Efficient Password-Based Authentication and Key Exchange Scheme Preserving User Privacy
With the flourish of applications over the wired /wireless networks, how to keep user’s privacy has drawn growing concerns in recent years. Although the issue of user anonymity has been addressed in digital signature field by introducing the concepts of ring and group signatures, they are not suitable to anonymously authenticate a user in wireless mobile applications, because these signature schemes need infrastructure support and heavy computational costs which is beyond the computational ability of a smart card embedded in a hand-held device. In this paper, we propose an anonymous authentication scheme which also supports Diffie-Hellman key exchange. Our scheme is very efficient since it mainly uses hash and XOR operations. Moreover, our scheme possesses many good virtues of existing authentication schemes.
KeywordsSmart Card Authentication Scheme Mutual Authentication User Anonymity Login Request
Unable to display preview. Download preview PDF.
- 1.Liao, I.E., Lee, C.C., Hwang, M.S.: A password authentication scheme over insecure networks. J. Comput. System Sci. (2005)Google Scholar
- 3.Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)Google Scholar
- 5.Bo, Z., Wan, Z.G., Kankanhalli, M.S., Feng, B., Deng, R.H.: Anonymous secure routing in mobile ad-hoc networks, Local Computer Networks, 2004. In: 29th Annual IEEE International Conference, November 16-18, pp. 102–108 (2004)Google Scholar
- 7.Chien, H.Y., Chen, C.H.: A remote authentication scheme preserving user anonymity. In: Proceedings of the 19th International Conference on Advanced Information Networking and Applications - AINA 2005, pp. 245–248 (2005)Google Scholar
- 10.Lu, R.X., Cao, Z.F., Su, R.W.: A self-encryption remote user anonymous authentication scheme using smart cards. Journal of Shanghai Jiaotong University (2006)Google Scholar
- 15.Chen, C.M., Ku, W.C.: Stolen-verifier attack on two new strong-password authentication protocal. IEICE Transactions on Communications E85-B(11), 2519–2521 (2002)Google Scholar
- 16.Damgård, I.B.: A Design Principle for Hash Functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)Google Scholar