Unified and integrated authentication and key agreement scheme for e-governance system without verification table

E-governance or electronic governance is an application of Information and Communication Technology (ICT) for delivering cost-effective government services by any country to its citizens with reliability, transparency and efficiency. Majority of authentication schemes for e-governance in India are based on single-server environment. To access the services, users need to register themselves at the authentication server for every e-governance service. Various e-governance services work through different servers, and therefore users get registered on each server separately. These services and servers require a unified and integrated authentication scheme to overcome the problem of multiple registrations and login processes. This paper proposes a dynamic authentication protocol based on the identity of a user for multi-server architecture without using verification tables. It is also capable of integrating all the existing e-governance projects. The proposed protocol fulfills the security requirements such as mutual authentication, traceability and identity protection along with the facility to share a session key among all the servers for secure communication.

[1]  Ping Wang,et al.  Preserving privacy for free: Efficient and provably secure two-factor authentication scheme with user anonymity , 2015, Inf. Sci..

[2]  Jianhua Li,et al.  Anonymity Enhancement on Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards , 2010, IEEE Transactions on Industrial Electronics.

[3]  Cheng-Chi Lee,et al.  A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards , 2011, Expert Syst. Appl..

[4]  Amit K. Awasthi,et al.  A remote user authentication scheme using smart cards with forward secrecy , 2003, IEEE Trans. Consumer Electron..

[5]  Jenq-Shiou Leu,et al.  Efficient and secure dynamic ID-based remote user authentication scheme for distributed systems using smart cards , 2014, IET Inf. Secur..

[6]  Ping Wang,et al.  Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks , 2014, Ad Hoc Networks.

[7]  Ping Wang,et al.  Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment , 2015, IEEE Transactions on Dependable and Secure Computing.

[8]  Bill Nugent Password-based authentication , 1987, SGSC.

[9]  Murali Sambasivan,et al.  User acceptance of a G2B system: a case of electronic procurement system in Malaysia , 2010, Internet Res..

[10]  Tzonelih Hwang,et al.  Non-interactive password authentications without password tables , 1990, IEEE TENCON'90: 1990 IEEE Region 10 Conference on Computer and Communication Systems. Conference Proceedings.

[11]  Chern-Lin Chen,et al.  A Novel Single-Stage High-Power-Factor AC-to-DC LED Driving Circuit With Leakage Inductance Energy Recycling , 2012, IEEE Transactions on Industrial Electronics.

[12]  Wei-Kuan Shih,et al.  Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment , 2009, Comput. Stand. Interfaces.

[13]  Jian Ma,et al.  A novel smart card and dynamic ID based remote user authentication scheme for multi-server environments , 2013, Math. Comput. Model..

[14]  Peilin Hong,et al.  A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture , 2012, J. Comput. Syst. Sci..

[15]  Jianfeng Ma,et al.  Improvement of robust smart‐card‐based password authentication scheme , 2015, Int. J. Commun. Syst..

[16]  Wei Hu,et al.  ATCS: A Novel Anonymous and Traceable Communication Scheme for Vehicular Ad Hoc Networks , 2011, Int. J. Netw. Secur..

[17]  Chin-Chen Chang,et al.  Remote password authentication with smart cards , 1991 .

[18]  Kuldip Singh,et al.  A secure dynamic identity based authentication protocol for multi-server architecture , 2011, J. Netw. Comput. Appl..

[19]  David Pointcheval,et al.  Interactive Diffie-Hellman Assumptions with Applications to Password-Based Authentication , 2005, Financial Cryptography.

[20]  Darpan Anand,et al.  Dynamic Id Based Remote User Authentication in Multi Server Environment Using Smart Cards: A Review , 2015, 2015 International Conference on Computational Intelligence and Communication Networks (CICN).

[21]  Jennifer M. Coston A Model and Typology of Government-NGO Relationships , 1998 .

[22]  Cheng-Chi Lee,et al.  A Secure Dynamic Identity Based Authentication Protocol with Smart Cards for Multi-Server Architecture , 2015, J. Inf. Sci. Eng..

[23]  Euripidis N. Loukis,et al.  Computer-supported G2G collaboration for public policy and decision-making , 2005, J. Enterp. Inf. Manag..

[24]  Markus G. Kuhn,et al.  Analysis of a denial of service attack on TCP , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[25]  Jian Ma,et al.  An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards , 2012, J. Netw. Comput. Appl..

[26]  Robert H. Deng,et al.  A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[27]  Hung-Yu Chien,et al.  A remote authentication scheme preserving user anonymity , 2005, 19th International Conference on Advanced Information Networking and Applications (AINA'05) Volume 1 (AINA papers).

[28]  Liz Lee-Kelley,et al.  G2C e-government: modernisation or transformation? , 2007, Electron. Gov. an Int. J..

[29]  Shuenn-Shyang Wang,et al.  A secure dynamic ID based remote user authentication scheme for multi-server environment , 2009, Comput. Stand. Interfaces.

[30]  Ping Wang,et al.  The Request for Better Measurement: A Comparative Evaluation of Two-Factor Authentication Schemes , 2016, AsiaCCS.

[32]  Malek Ben Salem,et al.  A Survey of Insider Attack Detection Research , 2008, Insider Attack and Cyber Security.

[33]  Owen Rees,et al.  Efficient and timely mutual authentication , 1987, OPSR.