Skip to main content
SpringerLink
Log in
Book cover

International Conference on Green, Pervasive, and Cloud Computing

GPC 2017: Green, Pervasive, and Cloud Computing pp 116–126Cite as

Further Improvement on An Efficient and Secure Three-factor Based Authenticated Key Exchange Scheme Using Elliptic Curve Cryptosystems

  • Conference paper
  • First Online:

  • 1916 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 10232))

Abstract

Nowadays users can access various online services and resources from distributed information systems remotely via Internet or other public networks. However, remote online systems are vulnerable to many security attacks due to they are built on public networks. Therefore it is necessary to design an authentication scheme for securing network communications between a login user and a remote server. In 2016, Han et al. proposed a secure three-factor authentication scheme based on elliptic curve cryptography (ECC) to achieve this goal. Unfortunately, we analyzed Han et al.’s scheme and demonstrated that their authentication scheme cannot satisfactory to be implemented in practice because it fails to ensure the property of unlinkability between the login user and the remote server and is unable to withstand account duplication attack. In this paper, we suggest an enhanced anonymous authentication scheme to repair the security flaws in Han et al.’s scheme. We give the security analysis and performance evaluation to demonstrate that the proposed scheme not only resists the aforementioned security weaknesses on Han et al.’s scheme but also inherits the functionality merits and performance efficiencies of their authentication scheme.

This is a preview of subscription content, log in via an institution.

References

  1. An, Y.: Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards. J. Biomed. Biotechnol. 2012, 1–6 (2012). Article no. 519723

    Article  Google Scholar 

  2. Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18–36 (1990)

    Article  MATH  Google Scholar 

  3. Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48, 203–209 (1987)

    Article  MathSciNet  MATH  Google Scholar 

  4. Das, A.K.: Analysis and improvement on an efficient biometricbased remote user authentication. IET Inf. Secur. 5(3), 145–151 (2011)

    Article  Google Scholar 

  5. Das, A.K., Goswami, A.: A robust anonymous biometric-based remote user authentication scheme using smart cards. J. King Saud Univ. Comput. Inf. Sci. 27(2), 193–210 (2015)

    Google Scholar 

  6. Das, A.K.: A secure user anonymity-preserving three-factor remote user authentication scheme for the telecare medicine information systems. J. Med. Syst. 39(3), 1–20 (2015). Article no. 30

    Google Scholar 

  7. Guo, D., Wen, Q., Li, W., Zhang, H., Jin, Z.: An improved biometrics-based authentication scheme for telecare medical information systems. J. Med. Syst. 39(3), 1–10 (2015). Article no. 20

    Article  Google Scholar 

  8. Han, L., Tan, X., Wang, S., Liang, X.: An efficient and secure three-factor based authenticated key exchange scheme using elliptic curve cryptosystems. Peer-to-Peer Netw. Appl. (2016). doi:10.1007/s12083-016-0499-3

  9. Jin, A.T.B., Ling, D.N.C., Goh, A.: Biohashing: two factor authentication featuring fingerprint data and tokenised random number. Pattern Recogn. 37(11), 2245–2255 (2004)

    Article  Google Scholar 

  10. Li, C.T., Hwang, M.S.: An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33(1), 1–5 (2010)

    Article  Google Scholar 

  11. Lu, Y., Li, L., Peng, H., Yang, Y.: An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem. J. Med. Syst. 39(3), 1–9 (2015). Article no. 32

    Article  Google Scholar 

  12. Mishra, D., Das, A.K., Mukhopadhyay, S.: A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Syst. Appl. 41(8), 8129–8143 (2014)

    Article  Google Scholar 

  13. Moon, J., Choi, Y., Kim, J., Won, D.: An improvement of robust and efficient biometrics based password authentication scheme for telecare medicine information systems using extended chaotic maps. J. Med. Syst. 40(3), 1–11 (2016). Article no. 70

    Article  Google Scholar 

  14. Wu, F., Xu, L., Kumari, S., Li, X.: A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client-server networks. Comput. Electr. Eng. 45, 274–285 (2015)

    Article  Google Scholar 

  15. Yeh, H.L., Chen, T.H., Hu, K.J., Shih, W.K.: Robust elliptic curve cryptography-based three factor user authentication providing privacy of biometric data. IET Inf. Secur. 7(3), 247–252 (2013)

    Article  Google Scholar 

Download references

Acknowledgements

The authors would like to thank the anonymous reviewers for their valuable comments and suggestions. This research was supported in part by the Ministry of Science and Technology, Taiwan, R.O.C., under Grand number MOST 105-2221-E-165-005 and MOST 105-3314-C-165-001-ES.

Author information

Authors and Affiliations

  1. Department of Information Management, Tainan University of Technology, No. 529, Zhongzheng Road, Tainan City, 71002, Taiwan, R.O.C.

    Chun-Ta Li

  2. Department of Computer Science and Information Engineering, Chaoyang University of Technology, 168 Jifeng East Road, Taichung City, 41349, Taiwan, R.O.C.

    Chin-Ling Chen

  3. Department of Library and Information Science, Fu Jen Catholic University, No. 510, Jhongjheng Road, New Taipei City, 24205, Taiwan, R.O.C.

    Cheng-Chi Lee

  4. Department of Photonics and Communication Engineering, Asia University, 500 Lioufeng Road, Taichung City, 41354, Taiwan, R.O.C.

    Cheng-Chi Lee

  5. School of Computer Science and Technology, Harbin Institute of Technology Shenzhen Graduate School, Shenzhen University Town, Nanshan District, Shenzhen, 518055, People’s Republic of China

    Chien-Ming Chen

Authors
  1. Chun-Ta Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chin-Ling Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Cheng-Chi Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chien-Ming Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Chin-Ling Chen or Cheng-Chi Lee .

Editor information

Editors and Affiliations

  1. Hong Kong Polytechnic University, Hong Kong, Hong Kong

    Man Ho Allen Au

  2. University of Salerno, Fisciano, Italy

    Arcangelo Castiglione

  3. University of Texas at San Antonio, San Antonio, Texas, USA

    Kim-Kwang Raymond Choo

  4. University of Salerno, Fisciano, Italy

    Francesco Palmieri

  5. Providence University, Taichung City, Taiwan

    Kuan-Ching Li

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Li, CT., Chen, CL., Lee, CC., Chen, CM. (2017). Further Improvement on An Efficient and Secure Three-factor Based Authenticated Key Exchange Scheme Using Elliptic Curve Cryptosystems. In: Au, M., Castiglione, A., Choo, KK., Palmieri, F., Li, KC. (eds) Green, Pervasive, and Cloud Computing. GPC 2017. Lecture Notes in Computer Science(), vol 10232. Springer, Cham. https://doi.org/10.1007/978-3-319-57186-7_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-57186-7_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-57185-0

  • Online ISBN: 978-3-319-57186-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation