Skip to main content

Identity-Based User Authenticated Key Agreement Protocol for Multi-Server Environment with Anonymity

Abstract

A multi-server environment is an important application paradigm in the Internet of Things (IoT). It enables a user access services from different vendors without having to go through multiple registration. The privacy of one who desires to access these services is often crucial. In order to access this service in a manner that assures user privacy, a user needs to be anonymously authenticated independent of the vendors’ services. However, existing identity-based anonymous schemes are only suitable for the client-server domain. Moreover, these schemes provide conditional anonymity which presupposes that if an adversary discovers the user’s private key, the identity can easily be recovered and misused. To avoid this situation, a new unconditional anonymity identity-based user authenticated key agreement scheme for IoT multi-server environment is introduced in this paper. Our protocol applies a ring signature to allow users to anonymously authenticate themselves in the severs without revealing their identities. Hence, an adversary cannot recover the user’s identity even when the user’s private key is known. We further provide a security proof in the random oracle model. Compared with the existing protocols, our proposed scheme is well fitting for mobile phone applications and guarantees the privacy of users in IoT multi-server domain.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

References

  1. 1.

    Wu TY, Tseng YM (2010) An efficient user authentication and key exchange protocol for mobile client–server environment. Comput Netw 54(9):1520–1530

    Article  MATH  Google Scholar 

  2. 2.

    Debiao H, Jianhua C, Jin H (2012) An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security. Information Fusion 13(3):223–230

    Article  Google Scholar 

  3. 3.

    He D (2012) An efficient remote user authentication and key agreement protocol for mobile client–server environment from pairings. Ad Hoc Netw 10(6):1009–1016

    Article  Google Scholar 

  4. 4.

    Shen H, Gao C, He D, Wu L (2015) New biometrics-based authentication scheme for multi-server environment in critical systems. J Ambient Intell Humaniz Comput 6(6):825–834

    Article  Google Scholar 

  5. 5.

    Chow SSM, Yiu SM, Hui LCK (2005) Efficient identity based ring signature. Springer, Berlin, pp 499–512. https://doi.org/10.1007/11496137_34

    MATH  Google Scholar 

  6. 6.

    Pleva P (2012) A revised classification of anonymity. arXiv:1211.5613

  7. 7.

    Shamir A (1984) Identity-based cryptosystems and signature schemes. In: Workshop on the theory and application of cryptographic techniques. Springer, pp 47–53

  8. 8.

    Li LH, Lin LC, Hwang MS (2001) A remote password authentication scheme for multiserver architecture using neural networks. IEEE Trans Neural Netw 12(6):1498–1504. https://doi.org/10.1109/72.963786

    Article  Google Scholar 

  9. 9.

    Juang WS (2004) Efficient multi-server password authenticated key agreement using smart cards. IEEE Trans Consum Electron 50(1):251–255. https://doi.org/10.1109/TCE.2004.1277870

    MathSciNet  Article  Google Scholar 

  10. 10.

    Chang CC, Lee JS (2004) An efficient and secure multi-server password authentication scheme using smart cards. In: 2004 International conference on cyberworlds, pp 417–422. https://doi.org/10.1109/CW.2004.17

  11. 11.

    Liao YP, Wang SS (2009) A secure dynamic id based remote user authentication scheme for multi-server environment. Computer Standards & Interfaces 31(1):24–29

    Article  Google Scholar 

  12. 12.

    Hsiang HC, Shih WK (2009) Improvement of the secure dynamic id based remote user authentication scheme for multi-server environment. Computer Standards & Interfaces 31(6):1118– 1123

    Article  Google Scholar 

  13. 13.

    Sood SK, Sarje AK, Singh K (2011) A secure dynamic identity based authentication protocol for multi-server architecture. J Netw Comput Appl 34(2):609–618

    Article  Google Scholar 

  14. 14.

    Li X, Xiong Y, Ma J, Wang W (2012) An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. J Netw Comput Appl 35(2):763–769

    Article  Google Scholar 

  15. 15.

    Han W (2012) Weaknesses of a dynamic identity based authentication protocol for multi-server architecture. arXiv:1201.0883

  16. 16.

    Yoon EJ, Yoo KY (2013) Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. J Supercomput 63(1):235–255. https://doi.org/10.1007/s11227-010-0512-1

    Article  Google Scholar 

  17. 17.

    Khan MK, He D (2012) A new dynamic identity-based authentication protocol for multi-server environment using elliptic curve cryptography. Security and Communication Networks 5(11):1260–1266. https://doi.org/10.1002/sec.573

    Google Scholar 

  18. 18.

    Han W, Zhu Z (2014) An id-based mutual authentication with key agreement protocol for multiserver environment on elliptic curve cryptosystem. Int J Commun Syst 27(8):1173–1185. https://doi.org/10.1002/dac.2405

    Article  Google Scholar 

  19. 19.

    He D, Wang D (2015) Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst J 9(3):816–823. https://doi.org/10.1109/JSYST.2014.2301517

    Article  Google Scholar 

  20. 20.

    Shen H, Gao C, He D, Wu L (2015) New biometrics-based authentication scheme for multi-server environment in critical systems. J Ambient Intell Humaniz Comput 6(6):825–834. https://doi.org/10.1007/s12652-015-0305-8

    Article  Google Scholar 

  21. 21.

    Tseng YM, Huang SS, You ML (2017) Strongly secure ID-based authenticated key agreement protocol for mobile multi-server environments. Int J Commun Syst 30(11):e3251–n/a. https://doi.org/10.1002/dac.3251. E3251 IJCS-16-0586.R1

    Article  Google Scholar 

  22. 22.

    Jiang P, Wen Q, Li W, Jin Z, Zhang H (2015) An anonymous and efficient remote biometrics user authentication scheme in a multi server environment. Front Comp Sci 9(1):142–156. https://doi.org/10.1007/s11704-014-3125-7

    MathSciNet  Article  Google Scholar 

  23. 23.

    Lin H, Wen F, Du C (2015) An improved anonymous multi-server authenticated key agreement scheme using smart cards and biometrics. Wirel Pers Commun 84(4):2351–2362. https://doi.org/10.1007/s11277-015-2708-4

    Article  Google Scholar 

  24. 24.

    Liao YP, Hsiao CM (2013) A novel multi-server remote user authentication scheme using self-certified public keys for mobile clients. Futur Gener Comput Syst 29(3):886–900

    Article  Google Scholar 

  25. 25.

    He D, Zeadally S, Kumar N, Wu W (2016) Efficient and anonymous mobile user authentication protocol using self-certified public key cryptography for multi-server architectures. IEEE Trans Inf Forensics Secur 11(9):2052–2064. https://doi.org/10.1109/TIFS.2016.2573746

    Article  Google Scholar 

  26. 26.

    Zhu H (2015) A provable one-way authentication key agreement scheme with user anonymity for multi-server environment. KSII Trans Internet Inf Syst (TIIS) 9(2):811–829

    Article  Google Scholar 

  27. 27.

    Jangirala S, Mukhopadhyay S, Das AK (2017) A multi-server environment with secure and efficient remote user authentication scheme based on dynamic id using smart cards. Wirel Pers Commun 95(3):2735–2767. https://doi.org/10.1007/s11277-017-3956-2

    Article  Google Scholar 

  28. 28.

    Tsai JL, Lo NW (2015) A chaotic map-based anonymous multi-server authenticated key agreement protocol using smart card. Int J Commun Syst 28(13):1955–1963. https://doi.org/10.1002/dac.2829. IJCS-13-0727.R2

    Article  Google Scholar 

  29. 29.

    Irshad A, Sher M, Chaudhary SA, Naqvi H, Farash MS (2016) An efficient and anonymous multi-server authenticated key agreement based on chaotic map without engaging registration centre. J Supercomput 72(4):1623–1644. https://doi.org/10.1007/s11227-016-1688-9

    Article  Google Scholar 

  30. 30.

    Rivest RL, Shamir A, Tauman Y (2001) How to leak a secret. In: International conference on the theory and application of cryptology and information security. Springer, pp 552–565

  31. 31.

    Zhang F, Kim K (2002) ID-based blind signature and ring signature from pairings. In: International conference on the theory and application of cryptology and information security. Springer, pp 533–547

  32. 32.

    Lin CY, Wu TC (2004) An identity-based ring signature scheme from bilinear pairings. In: 18th international conference on advanced information networking and applications, 2004. AINA 2004, vol 2. IEEE, pp 182–185

  33. 33.

    Awasthi AK, Lal S (2005) ID-based ring signature and proxy ring signature schemes from bilinear pairings. arXiv:cs/0504097

  34. 34.

    Herranz J, Sáez G (2004) New identity-based ring signature schemes. In: ICICS, vol 4. Springer, pp 27–39

  35. 35.

    Chow SSM, Hui LCK, Yiu SM (2005) Identity based threshold ring signature. In: Park CS, Chee S (eds) Information security and cryptology – ICISC 2004. Springer, Berlin, pp 218– 232

  36. 36.

    Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing. In: Advances in cryptology – CRYPTO 2001. Springer, pp 213–229

  37. 37.

    Boneh D, Lynn B, Shacham H (2004) Short signatures from the weil pairing. J Cryptol 17(4):297–319. https://doi.org/10.1007/s00145-004-0314-9

    MathSciNet  Article  MATH  Google Scholar 

  38. 38.

    Sui A, Chow SSM, Hui LCK, Yiu SM, Chow KP, Tsang WW, Chong CF, Pun KH, Chan HW (2005) Separable and anonymous identity-based key issuing. In: 11Th international conference on parallel and distributed systems (ICPADS’05), vol 2. pp 275–279. https://doi.org/10.1109/ICPADS.2005.263

  39. 39.

    Bellare M, Rogaway P (1993) Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM conference on computer and communications security, CCS ’93. ACM, New York, pp 62–73. https://doi.org/10.1145/168588.168596

  40. 40.

    Choon JC, Hee Cheon J (2002) An identity-based signature from gap Diffie-Hellman groups. Springer, Berlin, pp 18–30. https://doi.org/10.1007/3-540-36288-6_2

    MATH  Google Scholar 

  41. 41.

    Tsai JL, Lo NW (2015) Provably secure and efficient anonymous id-based authentication protocol for mobile devices using bilinear pairings. Wirel Pers Commun 83(2):1273–1286. https://doi.org/10.1007/s11277-015-2449-4

    Article  Google Scholar 

  42. 42.

    Caro AD, Iovino V (2011) JPBC: java pairing based cryptography. In: 2011 IEEE symposium on computers and communications (ISCC), pp 850–855. https://doi.org/10.1109/ISCC.2011.5983948

  43. 43.

    Daemen J, Rijmen V (2013) The design of Rijndael: AES-the advanced encryption standard. Springer Science & Business Media

  44. 44.

    Shim KA, Lee YR, Park CM (2013) EIBAS: an efficient identity-based broadcast authentication scheme in wireless sensor networks. Ad Hoc Netw 11(1):182–189

    Article  Google Scholar 

Download references

Acknowledgements

This work is supported by the National Natural Science Foundation of China (Grant No 61272525), the Fundamental Research Funds for the Central Universities (Grant No. ZYGX2016J081) and the Laboratory for Internet of Things and Mobile Internet Technology of Jiangsu Province (Grant No. JSWLW-2017-006).

Author information

Affiliations

Authors

Corresponding author

Correspondence to Fagen Li.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Hassan, A., Omala, A.A., Ali, M. et al. Identity-Based User Authenticated Key Agreement Protocol for Multi-Server Environment with Anonymity. Mobile Netw Appl 24, 890–902 (2019). https://doi.org/10.1007/s11036-018-1145-5

Download citation

Keywords

  • Anonymous user authentication
  • Multi-server environment
  • Bilinear pairing
  • Random oracle model