 0.5 ms, respectively.…”

Section: Authentication Phasementioning

confidence: 99%

On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems

et al. 2015

View full text Add to dashboard Cite

show abstract

“…The Hsieh–Leu protocol consists of three phases: (i) registration; (ii) ticket issuing; and (iii) session key update. The notations used in this paper are presented in the succeeding texts.…”

Section: Review Of Hsieh–leu Protocolmentioning

confidence: 99%

“…After that, Youn et al showed that the protocol proposed in is not anonymous, and Mun et al showed that the protocol in achieves neither anonymity nor perfect forward secrecy , which is an important property in practice. In 2011, Chen et al proposed another efficient protocol secure against password guessing attack, but very recently, Hsieh and Leu showed that the protocol is vulnerable to denial of authentication attack, which is a special type of denial of service attack. Hsieh and Leu also proposed an improved scheme to overcome the weakness.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A practical anonymous authentication protocol for wireless roaming

Xie

Tan

Wong

et al. 2013

Security Comm Networks

View full text Add to dashboard Cite

Recently, Chen et al. proposed a practical authentication protocol for supporting anonymous roaming in wireless access networks, then the protocol is further improved by Hsieh and Leu. In this paper, we demonstrate the adversarial model of this type of protocols and show that Hsieh‐Leu scheme is not as secure as they originally claimed to be. In particular, we show that their protocol does not provide user privacy protection, and it is vulnerable to off‐line password guessing attack mounted by a side channel adversary who has compromised all the information stored in the user's smart card. To fix these weaknesses, a new practical authentication protocol with anonymity for wireless roaming is proposed. We use the formal verification tool ProVerif, which is based on applied pi calculus, to prove the security of the proposed scheme. The experimental results confirm that the new scheme not only achieves many desirable properties, such as strong anonymity, perfect forward secrecy and support of session key update, but also provides robustness against all those attacks that Hsieh–Leu protocol does not resist. Copyright © 2013 John Wiley & Sons, Ltd.

show abstract

A new privacy‐preserving authentication protocol for anonymous web browsing

Yang

Khalil

et al. 2018

Concurrency and Computation

View full text Add to dashboard Cite

Anonymous authentication technique receives wide attention in recent years since it can protect users' privacy. Anonymous web browsing refers to utilization of the World Wide Web that hides a user's personally identifiable information from the websites visited. Even if a user can hide the IP address and other physical information with anonymity programs such as Tor, the web server can always monitor the user on the basis of the identity. In this paper, we firstly give an overview and cryptanalysis on the protocol of Yang et al and point out the security weaknesses of their protocol.Then, we propose a new authentication protocol for anonymous web browsing. In the proposed protocol, we take the advantages of a pseudo identity mechanism and an identity-based elliptic curve cryptography algorithm to achieve user anonymity, robust security, and high efficiency. The result of security analysis and performance evaluation indicate the feasibility and practicality of our proposed anonymous authentication protocol.

show abstract

Anonymous authentication protocol based on elliptic curve Diffie-Hellman for wireless access networks

Cited by 38 publications

References 26 publications

On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems

On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems

A practical anonymous authentication protocol for wireless roaming

A new privacy‐preserving authentication protocol for anonymous web browsing

Contact Info

Product

Resources

About