Abstract
Recently, Xue et al. proposed a lightweight dynamic pseudonym identity based authentication and key agreement protocol for multi-server architecture (2014). They claimed that their scheme overcomes security flaws of related schemes. In this paper, we reanalyze the security of Xue et al.’s scheme and show that their scheme cannot resist password guessing attacks. In addition, their scheme cannot achieve user anonymity and untraceability. To conquer these defects, we propose an improved and lightweight pseudonym identity based authentication scheme for multi-server environment. Compared with Xue et al.’s scheme, our protocol not only maintains the merits, but also overcomes the security flaws.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Li, L., Lin, I.C., Hwang, M.S.: A remote authentication scheme for multi-server architecture using neural networks. IEEE Trans. Neural Netw. 12, 1498–1504 (2001)
Lin, I.C., Hwang, M.S., Li, L.H.: A new remote user authentication scheme for multi-server architecture. Future Gener. Comput. Syst. 19, 13–22 (2003)
Tsai, J.L.: Efficient multi-server authentication scheme based on one-way hash function without verification table. Comput. Secur. 27, 115–121 (2008)
Guo, D.L., Wen, F.T.: Analysis and improvement of a robust smart card based-authentication scheme for multi-server architecture. Wirel. Pers. Commun. 78, 475–490 (2014)
Wen, F.T., Li, X.L.: An improved dynamic ID-based remote user authentication with key agreement scheme. Comput. Electr. Eng. 38, 381–387 (2012)
He, D.B., Chen, J.H., Zhang, R.: A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36, 1989–1995 (2012)
Li, C.T., Hwang, M.S.: An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33, 1–5 (2010)
Wen, F.T., Susilo, W., Yang, G.M.: A robust smart card based anonymous user authentication protocol for wireless communications. Secur. Commun. Netw. 7, 987–993 (2013)
Li, X., Xiong, Y.P., Ma, J., Wang, W.D.: An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. J. Netw. Comput. Appl. 35, 763–769 (2012)
Xue, K.P., Hong, P.L., Ma, C.S.: A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture. J. Comput. Syst. Sci. 80, 195–206 (2014)
Hankerson, D., Menezes, A., Vanstone, S.: Guide to elliptic curve cryptography. Springer, New York (2004)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: 19th Annual International Cryptology Conferrence, pp. 388–397, vol. 1666 (1999)
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51, 541–552 (2002)
Leng, X.F.: Smart card applications and security. Inf. Secur. Tech. Rep. 14, 36–45 (2009)
Acknowledgments
This work is supported by Natural Science Foundation of Shandong Province (No. ZR2013FM009).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer India
About this paper
Cite this paper
Lin, H., Wen, F., Du, C. (2016). An Improved Lightweight Pseudonym Identity Based Authentication Scheme on Multi-server Environment. In: Zeng, QA. (eds) Wireless Communications, Networking and Applications. Lecture Notes in Electrical Engineering, vol 348. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2580-5_102
Download citation
DOI: https://doi.org/10.1007/978-81-322-2580-5_102
Published:
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-2579-9
Online ISBN: 978-81-322-2580-5
eBook Packages: EngineeringEngineering (R0)