Improved Biometric-Based Three-factor Remote User Authentication Scheme with Key Agreement Using Smart Card

Chaturvedi, Ankita; Mishra, Dheerendra; Mukhopadhyay, Sourav

doi:10.1007/978-3-642-45204-8_5

Cited by 24 publications

(20 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We have presented security functionality comparison of our scheme with other related schemes under consideration and we have found that our scheme provides maximum security (refer to Table 2). After comparing the results from both Tables 1 and 2, we have found that the schemes (Chaturvedi et al, 2013;Karuppiah and Saravanan, 2014) have same security features, however they have more communication cost to achieve theses requirement. This makes our scheme better than other schemes.…”

Section: Performance Analysismentioning

confidence: 97%

“…Among the different approaches (Wu, 1995;Chien et al, 2001;Kumar et al, 2010;Liaw, 1995;Liaw and Lei, 1995;Das et al, 2004;Wang et al, 2004Wang et al, , 2009Wen and Li, 2012;Juan and Zou, 2013;Chaturvedi et al, 2013;Zhang et al, 2014;Leu and Hsieh, 2014;Ramesh and Bhaskaran, 2014;Karuppiah and Saravanan, 2014;Kumari and Om, 2015;Lee et al, 2013), some researchers have developed the remote login schemes using geometric approach, which was first discussed by Wu (1995) with simple implementation in the Euclidean plane. The Wu's scheme was modified by Chien et al (2001) in 2001 proposed a scheme using a circle in n-dimensional space.…”

Section: Related Workmentioning

confidence: 99%

“…In 2013, Chaturvedi et al (2013) proposed a scheme based on the exponential computation, which makes it costly as it needs more bits for authentication message. In 2014, Zang et al (2014) proposed the first authentication scheme with anonymity for SIP, but its login and password change phase was not so efficient.…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Remote login password authentication scheme using tangent theorem on circle

Kumari

2016

IJCONVC

View full text Add to dashboard Cite

Abstract:In this paper, we propose a remote password authentication scheme based on geometry. We use some simple tangent theorems of a circle, RSA encryption technique, and a strong one-way function to mutually authenticate the user and the server. It has a facility for a legal user to freely choose and change his password using his smart card. The security of this scheme depends on the tangent points located in a plane associated with the circle and the tangent line itself. In this scheme, the user anonymity is preserved and the communication cost is also reduced due to checking the correctness of the password before sending any authentication message.Keywords: authentication; RSA cryptosystem; tangent theorem; circle; smart card.Reference to this paper should be made as follows: Kumar, S. and Om, H. 94 S. Kumari and H. OmThis paper is a revised and expanded version of a paper entitled 'Remote login password authentication scheme using tangent theorem on circle' presented at FICTA 2014, Bhubaneswar, India, 14-15 Novenber 2014.

show abstract

Section: Performance Analysismentioning

confidence: 97%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Remote login password authentication scheme using tangent theorem on circle

Kumari

2016

IJCONVC

View full text Add to dashboard Cite

show abstract

“…The primary requirement for these kinds of scenarios is to authenticate the remote user, whether a valid smart card holder is having the rights and privileges to access the server resources. To solve this problem lots of researchers proposed remote user authentication schemes with smartcards [1][2][3][4][5][6][7][11][12][13][14][15][16][17][18][19] to authenticate a legitimate user, but none of them can address all possible security problems and with-stand all possible attacks [1,[3][4][5]9,[14][15][16][17][18][19]21]. In addition most of the schemes proposed [13,17,18] do not preserve user anonymity.…”

Section: Introductionmentioning

confidence: 99%

An energy efficient remote user authentication scheme preserving user anonymity

Bapana¹,

Narayana²,

Vorugunti

2014

2014 International Conference on Contemporary Computing and Informatics (IC3I)

View full text Add to dashboard Cite

Internet of Things (IoT), is an interconnection of heterogeneous devices in terms of computational, communication, energy efficient competences over public insecure communication channel called Internet. Through advancement in mobile and communication technologies, users can connect to remote servers ubiquitously through a 'thing' or device which is a part of IoT. Insecure nature of Internet and resource constrained nature of devices or things which are part of IoT demands for remote user authentication protocols which are extremely secure, light weight and energy efficient. In this context, C.G MA et al proposed a new dynamic ID based authentication scheme. In this manuscript we will illustrate that C.G MA et al. scheme cannot preserve user anonymity under their hypothesis and susceptible to stolen verifier attack.In addition, we will confirm that their scheme is heavy weight and needs more energy. We then present our improved scheme which is a generalized one, which is secure, light weight and energy efficient, while protecting the merits of different dynamic identity based authentication schemes.

show abstract

“…The authentication schemes are primarily used for authorized communication between the targeted server and remote user [4][5][6][7]. In general, authentication schemes support mutual authentication and session key agreement, where involve entities can verifies the correctness of each other and draw a common key with shared secrets such that only the authorized participants can construct [8,9]. The established key is called session key, which can be used to transmit confidential data [10,11].…”

Section: Introductionmentioning

confidence: 99%

Design and Analysis of a Provably Secure Multi-server Authentication Scheme

Mishra

2015

Wireless Pers Commun

Self Cite

View full text Add to dashboard Cite

Authenticated key agreement protocols play an important role to ensure authorized and secure communication over public network. In recent years, several authentication protocols have been proposed for single-server environment. Most of these protocols present efficient and secure solution for single-server environment. However, adoption of these protocols for multi-server environment is not feasible as user have to register on each server, separately. On the contrary, multi-server authentication schemes require single registration. The one time registration mechanism makes the system userfriendly and supports inter-operability. Unfortunately, most of the existing multi-server authentication schemes require all servers to be trusted, involvement of central authority in mutual authentication or multiple secret keys. In general, a servers may be semi-trusted, thus considering all server to be trusted does not seems to be realistic scenario. Involvement of central authority in mutual authentication may create bottleneck scenario for large network. Also, computation of multiple secret keys may not be suitable for smart card based environment as smart card keeps limited storage space. To overcome these drawbacks, we aim to design an authentication scheme for multi-server environment, where all servers does not need to be trusted, central authority does not require in mutual authentication and smart card need not to store multiple secret keys. In this paper, we first analyze the security of recently proposed Yeh's smart card based multi-server authentication scheme (Yeh in Wirel Pers Commun 79(3):1621-1634, 2014). We show that Yeh's scheme does not resist off-line password guessing attack, insider attack and user impersonation attack. Furthermore, we propose an efficient multi-server authentication scheme which does not require all servers to be trusted, central authority no longer needed in authentication and smart card need not to store multiple secret keys. We prove the correctness of mutual authentication of our scheme using the widely-accepted BAN logic. Through the security analysis, we show that our scheme is secure against various known attacks & Dheerendra Mishra including the attacks found in Yeh's scheme. In addition, the proposed scheme is comparable in terms of the communication and computational overheads with related schemes.

show abstract

Improved Biometric-Based Three-factor Remote User Authentication Scheme with Key Agreement Using Smart Card

Cited by 24 publications

References 24 publications

Remote login password authentication scheme using tangent theorem on circle

Remote login password authentication scheme using tangent theorem on circle

An energy efficient remote user authentication scheme preserving user anonymity

Design and Analysis of a Provably Secure Multi-server Authentication Scheme

Contact Info

Product

Resources

About