Abstract
Many previous works on remote user authentication schemes are related to remote services environment such as online banking and electronic commerce. However, these schemes are dependent solely on one parameter, namely, user legitimacy in order to fulfill the authentication process. Furthermore, most of the schemes rely on prearranged shared secret key or server secret key to generate session key in order to secure its communication. Consequently, these schemes are vulnerable to malicious software attacks that could compromise the integrity of the platform used for the communication. As a result, user identity or shared secret key potentially can be exposed due to limitation of the scheme in providing trust or evidence of claimed platform identity. In this paper, we propose a remote authentication with hardware based attestation and secure key exchange protocol to resist malicious software attack. In addition, we also propose pseudonym identity enhancement in order to improve user identity privacy.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Lamport, L.: Password authentication with insecure communication. Communications of the ACM 24(11), 770–772 (1981)
Wu, T.: The Secure Remote Password protocol. In: Internet Society Network and Distributed Systems Security Symposium (NDSS), San Diego, pp. 97–111 (1998)
Juang, W.S., Wu, J.L.: Efficient user authentication and key agreement with user privacy protection. International Journal of Network Security 7, 120–129 (2008)
Zhou, L., Zhang, Z.: Trusted channels with password-based authentication and TPM-based attestation. In: International Conference on Communications and Mobile Computing, pp. 223–227 (2010)
Zhang, M.: Analysis of the SPEKE password-authenticated key exchange protocol. IEEE Communications Letters 8(1), 63–65 (2004)
Ali, T.: Incorporating remote attestation for end-to-end protection in web communication paradigm. In: International Conference on Internet Technologies and Applications, Wales, UK (2009)
Cheng, S., Bing, L., Yang, X., Yixian, Y., Zhongxian, L., Han, Y.: A security-enhanced remote platform integrity attestation scheme. In: Wireless Communications, Networking and Mobile Computing (WiCom 2009), vol. 4, pp. 24–26 (2009)
Stumpf, F., Tafreschi, O., Röder, P., Eckert, C.: A robust integrity reporting protocol for remote attestation. In: Proceedings of the Workshop on Advances in Trusted Computing, WATC (2006)
Jablon, D.: Strong password-only authenticated key exchange. SIGCOMM Computing Communication 26(5) (1996)
Hu, L., Yang, Y., Niu, X.: Improved remote user authentication scheme preserving user anonymity. In: Communication Networks and Services Research (CNSR 2007), pp. 323–328 (2007)
Liao, Y.P., Wang, S.-S.: A secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards & Interfaces 31(1), 24–29 (2009)
Chien, H.-Y., Chen, C.-H.: A remote authentication scheme preserving user anonymity. In: Proceedings of the 19th International Conference on Advanced Information Networking and Applications (AINA 2005), Washington, USA, vol. 2, pp. 245–248 (2005)
Chai, Z., Cao, Z.-F., Lu, R.: Efficient password-based authentication and key exchange scheme preserving user privacy. In: Cheng, X., Li, W., Znati, T. (eds.) WASA 2006. LNCS, vol. 4138, pp. 467–477. Springer, Heidelberg (2006)
Trusted Computing Group: TCG specification architecture overview, specification revision 1.4 (2007)
TrustedGrub, http://www.sirrix.com/content/pages/trustedgrub.htm
Kinney, S.: Trusted Platform Module Basics: Using TPM in Embedded System. NEWNES (2006)
Challener, D., Yoder, K., Catherman, R., Safford, D., Doorn, L.V.: A Practical Guide to Trusted Computing. IBM Press (2008)
Sadeghi, A.-R.: Trusted Computing — Special Aspects and Challenges. In: Geffert, V., Karhumäki, J., Bertoni, A., Preneel, B., Návrat, P., Bieliková, M. (eds.) SOFSEM 2008. LNCS, vol. 4910, pp. 98–117. Springer, Heidelberg (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mat Nor, F.B., Abd Jalil, K., Ab Manan, Jl. (2011). Remote User Authentication Scheme with Hardware-Based Attestation. In: Zain, J.M., Wan Mohd, W.M.b., El-Qawasmeh, E. (eds) Software Engineering and Computer Systems. ICSECS 2011. Communications in Computer and Information Science, vol 180. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22191-0_38
Download citation
DOI: https://doi.org/10.1007/978-3-642-22191-0_38
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22190-3
Online ISBN: 978-3-642-22191-0
eBook Packages: Computer ScienceComputer Science (R0)