Abstract
User authentication is a procedure used to verify a user before he/she can login a system and website. Usually, the user’s account and password are employed to verify his/her identity. However, the two parameters may be hacked if the underlying network is unsafe. To provide a secure user authentication procedure, in this paper, we propose a secure user authentication scheme, named Device Parameter based User Authentication (DePUA in short), in which the hardware/software parameters of a user’s trusted device, the user’s password and a generated authorization code are employed to derive the device’s parameter key. Without the trusted device, the adversary is unable to login the system and access user’s information. The security analyses show that the DePUA can effectively verify user’s identity and has the features of machine-specific device’s parameter key, user anonymity, and two-factor security. Besides, it is able to resist replay attack, eavesdropping attack, and impersonation attack.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Liao, Y.P., Wang, S.S.: A Robust Password-Based Remote User Authentication Scheme Using Bilinear Pairings without Using Smart Cards. In: International Computer Symposium, pp. 215–221. Taiwan (2010)
Ren, X., Wu, X.W.: A Novel Dynamic User Authentication Scheme. In: International Symposium on Communications and Information Technologies, Gold Coast, pp. 713–717. USA (2012)
Li, X., Ma, J., Wang, W., Xiong, Y., Zhang, J.: A Novel Smart Card and Dynamic ID based Remote User Authentication Scheme for Multi-server Environment. Mathematical and Computer Modelling. 58(1–2), 85–95 (2013)
4. Roalter, L., Kranz, M., Diewald, S., Möller, A.: The Smartphone as Mobile Authorization Proxy. In: International Conference on Computer Aided Systems Theory, pp. 306–307. Japan (2013)
Niinuma, K., Park, U., Jain, A.K.: Soft Biometric Traits for Continuous User Authentication. IEEE Transactions on Information Forensics and Security, 5(4), 771–780 (2010)
Tsai, K.L., Leu, F.Y., Tsai, S.H.: Data Encryption Method using Environmental Secret Key with Server Assistance. Intelligent Automation and Soft Computing, 22(3), 423–430 (2016)
Schreck, J.: Security and Privacy in User Modeling. Springer Science+Business Media. (2003)
Wang D., Wang, P.: Understanding Security Failures of Two-factor Authentication Schemes for Real-time Applications in Hierarchical Wireless Sensor Networks. Ad Hoc Networks, 20, 1–15 (2014)
Tsai, K.L., Huang, Y.L., Leu, F.Y., Tan, J.S., Ye, M.Y.: High-efficient Multi-Key Exchange Protocol based on Three-party Authentication. In: International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, Birmingham, pp. 487–492. UK (2014)
Moghaddam, F.F., Moghaddam, S.G., Rouzbeh, S., Araghi, S.K., Alibeigi, N.M., Varnosfaderani, S.D.: A Scalable and Efficient User Authentication Scheme for Cloud Computing Environments. In: IEEE Region 10 Symposium, pp. 508–513. Malaysia (2014)
Huang, Y.L., Dai, C.R., Leu, F.Y., You, I.: A Secure Data Encryption Method Employing a Sequential-Logic Style Mechanism for a Cloud System. International Journal of Web and Grid Services, 11(1), 102–124 (2015)
Shin S., Kwon, T.: A Survey of Public Provable Data Possession Schemes with Batch Verification in Cloud Storage. Journal of Internet Services and Information Security, 5(3), 37–47 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Tsai, KL., Leu, FY., Yip, KS. (2017). Device Parameter based Secure User Authentication. In: Barolli, L., Xhafa, F., Yim, K. (eds) Advances on Broad-Band Wireless Computing, Communication and Applications. BWCCA 2016. Lecture Notes on Data Engineering and Communications Technologies, vol 2. Springer, Cham. https://doi.org/10.1007/978-3-319-49106-6_72
Download citation
DOI: https://doi.org/10.1007/978-3-319-49106-6_72
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49105-9
Online ISBN: 978-3-319-49106-6
eBook Packages: EngineeringEngineering (R0)