Please wait a minute...
FITEE
Front. Inform. Technol. Electron. Eng.  2013, Vol. 14 Issue (12): 909-917    DOI: 10.1631/jzus.C1300158
    
Analysis and design of a smart card based authentication protocol
Kuo-Hui Yeh, Kuo-Yu Tsai, Jia-Li Hou
Department of Information Management, National Dong Hwa University, Taiwan 974, Hualien; Department of Management Information Systems, Hwa Hsia Institute of Technology, Taiwan 235, New Taipei City
Download:   PDF(0KB)
Export: BibTeX | EndNote (RIS)      

Abstract  Numerous smart card based authentication protocols have been proposed to provide strong system security and robust individual privacy for communication between parties these days. Nevertheless, most of them do not provide formal analysis proof, and the security robustness is doubtful. Chang and Cheng (2011) proposed an efficient remote authentication protocol with smart cards and claimed that their proposed protocol could support secure communication in a multi-server environment. Unfortunately, there are opportunities for security enhancement in current schemes. In this paper, we identify the major weakness, i.e., session key disclosure, of a recently published protocol. We consequently propose a novel authentication scheme for a multi-server environment and give formal analysis proofs for security guarantees.

Key wordsAuthentication      Privacy      Security      Smart card     
Received: 04 June 2013      Published: 06 December 2013
CLC:  TP309  
Service
E-mail this article
Add to my bookshelf
Add to citation manager
E-mail Alert
RSS
Articles by authors
Kuo-Hui Yeh
Kuo-Yu Tsai
Jia-Li Hou
Cite this article:

Kuo-Hui Yeh, Kuo-Yu Tsai, Jia-Li Hou. Analysis and design of a smart card based authentication protocol. Front. Inform. Technol. Electron. Eng., 2013, 14(12): 909-917.

URL:

http://www.zjujournals.com/xueshu/fitee/10.1631/jzus.C1300158     OR     http://www.zjujournals.com/xueshu/fitee/Y2013/V14/I12/909


Analysis and design of a smart card based authentication protocol

Numerous smart card based authentication protocols have been proposed to provide strong system security and robust individual privacy for communication between parties these days. Nevertheless, most of them do not provide formal analysis proof, and the security robustness is doubtful. Chang and Cheng (2011) proposed an efficient remote authentication protocol with smart cards and claimed that their proposed protocol could support secure communication in a multi-server environment. Unfortunately, there are opportunities for security enhancement in current schemes. In this paper, we identify the major weakness, i.e., session key disclosure, of a recently published protocol. We consequently propose a novel authentication scheme for a multi-server environment and give formal analysis proofs for security guarantees.

关键词: Authentication,  Privacy,  Security,  Smart card 
[1] Hui-fang YU , Bo YANG. Low-computation certificateless hybrid signcryption scheme[J]. Front. Inform. Technol. Electron. Eng., 2017, 18(7): 928-940.
[2] Zhen-hua YUAN , Chen CHEN, Xiang CHENG , Guo-cheng LV, Liu-qing YANG , Ye JIN. Correlated channel model-based secure communications in dual-hop wireless communication networks[J]. Front. Inform. Technol. Electron. Eng., 2017, 18(6): 796-807.
[3] He-hao NIU, Bang-ning ZHANG, Dao-xing GUO, Yu-zhen HUANG, Ming-yue LU. Joint cooperative beamforming and artificial noise design for secure AF relay networks with energy-harvesting eavesdroppers[J]. Front. Inform. Technol. Electron. Eng., 2017, 18(6): 850-862.
[4] Yue-bin LUO, Bao-sheng WANG, Xiao-feng WANG, Bo-feng ZHANG. A keyed-hashing based self-synchronization mechanism for port address hopping communication[J]. Front. Inform. Technol. Electron. Eng., 2017, 18(5): 719-728.
[5] Hui Zhao, You-yu Tan, Gao-feng Pan, Yun-fei Chen. Ergodic secrecy capacity of MRC/SC in single-input multiple-output wiretap systems with imperfect channel state information[J]. Front. Inform. Technol. Electron. Eng., 2017, 18(4): 578-590.
[6] Gaurav Bansod, Narayan Pisharoty, Abhijit Patil. BORON: an ultra-lightweight and low power encryption design for pervasive computing[J]. Front. Inform. Technol. Electron. Eng., 2017, 18(3): 332-345.
[7] Huan-zhao Wang, Peng Zhang, Lei Xiong, Xin Liu, Cheng-chen Hu. A secure and high-performance multi-controller architecture for software-defined networking[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(7): 634-646.
[8] Gui-lin CAI, Bao-sheng WANG, Wei HU, Tian-zuo WANG. Moving target defense: state of the art and characteristics[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(11): 1122-1153.
[9] Hong-jiang Lei, Imran Shafique Ansari, Chao Gao, Yong-cai Guo, Gao-feng Pan, Khalid A. Qaraqe. Secrecy performance analysis of single-input multiple-output generalized-K fading channels[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(10): 1074-1084.
[10] Guang-jia Song, Zhen-zhou Ji. Anonymous-address-resolution model[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(10): 1044-1055.
[11] Kok-Seng Wong, Myung Ho Kim. Towards a respondent-preferred ki-anonymity model[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(9): 720-731.
[12] Kuo-Hui Yeh. A lightweight authentication scheme with user untraceability[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(4): 259-271.
[13] Osama A. Khashan, Abdullah M. Zin, Elankovan A. Sundararajan. ImgFS: a transparent cryptography for stored images using a filesystem in userspace[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(1): 28-42.
[14] Ahmad Karim, Rosli Bin Salleh, Muhammad Shiraz, Syed Adeel Ali Shah, Irfan Awan, Nor Badrul Anuar. Botnet detection techniques: review, future trends, and issues[J]. Front. Inform. Technol. Electron. Eng., 2014, 15(11): 943-983.
[15] Yun Niu, Li-ji Wu, Yang Liu, Xiang-min Zhang, Hong-yi Chen. A 10 Gbps in-line network security processor based on configurable hetero-multi-cores[J]. Front. Inform. Technol. Electron. Eng., 2013, 14(8): 642-651.