Abstract
Public key cryptosystems more recently developed have to be strong against newer and more advanced forms of attacks. The security protection of a public key cryptosystem relies heavily on the design of the public key. The key authentication procedure is one of the easiest and most advantageous authentication mechanisms used over insecure networks and widely applied for the remote login with various operation systems, computer networks, wireless networks, database management systems, and many others. In a typical key authentication procedure, however, there is at least one authority involved to authenticate the keys. In this paper, we shall propose a new key authentication procedure built on the basis of the decisional composite residuosity assumption. As with ordinary certificate-based procedures, the proposed procedure involves no authorities. With the certificate of the public key of a client being a blend of his/her private key and password, the proposed procedure is exceptionally secure, and the authentication process is very simple.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Aghili SF, Talouki MA, Mala H (2018) DoS, impersonation and de-synchronization attacks against an ultra-lightweight RFID mutual authentication protocol for IoT. J Supercomput 74(1):509–525.
Amin R, Islam SKH, Biswas GP, Khan MK (2018) A robust and anonymous patient monitoring system using wireless medical sensor networks. Future Gener Comput Syst 80:483–495
Arshad A, Nikooghadam M (2014) Three-factor anonymous authentication and key agreement scheme for telecare medicine information systems. J Med Syst 38:136
Chattaraj D, Sarma M, Das AK (2018) A new two-server authentication and key agreement protocol for accessing secure cloud services. Comput Netw 131:144–164
Chaudhry SA, Naqvi H, Khan MK (2018) An enhanced lightweight anonymous biometric based authentication scheme for TMIS. Multimed Tools Appl 77(5):5503–5524
Chiou SY, Ying Z, Liu J (2016) Improvement of a privacy authentication scheme based on cloud for medical environment. J Med Syst 40(4):1–15
Das A, Adhikari A (2012) An efficient IND-CCA2 secure Paillier-based cryptosystem. Inf Process Lett 112:885–888
Evans A, Kantrowitz W, Weiss E (1974) A user authentication system not requiring secrecy in the computer. Commun ACM 17(8):437–441
Girault M (1991) Self-certified public keys. In: Advances in cryptology, EUROCRYPT’91, Lecture notes in computer science, pp 491–497
He D, Kumar N, Shen H, Lee JH (2016a) One-to-many authentication for access control in mobile pay-TV systems. Sci China Inf Sci 59(5):1–14
He D, Zeadally S, Kumar N, Lee JH (2016b) Anonymous authentication for wireless body area networks with provable security. IEEE Syst J 99:1–12
Horng G, Yang CS (1996) Key authentication scheme for cryptosystems based on discrete logarithms. Comput Commun 19:848–850
Ibrahim MH, Kumari S, Das AK, Wazid M, Odelu V (2016) Secure anonymous mutual authentication for star two-tier wireless body area networks. Comput Methods Programs Biomed 135:37–50
Khan MK, Kumari S (2014) Cryptanalysis and improvement of “an efficient and secure dynamic ID-based authentication scheme for telecare medical information systems”. Secur Commun Netw 7(2):399–408
Kohnfelder M (1978) A method for certification. In: Technical report, MIT Laboratory for Computer Science, MIT Press, Cambridge, MA
Kumaraswamy P, Rao CVG, Janaki V, Prashant KVTKN (2015) A new key authentication scheme for cryptosystems based on discrete logarithms. J Innov Comput Sci Eng 5(1):42–47
Lee WB, Wu YC (2001) A simple and efficient key authentication scheme. In: Proceedings of the 18th workshop on combinational mathematics and computational theory, pp 70–77
Lee CC, Hwang MS, Li LH (2003) A new key authentication scheme based on discrete logarithms. Appl Math Comput 139:343–349
Lee CC, Lai YM, Chen CT, Chen SD (2017) Advanced secure anonymous authentication scheme for roaming service in global mobility networks. Wirel Pers Commun 94(3):1281–1296
Li CT, Lee CC, Weng CY, Chen CM (2018a) Towards secure authenticating of cache in the reader for RFID-based IoT systems. Peer Peer Netw Appl 11(1):198–208
Li CT, Lee CC, Weng C (2018b) Security and efficiency enhancement of robust ID based mutual authentication and key agreement scheme preserving user anonymity in mobile networks. J Inf Sci Eng 34:155–170
Meshram C (2015) An efficient ID-based cryptographic encryption based on discrete logarithm problem and integer factorization problem. Inf Process Lett 115(2):351–358
Meshram C, Li X (2018) New efficient key authentication protocol for public key cryptosystem using DL over multiplicative group. J Inf Optim Sci 39(2):391–400
Meshram C, Meshram SA (2013) An identity based cryptographic model for discrete logarithm and integer factoring based cryptosystem. Inf Process Lett 113(10):375–380
Meshram C, Meshram SA, Zhang M (2012) An ID-based cryptographic mechanisms based on GDLP and IFP. Inf Process Lett 112(19):753–758
Meshram C, Powar PL, Obaidat MS, Lee CC (2016) An IBE technique using partial discrete logarithm. Procedia Comput Sci 93: 735–741.
Meshram C, Lee CC, Li CT, Chen CL (2017a) A secure key authentication scheme for cryptosystems based on GDLP and IFP. Soft Comput 21(24):7285–7291
Meshram C, Tseng YM, Lee CC, Meshram SG (2017b) An IND-ID-CPA secure ID-based cryptographic protocol using GDLP and IFP. INFORMATICA LITHUAN Int J 28(3):471–484
Meshram C, Obaidat MS, Meshram SG (2018) Chebyshev chaotic maps based ID-based cryptographic model using subtree and fuzzy-entity data sharing for public key cryptography. Secur Privacy 1(1): 12:1–12:9.
Meshram C, Li CT, Meshram SG (2019a) An efficient online/offline ID-based short signature procedure using extended chaotic maps. Soft Comput 23(3):747–753
Meshram C, Lee CC, Meshram SG, Li CT (2019b) An efficient ID-based cryptographic transformation model for extended chaotic-map-based cryptosystem. Soft Comput 23(16):6937–6946
Meshram C, Lee CC, Meshram SG, Khan MK (2019c) An identity-based encryption technique using subtree for fuzzy user data sharing under cloud computing environment. Soft Comput. https://doi.org/10.1007/s00500-019-03855-1
Peinado A (2004) Cryptanalysis of LHL-key authentication scheme. Appl Math Comput 152:721–724
Qiu S, Xu G, Ahmad H, Wang L (2018) A robust mutual authentication scheme based on elliptic curve cryptography for telecare medical information systems. IEEE Access 6:7452–7463
Shamir A (1984) Identity based cryptosystems and signature schemes. In: Advances in cryptology, CRYPTO’84, Lecture notes in computer science, pp 47–53
Shen J, Chang S, Shen J, Liu Q, Sun X (2018) A lightweight multi-layer authentication protocol for wireless body area networks. Future Gener Comput Syst 78(3):956–963
Simmons G (1992) Contemporary cryptology: the science of information integrity. IEEE Press, New York.
Wang KH, Chen CM, Fang W, Wu TY (2018) On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags. J Supercomput 74(1):65–70
Wazid M, Das AK, Kumar N, Rodrigues JJPC (2018) Secure three-factor user authentication scheme for renewable-energy-based smart grid environment. IEEE Trans Ind Inf 13(6):3144–3153
Wu T, Lin HY (2004) Robust key authentication scheme resistant to public key substitution attacks. Appl Math Comput 157:825–833
Wu F, Xu L, Kumari S, Li X (2018) An improved and provably secure three-factor user authentication scheme for wireless sensor networks. Peer Peer Netw Appl 11(1):1–20
Yang H, Zhang Y, Zhou Y, Fu X, Liu H, Vasilakos AV (2014) Provably secure three-party authenticated key agreement protocol using smart cards. Comput Netw 58:29–38
Zhan B, Li Z, Yang Y, Hu Z (1999) On the security of HY-key authentication scheme. Comput Commun 22:739–741
Zhang F, Kim K (2005) Cryptanalysis of Lee–Hwang–Li’s key authentication scheme. Appl Math Comput 161:101–107
Zhang M, Zhang JS, Tan WR (2016) A secure sketch-based authentication scheme for telecare medicine information systems. J Inf Sci Eng 32:389–402
Zhou J, Cao Z, Dong X, Xiong N, Vasilakos AV (2015) 4S: a secure and privacy-preserving key management scheme for cloud-assisted wireless body area network in m-healthcare social networks. Inf Sci 314:255–276
Acknowledgements
The authors would like to thank anonymous reviewers of Soft Computing for their careful and helpful comments.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Ethical approval
This article does not contain any studies with human participants or animals performed by any of the authors.
Additional information
Communicated by A. Di Nola.
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Meshram, C., Obaidat, M.S., Lee, CC. et al. An efficient key authentication procedure for IND-CCA2 secure Paillier-based cryptosystem. Soft Comput 24, 6531–6537 (2020). https://doi.org/10.1007/s00500-020-04768-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-020-04768-0