A Lightweight Certificateless User Authentication Scheme for Mobile Environment

  • Alzubair HassanEmail author
  • Rafik Hamza
  • Vittor Gift Mawutor
  • Akash Suresh Patil
  • Fagen Li
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11806)


Nowadays, smartphone applications are the most widespread in our daily lives. These applications raised several security concerns such as authentication, key agreement, and mutual authentication. Accordingly, the researchers have been presented several user authentication schemes based on the identity-based cryptography (IBC) and certificateless cryptography (CLC). Smartphones considered as limited resources devices, thus, it needs lightweight protocols. However, the existing schemes are suffering from high computational costs especially the one that depends on CLC. In this paper, a lightweight certificateless user authentication scheme based on the elliptic curve cryptography (ECC) is introduced. The proposed scheme has the lowest computation costs comparing with the existing certificateless user’s authentication protocols. Furthermore, The proposed scheme is secure under the computational Diffie-Hellman (CDH) Problem and the elliptic curve discrete logarithm problem (ECDLP). Indeed, the proposed scheme is suitable to use in the mobile client-server environment and the Internet of things (IoT) applications.


User authentication Key agreement Certificateless cryptography Elliptic curve cryptography 


  1. 1.
    Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003). Scholar
  2. 2.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Das, M.L., Saxena, A., Gulati, V.P., Phatak, D.B.: A novel remote user authentication scheme using bilinear pairings. Comput. Secur. 25(3), 184–189 (2006)CrossRefGoogle Scholar
  4. 4.
    Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)MathSciNetCrossRefGoogle Scholar
  5. 5.
    Fang, G., Huang, G.: Improvement of recently proposed remote client authentication protocols (2006)Google Scholar
  6. 6.
    Giri, D., Srivastava, P.: An improved remote user authentication scheme with smart cards using bilinear pairings. IACR Cryptology ePrint Arch. 2006, 274 (2006)Google Scholar
  7. 7.
    Goriparthi, T., Das, M.L., Negi, A., Saxena, A.: Cryptanalysis of recently proposed remote user authentication schemes. IACR Cryptology ePrint Arch. 2006, 28 (2006)Google Scholar
  8. 8.
    Hassan, A., Eltayieb, N., Elhabob, R., Li, F.: A provably secure certificateless user authentication protocol for mobile client-server environment. In: Barolli, L., Zhang, M., Wang, X. (eds.) EIDWT 2017. LNDECT, vol. 6, pp. 592–602. Springer, Cham (2017). Scholar
  9. 9.
    Hassan, A., Eltayieb, N., Elhabob, R., Li, F.: An efficient certificateless user authentication and key exchange protocol for client-server environment. J. Ambient Intell. Humaniz. Comput. 9(6), 1713–1727 (2018)CrossRefGoogle Scholar
  10. 10.
    Hassan, A., Omala, A.A., Ali, M., Jin, C., Li, F.: Identity-based user authenticated key agreement protocol for multi-server environment with anonymity. Mobile Netw. Appl. 24(3), 890–902 (2019)CrossRefGoogle Scholar
  11. 11.
    He, D.: An efficient remote user authentication and key agreement protocol for mobile client-server environment from pairings. Ad Hoc Netw. 10(6), 1009–1016 (2012)CrossRefGoogle Scholar
  12. 12.
    Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1(1), 36–63 (2001)CrossRefGoogle Scholar
  13. 13.
    Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)CrossRefGoogle Scholar
  14. 14.
    Odelu, V., Das, A.K., Kumari, S., Huang, X., Wazid, M.: Provably secure authenticated key agreement scheme for distributed mobile cloud computing services. Future Gener. Comput. Syst. 68, 74–88 (2017)CrossRefGoogle Scholar
  15. 15.
    Scott, M., Costigan, N., Abdulwahab, W.: Implementing cryptographic pairings on smartcards. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 134–147. Springer, Heidelberg (2006). Scholar
  16. 16.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985). Scholar
  17. 17.
    Shim, K.A., Lee, Y.R., Park, C.M.: EIBAS: an efficient identity-based broadcast authentication scheme in wireless sensor networks. Ad Hoc Netw. 11(1), 182–189 (2013)CrossRefGoogle Scholar
  18. 18.
    Sun, H., Wen, Q., Zhang, H., Jin, Z.: A novel remote user authentication and key agreement scheme for mobile client-server environment. Appl. Math. Inf. Sci. 7(4), 1365 (2013)MathSciNetCrossRefGoogle Scholar
  19. 19.
    Tsai, J.L.: Comments on a novel user authentication and key agreement scheme. IACR Cryptology ePrint Arch. 2014, 115 (2014)Google Scholar
  20. 20.
    Tseng, Y.M., Wu, T.Y., Wu, J.D.: A mutual authentication and key exchange scheme from bilinear pairings for low power computing devices. In: 31st Annual International Computer Software and Applications Conference (COMPSAC 2007), vol. 2, pp. 700–710. IEEE (2007)Google Scholar
  21. 21.
    Tseng, Y.M., Wu, T.Y., Wu, J.D.: A pairing-based user authentication scheme for wireless clients with smart cards. Informatica 19(2), 285–302 (2008)Google Scholar
  22. 22.
    Wu, T.Y., Tseng, Y.M.: An efficient user authentication and key exchange protocol for mobile client-server environment. Comput. Netw. 54(9), 1520–1530 (2010)CrossRefGoogle Scholar
  23. 23.
    Yoon, E., Yoo, K.: A new efficient id-based user authentication and key exchange protocol for mobile client-server environment. In: 2010 IEEE International Conference on Wireless Information Technology and Systems, pp. 1–4. IEEE (2010)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Alzubair Hassan
    • 1
    Email author
  • Rafik Hamza
    • 1
  • Vittor Gift Mawutor
    • 2
  • Akash Suresh Patil
    • 1
  • Fagen Li
    • 2
  1. 1.School of Computer Science and Cyber EngineeringGuangzhou UniversityGuangzhouPeople’s Republic of China
  2. 2.Center for Cyber Security, School of Computer Science and EngineeringUniversity of Electronic Science and Technology of ChinaChengduChina

Personalised recommendations