research-article

A Light Weight Three Factor based Authentication Scheme for Multi-server Environment using Smart Cards

Authors:

Shreeya Swagatika Sahoo,

Sujata Mohanty,

Banshidhar MajhiAuthors Info & Claims

ICCNS '17: Proceedings of the 2017 7th International Conference on Communication and Network Security

Pages 43 - 47

https://doi.org/10.1145/3163058.3163069

Published: 24 November 2017 Publication History

Abstract

With the rapid growth of modern computer networks, the Internet and telecommunication technology have alleviated remote access. The authentication scheme is a mechanism, which can authenticate user and server over an insecure network. To fulfill the requirement of practical applications, many passwords and smart card based authentication schemes have been proposed for the multi-server environment. However, the password might be forgotten, and the smart card might be for lost or shared whereas the biometric-based authentication schemes have no such drawbacks. In this paper, we have intimated an efficient three-factor authentication scheme for the multi-server environment using the hash function. The rigorous security and performance analysis depicts that the proposed scheme provides user's anonymity, mutual authentication, session key agreement and secure against several known attacks. In addition, the proposed scheme has been simulated using widely accepted AVISPA tool. Due to the low computational cost of the protocol, it has the potential to be used in low power devices.

References

[1]

Lamport, Leslie. "Password authentication with insecure communication." Communications of the ACM 24.11 (1981): 770--772.

Digital Library

[2]

Chang, C-C., and T-C. Wu. "Remote password authentication with smart cards." IEE Proceedings E (Computers and Digital Techniques) 138.3 (1991): 165--168.

[3]

Fan, Lei, Jian-Hua Li, and Hong-Wen Zhu. "An enhancement of timestamp-based password authentication scheme." Computers & Security 21.7 (2002): 665--667.

Digital Library

[4]

Lin, C-W., C-S. Tsai, and M-S. Hwang. "A new strong-password authentication scheme using one-way hash functions." Journal of Computer and Systems Sciences International 45.4 (2006): 623--626.

[5]

Li, Chun-Ta, and Min-Shiang Hwang. "An efficient biometrics-based remote user authentication scheme using smart cards." Journal of Network and computer applications 33.1 (2010): 1--5.

Digital Library

[6]

Yoon, Eun-Jun, and Kee-Young Yoo. "Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem." The Journal of supercomputing 63.1 (2013): 235--255.

[7]

He, Debiao. "Security flaws in a biometrics-based multi-server authentication with key agreement scheme." IACR Cryptology ePrint Archive 2011 (2011): 365.

[8]

Kim, Hakhyun, et al. "Cryptanalysis and improvement of a biometrics-based multi-server authentication with key agreement scheme." Computational Science and Its Applications--ICCSA 2012 (2012): 391--406.

Digital Library

[9]

Chuang, Ming-Chin, and Meng Chang Chen. "An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics." Expert Systems with Applications 41.4 (2014): 1411--1418.

Digital Library

[10]

Mishra, Dheerendra, Ashok Kumar Das, and Sourav Mukhopadhyay. "A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards." Expert Systems with Applications41.18 (2014): 8129--8143.

[11]

Lu, Yanrong, et al. "A biometrics and smart cards-based authentication scheme for multi-server environments." Security and Communication Networks 8.17 (2015): 3219--3228.

Digital Library

[12]

He, Debiao, and Ding Wang. "Robust biometrics-based authentication scheme for multiserver environment." IEEE Systems Journal 9.3 (2015): 816--823.

[13]

Odelu, Vanga, Ashok Kumar Das, and Adrijit Goswami. "A secure biometrics-based multi-server authentication protocol using smart cards." IEEE Transactions on Information Forensics and Security 10.9 (2015): 1953--1966.

Digital Library

[14]

Chen, Chi-Tung, and Cheng-Chi Lee. "A two-factor authentication scheme with anonymity for multi-server environments." Security and Communication Networks 8.8 (2015): 1608--1625.

Digital Library

[15]

Tan, Zuowen. "A privacy-preserving multi-server authenticated key-agreement scheme based on Chebyshev chaotic maps." Security and Communication Networks 9.11 (2016): 1384--1397.

Digital Library

[16]

Irshad, Azeem, et al. "An improved and secure chaotic map based authenticated key agreement in multi-server architecture." Multimedia Tools and Applications (2017): 1--38.

[17]

Lee, Cheng-Chi, et al. "An extended chaotic-maps-based protocol with key agreement for multiserver environments." Nonlinear Dynamics 76.1 (2014): 853--866.

[18]

Lee, Cheng-Chi, Yan-Ming Lai, and Chun-Ta Li. "An improved secure dynamic ID based remote user authentication scheme for multi-server environment." International Journal of Security and Its Applications 6.2 (2012): 203--210.

[19]

Li, Chun-Ta, et al. "A secure dynamic identity based authentication protocol with smart cards for multi-server architecture." Journal of Information Science and Engineering 31.6 (2015): 1975--1992.

[20]

AVISPA Automated Validation of Internet Security Protocols and Applications.

[21]

http://www.avispa-project.org/, 2015.

[22]

Viganò, Luca. "Automated security protocol analysis with the AVISPA tool." Electronic Notes in Theoretical Computer Science 155 (2006): 61--86.

Digital Library

[23]

Armando, Alessandro, et al. "The AVISPA tool for the automated validation of internet security protocols and applications." International conference on computer aided verification. Springer, Berlin, Heidelberg, 2005.

Digital Library

Cited By

Rajamanickam SVollala SRamasubramanian N(2025)EEAPTMS: Enhanced ECC Based Authentication Protocol for Telemedical ScenarioSECURITY AND PRIVACY10.1002/spy2.700058:2Online publication date: 9-Feb-2025
https://doi.org/10.1002/spy2.70005
Sahoo SMohanty SMajhi B(2019)Improved Biometric-Based Mutual Authentication and Key Agreement Scheme Using ECCWireless Personal Communications10.1007/s11277-019-06897-8111:2(991-1017)Online publication date: 25-Oct-2019
https://doi.org/10.1007/s11277-019-06897-8
Sahoo SMohanty S(2018)A Lightweight Biometric-based Authentication Scheme for Telecare Medicine Information Systems Using ECC2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT)10.1109/ICCCNT.2018.8494092(1-6)Online publication date: Jul-2018
https://doi.org/10.1109/ICCCNT.2018.8494092

Index Terms

A Light Weight Three Factor based Authentication Scheme for Multi-server Environment using Smart Cards
1. Security and privacy
  1. Security services
    1. Authentication
      1. Biometrics

Recommendations

Design of a secure smart card-based multi-server authentication scheme

Traditional two party client server authentication protocol may not provide a scalable solution for present network environments where personal and ubiquitous computing technologies are involved as it is now becoming multi-server based. To achieve ...
A Multi-server Environment with Secure and Efficient Remote User Authentication Scheme Based on Dynamic ID Using Smart Cards

The growth of the Internet and telecommunication technology has facilitated remote access. During the last decade, numerous remote user authentication schemes based on dynamic ID have been proposed for the multi-server environment using smart cards. ...
An Improved and Secure Two-factor Dynamic ID Based Authenticated Key Agreement Scheme for Multiserver Environment

The smart card based password authentication scheme is one of the most important and efficient security mechanism, which is used for providing security to authorized users over an insecure network. In this paper, we analyzed major security flaws of ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ICCNS '17: Proceedings of the 2017 7th International Conference on Communication and Network Security

November 2017

125 pages

ISBN:9781450353496

DOI:10.1145/3163058

Copyright © 2017 ACM.

© 2017 Association for Computing Machinery. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of a national government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.

In-Cooperation

University of Electronic Science and Technology of China: University of Electronic Science and Technology of China

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 November 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ICCNS 2017

ICCNS 2017: 2017 the 7th International Conference on Communication and Network Security

November 24 - 26, 2017

Tokyo, Japan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
92
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Rajamanickam SVollala SRamasubramanian N(2025)EEAPTMS: Enhanced ECC Based Authentication Protocol for Telemedical ScenarioSECURITY AND PRIVACY10.1002/spy2.700058:2Online publication date: 9-Feb-2025
https://doi.org/10.1002/spy2.70005
Sahoo SMohanty SMajhi B(2019)Improved Biometric-Based Mutual Authentication and Key Agreement Scheme Using ECCWireless Personal Communications10.1007/s11277-019-06897-8111:2(991-1017)Online publication date: 25-Oct-2019
https://doi.org/10.1007/s11277-019-06897-8
Sahoo SMohanty S(2018)A Lightweight Biometric-based Authentication Scheme for Telecare Medicine Information Systems Using ECC2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT)10.1109/ICCCNT.2018.8494092(1-6)Online publication date: Jul-2018
https://doi.org/10.1109/ICCCNT.2018.8494092

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten