Dynamic ID-based remote user authentication scheme using ElGamal encryption system

Abstract We propose a new dynamic ID-based remote user authentication scheme using smart cards, which it is based on one-way hash function, ElGamal’s public key cryptosystem and nonce. The scheme achieves the following security requirements: 1) users can choose and change their password freely, 2) m...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Nova scientia Jg. 8; H. 17; S. 263 - 277
Hauptverfasser: Martínez Peláez, Rafael, Saavedra Benitez, Yesica, Velarde Alvarado, Pablo, Pomykala, Jacek
Format: Journal Article
Sprache:Englisch
Portugiesisch
Veröffentlicht: Universidad de La Salle Bajío A. C., Coordinación de Investigación 2016
Universidad De La Salle Bajío
Schlagworte:
Architecture
Area Studies
autenticación mutua
AVISPA tool
Biology
computer network
contraseña
criptografía
cryptography
discrete logarithm
Engineering, Chemical
Engineering, Environmental
Engineering, Multidisciplinary
herramienta AVISPA
logaritmo discreto
mutul authentication
password
Physics, Applied
seguridad en redes
smart cards
Sociology
tarjetas inteligentes
autenticación mutua
smart cards
cryptography
herramienta AVISPA
computer network
AVISPA tool
password
mutul authentication
logaritmo discreto
criptografía
tarjetas inteligentes
discrete logarithm
seguridad en redes
contraseña
ISSN:2007-0705, 2007-0705
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Abstract We propose a new dynamic ID-based remote user authentication scheme using smart cards, which it is based on one-way hash function, ElGamal’s public key cryptosystem and nonce. The scheme achieves the following security requirements: 1) users can choose and change their password freely, 2) mutual authentication between the user and the server, 3) the user and the server establish a session key after successful authentication process, 4) the server does not maintain a verification table, 5) the login request message does not contain the user’s identity, and 6) the authentication phase does not require time-synchronization, making it more secure than previous schemes. In order to verify the security characteristics of our protocol, we have modelled and analysed the proposal using High-level Protocol Specification Language (HLPSL) and Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The results demonstrate that our protocol achieves more security requirements than previous works.
ISSN:2007-0705
2007-0705
DOI:10.21640/ns.v8i17.673