A Study on Design of Robust Remote User Authentication Scheme with Enhanced for Anonymity and Confidentiality (익명성 및 기밀성을 강화한 원격 사용자 인증스킴 설계에 관한 연구)

Kwang Cheul Shin (신광철)

doi:10.34163/jkits.2019.14.1.002

A Study on Design of Robust Remote User Authentication Scheme with Enhanced for Anonymity and Confidentiality

Journal of Knowledge Information Technology and Systems
Abbr : JKITS
2019, 14(1), pp.11-24
DOI : 10.34163/jkits.2019.14.1.002
Publisher : Korea Knowledge Information Technology Society
Research Area : Interdisciplinary Studies > Interdisciplinary Research
Received : November 24, 2018
Accepted : February 8, 2019
Published : February 28, 2019

Kwang Cheul Shin ¹

¹성결대학교

Accredited

ABSTRACT

Until recently, a variety of biometric authentication schemes using smart cards have been proposed to enhance the security of remote authentication systems. Telecare medical information systems(TMIS) provides convenient health care services for user(patients) in order to save the patients' time and expense. Therefore, the system is important for secure mutual authentication between the user and the healthcare server, and sensitive medical information should not be exposed to third parties. In this paper, We analyzed the vulnerability of Lu et al.'s authentication protocol using elliptic curve encryption. And We propose a scheme to improve this paper. Lu et al.'s scheme has developed a biometric and smart card-based remote authentication scheme that complements the vulnerability to user spoofing attacks in the Arshad et al.'s scheme. However, result of analysis of their schemes reveals the confidentiality of the user's anonymity and login message by eavesdropping on the login message. Therefore, it is vulnerable to legitimate spoofing attacks of users and servers. In the proposed paper, we redesigned the security of server secret key and secret number. Therefore, we proposal suggests anonymity, confidentiality of messages, and a secure user authentication scheme for multiple attacks by legitimate users and servers. We will contribute to providing strong security and implementation efficiency when designing future authentication schemes.

KEYWORDS

Biometrics, Mutual authentication, Impersonation attack, Session key agreement, Smart card

Citation status

* References for papers published after 2023 are currently being built.

[journal] L. Leng / 2013 / A remote cancelable palm print authentication protocol based on multidirectional two- dimensional palm phasor-fusion / Sec. Commun

[journal] D. B. He / 2014 / Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol / J. Med. Syst 38(10) : 1~6

[journal] D. B. He / 2015 / Authentication protocol for ambient assisted living system / IEEE Commun 53(1) : 2~8

[journal] Y. R. Lu / 2015 / A lightweight ID based authentication and key agreement protocol for multiserver architecture / Int. J. Distrib. Sens. N : 1~16

[book] Y. R. Lu / 2015 / Robust and efficient authentication scheme for session initiation protocol / Math. Probl. in press : 1~16

[journal] R. Wang / 2011 / Robust authentication and key agreement scheme preserving the privacy of secret key / Computer Communications 34(3) : 274~280

[journal] J. Wei / 2012 / An improved authentication scheme for telecare medicine information systems / Journal of Medical Systems 36(6) : 3597~3604

[journal] C. T. Li / 2012 / A new password authentication and user anonymity scheme based on elliptic curve cryptography and smart card / IET Information Security 7(1) : 3~10

[journal] D. B. He / 2012 / A more secure authentication scheme for telecare medicine information systems / Journal of Medical Systems 36(2) : 1989~1995

[journal] S. H. Islam / 2013 / Design of improved password authentication and update scheme based on elliptic curve cryptography / Mathematical and Computer Modelling 57(12) : 2703~2717

[journal] L. Han / 2017 / An Improved Biometric Based Authentication Scheme with User Anonymity Using Elliptic Curve Cryptosystem / International Journal of Network Security 19(3) : 469~478

[journal] M. C. Chuang / 2014 / An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics / Expert Systems with Applications 41(4) : 1411~1418

[journal] D. Mishra / 2014 / A secure user anonymity-preserving biometric based multi-server authenticated key agreement scheme using smart cards / Expert Systems with Applications 41(18) : 8129~8143

[journal] K. C. Baruah / 2015 / An improved biometric-based multi-server authentication scheme using smart card / International Journal of Security and Its Applications 9(1) : 397~408

[journal] H. Arshad / 2014 / Three-factor anonymous authentication and key agreement scheme for telecare medicine information systems / J. Med. Syst 38(12) : 1~12

[journal] Y. Lu / 2015 / An enhanced biometric-based authentication scheme for telecare medicine information system using elliptic curve cryptosystem / Journal of Medical Systems 39(32) : 1~9

[journal] 신광철 / 2016 / Cryptanalysis of Biometric-based to Baruah et al'.s Multi-Server Authentication Scheme / 보안공학연구논문지 / 보안공학연구지원센터 13(5) : 379~392

KJCKorea
Journal Central

Journal of Knowledge Information Technology and Systems 2023 KCI Impact Factor : 0.89

A Study on Design of Robust Remote User Authentication Scheme with Enhanced for Anonymity and Confidentiality

ABSTRACT

KEYWORDS

Citation status

* References for papers published after 2023 are currently being built.

Journal of Knowledge Information Technology and Systems 2023 KCI Impact Factor : 0.89

A Study on Design of Robust Remote User Authentication Scheme with Enhanced for Anonymity and Confidentiality

ABSTRACT

KEYWORDS

Statistics

Tools

Issue List

Citation status

KCI Citation Counts (3)

REFERENCES (17) * References for papers published after 2023 are currently being built.

Search PDF

Citation

* References for papers published after 2023 are currently being built.