Dynamic ID-based remote user authentication scheme using ElGamal encryption system

Abstract We propose a new dynamic ID-based remote user authentication scheme using smart cards, which it is based on one-way hash function, ElGamal’s public key cryptosystem and nonce. The scheme achieves the following security requirements: 1) users can choose and change their password freely, 2) m...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Nova scientia Ročník 8; číslo 17; s. 263 - 277
Hlavní autoři: Martínez Peláez, Rafael, Saavedra Benitez, Yesica, Velarde Alvarado, Pablo, Pomykala, Jacek
Médium: Journal Article
Jazyk:angličtina
portugalština
Vydáno: Universidad de La Salle Bajío A. C., Coordinación de Investigación 2016
Universidad De La Salle Bajío
Témata:
Architecture
Area Studies
autenticación mutua
AVISPA tool
Biology
computer network
contraseña
criptografía
cryptography
discrete logarithm
Engineering, Chemical
Engineering, Environmental
Engineering, Multidisciplinary
herramienta AVISPA
logaritmo discreto
mutul authentication
password
Physics, Applied
seguridad en redes
smart cards
Sociology
tarjetas inteligentes
autenticación mutua
smart cards
cryptography
herramienta AVISPA
computer network
AVISPA tool
password
mutul authentication
logaritmo discreto
criptografía
tarjetas inteligentes
discrete logarithm
seguridad en redes
contraseña
ISSN:2007-0705, 2007-0705
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Abstract We propose a new dynamic ID-based remote user authentication scheme using smart cards, which it is based on one-way hash function, ElGamal’s public key cryptosystem and nonce. The scheme achieves the following security requirements: 1) users can choose and change their password freely, 2) mutual authentication between the user and the server, 3) the user and the server establish a session key after successful authentication process, 4) the server does not maintain a verification table, 5) the login request message does not contain the user’s identity, and 6) the authentication phase does not require time-synchronization, making it more secure than previous schemes. In order to verify the security characteristics of our protocol, we have modelled and analysed the proposal using High-level Protocol Specification Language (HLPSL) and Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The results demonstrate that our protocol achieves more security requirements than previous works.
ISSN:2007-0705
2007-0705
DOI:10.21640/ns.v8i17.673