Abstract
Recently, three factors such as biometric, smart card, and password based authentication schemes have drawn considerable attention in the field of information security. In this paper, the authors have presented an elliptic curve cryptosystem based authentication scheme using biometric, smart card, and password and also analyzed the formal and informal security of the authentication scheme. In this scheme, the parameters of elliptic curve are derived from the biometric features like iris, fingerprints, etc., which is suitable to withstand the forgery. The formal and informal security analysis are done based on the BAN logic and suggested propositions, respectively. The security analysis ensures that the presented scheme can withstand various kinds of malicious attacks. In addition, the scheme is also comparable with other related schemes in the context of communication cost, computation cost, and smart card storage. The scheme is suitable to ensure high degree of security with reduced comparatively overhead.
This is a preview of subscription content, log in via an institution to check access.
References
L. Lamport, Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)
C.-C. Lee, L.-H. Li, M.-S. Hwang, A remote user authentication scheme using hash functions. ACM SIGOPS Oper. Syst. Rev. 36(4), 23–29 (2002)
M. Peyravian, C. Jeffries, Secure remote user access over insecure networks. Comput. Commun. 29(5), 660–667 (2006)
X.-M. Wang et al., Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards. Comput. Stand. Interfaces 29(5), 507–512 (2007)
S. Kumari, M.K. Khan, X. Li, An improved remote user authentication scheme with key agreement. Comput. Electr. Eng. 40(6), 1997–2012 (2014)
C.T. Li, M.S. Hwang, An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33(1), 1–5 (2010)
C.H. Lin, Y.Y. Lai, A flexible biometrics remote user authentication scheme. Comput. Stand. Interfaces 27(1), 19–23 (2004)
B.T. Nathan, R. Meenakumari, S. Usha, Formation of Elliptic Curve Using Finger Print for Network Security. In Process Automation, Control and Computing (PACC), 2011 International Conference on IEEE, pp. 1–5
X. Li, J.W. Niu, J. Ma, W.D. Wang, C.L. Liu, Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 34(1), 73–79 (2011)
U. Subramaniam, K. Subbaraya, A biometric based secure session key agreement using modified elliptic curve cryptography. Int. Arab J. Inf. Technol. (IAJIT) 12(2) (2015)
C.-T. Li, A new password authentication and user anonymity scheme based on elliptic curve cryptography and smart card. IET Inf. Secur. 7(1), 3–10 (2013)
L. Zhang et al., Two-factor remote authentication protocol with user anonymity based on elliptic curve cryptography. Wireless Pers. Commun. 81(1), 53–75 (2015)
Y. Zhang et al., An efficient password authentication scheme using smart card based on elliptic curve cryptography. Inf. Technol. Control 43(4), 390–401 (2014)
X. Xu, P. Zhu, Q. Wen, Z. Jin, H. Zhang, L. He, A secure and efficient authentication and key agreement scheme based on ECC for telecare medicine information systems. J. Med. Syst. 38(6) (2014)
L. Wang, Analysis and enhancement of a password authentication and update scheme based on elliptic curve cryptography. J. Appl. Math. (2014)
H. Arshad, M. Nikooghadam, Three-factor anonymous authentication and key agreement scheme for telecare medicine information systems. J. Med. Syst. 38(12) (2014)
Z. Tan, A user anonymity preserving three-factor authentication scheme for telecare medicine information systems. J. Med. Syst. 38(3), 1–9 (2014)
Y. Lu et al., An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem. J. Med. Syst. 39(3), 1–8 (2015)
H.L. Yeh et al., Robust elliptic curve cryptography-based three factor user authentication providing privacy of biometric data. IET Inf. Secur. 7(3), 247–252 (2013)
M. Burrows, M. Abadi, R. Needham, A logic of authentication. ACM Trans. Comput. Syst. 8(1), 1836 (1990)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Ali, R., Pal, A.K. (2018). A Secure Three-Factor Remote User Authentication Scheme Using Elliptic Curve Cryptosystem. In: Nath, V. (eds) Proceedings of the International Conference on Microelectronics, Computing & Communication Systems. Lecture Notes in Electrical Engineering, vol 453. Springer, Singapore. https://doi.org/10.1007/978-981-10-5565-2_2
Download citation
DOI: https://doi.org/10.1007/978-981-10-5565-2_2
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-5564-5
Online ISBN: 978-981-10-5565-2
eBook Packages: EngineeringEngineering (R0)