ESEAP: ECC based secure and efficient mutual authentication protocol using smart card. (April 2020)
- Record Type:
- Journal Article
- Title:
- ESEAP: ECC based secure and efficient mutual authentication protocol using smart card. (April 2020)
- Main Title:
- ESEAP: ECC based secure and efficient mutual authentication protocol using smart card
- Authors:
- Kumari, Adesh
Jangirala, Srinivas
Abbasi, M. Yahya
Kumar, Vinod
Alam, Mansaf - Abstract:
- Highlights: We have reviewed Wang et al.'s scheme in two-factor based remote user authentication environment. Wang et al.'s scheme has security issues such as impersonation attack, stolen-verifier attack, off-line password guessing attack and fails to secure session key. We have designed an enhanced and secure elliptic curve cryptography(ECC) assisted authentication framework for same environment. The proposed protocol resists various kinds of malicious attacks such as security attributes and features like as off-line password guessing attack, no password verifier-table, smart card loss attack, anonymity, mutual authentication, replay attack, impersonation attack, server spooling attack, no clock-synchronization attack, forward secrecy, insider attack, message authentication, provision of key agreement, parallel attack, sound repairability, no password exposure, timely typo detection, resistance to know attacks, password friendly, user unlinkability and server unlinkability and hence secure for real life applications. The proposed protocol presents better results and proven to be secure and efficient which can be practically applicable for the real life applications. Abstract: Smart card based user server mutual authentication framework is famous for safe communication via unfavorable and insecure communication system. The authenticated user and server communicate to each other and share information via Internet. Recently, Wang et al. suggested a lightweightHighlights: We have reviewed Wang et al.'s scheme in two-factor based remote user authentication environment. Wang et al.'s scheme has security issues such as impersonation attack, stolen-verifier attack, off-line password guessing attack and fails to secure session key. We have designed an enhanced and secure elliptic curve cryptography(ECC) assisted authentication framework for same environment. The proposed protocol resists various kinds of malicious attacks such as security attributes and features like as off-line password guessing attack, no password verifier-table, smart card loss attack, anonymity, mutual authentication, replay attack, impersonation attack, server spooling attack, no clock-synchronization attack, forward secrecy, insider attack, message authentication, provision of key agreement, parallel attack, sound repairability, no password exposure, timely typo detection, resistance to know attacks, password friendly, user unlinkability and server unlinkability and hence secure for real life applications. The proposed protocol presents better results and proven to be secure and efficient which can be practically applicable for the real life applications. Abstract: Smart card based user server mutual authentication framework is famous for safe communication via unfavorable and insecure communication system. The authenticated user and server communicate to each other and share information via Internet. Recently, Wang et al. suggested a lightweight password-assisted two factor authentication framework using smart card. We reviewed their scheme and observed that it does maintain security and privacy off-line password guessing attack and also impersonation attack. We proposed enhance elliptic curve cryptography(ECC) based authentication framework for the same environment. The proposed scheme ESEAP is secure resilience of many attractive security attributes and features like off-line password guessing attack, no password verifier-table, smart card loss attack, anonymity, mutual authentication, replay attack, impersonation attack, server spooling attack, no clock-synchronization attack, forward secrecy, insider attack, message authentication, provision of key agreement, parallel attack, sound repairability, no password exposure, timely typo detection, resistance to know attacks, password friendly, user unlinkability and server unlinkability. Further, the paper shows formal security analysis of the ESEAP which based on random oracle model. We compared the presented protocol with other related protocols in the same environment, and show that ESEAP is more efficient in terms of computation and communication cost. As a result, the presented protocol can be utilized over public communication channel. … (more)
- Is Part Of:
- Journal of information security and applications. Volume 51(2020)
- Journal:
- Journal of information security and applications
- Issue:
- Volume 51(2020)
- Issue Display:
- Volume 51, Issue 2020 (2020)
- Year:
- 2020
- Volume:
- 51
- Issue:
- 2020
- Issue Sort Value:
- 2020-0051-2020-0000
- Page Start:
- Page End:
- Publication Date:
- 2020-04
- Subjects:
- Mutual authentication -- Elliptic curve cryptography -- Smart card -- Random oracle model -- Security and privacy
Computer security -- Periodicals
Information technology -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/ ↗
- DOI:
- 10.1016/j.jisa.2019.102443 ↗
- Languages:
- English
- ISSNs:
- 2214-2126
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 19140.xml