Skip to main content
SpringerLink
Log in

Design of Robust Smartcard-Based User Anonymous Authentication Protocol with AVISPA Simulation

  • Chapter
  • First Online:
Architectural Wireless Networks Solutions and Security Issues

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 196))

  • 372 Accesses

Abstract

Recently, Byun presented a privacy maintaining smartcard-based authentication protocol with provable security. We analyze and identify that his scheme is suffering from online password guessing threat, replay threat, and privileged insider threat. It is also not providing user-anonymity and password change phase. To eliminate these above-mentioned security issues, we have designed an extended user anonymous authenticated session key agreement protocol using smartcard. The scalability of our scheme is measured in both formal and informal ways. The formal validation of our scheme has done using Burrows-Abadi-Needham (BAN) logic. Also, simulation is done by automated validation of Internet security protocols and applications (AVISPA) tool. Informal security analysis ensures that our scheme resists to various kinds of fraudulent attacks. The proposed scheme does not only hold up aforementioned security attacks, but also achieves some security features like user-anonymity and easy-to-use password change phase. Our protocol is comparatively more efficient than other schemes in the terms of costs and estimated time.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Roy S, Karjee J, Rawat U, Dey N et al (2016) Symmetric key encryption technique: a cellular automata based approach in wireless sensor networks. Procedia Comput Sci 78:408–414

    Article  Google Scholar 

  2. Dey N, Ashour AS, Shi F, Fong SJ, Sherratt RS (2017) Developing residential wireless sensor networks for ecg healthcare monitoring. IEEE Trans Consum Electron 63(4):442–449

    Article  Google Scholar 

  3. Chandrakar P, Sinha S, Ali R (2019) Cloud-based authenticated protocol for healthcare monitoring system. J Ambient Intell Hum Comput: 1–17

    Google Scholar 

  4. Ali R, Chandrakar P, Kumar A (2020) On the security weaknesses in password-based anonymous authentication scheme for e-health care. In: Design frameworks for wireless networks. Springer, pp 23–40

    Google Scholar 

  5. Chandrakar P (2019) A secure remote user authentication protocol for healthcare monitoring using wireless medical sensor networks. Int J Ambient Comput Intell (IJACI) 10(1):96–116

    Article  Google Scholar 

  6. Chandrakar P, Om H (2018) An efficient two-factor remote user authentication and session key agreement scheme using rabin cryptosystem. Arab J Sci Eng 43(2):661–673

    Article  Google Scholar 

  7. Ali R, Pal AK (2018) An efficient three factor-based authentication scheme in multiserver environment using ECC. Int J Commun Syst 31(4):e3484

    Article  Google Scholar 

  8. Lamport L (1981) Password authentication with insecure communication. Commun ACM 24(11):770–772

    Article  MathSciNet  Google Scholar 

  9. Li C-T, Hwang M-S (2010) An efficient biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 33(1):1–5

    Article  Google Scholar 

  10. Li X, Niu J-W, Ma J, Wang W-D, Liu C-L (2011) Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 34(1):73–79

    Article  Google Scholar 

  11. Das AK (2011) Cryptanalysis and further improvement of a biometric-based remote user authentication scheme using smart cards. arXiv preprint arXiv:1103.3159

  12. Turkanović M, Brumen B, Hölbl M (2014) A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the internet of things notion. Ad Hoc Netw 20:96–112

    Article  Google Scholar 

  13. Karuppiah M, Saravanan R (2014) A secure remote user mutual authentication scheme using smart cards. J Inf Secur Appl 19(4–5):282–294

    Google Scholar 

  14. Kalra S, Sood SK (2015) Secure authentication scheme for iot and cloud servers. Pervasive Mob Comput 24:210–223

    Article  Google Scholar 

  15. Farash MS, Turkanović M, Kumari S, Hölbl M (2016) An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the internet of things environment. Ad Hoc Netw 36:152–176

    Article  Google Scholar 

  16. Kaul SD, Awasthi AK (2016) Security enhancement of an improved remote user authentication scheme with key agreement. Wirel Pers Commun 89(2):621–637

    Article  Google Scholar 

  17. Kumari S, Khan MK, Li X (2014) An improved remote user authentication scheme with key agreement. Comput Electr Eng 40(6):1997–2012

    Article  Google Scholar 

  18. Kumari S, Gupta MK, Khan MK, Li X (2014) An improved timestamp-based password authentication scheme: comments, cryptanalysis, and improvement. Secur Commun Netw 7(11):1921–1932

    Article  Google Scholar 

  19. Chaudhry SA, Farash MS, Naqvi H, Kumari S, Khan MK (2015) An enhanced privacy preserving remote user authentication scheme with provable security. Secur Commun Netw 8(18):3782–3795

    Article  Google Scholar 

  20. Radhakrishnan N, Karuppiah M, Pandi V, Bhuiyan MZA (2017) Security on a lightweight authentication scheme with user untraceability. International conference on security, privacy and anonymity in computation, communication and storage. Springer, pp 489–496

    Google Scholar 

  21. Yeh K-H (2015) A lightweight authentication scheme with user untraceability. Front Inf Technol Electron Eng 16(4):259–271

    Article  Google Scholar 

  22. Wu F, Xu L, Kumari S, Li X, Das AK, Shen J (2018) A lightweight and anonymous rfid tag authentication protocol with cloud assistance for e-healthcare applications. J Ambient Intell Hum Comput 9(4):919–930

    Article  Google Scholar 

  23. Kumari S, Karuppiah M, Das AK, Li X, Wu F, Kumar N (2018) A secure authentication scheme based on elliptic curve cryptography for iot and cloud servers. J Supercomput 74(12):6428–6453

    Article  Google Scholar 

  24. Karuppiah M, Das AK, Li X, Kumari S, Wu F, Chaudhry SA, Niranchana R (2019) Secure remote user mutual authentication scheme with key agreement for cloud environment. Mob Netw Appl 24(3):1046–1062

    Article  Google Scholar 

  25. Qi M, Chen J (2017) An efficient two-party authentication key exchange protocol for mobile environment. Int J Commun Syst 30(16):e3341

    Article  Google Scholar 

  26. Byun JW (2015) Privacy preserving smartcard-based authentication system with provable security. Secur Commun Netw 8(17):3028–3044

    Article  Google Scholar 

  27. Awasthi AK, Srivastava K, Mittal R (2011) An improved timestamp-based remote user authentication scheme. Comput Electr Eng 37(6):869–874

    Article  Google Scholar 

  28. Islam SH (2016) Design and analysis of an improved smartcard-based remote user password authentication scheme. Int J Commun Syst 29(11):1708–1719

    Article  Google Scholar 

  29. Khan MK, Kumari S (2013) An authentication scheme for secure access to healthcare services. J Med Syst 37(4):9954

    Article  Google Scholar 

  30. Li X, Niu J, Khan MK, Liao J (2013) An enhanced smart card based remote user password authentication scheme. J Netw Comput Appl 36(5):1365–1371

    Article  Google Scholar 

  31. Burrows M, Abadi M, Needham RM (1989) A logic of authentication. Proc R Soc Lond A 426(1871):233–271

    Article  MathSciNet  Google Scholar 

  32. Chandrakar P, Om H (2017) Cryptanalysis and improvement of a biometric-based remote user authentication protocol usable in a multiserver environment. Trans Emerg Telecommun Technol 28(12):e3200

    Article  Google Scholar 

  33. Chen B-L, Kuo W-C, Wuu L-C (2014) Robust smart-card-based remote user password authentication scheme. Int J Commun Syst 27(2):377–389

    Article  Google Scholar 

  34. Bin Muhaya FT (2015) Cryptanalysis and security enhancement of zhu’s authentication scheme for telecare medicine information system. Secur Commun Netw 8(2):149–158

    Google Scholar 

  35. Chaturvedi A, Mishra D, Mukhopadhyay S (2013) Improved biometric-based three-factor remote user authentication scheme with key agreement using smart card. In: International conference on information systems security. Springer, pp 63–77

    Google Scholar 

  36. Islam SH, Khan MK (2014) Cryptanalysis and improvement of authentication and key agreement protocols for telecare medicine information systems. J Med Syst 38(10):135

    Article  Google Scholar 

  37. Jiang Q, Ma J, Li G, Yang L (2014) An efficient ticket based authentication protocol with unlinkability for wireless access networks. Wirel Pers Commun 77(2):1489–1506

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics and Scientific Computing, National Institute of Technology, Hamirpur, Hamirpur, 177005, Himachal Pradesh, India

    Rifaqat Ali

  2. Department of Computer Science and Engineering, National Institute of Technology, Raipur, Raipur, 492010, India

    Preeti Chandrakar

Authors
  1. Rifaqat Ali
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Preeti Chandrakar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rifaqat Ali .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Sarala Birla University, Birla Knowledge City, Ranchi, Jharkhand, India

    Santosh Kumar Das

  2. Department of Computer Science and Engineering, University Institute of Technology, Burdwan University, Burdwan, West Bengal, India

    Sourav Samanta

  3. Department of Computer Science and Engineering, JIS University, Kolkata, India

    Nilanjan Dey

  4. Yudiz Solutions Pvt. Ltd., Ahmedabad, Gujarat, India

    Bharat S. Patel

  5. Department of Information Technology, Cairo University, Giza, Egypt

    Aboul Ella Hassanien

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Ali, R., Chandrakar, P. (2021). Design of Robust Smartcard-Based User Anonymous Authentication Protocol with AVISPA Simulation. In: Das, S.K., Samanta, S., Dey, N., Patel, B.S., Hassanien, A.E. (eds) Architectural Wireless Networks Solutions and Security Issues. Lecture Notes in Networks and Systems, vol 196. Springer, Singapore. https://doi.org/10.1007/978-981-16-0386-0_3

Download citation

  • DOI: https://doi.org/10.1007/978-981-16-0386-0_3

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-16-0385-3

  • Online ISBN: 978-981-16-0386-0

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation