Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment
The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, cloud computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Hindawi-Wiley
2018-01-01
|
| Series: | Security and Communication Networks |
| Online Access: | http://dx.doi.org/10.1155/2018/9178941 |
| id |
doaj-a44f63d21da2455fab7c02f0afea4b93 |
|---|---|
| record_format |
Article |
| spelling |
doaj-a44f63d21da2455fab7c02f0afea4b932020-11-25T00:18:33ZengHindawi-WileySecurity and Communication Networks1939-01141939-01222018-01-01201810.1155/2018/91789419178941Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver EnvironmentYan Zhao0Shiming Li1Liehui Jiang2State Key Laboratory of Mathematic Engineering and Advanced Computing, Zhengzhou 450002, ChinaCollege of Computer Science and Information Engineering, Harbin Normal University, Harbin 150025, ChinaState Key Laboratory of Mathematic Engineering and Advanced Computing, Zhengzhou 450002, ChinaThe rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, cloud computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To ensure these services can only be accessed conveniently by authorized users, many password and smart card based authentication schemes for multiserver architecture have been proposed. Recently, Truong et al. introduced an identity based user authentication scheme on elliptic curve cryptography in multiserver environment and claimed that their scheme is secure against popular attacks. However, in this paper, we point out that their scheme suffers from offline password guessing and impersonation attack and fails to achieve security requirements of this kind of authentication scheme. Moreover, we put forward a new scheme to conquer security pitfalls in the above scheme. Security analysis indicates that the proposed scheme can be free from well-known attacks. Performance discussion demonstrates that our scheme has advantages in terms of both security property and computation efficiency and thus is more desirable for practical applications in multiserver environment.http://dx.doi.org/10.1155/2018/9178941 |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Yan Zhao Shiming Li Liehui Jiang |
| spellingShingle |
Yan Zhao Shiming Li Liehui Jiang Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment Security and Communication Networks |
| author_facet |
Yan Zhao Shiming Li Liehui Jiang |
| author_sort |
Yan Zhao |
| title |
Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment |
| title_short |
Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment |
| title_full |
Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment |
| title_fullStr |
Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment |
| title_full_unstemmed |
Secure and Efficient User Authentication Scheme Based on Password and Smart Card for Multiserver Environment |
| title_sort |
secure and efficient user authentication scheme based on password and smart card for multiserver environment |
| publisher |
Hindawi-Wiley |
| series |
Security and Communication Networks |
| issn |
1939-0114 1939-0122 |
| publishDate |
2018-01-01 |
| description |
The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, cloud computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To ensure these services can only be accessed conveniently by authorized users, many password and smart card based authentication schemes for multiserver architecture have been proposed. Recently, Truong et al. introduced an identity based user authentication scheme on elliptic curve cryptography in multiserver environment and claimed that their scheme is secure against popular attacks. However, in this paper, we point out that their scheme suffers from offline password guessing and impersonation attack and fails to achieve security requirements of this kind of authentication scheme. Moreover, we put forward a new scheme to conquer security pitfalls in the above scheme. Security analysis indicates that the proposed scheme can be free from well-known attacks. Performance discussion demonstrates that our scheme has advantages in terms of both security property and computation efficiency and thus is more desirable for practical applications in multiserver environment. |
| url |
http://dx.doi.org/10.1155/2018/9178941 |
| work_keys_str_mv |
AT yanzhao secureandefficientuserauthenticationschemebasedonpasswordandsmartcardformultiserverenvironment AT shimingli secureandefficientuserauthenticationschemebasedonpasswordandsmartcardformultiserverenvironment AT liehuijiang secureandefficientuserauthenticationschemebasedonpasswordandsmartcardformultiserverenvironment |
| _version_ |
1725375910891225088 |