An anonymous authenticated key-agreement scheme for multi-server infrastructure

Due to single-time registration, the multi-server authentication provides benefit for getting services from different servers through trusted agent. Generally, users feel hesitation for registering themselves individually with all service providers due to the problem of memorizing the multiple passwords. The multi-server authentication allows a quick access to services by real-time customer validation on public channel. Thereafter, hundreds of multi-server authentication protocols have been introduced. However, the more efficient and robust authentication schemes are being explored by the research academia. We introduce an anonymous scheme that resists the major security threats like impersonation attack, insider attack and password modification attacks in viable computing cost. We use random oracle model for formal security analysis of the proposed scheme. The performance analysis shows that the proposed scheme incurs less computation, energy, communication and storage cost as compared to related protocols. This analysis and comparison show that our proposed scheme is quite effective for the purpose of anonymous authentication and key agreement.

[1]  Cheng-Chi Lee,et al.  A two-factor authentication scheme with anonymity for multi-server environments , 2015, Secur. Commun. Networks.

[2]  Issa Traoré,et al.  Secure mutual authentication and automated access control for IoT smart home using cumulative Keyed-hash chain , 2019, J. Inf. Secur. Appl..

[3]  Omid Mir,et al.  Cryptanalysis and improvement of a Multi-Server Authenticated Key Agreement by Chen and Lee's Scheme , 2018, Inf. Technol. Control..

[4]  Nassar Ikram,et al.  Elliptic curve cryptography based mutual authentication scheme for session initiation protocol , 2011, Multimedia Tools and Applications.

[5]  Mohammad S. Obaidat,et al.  Gateway-oriented two-server password authenticated key exchange protocol for unmanned aerial vehicles in mobile edge computing , 2020, IET Commun..

[6]  Muhammad Khurram Khan,et al.  Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks , 2016, Comput. Networks.

[7]  Chin-Chen Chang,et al.  An efficient and secure multi-server password authentication scheme using smart cards , 2004, 2004 International Conference on Cyberworlds.

[8]  Xiong Li,et al.  A provably secure biometrics-based authenticated key agreement scheme for multi-server environments , 2017, Multimedia Tools and Applications.

[9]  Saru Kumari,et al.  Comments on “A Multi-factor User Authentication and Key Agreement Protocol Based on Bilinear Pairing for the Internet of Things” , 2020, Wirel. Pers. Commun..

[10]  Mu-En Wu,et al.  A secure authenticated and key exchange scheme for fog computing , 2020, Enterp. Inf. Syst..

[11]  Cheng-Chi Lee,et al.  A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards , 2011, Expert Syst. Appl..

[12]  Saru Kumari,et al.  Revised anonymous authentication protocol for adaptive client‐server infrastructure , 2020, Int. J. Commun. Syst..

[13]  Min-Shiang Hwang,et al.  A new remote user authentication scheme for multi-server architecture , 2003, Future Gener. Comput. Syst..

[14]  Chin-Chen Chang,et al.  A Smart Card-based Authentication Scheme Using User Identify Cryptography , 2013, Int. J. Netw. Secur..

[15]  Muhammad Khurram Khan,et al.  A robust and anonymous patient monitoring system using wireless medical sensor networks , 2018, Future Gener. Comput. Syst..

[16]  Mohammad S. Obaidat,et al.  An anonymous and provably secure authentication scheme for mobile user , 2016, Int. J. Commun. Syst..

[17]  Xiong Li,et al.  A Secure Three-Factor User Authentication Protocol With Forward Secrecy for Wireless Medical Sensor Network Systems , 2020, IEEE Systems Journal.

[18]  Kim-Kwang Raymond Choo,et al.  Design of a provably secure biometrics-based multi-cloud-server authentication scheme , 2017, Future Gener. Comput. Syst..

[19]  Sheetal Kalra,et al.  Secure authentication scheme for IoT and cloud servers , 2015, Pervasive Mob. Comput..

[20]  Chien-Lung Hsu,et al.  Efficient user identification scheme with key distribution preserving anonymity for distributed computer networks , 2004, Comput. Secur..

[21]  Saru Kumari,et al.  An enhanced anonymous identity‐based key agreement protocol for smart grid advanced metering infrastructure , 2019, Int. J. Commun. Syst..

[22]  Ruhul Amin,et al.  Design and Analysis of Bilinear Pairing Based Mutual Authentication and Key Agreement Protocol Usable in Multi-server Environment , 2015, Wireless Personal Communications.

[23]  Jia-Lun Tsai,et al.  Efficient multi-server authentication scheme based on one-way hash function without verification table , 2008, Comput. Secur..

[24]  Min-Shiang Hwang,et al.  A remote password authentication scheme for multiserver architecture using neural networks , 2001, IEEE Trans. Neural Networks.

[25]  Akram Reza,et al.  A Multi-factor User Authentication and Key Agreement Protocol Based on Bilinear Pairing for the Internet of Things , 2020, Wirel. Pers. Commun..

[26]  Xiong Li,et al.  A user friendly mutual authentication and key agreement scheme for wireless sensor networks using chaotic maps , 2016, Future Gener. Comput. Syst..

[27]  Wei-Kuan Shih,et al.  Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment , 2009, Comput. Stand. Interfaces.

[28]  Fan Wu,et al.  An Enhanced and Provably Secure Chaotic Map-Based Authenticated Key Agreement in Multi-Server Architecture , 2017, Arabian Journal for Science and Engineering.

[29]  Hilde van der Togt,et al.  Publisher's Note , 2003, J. Netw. Comput. Appl..

[30]  Fadi Al-Turjman,et al.  Correcting design flaws: An improved and cloud assisted key agreement scheme in cyber physical systems , 2020, Comput. Commun..

[31]  Chien-Ming Chen,et al.  Questioning Key Compromise Attack on Ostad-Sharif et al.’s Authentication and Session key Generation Scheme for Healthcare Applications , 2019, IEEE Access.

[32]  Muhammad Khurram Khan,et al.  A novel authentication and key‐agreement scheme for satellite communication network , 2020, Trans. Emerg. Telecommun. Technol..

[33]  Srivaths Ravi,et al.  A study of the energy consumption characteristics of cryptographic algorithms and security protocols , 2006, IEEE Transactions on Mobile Computing.

[34]  Chien-Ming Chen,et al.  Attacks and solutions on a three-party password-based authenticated key exchange protocol for wireless communications , 2018, Journal of Ambient Intelligence and Humanized Computing.

[35]  Wen-Shenq Juang,et al.  Efficient password authenticated key agreement using smart cards , 2004, Comput. Secur..

[36]  Woei-Jiunn Tsaur,et al.  A Flexible User Authentication Scheme for Multi-server Internet Services , 2001, ICN.

[37]  Shuenn-Shyang Wang,et al.  A secure dynamic ID based remote user authentication scheme for multi-server environment , 2009, Comput. Stand. Interfaces.

[38]  Muhammad Khurram Khan,et al.  User authentication schemes for wireless sensor networks: A review , 2015, Ad Hoc Networks.

[39]  Yining Liu,et al.  A Secure Authentication Protocol for Internet of Vehicles , 2019, IEEE Access.

[40]  Mahboubeh Nazari,et al.  An efficient improvement remote user mutual authentication and session key agreement scheme for E-health care systems , 2016, Multimedia Tools and Applications.

[41]  Zahid Mehmood,et al.  An ameliorated two-factor anonymous key exchange authentication protocol for mobile client-server environment , 2018, Int. J. Commun. Syst..

[42]  Xiong Li,et al.  A provably secure and anonymous message authentication scheme for smart grids , 2017, J. Parallel Distributed Comput..