An anonymous and provably secure authentication scheme for mobile user. (29th February 2016)
- Record Type:
- Journal Article
- Title:
- An anonymous and provably secure authentication scheme for mobile user. (29th February 2016)
- Main Title:
- An anonymous and provably secure authentication scheme for mobile user
- Authors:
- Islam, SK Hafizul
Obaidat, Mohammad S.
Amin, Ruhul - Abstract:
- Summary: Chebyshev chaotic map is an important tool used in the domain of cryptography to develop different schemes for numerous applications. In 2014, Lin put forwarded a mobile user authentication system using dynamic identity and chaotic map. Lin declared that the scheme offers mutual authentication and session key agreement between user and server. Moreover, they stated that the scheme offers user anonymity and resilience against known attacks. However, we carefully examined Lin's scheme and found that it is no longer usable for practical applications as (i) it has no facility to identify the wrong password and identity, which are inputted by the user during login and password update phases, (ii) it has no facility to protect user impersonation attack, and (iii) it has the problem of session key forward secrecy. We put forwarded an enhanced scheme based on extended chaotic map to repair the fragilities of Lin's scheme. We formally examined the security of our scheme and demonstrated that it is provably secured in random oracle model. Further, we presented some informal cryptanalysis to make sure that the enhanced scheme is secure from known attacks. Our scheme is also computation efficient against other competitive protocols. Copyright © 2016 John Wiley & Sons, Ltd. Abstract : We present an extended user authentication scheme over Lin's scheme for mobile users. Our scheme is provably secure in the random oracle model. Our scheme is computationally efficient that theSummary: Chebyshev chaotic map is an important tool used in the domain of cryptography to develop different schemes for numerous applications. In 2014, Lin put forwarded a mobile user authentication system using dynamic identity and chaotic map. Lin declared that the scheme offers mutual authentication and session key agreement between user and server. Moreover, they stated that the scheme offers user anonymity and resilience against known attacks. However, we carefully examined Lin's scheme and found that it is no longer usable for practical applications as (i) it has no facility to identify the wrong password and identity, which are inputted by the user during login and password update phases, (ii) it has no facility to protect user impersonation attack, and (iii) it has the problem of session key forward secrecy. We put forwarded an enhanced scheme based on extended chaotic map to repair the fragilities of Lin's scheme. We formally examined the security of our scheme and demonstrated that it is provably secured in random oracle model. Further, we presented some informal cryptanalysis to make sure that the enhanced scheme is secure from known attacks. Our scheme is also computation efficient against other competitive protocols. Copyright © 2016 John Wiley & Sons, Ltd. Abstract : We present an extended user authentication scheme over Lin's scheme for mobile users. Our scheme is provably secure in the random oracle model. Our scheme is computationally efficient that the existing schemes. … (more)
- Is Part Of:
- International journal of communication systems. Volume 29:Number 9(2016)
- Journal:
- International journal of communication systems
- Issue:
- Volume 29:Number 9(2016)
- Issue Display:
- Volume 29, Issue 9 (2016)
- Year:
- 2016
- Volume:
- 29
- Issue:
- 9
- Issue Sort Value:
- 2016-0029-0009-0000
- Page Start:
- 1529
- Page End:
- 1544
- Publication Date:
- 2016-02-29
- Subjects:
- extended chaotic maps -- provable security -- password -- mobile device -- authentication -- hash function
Telecommunication systems -- Periodicals
621.382 - Journal URLs:
- http://onlinelibrary.wiley.com/ ↗
- DOI:
- 10.1002/dac.3126 ↗
- Languages:
- English
- ISSNs:
- 1074-5351
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4542.172515
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 1551.xml