Browse > Article
http://dx.doi.org/10.14400/JDC.2017.15.10.253

Untraceable Authenticated Key Agreement Scheme for Multi-server Environment  

Choi, Hae-Won (Department of Aerospace & Industrial Computing Security, Kyungwoon University)
Kim, Sangjin (Department of Aerospace & Industrial Computing Security, Kyungwoon University)
Ryoo, Myungchun (Department of Aerospace & Industrial Computing Security, Kyungwoon University)
Publication Information
Journal of Digital Convergence / v.15, no.10, 2017 , pp. 253-260 More about this Journal
Abstract
Authenticated key agreement in multi-server environments is one of very important security issues because only authorized user needs to access their data and services. To support this issue, numerous schemes have been proposed over recent years. Recently, Shin showed the security weaknesses in the previous scheme and proposed an improved scheme called SIAKAS to solve them. Unfortunately, this paper shows that SIAKAS is still weak against application server impersonation attack and could be traceable to attackers. To solve the problems in SIAKAS, we propose an untraceable authenticated key agreement scheme, denoted by UAKAS. UAKAS efficiently solves security and privacy issues in SIAKAS and the related schemes and could reduce the operation overhead at least 12% compared to them.
Keywords
Multi-server; Authenticated key agreement; Smart card; Impersonation attack; Untraceability;
Citations & Related Records
Times Cited By KSCI : 8  (Citation Analysis)
연도 인용수 순위
1 B.-S. Shim, D.-G. Yoo, "Trends and Activation Plans for Next-generation Wireless Broadband Industry," Journal of Digital Convergence, Vol. 13, No. 12, pp. 13-21, 2015.   DOI
2 Y.-T. Song, "The Effect of Web-based Communication to Internet Users of Information Characteristics : Focus on Internalization and Conformity," Journal of Digital Convergence, Vol. 14, No. 7, pp. 117-126, 2016.   DOI
3 S. Yoo, K. Choi, "Consumer protection in e-commerce: the Safety Transaction Service in Korea," Journal of Digital Convergence, Vol. 11, No. 11, pp. 29-36, 2013.   DOI
4 S.-B. Kim, "Improvement of IPTV Policy under the Smart Environment," Journal of Digital Convergence, Vol. 11, No. 10, pp. 141-152, 2013.   DOI
5 J.-M. Kim, H.-J. Kouh, "Security Analysis of Information Flow using SAT," Journal of Digital Convergence, Vol. 14, No. 6, pp. 253-261, 2016.   DOI
6 D. Y. Kim, "Trend and Improvement for Privacy Protection of Future Internet," Journal of Digital Convergence, Vol. 14, No. 6, pp. 405-413, 2016.   DOI
7 L. Lamport, "Password authentication with insecure communication," ACM Communication, Vol. 24, No. 11, pp. 770-772, 1981.   DOI
8 W. S. Juang, "Efficient multi-server password authenticated key agreement using smart cards," IEEE Trans. on Consumer Electronics, Vol. 50, No. 1, pp. 251-255, 2004.   DOI
9 D. Mishra, A. K. Das, S. A. Mukhopadhyay, "A secure user anonymity-preserving biometric based multi-server authenticated key agreement scheme using smart cards," Expert Systems with Applications, Vol. 41, No. 18, pp. 8129-8143, 2014.   DOI
10 K.-C. Shin, "Analysis and security improvements to Mishra et al.'s authentication," Journal of Security Engineering, Vol. 13, No. 4, pp. 261-278, 2016.   DOI
11 H. Kim, "Remote User Authentication Scheme with Key Agreement Providing Forward Secrecy," Journal of Security Engineering, Vol. 12, No. 1, pp. 1-12, 2015.   DOI
12 W.S.Choi, D.H.Won, "Security Enhanced User Authentication Scheme with Key Agreement based on Fuzzy Extraction Technology ," Journal of Internet Computing and Services, Vol. 17, No. 3, pp. 1-10, 2017.   DOI
13 H.-W. Choi, M.-C. Ryoo, C.-S. Lee, H. Kim, "Secure Data Gathering Protocol over Wireless Sensor Network," The Journal of Digital Policy & Management, Vol. 11, No. 12, pp. 367-380, 2013.
14 Younsung Choi, Donghoon Lee, Jiye Kim, Jaewook Jung, Junghyun Nam and Dongho Won, "Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography." Sensors, Vol. 14, No. 6, 2014.
15 Jongho Moon, Younsung Choi, jaewook Jung, Dongho Won, "An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards." PloS one,Vol 10, No. 12 , 2015.