A mutual authentication and key exchange scheme from bilinear pairings for low power computing devices

In a client-server network environment, a mutual authentication and key exchange scheme is an important security mechanism to provide two parties with the property that they can authenticate each other's identity while they may construct a common session key. With rapid growth of mobile wireless networks, the computational cost on the client side with low power computing devices is a critical factor of the security scheme design. This paper presents a mutual authentication and key exchange scheme using bilinear pairings. Based on the computational Diffie-Hellman assumption and the random oracle model, we show that the proposed scheme is secure against passive attack, forgery attack and ID attack while it provides mutual authentication, implicit key confirmation and partial forward secrecy. A performance analysis demonstrates that our scheme is well suited for smart cards with limited computing capability.

[1]  Jiann-Fu Lin,et al.  An efficient and complete remote user authentication scheme using smart cards , 2006, Math. Comput. Model..

[2]  Jung Hee Cheon,et al.  An Identity-Based Signature from Gap Diffie-Hellman Groups , 2003, Public Key Cryptography.

[3]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[4]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[5]  Hyang-Sook Lee,et al.  IDENTITY BASED AUTHENTICATED KEY AGREEMENT FROM PAIRINGS , 2005 .

[6]  Atul Negi,et al.  Cryptanalysis of recently proposed Remote User Authentication Schemes , 2006, IACR Cryptol. ePrint Arch..

[7]  Colin Boyd,et al.  Advances in Cryptology - ASIACRYPT 2001 , 2001 .

[8]  Jung Hee Cheon,et al.  Batch Verifications with ID-Based Signatures , 2004, ICISC.

[9]  Yuh-Min Tseng GPRS/UMTS-aided authentication protocol for wireless LANs , 2006 .

[10]  Duncan S. Wong,et al.  Efficient and Mutually Authenticated Key Exchange for Low Power Computing Devices , 2001, ASIACRYPT.

[11]  Yuh-Min Tseng,et al.  A secure authenticated group key agreement protocol for resource-limited mobile devices , 2007, Comput. J..

[12]  Wei-Chi Ku,et al.  Weaknesses of Yoon-Ryu-Yoo's hash-based password authentication scheme , 2005, OPSR.

[13]  31st Annual International Computer Software and Applications Conference, COMPSAC 2007, Beijing, China, July 24-27, 2007. Volume 1 , 2007, Annual International Computer Software and Applications Conference.

[14]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[15]  Zhijie Jerry Shi,et al.  Studying Software Implementations of Elliptic Curve Cryptography , 2006, Third International Conference on Information Technology: New Generations (ITNG'06).

[16]  Liqun Chen,et al.  Identity based authenticated key agreement protocols from pairings , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[17]  Debasis Giri,et al.  An Improved Remote User Authentication Scheme with Smart Cards using Bilinear Pairings , 2007, IACR Cryptol. ePrint Arch..

[18]  Kenneth G. Paterson,et al.  ID-based Signatures from Pairings on Elliptic Curves , 2002, IACR Cryptol. ePrint Arch..

[19]  Liqun Chen,et al.  A Built-in Decisional Function and Security Proof of ID-based Key Agreement Protocols from Pairings , 2006, IACR Cryptol. ePrint Arch..

[20]  Wolfgang Rankl,et al.  Smart Card Handbook , 1997 .

[21]  Ashutosh Saxena,et al.  A novel remote user authentication scheme using bilinear pairings , 2006, Comput. Secur..

[22]  Liqun Chen,et al.  Identity-based key agreement protocols from pairings , 2017, International Journal of Information Security.

[23]  YoungJu Choie,et al.  Efficient identity-based authenticated key agreement protocol from pairings , 2005, Appl. Math. Comput..

[24]  Nigel P. Smart,et al.  AN IDENTITY BASED AUTHENTICATED KEY AGREEMENT PROTOCOL BASED ON THE WEIL PAIRING , 2001 .