CFP last date
20 December 2024
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper
Know more
The week's pick
Responsive image
Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen
Random Articles
Reseach Article

Remote User Authentication Scheme in Multi-server Environment using Smart Card

by Jitendra Kumar Tyagi, A. K. Srivastava, Pratap Singh Patwal
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 57 - Number 12
Year of Publication: 2012
Authors: Jitendra Kumar Tyagi, A. K. Srivastava, Pratap Singh Patwal
10.5120/9163-3479

Jitendra Kumar Tyagi, A. K. Srivastava, Pratap Singh Patwal . Remote User Authentication Scheme in Multi-server Environment using Smart Card. International Journal of Computer Applications. 57, 12 ( November 2012), 1-5. DOI=10.5120/9163-3479

@article{ 10.5120/9163-3479,
author = { Jitendra Kumar Tyagi, A. K. Srivastava, Pratap Singh Patwal },
title = { Remote User Authentication Scheme in Multi-server Environment using Smart Card },
journal = { International Journal of Computer Applications },
issue_date = { November 2012 },
volume = { 57 },
number = { 12 },
month = { November },
year = { 2012 },
issn = { 0975-8887 },
pages = { 1-5 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume57/number12/9163-3479/ },
doi = { 10.5120/9163-3479 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:00:13.173034+05:30
%A Jitendra Kumar Tyagi
%A A. K. Srivastava
%A Pratap Singh Patwal
%T Remote User Authentication Scheme in Multi-server Environment using Smart Card
%J International Journal of Computer Applications
%@ 0975-8887
%V 57
%N 12
%P 1-5
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

In a single server environment, one server is responsible for providing services to all the authorized remote users. However, the problem exists if a user wishes to access several network services. To overcome this weakness, various multi-server authentication schemes have been proposed. Though, these schemes are exposed to one or the other network security attack. This paper suggests robust multi-server authentication scheme using smart cards. Its security is based on cryptographic one-way hash function and the discrete logarithm problem. This scheme allows remote users to access multiple servers without separately registering with each server. Furthermore, it eliminates the use of verification table, allows users to choose and change the password securely without taking any assistance from the server or registration center, provides mutual authentication and establishes a common session key between user and the server. Additionally, the proposed scheme withstands user impersonation attack, server impersonation attack, replay attack, reflection and parallel session attacks, password guessing attack, insider attack, smart card loss attack and stolen verifier attack.

References
  1. Lamport, L. 1981. Password authentication with insecure communication. Communications of the ACM 24, 770-772.
  2. Wu, T. C. 1995. Remote login authentication scheme based on a geometric approach. Computer Communications 18, 959-963.
  3. Hwang, M. S. 1999. Cryptanalysis of a remote login authentication scheme. Computer Communications 22, 742-744.
  4. Yang, W. H, Shieh, S. P. 1999. Password authentication schemes with smart cards. Computers & Security 18, 727-733.
  5. Chan, C. K, Cheng, L. M. 2002. Cryptanalysis of timestamp-based password authentication scheme. Computers & Security 21, 74-76.
  6. Hwang, M. S, Li, L. H. 2000. A new remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics. 46, 28-30.
  7. Chan, C. K, Cheng, L. M. 2000. Cryptanalysis of a remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 46, 992-993.
  8. Sun, H. M. 2000. An efficient remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics 46, 958-961.
  9. Hsu, C. L. 2003. Security of two remote user authentication schemes using smart cards. IEEE Transactions on Consumer Electronics 49, 1196-1198.
  10. Chien, H. Y, Jan, J. K. , Tseng, Y. M. 2002. An efficient and practical solution to remote authentication: smart card. Computers & Security 21, 372-375.
  11. Juang, W. S. 2004. Efficient password authenticated key agreement using smart cards. Computers & Security 23, 167-173.
  12. Das, M. L. , Saxena, A. , Gulati, V. P. 2004. A dynamic ID-based remote user authentication scheme. IEEE Transactions on Consumer Electronics 50, 629-631.
  13. Liao, I. E, Lee, C. C. and Hwang, M. S. 2005. Security enhancement for a dynamic ID-based remote user authentication scheme. In Proceedings of the International Conference on Next Generation Web Services Practices.
  14. Song, R. 2010. Advanced smart card based password authentication protocol. Computer Standards & Interfaces 32, 321-325.
  15. Pippal, R. S. , Jaidhar, C. D. and Tapaswi, S. 2010. Comments on symmetric key encryption based smart card authentication scheme. In Proceedings of the 2nd International Conference on Computer Technology and Development.
  16. Li, L. , Lin, I. , Hwang, M. S. 2001. A remote password authentication scheme for multi-server architecture using neural networks. IEEE Transaction on Neural Networks 12, 1498-1504.
  17. Lin, I. C. , Hwang, M. S. , Li, L. H. 2003. A new remote user authentication scheme for multi-server architecture. Future Generation Computer Systems 19, 13-22.
  18. Cao, X. , Zhong, S. 2006. Breaking a remote user authentication scheme for multi-server architecture. IEEE Communications Letters 10, 580-581.
  19. Juang, W. S. 2004. Efficient multi-server password authenticated key agreement using smart cards. IEEE Transactions on Consumer Electronics 50, 251-255.
  20. Ku, W. C. , Chuang, H. M. , Chiang, M. H. and Chang, K. T. 2005. Weaknesses of a multi-server password authenticated key agreement scheme. In Proceedings of the 2005 National computer Symposium.
  21. Chang, C. C. , Lee, J. S. 2004. An efficient and secure multi-server password authentication scheme using smart cards. In Proceedings of the International Conference on Cyberworlds.
  22. Liao, Y. P. , Wang, S. S. 2009. A secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards & Interfaces 31, 24-29.
  23. Chen, T. Y. , Hwang, M. S. , Lee, C. C. and Jan, J. K. 2009. Cryptanalysis of a secure dynamic ID based remote user authentication scheme for multi-server environment. In Proceedings of the 4th International Conference on Innovative Computing, Information and Control.
  24. Hsiang, C. , Shih, W. K. 2009. Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards & Interfaces 31, 1118-1123.
  25. Sood, S. K. , Sarje, A. K. , Singh, K. 2011. A secure dynamic identity based authentication protocol for multi-server architecture. Journal of Network and Computer Applications 34, 609-618.
  26. Tsai, J. L. 2008. Efficient multi-server authentication scheme based on one-way hash function without verification table. Computers & Security 27, 115-121.
  27. Zhu, H, Liu, T. and Liu, J. 2009. Robust and simple multi-server authentication protocol without verification table. In Proceedings of the 9th International Conference on Hybrid Intelligent Systems.
Index Terms

Computer Science
Information Sciences

Keywords

Authentication Multi-server Nonce Session key Smart card

Powered by PhDFocusTM