Abstract
A multi-server environment is an important application paradigm in the Internet of Things (IoT). It enables a user access services from different vendors without having to go through multiple registration. The privacy of one who desires to access these services is often crucial. In order to access this service in a manner that assures user privacy, a user needs to be anonymously authenticated independent of the vendors’ services. However, existing identity-based anonymous schemes are only suitable for the client-server domain. Moreover, these schemes provide conditional anonymity which presupposes that if an adversary discovers the user’s private key, the identity can easily be recovered and misused. To avoid this situation, a new unconditional anonymity identity-based user authenticated key agreement scheme for IoT multi-server environment is introduced in this paper. Our protocol applies a ring signature to allow users to anonymously authenticate themselves in the severs without revealing their identities. Hence, an adversary cannot recover the user’s identity even when the user’s private key is known. We further provide a security proof in the random oracle model. Compared with the existing protocols, our proposed scheme is well fitting for mobile phone applications and guarantees the privacy of users in IoT multi-server domain.
Similar content being viewed by others
References
Wu TY, Tseng YM (2010) An efficient user authentication and key exchange protocol for mobile client–server environment. Comput Netw 54(9):1520–1530
Debiao H, Jianhua C, Jin H (2012) An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security. Information Fusion 13(3):223–230
He D (2012) An efficient remote user authentication and key agreement protocol for mobile client–server environment from pairings. Ad Hoc Netw 10(6):1009–1016
Shen H, Gao C, He D, Wu L (2015) New biometrics-based authentication scheme for multi-server environment in critical systems. J Ambient Intell Humaniz Comput 6(6):825–834
Chow SSM, Yiu SM, Hui LCK (2005) Efficient identity based ring signature. Springer, Berlin, pp 499–512. https://doi.org/10.1007/11496137_34
Pleva P (2012) A revised classification of anonymity. arXiv:1211.5613
Shamir A (1984) Identity-based cryptosystems and signature schemes. In: Workshop on the theory and application of cryptographic techniques. Springer, pp 47–53
Li LH, Lin LC, Hwang MS (2001) A remote password authentication scheme for multiserver architecture using neural networks. IEEE Trans Neural Netw 12(6):1498–1504. https://doi.org/10.1109/72.963786
Juang WS (2004) Efficient multi-server password authenticated key agreement using smart cards. IEEE Trans Consum Electron 50(1):251–255. https://doi.org/10.1109/TCE.2004.1277870
Chang CC, Lee JS (2004) An efficient and secure multi-server password authentication scheme using smart cards. In: 2004 International conference on cyberworlds, pp 417–422. https://doi.org/10.1109/CW.2004.17
Liao YP, Wang SS (2009) A secure dynamic id based remote user authentication scheme for multi-server environment. Computer Standards & Interfaces 31(1):24–29
Hsiang HC, Shih WK (2009) Improvement of the secure dynamic id based remote user authentication scheme for multi-server environment. Computer Standards & Interfaces 31(6):1118– 1123
Sood SK, Sarje AK, Singh K (2011) A secure dynamic identity based authentication protocol for multi-server architecture. J Netw Comput Appl 34(2):609–618
Li X, Xiong Y, Ma J, Wang W (2012) An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. J Netw Comput Appl 35(2):763–769
Han W (2012) Weaknesses of a dynamic identity based authentication protocol for multi-server architecture. arXiv:1201.0883
Yoon EJ, Yoo KY (2013) Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. J Supercomput 63(1):235–255. https://doi.org/10.1007/s11227-010-0512-1
Khan MK, He D (2012) A new dynamic identity-based authentication protocol for multi-server environment using elliptic curve cryptography. Security and Communication Networks 5(11):1260–1266. https://doi.org/10.1002/sec.573
Han W, Zhu Z (2014) An id-based mutual authentication with key agreement protocol for multiserver environment on elliptic curve cryptosystem. Int J Commun Syst 27(8):1173–1185. https://doi.org/10.1002/dac.2405
He D, Wang D (2015) Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst J 9(3):816–823. https://doi.org/10.1109/JSYST.2014.2301517
Shen H, Gao C, He D, Wu L (2015) New biometrics-based authentication scheme for multi-server environment in critical systems. J Ambient Intell Humaniz Comput 6(6):825–834. https://doi.org/10.1007/s12652-015-0305-8
Tseng YM, Huang SS, You ML (2017) Strongly secure ID-based authenticated key agreement protocol for mobile multi-server environments. Int J Commun Syst 30(11):e3251–n/a. https://doi.org/10.1002/dac.3251. E3251 IJCS-16-0586.R1
Jiang P, Wen Q, Li W, Jin Z, Zhang H (2015) An anonymous and efficient remote biometrics user authentication scheme in a multi server environment. Front Comp Sci 9(1):142–156. https://doi.org/10.1007/s11704-014-3125-7
Lin H, Wen F, Du C (2015) An improved anonymous multi-server authenticated key agreement scheme using smart cards and biometrics. Wirel Pers Commun 84(4):2351–2362. https://doi.org/10.1007/s11277-015-2708-4
Liao YP, Hsiao CM (2013) A novel multi-server remote user authentication scheme using self-certified public keys for mobile clients. Futur Gener Comput Syst 29(3):886–900
He D, Zeadally S, Kumar N, Wu W (2016) Efficient and anonymous mobile user authentication protocol using self-certified public key cryptography for multi-server architectures. IEEE Trans Inf Forensics Secur 11(9):2052–2064. https://doi.org/10.1109/TIFS.2016.2573746
Zhu H (2015) A provable one-way authentication key agreement scheme with user anonymity for multi-server environment. KSII Trans Internet Inf Syst (TIIS) 9(2):811–829
Jangirala S, Mukhopadhyay S, Das AK (2017) A multi-server environment with secure and efficient remote user authentication scheme based on dynamic id using smart cards. Wirel Pers Commun 95(3):2735–2767. https://doi.org/10.1007/s11277-017-3956-2
Tsai JL, Lo NW (2015) A chaotic map-based anonymous multi-server authenticated key agreement protocol using smart card. Int J Commun Syst 28(13):1955–1963. https://doi.org/10.1002/dac.2829. IJCS-13-0727.R2
Irshad A, Sher M, Chaudhary SA, Naqvi H, Farash MS (2016) An efficient and anonymous multi-server authenticated key agreement based on chaotic map without engaging registration centre. J Supercomput 72(4):1623–1644. https://doi.org/10.1007/s11227-016-1688-9
Rivest RL, Shamir A, Tauman Y (2001) How to leak a secret. In: International conference on the theory and application of cryptology and information security. Springer, pp 552–565
Zhang F, Kim K (2002) ID-based blind signature and ring signature from pairings. In: International conference on the theory and application of cryptology and information security. Springer, pp 533–547
Lin CY, Wu TC (2004) An identity-based ring signature scheme from bilinear pairings. In: 18th international conference on advanced information networking and applications, 2004. AINA 2004, vol 2. IEEE, pp 182–185
Awasthi AK, Lal S (2005) ID-based ring signature and proxy ring signature schemes from bilinear pairings. arXiv:cs/0504097
Herranz J, Sáez G (2004) New identity-based ring signature schemes. In: ICICS, vol 4. Springer, pp 27–39
Chow SSM, Hui LCK, Yiu SM (2005) Identity based threshold ring signature. In: Park CS, Chee S (eds) Information security and cryptology – ICISC 2004. Springer, Berlin, pp 218– 232
Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing. In: Advances in cryptology – CRYPTO 2001. Springer, pp 213–229
Boneh D, Lynn B, Shacham H (2004) Short signatures from the weil pairing. J Cryptol 17(4):297–319. https://doi.org/10.1007/s00145-004-0314-9
Sui A, Chow SSM, Hui LCK, Yiu SM, Chow KP, Tsang WW, Chong CF, Pun KH, Chan HW (2005) Separable and anonymous identity-based key issuing. In: 11Th international conference on parallel and distributed systems (ICPADS’05), vol 2. pp 275–279. https://doi.org/10.1109/ICPADS.2005.263
Bellare M, Rogaway P (1993) Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM conference on computer and communications security, CCS ’93. ACM, New York, pp 62–73. https://doi.org/10.1145/168588.168596
Choon JC, Hee Cheon J (2002) An identity-based signature from gap Diffie-Hellman groups. Springer, Berlin, pp 18–30. https://doi.org/10.1007/3-540-36288-6_2
Tsai JL, Lo NW (2015) Provably secure and efficient anonymous id-based authentication protocol for mobile devices using bilinear pairings. Wirel Pers Commun 83(2):1273–1286. https://doi.org/10.1007/s11277-015-2449-4
Caro AD, Iovino V (2011) JPBC: java pairing based cryptography. In: 2011 IEEE symposium on computers and communications (ISCC), pp 850–855. https://doi.org/10.1109/ISCC.2011.5983948
Daemen J, Rijmen V (2013) The design of Rijndael: AES-the advanced encryption standard. Springer Science & Business Media
Shim KA, Lee YR, Park CM (2013) EIBAS: an efficient identity-based broadcast authentication scheme in wireless sensor networks. Ad Hoc Netw 11(1):182–189
Acknowledgements
This work is supported by the National Natural Science Foundation of China (Grant No 61272525), the Fundamental Research Funds for the Central Universities (Grant No. ZYGX2016J081) and the Laboratory for Internet of Things and Mobile Internet Technology of Jiangsu Province (Grant No. JSWLW-2017-006).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Hassan, A., Omala, A.A., Ali, M. et al. Identity-Based User Authenticated Key Agreement Protocol for Multi-Server Environment with Anonymity. Mobile Netw Appl 24, 890–902 (2019). https://doi.org/10.1007/s11036-018-1145-5
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-018-1145-5