Please wait a minute...
FITEE
Front. Inform. Technol. Electron. Eng.  2013, Vol. 14 Issue (12): 909-917    DOI: 10.1631/jzus.C1300158
    
Analysis and design of a smart card based authentication protocol
Kuo-Hui Yeh, Kuo-Yu Tsai, Jia-Li Hou
Department of Information Management, National Dong Hwa University, Taiwan 974, Hualien; Department of Management Information Systems, Hwa Hsia Institute of Technology, Taiwan 235, New Taipei City
Analysis and design of a smart card based authentication protocol
Kuo-Hui Yeh, Kuo-Yu Tsai, Jia-Li Hou
Department of Information Management, National Dong Hwa University, Taiwan 974, Hualien; Department of Management Information Systems, Hwa Hsia Institute of Technology, Taiwan 235, New Taipei City
 全文: PDF 
摘要: Numerous smart card based authentication protocols have been proposed to provide strong system security and robust individual privacy for communication between parties these days. Nevertheless, most of them do not provide formal analysis proof, and the security robustness is doubtful. Chang and Cheng (2011) proposed an efficient remote authentication protocol with smart cards and claimed that their proposed protocol could support secure communication in a multi-server environment. Unfortunately, there are opportunities for security enhancement in current schemes. In this paper, we identify the major weakness, i.e., session key disclosure, of a recently published protocol. We consequently propose a novel authentication scheme for a multi-server environment and give formal analysis proofs for security guarantees.
关键词: AuthenticationPrivacySecuritySmart card    
Abstract: Numerous smart card based authentication protocols have been proposed to provide strong system security and robust individual privacy for communication between parties these days. Nevertheless, most of them do not provide formal analysis proof, and the security robustness is doubtful. Chang and Cheng (2011) proposed an efficient remote authentication protocol with smart cards and claimed that their proposed protocol could support secure communication in a multi-server environment. Unfortunately, there are opportunities for security enhancement in current schemes. In this paper, we identify the major weakness, i.e., session key disclosure, of a recently published protocol. We consequently propose a novel authentication scheme for a multi-server environment and give formal analysis proofs for security guarantees.
Key words: Authentication    Privacy    Security    Smart card
收稿日期: 2013-06-04 出版日期: 2013-12-06
CLC:  TP309  
服务  
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章  
Kuo-Hui Yeh
Kuo-Yu Tsai
Jia-Li Hou

引用本文:

Kuo-Hui Yeh, Kuo-Yu Tsai, Jia-Li Hou. Analysis and design of a smart card based authentication protocol. Front. Inform. Technol. Electron. Eng., 2013, 14(12): 909-917.

链接本文:

http://www.zjujournals.com/xueshu/fitee/CN/10.1631/jzus.C1300158        http://www.zjujournals.com/xueshu/fitee/CN/Y2013/V14/I12/909

[1] Hui-fang YU , Bo YANG. Low-computation certificateless hybrid signcryption scheme[J]. Front. Inform. Technol. Electron. Eng., 2017, 18(7): 928-940.
[2] Zhen-hua YUAN , Chen CHEN, Xiang CHENG , Guo-cheng LV, Liu-qing YANG , Ye JIN. Correlated channel model-based secure communications in dual-hop wireless communication networks[J]. Front. Inform. Technol. Electron. Eng., 2017, 18(6): 796-807.
[3] He-hao NIU, Bang-ning ZHANG, Dao-xing GUO, Yu-zhen HUANG, Ming-yue LU. Joint cooperative beamforming and artificial noise design for secure AF relay networks with energy-harvesting eavesdroppers[J]. Front. Inform. Technol. Electron. Eng., 2017, 18(6): 850-862.
[4] Yue-bin LUO, Bao-sheng WANG, Xiao-feng WANG, Bo-feng ZHANG. A keyed-hashing based self-synchronization mechanism for port address hopping communication[J]. Front. Inform. Technol. Electron. Eng., 2017, 18(5): 719-728.
[5] Yun Niu, Li-ji Wu, Yang Liu, Xiang-min Zhang, Hong-yi Chen. A 10 Gbps in-line network security processor based on configurable hetero-multi-cores[J]. Front. Inform. Technol. Electron. Eng., 2013, 14(8): 642-651.
[6] Chih-ho Chou, Kuo-yu Tsai, Tzong-chen Wu, Kuo-hui Yeh. Efficient and secure three-party authenticated key exchange protocol for mobile environments[J]. Front. Inform. Technol. Electron. Eng., 2013, 14(5): 347-355.
[7] Yan-zhe Che, Kevin Chiew, Xiao-yan Hong, Qiang Yang, Qin-ming He. EDA: an enhanced dual-active algorithm for location privacy preservation in mobile P2P networks[J]. Front. Inform. Technol. Electron. Eng., 2013, 14(5): 356-373.
[8] Xiao-lei Ma, Yin-hai Wang, Feng Chen, Jian-feng Liu. Transit smart card data mining for passenger origin information extraction[J]. Front. Inform. Technol. Electron. Eng., 2012, 13(10): 750-760.
[9] Baiying Lei, Ing Yann Soon. A multipurpose audio watermarking algorithm with synchronization and encryption[J]. Front. Inform. Technol. Electron. Eng., 2012, 13(1): 11-19.
[10] Rong FAN, Dao-jing HE, Xue-zeng PAN, Ling-di PING. An efficient and DoS-resistant user authentication scheme for two-tiered wireless sensor networks[J]. Front. Inform. Technol. Electron. Eng., 2011, 12(7): 550-560.
[11] Chung-Fu Lu, Tzong-Chen Wu, Chien-Lung Hsu. A three-level authenticated conference key establishment protocol for UMTS networks[J]. Front. Inform. Technol. Electron. Eng., 2011, 12(5): 371-378.
[12] Yang Yang, Yu-pu Hu, Le-you Zhang, Chun-hui Sun. CCA2 secure biometric identity based encryption with constant-size ciphertext[J]. Front. Inform. Technol. Electron. Eng., 2011, 12(10): 819-827.
[13] Jie Shi, Hong Zhu. A fine-grained access control model for relational databases[J]. Front. Inform. Technol. Electron. Eng., 2010, 11(8): 575-586.
[14] Chao Huang, Jian-ling Sun, Xin-yu Wang, Yuan-jie Si. Minimal role mining method for Web service composition[J]. Front. Inform. Technol. Electron. Eng., 2010, 11(5): 328-339.
[15] Xian-ting ZENG, Xue-zeng PAN, Ling-di PING, Zhuo LI. Robust lossless data hiding scheme[J]. Front. Inform. Technol. Electron. Eng., 2010, 11(2): 101-110.