An Improved Lightweight Two-Factor Authentication and Key Agreement Protocol with Dynamic Identity Based on Elliptic Curve Cryptography |
Qiu, Shuming
(Elementary Educational College, Jiangxi Normal University)
Xu, Guosheng (School of CyberSpace Security, Beijing University of Posts and Telecommunications) Ahmad, Haseeb (Department of Computer Science, National Textile University) Xu, Guoai (School of CyberSpace Security, Beijing University of Posts and Telecommunications) Qiu, Xinping (Jiangxi University of Finance and Economics) Xu, Hong (High-Tech Research and Development Center, the Ministry of Science and Technology) |
1 | MS. Farash, SA. Chaudhry, M. Heydari, SMS. Sadough, S. Kumari and MK. Khan, "A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security," Int. J. Communication Systems, vol.30, no.4, 2017. |
2 | S. Kumari, M. Karuppiah, AK. Das, X. Li, F. Wu and V. Gupta, "Design of a secure anonymity-preserving authentication scheme for session initiation protocol using elliptic curve cryptography," J Ambient Intell Human Comput, 2017. |
3 | S. Kumari, "Design flaws of "an anonymous two-factor authenticated key agreement scheme for session initiation protocol using elliptic curve cryptography," Multimed Tools Appl, vol.76, pp. 13581, 2017. DOI |
4 | SM. Qiu, GA. Xu, H. Ahmad and LC. Wang, "A Robust Mutual Authentication Scheme Based on Elliptic Curve Cryptography for Telecare Medical Information Systems," IEEE Access, 6, pp. 7452-7463, 2018. DOI |
5 | SM. Qiu, GA. Xu, H. Ahmad and YH. Guo, "An enhanced password authentication scheme for session initiation protocol with perfect forward secrecy," PLoS ONE, vol. 13, no. 3, e0194072, 2018. DOI |
6 | J. Franks, P. Hallam-Baker, J. Hostetler, S. Lawrence, P. Leac and A. Luotonen, "HTTP Authentication: Basic and digest access authentication," IETF RFC, 2617, 1999. |
7 | C. Yang, R. Wang and W. Liu, "Secure authentication scheme for session initiation protocol," Comput Secur, vol. 24, 381-386, 2015. DOI |
8 | HF. Huang, WC. Wei and GE. Brown, "A new efficient authentication scheme for session initiation protocol," in Proc. of 9th Joint Conference on Information Sciences, 2006. |
9 | D. Denning, G. Sacco. "Timestamps in key distribution systems," Commun ACM, vol. 24, no.8, pp. 533-536, 1981. DOI |
10 | A. Durlanik and I. Sogukpinar, "SIP authentication scheme using ECDH," World Enformatika Soc Trans Eng Comput Technol, 8, pp. 350-353, 2005. |
11 | D. Wang, C. Ma, P. Wang and Z. Chen, "Robust smart card based password authentication scheme against smart card security breach," IACR Cryptology ePrint Archive, 2012. Retrieved from eprint.iacr.org/2012/439.pdf. |
12 | S. Kumari, M. Khan and X. Li, "An improved remote user authentication scheme with key agreement," Comput Electr Eng, vol.40, no.6, pp. 1997-2012, 2014. DOI |
13 | SA. Chaudhry, MS. Farash, H. Naqvi, S. Kumari and MK. Khan, "An enhanced privacy preserving remote user authentication scheme with provable security," Secur Commun Netw, vol.8, no.18, pp. 3782-3795, 2015. DOI |
14 | Morteza. Nikooghadam, Reza. Jahantigh and Hamed. Arshad, "A lightweight authentication and key agreement protocol preserving user anonymity," Multimedia Tools Appl, Vol. 76, no.11, pp. 13401-13423, 2017. DOI |
15 | D. Dolev and A. Yao, "On the security of public key protocols," IEEE Trans Inf Theory, vol. 29, no.2, pp. 198-208, 1983. DOI |
16 | D. Wang and P. Wang, "Two birds with one stone: two-factor authentication with security beyond conventional bound," IEEE Trans Depend Secur Comput, 2016. |
17 | P. Kocher, J. Jaffe and B. Jun, "Differential power analysis," Advances in Cryptology, 1666, pp. 388-397, 1999. |
18 | D. Wang, DB. He, P. Wang and C. Chu, "Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment," IEEE Trans Depend Secur Comput, vol. 12, no. 4, pp. 428-442, 2015. DOI |
19 | TS. Messerges, EA. Dabbish and RH. Sloan, "Examining smart-card security under the threat of power analysis attacks," IEEE Trans Comput, vol.51, no.5, pp. 541-552, 2002. DOI |
20 | Y. Chang, W. Tai and H. Chang, "Untraceable dynamic-identity-based remote user authentication scheme with verifiable password update," Int J Commun Syst, 2015. |
21 | M. Burrow, M. Abadi, and R. M. Needham, "A logic of authentication," ACM Trans. Comput. Syst, vol. 8, no. 1, pp. 18-36, 1990. DOI |
22 | DD. Wang, Z. Zhang, and P. Wang, ''Targeted online password guessing: An underestimated threat,'' in Proc. of ACM CCS, vol. 16, pp. 1242-1254, 2016. |
23 | D. Wang and P. Wang, "On the implications of Zipf's law in passwords," in Proc. of ESORICS, 2016, pp. 111-131. |
24 | AVISPA. "Automated validation of internet security protocols and applications," http://www.avispaproject.org/ (accessed on March 2018). |
25 | J. Chou, C. Huang, Y. Huang and Y. Chen, "Efficient two-pass anonymous identity authentication using smart card," IACR Cryptology ePrint Archive, 2013. Retrieved from eprint.iacr.org/2013/402.pdf. |
26 | F. Wen and X. Li, "An improved dynamic id-based remote user authentication with key agreement scheme," Comput Electr Eng, vol. 38, no. 2, pp. 381-387, 2011. DOI |
27 | H. Kilinc and T. Yanik, "A survey of SIP authentication and key agreement schemes," IEEE Communications Surveys and Tutorials, vol. 16, no. 2, pp. 1005-1023, 2014. DOI |
28 | BL. Chen, WC. Kuo and LC. Wuu, "Robust smart-card-based remote user password authentication scheme," Int J Commun Syst, 27, pp. 377-389, 2012. DOI |
29 | D. Mishra, AK. Das, A. Chaturvedi and S. Mukhopadhyay, "A secure password-based authentication and key agreement scheme using smart cards," J Inf Secur Appl, 23, pp. 28-43, 2015. DOI |
30 | Juan. Qu and Li-min. Zou, "An Improved Dynamic ID-Based Remote User Authentication with Key Agreement Scheme," J. Electrical and Computer Engineering, pp. 786587:1-786587:, 2013. |
31 | H. Arshad and M. Nikooghadam, "An efficient and secure authentication and key agreement scheme for session initiation protocol using ECC," Multimedia Tools and Applications, vol. 75, no. 1, pp. 181-197, 2016. DOI |
32 | Ding. Wang, Nan, Wang, Ping. Wang and Sihan. Qing, "Preserving privacy for free: Efficient and provably secure two-factor authentication scheme with user anonymity," Inf. Sci, 321, pp. 162-178, 2015. DOI |
33 | Chunguang. Ma, Dingwang. and Sendong. Zhao, "Security flaws in two improved remote user authentication schemes using smart cards," Int. J. Communication Systems, vol. 27, no. 10, pp. 2215-2227, 2014. DOI |
34 | Xinyi. Huang, Xiaofeng. Chen, Jin. Li, Yang. Xiang and Li. Xu, "Further Observations on Smart-Card-Based Password-Authenticated Key Agreement in Distributed Systems," IEEE Trans. Parallel Distrib. Syst, vol. 25, no. 7, pp. 1767-1775, 2014. DOI |
35 | J.Arkko, V. Torvinen, G. Camarillo, A. Niemi and T. Haukka, "Security mechanism agreement for SIP sessions," IETF Internet Draft, Jun. 2002. |
36 | Ding. Wang, Haibo. Cheng, Debiao. He and Ping. Wang, "On the Challenges in Designing Identity-Based Privacy-Preserving Authentication Schemes for Mobile Devices," IEEE Systems Journal, vol. 12, no. 1, pp. 916-925, 2018. DOI |
37 | Ding. Wang and Ping. Wang, "On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions," Computer Networks, 73, pp. 41-57, 2014. DOI |
38 | Ding. Wang, Qianchen. Gu, Haibo. Cheng and Ping. Wang, "The Request for Better Measurement: A Comparative Evaluation of Two-Factor Authentication Schemes," AsiaCCS, pp. 475-486, 2016. |
39 | Mohammad. Wazid, Ashok Kumar. Das, Vanga. Odelu, Neeraj. Kumar, Mauro. Conti and Minho. Jo, "Design of Secure User Authenticated Key Management Protocol for Generic IoT Networks," IEEE Internet of Things Journal, vol. 5, no. 1, pp. 269-282, 2018. DOI |
40 | Shehzad Ashraf. Chaudhry, Husnain. Naqvi, Khalid. Mahmood, Hafiz. Farooq. Ahmad and Muhammad Khurram. Khan, "An Improved Remote User Authentication Scheme Using Elliptic Curve Cryptography," Wireless Personal Communications, vol. 96, no. 4, pp. 5355-5373, 2017. DOI |
41 | Shuai. Liu, Zheng. Pan and Houbing. Song, "Digital image watermarking method based on DCT and fractal encoding," IET Image Processing, vol. 11, no. 10, pp. 815-821, 2017. DOI |
42 | DB. He, J. Chen and Chen Y, "A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography," Secur Commun Netw, vol.5, no.12, pp. 1423-1429, 2012. DOI |
43 | MK. Khan, "Fingerprint Biometric-based Self-Authentication and Deniable Authentication Schemes for the Electronic World," Iete Technical Review, vol. 26, no. 3, pp. 191-195, 2009. DOI |
44 | TH. Chen, HL. Yeh, PC. Liu, HC. Hsiang and WK. Shih, "A secured authentication protocol for SIP using elliptic curves cryptography," FGIT-FGCN, vol. 119, no.1, pp. 46-55, 2010. |
45 | FW. Liu and H. Koenig, "Cryptanalysis of a SIP authentication scheme," In: 12th IFIP TC6/TC11 International Conference, CMS, Lecture Notes in Computer Science, vol. 7025, pp. 134-143, 2011. |
46 | R. Arshad and N. Ikram, "Elliptic curve cryptography based mutual authentication scheme for session initiation protocol," Multimed Tools Appl, vol.66, no.2, pp. 165-178, 2013. DOI |
47 | MS. Farash and MA. Attari, "An Enhanced authenticated key agreement for session initiation protocol," Inf Technol Control, vol.42, no.4, pp. 333-342, 2013. |
48 | S. Kumari and MK. Khan, "More secure smart card-based remote user password authentication scheme with user anonymity," Security and Communication Networks, vol.7, no.11, pp. 2039-2053, 2014. DOI |
49 | H. Tang and X. Liu, "Cryptanalysis of Arshad et al'.s ECC-based mutual authentication scheme for session initiation protocol," Multimed Tools Appl, vol. 65, no. 3, pp. 321-333, 2013. DOI |
50 | XM. Wang, W. Guo, WF. Zhang, MK. Khan and K Alghathbar, "Cryptanalysis and improvement on a parallel keyed hash function based on chaotic neural network," Telecommunication Systems, vol. 52, no. 2, pp. 515-524, 2013. DOI |
51 | S. Kumari, SA. Chaudhry, F. Wu, X. Li, MS. Farash and MK. Khan, "An improved smart card based authentication scheme for session initiation protocol," Peer-to-Peer Networking and Applications, 2015. |
52 | SA. Chaudhry, H. Naqvi, T. Shon, M. Sher and MS. Farash, "Cryptanalysis and Improvement of an Improved Two Factor Authentication Protocol for Telecare Medical Information Systems," J. Medical Systems, vol. 39, no.6, pp. 1-11, 2015. DOI |
53 | S. Challa, AK. Das, S. Kumari, V. Odelu, F. Wu and X. Li, "Provably secure three-factor authentication and key agreement scheme for session initiation protocol," Security and Communication Networks, vol. 9, no.18, pp. 5412-5431, 2016. DOI |
54 | SA. Chaudhry, I. Khan, A. Irshad, MU. Ashraf, MK. Khan and HF. Ahmad, "A provably secure anonymous authentication scheme for session initiation protocol," Secur Commun Netw, 2016. |
55 | AK. Sutrala, AK. Das, V. Odelu, M. Wazid and S. Kumari, "Secure anonymity-preserving password-based user authentication and session key agreement protocol for telecare medicine information systems," Computer Methods and Programs in Biomedicine, vol.135, pp. 167-185, 2016. DOI |
56 | Shuai. Liu, Zheng. Pan and Xiaochun. Cheng, "A Novel Fast Fractal Image Compression Method based on Distance Clustering in High Dimensional Sphere Surface," Fractals, vol. 25, no. 4, 1740004, 2017. DOI |
57 | Zheng. Pan, Shuai. Liu and Weina. Fu, "A review of visual moving target tracking," Multimedia Tools Appl, vol. 76, no. 16, pp. 16989-17018, 2017. DOI |
58 | Shuai. Liu, Mengye. Lu, Gaocheng. Liu and Zheng. Pan, "A Novel Distance Metric: Generalized Relative Entropy," Entropy, vol. 19, no. 6, pp. 269, 2017. DOI |
![]() |