|
|
基于椭圆曲线的高效远程用户认证协议
|
Abstract:
大部分现有远程用户认证方案都存在效率不高的缺点,因此不适用于资源受限设备。鉴于此,我们提出一个新的高效的远程用户认证协议。该协议采用椭圆曲线密码技术,并且使用智能卡存储长期秘密数据。我们分别使用形式化验证工具ProVerif、BAN逻辑以及非形式化方法验证和分析协议的安全性。结果表明新协议能抵抗多种常见攻击。通过与现有相关协议进行比较,表明新协议在性能方面也具有优势。
Most existing remote user authentication schemes suffer from inefficiencies and are therefore not suitable for resource-constrained devices. In view of this, we propose a new efficient remote user authentication protocol. The protocol uses elliptic curve cryptography and uses smart cards to store long-term secret data. We verify and analyze the security of the protocol using the formal verifica-tion tool ProVerif, BAN logic, and non-formal methods, respectively. The results show that the new protocol is resistant to a variety of common attacks. A comparison with existing related protocols shows that the new protocol also has performance advantages.
| [1] | Lamport, L. (1981) Password Authentication with Insecure Communication. Communications of the ACM, 24, 770-772.
https://doi.org/10.1145/358790.358797 |
| [2] | Seo, D.H. and Sweeney, P. (1999) Simple Authenticated Key Agree-ment Algorithm. Electronics Letters, 35, 1073-1074.
https://doi.org/10.1049/el:19990724 |
| [3] | Hwang, M.S. and Li, L.H. (2000) A New Remote User Authentication Scheme Using Smart Cards. IEEE Transactions on Consumer Electronics, 46, 28-30. https://doi.org/10.1109/30.826377 |
| [4] | Sun, H.M. (2000) An Efficient Remote Use Authentication Scheme Using Smart Cards. IEEE Transactions on Consumer Electronics, 46, 958-961. https://doi.org/10.1109/30.920446 |
| [5] | Chien, H.Y., Jan, J.K. and Tseng, Y.M. (2002) An Efficient and Practical Solution to Remote Authentication: Smart Card. Computers & Security, 21, 372-375. https://doi.org/10.1016/S0167-4048(02)00415-7 |
| [6] | Lee, S.W., Kim, W.H., Kim, H.S. and Yoo, K.Y. (2004) Ef-ficient Password-Based Authenticated Key Agreement Protocol. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K. and Gervasi, O., Eds., Computational Science and Its Applications—ICCSA 2004, Lecture Notes in Com-puter Science, Vol. 3046, Springer, Berlin, 617-626.
https://doi.org/10.1007/978-3-540-24768-5_66 |
| [7] | Pointcheval, D. (2012) Password-Based Authenticated Key Exchange. In: International Workshop on Public Key Cryptography, Springer, Berlin, 390-397. https://doi.org/10.1007/978-3-642-30057-8_23 |
| [8] | Farash, M.S. and Attari, M.A. (2014) An Efficient and Prova-bly Secure Three-Party Password-Based Authenticated Key Exchange Protocol Based on Chebyshev Chaotic Maps. Nonlinear Dynamics, 77, 399-411.
https://doi.org/10.1007/s11071-014-1304-6 |
| [9] | Fan, C.I., Chan, Y.C. and Zhang, Z.K. (2005) Robust Remote Authentication Scheme with Smart Cards. Computers & Security, 24, 619-628. https://doi.org/10.1016/j.cose.2005.03.006 |
| [10] | He, D., Kumar, N., Khan, M.K. and Lee, J.H. (2013) Anonymous Two-Factor Authentication for Consumer Roaming Service in Global Mobility Networks. IEEE Transactions on Con-sumer Electronics, 59, 811-817.
https://doi.org/10.1109/TCE.2013.6689693 |
| [11] | Huang, X., Chen, X., Li, J., Xiang, Y. and Xu, L. (2013) Further Observations on Smart-Card-Based Password-Authe- nticated Key Agreement in Distributed Systems. IEEE Transac-tions on Parallel and Distributed Systems, 25, 1767- 1775. https://doi.org/10.1109/TPDS.2013.230 |
| [12] | Chang, I.P., Lee, T.F., Lin, T.H. and Liu, C.M. (2015) Enhanced Two-Factor Authentication and Key Agreement Using Dynam-ic Identities in Wireless Sensor Networks. Sensors, 15, 29841-29854. https://doi.org/10.3390/s151229767 |
| [13] | Xie, Q., Dong, N., Wong, D.S. and Hu, B. (2016) Cryptanalysis and Se-curity Enhancement of a Robust Two-Factor Authentication and Key Agreement Protocol. International Journal of Communication Systems, 29, 478-487.
https://doi.org/10.1002/dac.2858 |
| [14] | Yang, Z., He, J., Tian, Y. and Zhou, J. (2019) Faster Authenticated Key Agreement with Perfect Forward Secrecy for Industrial Internet-of-Things. IEEE Transactions on Industrial Informatics, 16, 6584-6596.
https://doi.org/10.1109/TII.2019.2963328 |
| [15] | Li, W., Li, X., Gao, J. and Wang, H. (2019) Design of Secure Au-thenticated Key Management Protocol for Cloud Computing Environments. IEEE Transactions on Dependable and Se-cure Computing, 18, 1276-1290.
https://doi.org/10.1109/TDSC.2019.2909890 |
| [16] | Mo, J., Hu, Z. and Lin, Y. (2018) Remote User Authentication and Key Agreement for Mobile Client-Server Environments on Elliptic Curve Cryptography. The Journal of Supercom-puting, 74, 5927-5943.
https://doi.org/10.1007/s11227-018-2507-2 |
| [17] | Srinivas, J., Das, A.K., Wazid, M. and Kumar, N. (2018) Anon-ymous Lightweight Chaotic Map-Based Authenticated Key Agreement Protocol for Industrial Internet of Things. IEEE Transactions on Dependable and Secure Computing, 17, 1133-1146. https://doi.org/10.1109/TDSC.2018.2857811 |
| [18] | Zhang, L., Zhang, Y., Tang, S. and Luo, H. (2017) Privacy Pro-tection for e-Health Systems by Means of Dynamic Authentication and Three-Factor Key Agreement. IEEE Transactions on Industrial Electronics, 65, 2795-2805.
https://doi.org/10.1109/TIE.2017.2739683 |
| [19] | Jiang, Q., Zhang, N., Ni, J., Ma, J., Ma, X. and Choo, K.K.R. (2020) Unified Biometric Privacy Preserving Three- Factor Authentication and Key Agreement for Cloud-Assisted Au-tonomous Vehicles. IEEE Transactions on Vehicular Technology, 69, 9390-9401. https://doi.org/10.1109/TVT.2020.2971254 |
| [20] | Sutrala, A.K., Obaidat, M.S., Saha, S., Das, A.K., Alazab, M. and Park, Y. (2021) Authenticated Key Agreement Scheme with User Anonymity and Untraceability for 5G-Enabled Soft-warized Industrial Cyber-Physical Systems. IEEE Transactions on Intelligent Transportation Systems, 23, 2316-2330. https://doi.org/10.1109/TITS.2021.3056704 |
| [21] | Qiu, S., Wang, D., Xu, G. and Kumari, S. (2022) Practical and Provably Secure Three-Factor Authentication Protocol Based on Extended Chaotic-Maps for Mobile Lightweight Devic-es. IEEE Transactions on Dependable and Secure Computing, 19, 1338-1351. |
| [22] | Reddy, A.G., Das, A.K., Odelu, V., Ahmad, A. and Shin, J.S. (2019) A Privacy Preserving Three-Factor Authenticated Key Agreement Protocol for Cli-ent-Server Environment. Journal of Ambient Intelligence and Humanized Computing, 10, 661-680. https://doi.org/10.1007/s12652-018-0716-4 |
| [23] | Mohit, P. (2021) An Efficient Mutual Authentication and Privacy Prevention Scheme for e-Healthcare Monitoring. Journal of Information Security and Applications, 63, Article ID: 102992. https://doi.org/10.1016/j.jisa.2021.102992 |
| [24] | Das, M.L., Saxena, A. and Gulati, V.P. (2004) A Dynamic ID-Based Remote User Authentication Scheme. IEEE Transactions on Consumer Electronics, 50, 629-631. https://doi.org/10.1109/TCE.2004.1309441 |
| [25] | Wang, Y.Y., Liu, J.Y., Xiao, F.X. and Dan, J. (2009) A More Ef-ficient and Secure Dynamic ID-Based Remote User Authentication Scheme. Computer Communications, 32, 583-585. https://doi.org/10.1016/j.comcom.2008.11.008 |
| [26] | Khan, M.K., Kim, S.K. andAlghathbar, K. (2011) Cryptanaly-sis and Security Enhancement of a “More Efficient & Secure Dynamic ID-Based Remote User Authentication Scheme”. Computer Communications, 34, 305-309.
https://doi.org/10.1016/j.comcom.2010.02.011 |
| [27] | Xie, Q., Wong, D.S., Wang, G., Tan, X., Chen, K.F. and Fang, L. (2017) Provably Secure Dynamic ID-Based Anonymous Two-Factor Authenticated Key Exchange Protocol with Ex-tended Security Model. IEEE Transactions on Information Forensics and Security, 12, 1382-1392. https://doi.org/10.1109/TIFS.2017.2659640 |
| [28] | Li, X., Yang, D., Zeng, X., Chen, B. and Zhang, Y. (2018) Comments on “Provably Secure Dynamic ID-Based Anonymous Two-Factor Authenticated Key Exchange Protocol with Extended Security Model”. IEEE Transactions on Information Forensics and Security, 14, 3344-3345. https://doi.org/10.1109/TIFS.2018.2866304 |
| [29] | Abbasinezhad-Mood, D., Mazinani, S.M., Nikooghadam, M. and Sharif, A.O. (2020) Efficient Provably-Secure Dynamic ID-Based Authenticated Key Agreement Scheme with Enhanced Security Provision. IEEE Transactions on Dependable and Secure Computing, 19, 1227-1238. https://doi.org/10.1109/TDSC.2020.3024654 |
| [30] | Ying, B. and Nayak, A. (2019) Lightweight Remote User Au-thentication Protocol for Multi-Server 5G Networks Using Self-Certified Public Key Cryptography. Journal of Network and Computer Applications, 131, 66-74.
https://doi.org/10.1016/j.jnca.2019.01.017 |
| [31] | Wang, J. and Zhu, Y. (2020) Secure Two-Factor Lightweight Au-thentication Protocol Using Self-Certified Public Key Cryptography for Multi-Server 5G Networks. Journal of Network and Computer Applications, 161, Article ID: 102660.
https://doi.org/10.1016/j.jnca.2020.102660 |
| [32] | Kumari, A., Jangirala, S., Abbasi, M.Y., Kumar, V. and Alam, M. (2020) ESEAP: ECC Based Secure and Efficient Mutual Authentication Protocol Using Smart Card. Journal of Infor-mation Security and Applications, 51, Article ID: 102443. https://doi.org/10.1016/j.jisa.2019.102443 |
| [33] | Tsobdjou, L.D., Pierre, S. and Quintero, A. (2021) A New Mutual Authentication and Key Agreement Protocol for Mobile Client—Server Environment. IEEE Transactions on Network and Service Management, 18, 1275-1286.
https://doi.org/10.1109/TNSM.2021.3071087 |
| [34] | Miller, V.S. (1986) Use of Elliptic Curves in Cryptography. In: Williams, H.C., Ed., Advances in Cryptology— CRYPTO’85 Proceedings, CRYPTO 1985, Lecture Notes in Computer Science, Vol. 218, Springer, Berlin, 417-426.
https://doi.org/10.1007/3-540-39799-X_31 |
| [35] | Koblitz, N. (1987) Elliptic Curve Cryptosystems. Mathematics of Computation, 48, 203-209.
https://doi.org/10.1090/S0025-5718-1987-0866109-5 |
| [36] | Dolev, D. and Yao, A. (1983) On the Security of Public Key Protocols. IEEE Transactions on Information Theory, 29, 198-208. https://doi.org/10.1109/TIT.1983.1056650 |
| [37] | Kocher, P., Jaffe, J. and Jun, B. (1999) Differential Power Analy-sis. In: Wiener, M., Ed., Advances in Cryptology— CRYPTO’99, Lecture Notes in Computer Science, Vol. 1666, Springer, Berlin, 388-397.
https://doi.org/10.1007/3-540-48405-1_25 |
| [38] | Burrows, M., Abadi, M. and Needham, R. (1990) A Logic of Au-thentication. ACM Transactions on Computer Systems (TOCS), 8, 18-36. https://doi.org/10.1145/77648.77649 |
| [39] | Blanchet, B. (2016) Modeling and Verifying Security Protocols with the Applied Pi Calculus and ProVerif. Foundations and Trends? in Privacy and Security, 1, 1-135. https://doi.org/10.1561/3300000004 |
| [40] | Abadi, M. and Fournet, C. (2001) Mobile Values, New Names, and Se-cure Communication. ACM SIGPLAN Notices, 36, 104-115. https://doi.org/10.1145/373243.360213 |
