Secure Remote User Mutual Authentication Scheme with Key Agreement for Cloud Environment

@article{Karuppiah2019SecureRU,
  title={Secure Remote User Mutual Authentication Scheme with Key Agreement for Cloud Environment},
  author={Marimuthu Karuppiah and Ashok Kumar Das and Xiong Li and Saru Kumari and Fan Wu and Shehzad Ashraf Chaudhry and Niranchana Radhakrishnan},
  journal={Mobile Networks and Applications},
  year={2019},
  volume={24},
  pages={1046-1062}
}
Authentication schemes are widely used mechanisms to thwart unauthorized access of resources over insecure networks. Several smart card based password authentication schemes have been proposed in the literature. In this paper, we demonstrate the security limitations of a recently proposed password based authentication scheme, and show that their scheme is still vulnerable to forgery and offline password guessing attacks and it is also unable to provide user anonymity, forward secrecy and mutual… Expand
Cryptanalysis and Improvement of a Secure Mutual Authentication Scheme for Remote Users
TLDR
The proposed secure authentication scheme by Marimuthu Karuppiah et al. is proved to be safe, from diverse attacks, together with the attacks that have been observed in the previous scheme’s security analysis. Expand
Understanding security failures of anonymous authentication schemes for cloud environments
TLDR
This work investigates three anonymous multi-factor authentication schemes based on passwords for cloud environments, and shows that none of these three protocols can achieve their security goals. Expand
Understanding security failures of multi-factor authentication schemes for multi-server environments
TLDR
This paper revisits five leading two-factor authentication schemes for multi-server environments and invalidates any use of these five schemes for practical applications without further improvement, and underscores some new challenges in designing sound multi-factor schemes forMulti- server environments. Expand
A Biometric based Remote User Authentication Technique Using Smart Card in Multi-Server Environment
TLDR
A lightweight remote user authentication scheme using smart card is proposed where user biometric plays a prominent role and security analysis of the proposed method proves its robustness and comparative analysis with some existing schemes provides the superiority. Expand
Privacy-aware smart card based biometric authentication scheme for e-health
TLDR
A privacy-aware smart card based biometric authentication scheme for e-health, which provides more desired security properties as well as defending various possible attacks and applies ProVerif to prove mutual authentication and session key security of the scheme. Expand
Research on Lightweight Mutual Authentication for the Product Authorization Chain
TLDR
Improved wireless mutual authentication scheme for the product authorization chain uses lightweight hash function and verifies the freshness of messages by using the send packet sequence number instead of timestamp, which can avoid strict clock synchronization between devices. Expand
A secure and efficient anonymous certificateless signcryption for Key Distribution Scheme for Smart Grid
TLDR
A certificateless signcryption for key distribution scheme which is more efficient and secure than the existing schemes, allows for both decryption and verification by authorized users, provide Key Generation Center to only partial key and provide low computation and communication cost compared with existing works. Expand
Secure Three-Factor Anonymous User Authentication Scheme for Cloud Computing Environment
TLDR
This paper discusses the security and functional weakness of the related user authentication schemes used in cloud computing and proposes a new elliptic curve cryptography(ECC-) based three-factor authentication scheme to overcome the security shortcomings of existing authentication schemes. Expand
An Improved Authentication Scheme for Remote Data Access and Sharing Over Cloud Storage in Cyber-Physical-Social-Systems
TLDR
This article shows that the claim of Tiwari et al. for developing a secure scheme is not valid, and their protocol is insecure against user and server impersonation attacks, and presents an enhanced, secure, and convenient scheme for data access. Expand
An anonymous identity-based with bilateral protocol for smart grid
TLDR
A Secure efficient anonymous identity-based with bilateral protocol is proposed to address the weakness in existing anonymous key distribution schemes. Expand
...
1
2
...

References

SHOWING 1-10 OF 65 REFERENCES
Security Enhancement of an Improved Remote User Authentication Scheme with Key Agreement
TLDR
It is demonstrated that the proposed smart card based secure and robust remote user authentication scheme with key agreement is completely insecure as an adversary can easily obtain not only the security parameters of the protocol but also obtains the common session key of future communication between user and the server. Expand
A lightweight password-based authentication protocol using smart card
TLDR
It is shown that the scheme of Maitra et al is not secure enough as claimed: neither resisting against off-line password guessing attack and insider attack nor preserve forward secrecy, and a new way is shown to achieve forward secrecy. Expand
Improvement of robust smart-card-based password authentication scheme
TLDR
This work proposes an improved authentication protocol, which inherits the merits of the scheme of Chen et al. and is free from the security flaw of their scheme, and provides more security guarantees while keeping efficiency. Expand
Security flaws in two improved remote user authentication schemes using smart cards
TLDR
This paper analyzes two recent proposals in the area of password-based remote user authentication using smart cards and puts forward three general principles that are vital for designing secure smart-card-based password authentication schemes. Expand
An efficient ECC-based privacy-preserving client authentication protocol with key agreement using smart card
TLDR
This paper shows that Wang's ECC-based client authentication with key agreement protocol using smart card fails to preserve the user anonymity and does not prevent the off-line password guessing attack, credential leakage and smart card lost/stolen verifier attack. Expand
Robust smart-card-based remote user password authentication scheme
TLDR
An improved and efficient smart-card-based password authentication and key agreement scheme that not only maintains the original secret requirement but also achieves mutual authentication and withstands the stolen-smart-card attack. Expand
Cryptanalysis and security enhancement of a robust two-factor authentication and key agreement protocol
TLDR
A new security-enhanced two-factor user authentication scheme is proposed and its security and authentication is shown using the formal verification tool ProVerif, which is based on applied pi calculus. Expand
An enhanced smart card based remote user password authentication scheme
TLDR
A modified smart card based remote user password authentication scheme to overcome the weaknesses of Chen et al.'s scheme and shows that it is user friendly and more secure than other related schemes. Expand
Cryptanalysis and an Improvement of New Remote Mutual Authentication Scheme using Smart Cards
TLDR
A password-based remote user mutual authentication scheme which provides the remedy for the vulnerabilities of Rajaram et al., scheme is proposed and performance analysis shows that compared with Rajaram Et al., authentication scheme, the proposed scheme is simple and secure. Expand
Dynamic ID-based remote user password authentication schemes using smart cards: A review
TLDR
All the security requirements and all the goals an ideal password authentication scheme should satisfy and achieve are defined and presented through six currently available dynamic ID based remote user authentication schemes. Expand
...
1
2
3
4
5
...