A New Dynamic ID-Based User Authentication Scheme Using Mobile Device: Cryptanalysis, the Principles and Design
作者: Xiong Li , Junguo Liao , Saru Kumari , Wei Liang , Fan Wu
DOI: 10.1007/S11277-015-2737-Z
关键词: Authentication protocol 、 Multi-factor authentication 、 S/KEY 、 Provable security 、 Password policy 、 Computer science 、 Authentication 、 Password 、 Login 、 Challenge–response authentication 、 Data Authentication Algorithm 、 Random oracle 、 Cryptanalysis 、 One-time password 、 Denial-of-service attack 、 AKA 、 Computer security
摘要: The remote user authentication scheme is an important security technology, which provides service before a accesses the provided by server. In this paper, we analyze and design flaws of recently proposed dynamic ID key agreement Lin. We find Lin's totally cannot be used in real applications because following weaknesses: it has some drawbacks such as does not have wrong password detection mechanism its change phase incorrect; can login to server using any identity or inherent defects message; at same time, vulnerable mobile device loss attack denial attack. For considerations, propose principles should followed schemes. According these principles, new ID-based device. formally features BAN logic, give provable analysis random oracle model. Besides, also discuss our resist other well known attacks. functionality performance comparisons shown that enhances keeps efficiency time.
springer.com
sci-hub.se 参考文章(39)
Xiong Li, Jianwei Niu, Muhammad Khurram Khan, Junguo Liao, Xiaoke Zhao, Robust three-factor remote user authentication scheme with key agreement for multimedia systems Security and Communication Networks. ,vol. 9, pp. 1916- 1927 ,(2016) , 10.1002/SEC.961
Ya-Fen Chang, Wei-Liang Tai, Hung-Chin Chang, Untraceable dynamic-identity-based remote user authentication scheme with verifiable password update International Journal of Communication Systems. ,vol. 27, pp. 3430- 3440 ,(2014) , 10.1002/DAC.2552
Jianwei Niu, Xiong Li, A novel user authentication scheme with anonymity for wireless communications Security and Communication Networks. ,vol. 7, pp. 1467- 1476 ,(2014) , 10.1002/SEC.601
Xiong Li, Jianwei Niu, Junguo Liao, Wei Liang, Cryptanalysis of a dynamic identity-based remote user authentication scheme with verifiable password update International Journal of Communication Systems. ,vol. 28, pp. 374- 382 ,(2015) , 10.1002/DAC.2676
Han-Yu Lin, Efficient mobile dynamic ID authentication and key agreement scheme without trusted servers International Journal of Communication Systems. ,vol. 30, ,(2017) , 10.1002/DAC.2818
Bae-Ling Chen, Wen-Chung Kuo, Lih-Chyau Wuu, Robust smart-card-based remote user password authentication scheme International Journal of Communication Systems. ,vol. 27, pp. 377- 389 ,(2014) , 10.1002/DAC.2368
Xiong Li, Jianwei Niu, Zhibo Wang, Caisen Chen, Applying biometrics to design three-factor remote user authentication scheme with key agreement Security and Communication Networks. ,vol. 7, pp. 1488- 1497 ,(2014) , 10.1002/SEC.767
Xiong Li, Jianwei Niu, Muhammad Khurram Khan, Zhibo Wang, Applying LU Decomposition of Matrices to Design Anonymity Bilateral Remote User Authentication Scheme Mathematical Problems in Engineering. ,vol. 2013, pp. 1- 10 ,(2013) , 10.1155/2013/910409
Debiao HE, Hao HU, Cryptanalysis of a Smartcard-Based User Authentication Scheme for Multi-Server Environments IEICE Transactions on Communications. ,vol. 95, pp. 3052- 3054 ,(2012) , 10.1587/TRANSCOM.E95.B.3052
Jia-Lun Tsai, Tzong-Chen Wu, Kuo-Yu Tsai, New dynamic ID authentication scheme using smart cards International Journal of Communication Systems. ,vol. 23, pp. 1449- 1462 ,(2010) , 10.1002/DAC.1118