CFP last date
20 January 2025
Reseach Article

An Efficient and Secure Multi-server Smart Card based Authentication Scheme

by Toshi Jain, Sandeep Pratap Singh
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 93 - Number 13
Year of Publication: 2014
Authors: Toshi Jain, Sandeep Pratap Singh
10.5120/16272-6025

Toshi Jain, Sandeep Pratap Singh . An Efficient and Secure Multi-server Smart Card based Authentication Scheme. International Journal of Computer Applications. 93, 13 ( May 2014), 1-7. DOI=10.5120/16272-6025

@article{ 10.5120/16272-6025,
author = { Toshi Jain, Sandeep Pratap Singh },
title = { An Efficient and Secure Multi-server Smart Card based Authentication Scheme },
journal = { International Journal of Computer Applications },
issue_date = { May 2014 },
volume = { 93 },
number = { 13 },
month = { May },
year = { 2014 },
issn = { 0975-8887 },
pages = { 1-7 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume93/number13/16272-6025/ },
doi = { 10.5120/16272-6025 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:15:37.484454+05:30
%A Toshi Jain
%A Sandeep Pratap Singh
%T An Efficient and Secure Multi-server Smart Card based Authentication Scheme
%J International Journal of Computer Applications
%@ 0975-8887
%V 93
%N 13
%P 1-7
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

This paper proposes an efficient and robust multi-server authentication scheme using smart cards. Security of this scheme depends upon cryptographic one-way hash function. This scheme allows remote users to access multiple servers without any need of separately registering with each server. Also, it gets rid of the use of verification table, permits users to select and update the password securely without taking help from the server or registration center, achieves mutual authentication and establishes a session key that is common between user and the server. Moreover, the proposed scheme withstands user impersonation attack, reflection and parallel session attacks, server impersonation attack, replay attack, password guessing attack, smart card loss attack, insider attack, and stolen verifier attack.

References
  1. L. Lamport, 1981 "Password authentication with insecure communication", Communications of the ACM, vol. 24, no. 11, , pp. 770-772.
  2. M. S. Hwang and L. H. Li, 2000 "A new remote user authentication scheme using smart cards", IEEE Transactions on Consumer Electronics, vol. 46, no. 1, pp. 28-30.
  3. C. K. Chan and L. M. Cheng, 2000 "Cryptanalysis of a remote user authentication scheme using smart cards," IEEE Transactions on Consumer Electronics, vol. 46, no. 4, pp. 992-993.
  4. Manik Lal Das, Ashutosh Saxena, and Ved P. Gulati, 2004 "A dynamic ID-based remote user authentication scheme", IEEE Transactions on Consumer Electronics, vol. 50, no. 2, pp. 629-631.
  5. I-En Liao, Cheng-Chi Lee and Min-Shiang Hwang, 2005 "Security enhancement for a dynamic ID-based remote user authentication scheme", International Conference on Next Generation Web Services Practices.
  6. Qi Xie, Ji-Lin Wang, De-Ren Chen and Xiu-Yuan Yu, 2008 "A novel user authentication scheme using smart cards", International Conference on Computer Science and Software Engineering, , pp. 834-836.
  7. R. Song, 2010 "Advanced smart card based password authentication protocol," Computer Standards & Interfaces, vol. 32, no. 5-6, , pp. 321-325.
  8. L. Li, I. Lin and M. Hwang, 2001 "A Remote Password Authentication Scheme for Multi-server Architecture Using Neural Networks," IEEE Trans. on Neural Networks, vol. 12, no. 6, pp. 1498-1504.
  9. I. C. Lin, M. S. Hwang and L. H. Li, 2003 "A new remote user authentication scheme for multi-server architecture", Future Generation Computer Systems, vol. 19, no. 1,, pp. 13-22.
  10. W. S. Juang, 2004 "Efficient multi-server password authenticated key agreement using smart cards", IEEE Transactions on Consumer Electronics, vol. 50, no. 1, pp. 251-255.
  11. Wei-Chi Ku, Hsiu-Mei Chuang, Min-Hung Chiang and Kuo-Tsai Chang, 2005 "Weaknesses of a multi-server password authenticated key agreement scheme", 2005 National computer Symposium, pp. 1-5.
  12. Y. P. Liao and S. S. Wang, 2009 "A secure dynamic ID based remote user authentication scheme for multi-server environment", Computer Standards & Interfaces, vol. 31, no. 1, pp. 24-29.
  13. Te-Yu Chen, Min-Shiang Hwang, Cheng-Chi Lee, Jinn-Ke Jan, 2009 "Cryptanalysis of a secure dynamic ID based remote user authentication scheme for multi-server environment," 2009 Fourth International Conference on Innovative Computing, Information and Control, pp. 725-728.
  14. Cheng Hsiang and Wei-Kuan Shih, 2009 "Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment", Computer Standards & Interfaces, vol. 31, no. 6, , pp. 1118-1123.
  15. Sandeep K. Sood, Anil K. Sarje and Kuldip Singh, 2011 "A secure dynamic identity based authentication protocol for multi-server architecture", Journal of Network and Computer Applications, vol. 34, no. 2, , pp. 609-618.
  16. J. L. Tsai, 2008 "Efficient multi-server authentication scheme based on one-way hash function without verification table", Computers & Security, vol. 27, no. 3-4, pp. 115-121.
  17. Hongfeng Zhu, Tianhua Liu and Jie Liu, 2009 "Robust and simple multi-server authentication protocol without verification table", Ninth International Conference on Hybrid Intelligent Systems, 2009, pp. 51-56.
  18. Y. M. Tseng, T. Y. Wu, J. D. Wu, 2008 "A pairing-based user authentication scheme for wireless clients with smart card," Informatics, vol. 19, no. 2, pp. 285-302.
  19. Yi-Pin Liao, Chih-Ming Hsiao, 2013 "A novel multi-server remote user authentication scheme using self-certi?ed public keys for mobile clients, Future Generation Computer Systems, vol. 29, pp. 886-900.
  20. B. Wang and M. Ma, "A smart card based efficient and secured multi-server authentication scheme," Wireless Personal Communications, vol. 68, 2013, pp. 361-378.
  21. D. He and S. Wu, "Security flaws in a smart card based authentication scheme for multi-server environment," Wireless Personal Communications, 2013.
  22. T. Y. Chen, C. C. Lee, M. S. Hwang and J. K. Jan, "Towards secure and efficient user authentication scheme using smart card for multi-server environments," Wireless Personal Communications, vol. 66, 2013, pp. 1008-1032.
  23. Michael Burrows, 1990 Martin Abadi and Roger Needham, "A logic of authentication," ACM Transactions on Computer Systems, vol. 8, no. 1, pp. 18-36.
Index Terms

Computer Science
Information Sciences

Keywords

BAN logic Hash function Multi-server Nonce Session key Smart card