ECC-based Secure and Lightweight Authentication Protocol for Mobile Environment

Due to recent advances in wireless communication, the availability of mobile services has increased significantly. However, due to the open nature of wireless channels, vulnerabilities exploiting these services have increased as well. Thus, it is essential to ensure the legitimacy of both clients and servers and to provide communication confidentiality. To feed this trend, mutual authentication has become a critical security issue in mobile environments. In the past, a large number of authentication protocols have been proposed to provide secure communication and key exchange between parties. However, most of them fail to provide reliable security solutions due to inherent challenges such as the mobility of users, increasing attack vectors, and resource-constrained mobile devices. Thus, developing an efficient authentication protocol for practical mobile device deployment remains challenging. Therefore, we propose a lightweight and secure authentication key exchange protocol for mobile environment able to resist the threats while providing higher operational efficiency. The designed solution is based on Elliptic Curve Cryptography, well known for its short key sizes as well as its reduced storage and transmission requirements. The formal security verification of the proposed scheme has been carried out using the widely used AVIPSA tool. Further, the computational and communicational overhead analysis of the proposed scheme mark its superior performance relative to the current state-of-the-art.

[1]  Huirong Fu,et al.  CMAPS: A Chess-Based Multi-Facet Password Scheme for Mobile Devices , 2018, IEEE Access.

[2]  Xiong Li,et al.  A robust biometrics based three-factor authentication scheme for Global Mobility Networks in smart city , 2017, Future Gener. Comput. Syst..

[3]  Sherali Zeadally,et al.  Ideal Lattice-Based Anonymous Authentication Protocol for Mobile Devices , 2019, IEEE Systems Journal.

[4]  Jianfeng Ma,et al.  A privacy preserving three-factor authentication protocol for e-Health clouds , 2016, The Journal of Supercomputing.

[5]  Georges Kaddoum,et al.  Cross-Layer Authentication Protocol Design for Ultra-Dense 5G HetNets , 2018, 2018 IEEE International Conference on Communications (ICC).

[6]  Jianhua Chen,et al.  An efficient two‐party authentication key exchange protocol for mobile environment , 2017, Int. J. Commun. Syst..

[7]  Willy Susilo,et al.  Secure Message Communication Protocol Among Vehicles in Smart City , 2018, IEEE Transactions on Vehicular Technology.

[8]  Neeraj Kumar,et al.  Towards Designing an Efficient Authentication Scheme for RFID-based Healthcare Applications in Vehicular Mobile Cloud , 2015 .

[9]  Jianhua Chen,et al.  An ID-based client authentication with key agreement protocol for mobile client-server environment on ECC with provable security , 2012, Inf. Fusion.

[10]  Rama Chellappa,et al.  Continuous User Authentication on Mobile Devices: Recent progress and remaining challenges , 2016, IEEE Signal Processing Magazine.

[11]  Eun-Jun Yoon,et al.  Secure Signature-Based Authenticated Key Establishment Scheme for Future IoT Applications , 2017, IEEE Access.

[12]  Florian Alt,et al.  GTmoPass: two-factor authentication on public displays using gaze-touch passwords and personal mobile devices , 2017, PerDis.

[13]  Yuting Xiao,et al.  Efficient Multi-Factor Authenticated Key Exchange Scheme for Mobile Communications , 2019, IEEE Transactions on Dependable and Secure Computing.

[14]  Ashok Kumar Das,et al.  2PAKEP: Provably Secure and Efficient Two-Party Authenticated Key Exchange Protocol for Mobile Environment , 2018, IEEE Access.

[15]  Subhas C. Misra,et al.  An intelligent RFID-enabled authentication scheme for healthcare applications in vehicular mobile cloud , 2016, Peer-to-Peer Netw. Appl..

[16]  Yuanyuan Zhang,et al.  An Improved Two-Party Authentication Key Exchange Protocol for Mobile Environment , 2015, Wirel. Pers. Commun..

[17]  Daniele Sgandurra,et al.  A Survey on Security for Mobile Devices , 2013, IEEE Communications Surveys & Tutorials.