Skip to main content
SpringerLink
Log in
Book cover

Green, Pervasive, and Cloud Computing pp 229–242Cite as

An Improved Dynamic ID Based Remote User Authentication Scheme for Multi-server Environment

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 9663))

Abstract

Mutual authentication has been widely used to verify the legal user and server over a common communication channel. To ensure secure connection between user and server, a large number of remote mutual authentication schemes for multi-server have been proposed by researchers. However, there is a common feature that the identity of user is static in the login phase, which may leak some information of user. Therefore, a good deal of smart card based anonymous multi-server remote user authentication scheme have been proposed to overcome this problem. Recently, Banerjee et al. pointed out that Li et al.’s scheme is vulnerable to user impersonates attack and stolen smart card attack. Later, they proposed an improved protocol to fix this problem. However, we found that Banerjee et al.’s scheme is still vulnerable to user impersonation attack and off-line password guessing attack. Finally, we proposed an enhanced scheme to eliminate the security vulnerability.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)

    Article  MathSciNet  Google Scholar 

  2. Hwang, T., Chen, Y., Laih, C.S.: Non-interactive password authentication without password tables. In: IEEE Region 10 Conference on Computer and Communication System, vol. 1, pp. 429–431, September 1990

    Google Scholar 

  3. Horng, G.: Password authentication without using password table. Comput. Secur. 24(8), 619–628 (1995)

    MATH  Google Scholar 

  4. Lin, I.C., Hwang, M.S., Li, L.H.: Improving the security of a flexible biometrics remote user authentication scheme. Future Gener. Comput. Syst. 19, 1322 (2002)

    Google Scholar 

  5. Lee, H., Won, D.: Prevention of exponential equivalence in simple password exponential key exchange (SPEKE). Symmetry 7(3), 1587–1594 (2015). doi:10.3390/sym7031587

    Article  MathSciNet  Google Scholar 

  6. Juang, W.S.: A new remote user authentication scheme for multi-server architecture. IEEE Trans. Consum. Electron. 50, 22–23 (2001)

    Google Scholar 

  7. Li, C.T., Hwang, M.S.: An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33, 1–5 (2010)

    Article  Google Scholar 

  8. Liao, Y.P., Wang, S.S.: A secure dynamic ID based remote user authentication scheme for multi-server environment. Comput. Stand. Interfaces, October 2007. doi:10.1016/j.csi

  9. Hsiang, H.C., Shih, W.K.: Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment. Comput. Stand. Interfaces 31(6), 1118–1123 (2009)

    Article  Google Scholar 

  10. Lee, C.C., Lin, T.H., Chang, R.X.: A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards. Expert Syst. Appl. 38(11), 13863–13870 (2011)

    Google Scholar 

  11. Li, X., Ma, J., Wang, W., Xiong, Y., Zhang, J.: A novel smart card and dynamic ID based remote user authentication scheme for multi-server environments. Math. Comput. Model. 58(1–2), 85–95 (2013)

    Article  Google Scholar 

  12. Banerjee, S., Dutta, M.P., Bhunia, C.T.: An improved smart card based anonymous multi-server remote user authentication scheme. Int. J. smart home 9(5), 11–22 (2015)

    Article  Google Scholar 

  13. Choi, Y.S., Nam, J.H., Lee, D.H., Jung, J.Y.K.J.W., Won, D.: Security enhanced anonymous multi-server authenticated key agreement scheme using smart cards and biometrics. Sci. World J. 2014, 15 (2014). Article ID 281305

    Google Scholar 

  14. Choi, Y., Lee, D., Kim, J., Jung, J., Nam, J., Won, D.: Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 14(6), 10081–10106 (2014)

    Article  Google Scholar 

  15. Kim, J., Lee, D., Jeon, W., Lee, Y., Won, D.: Security analysis and improvements of two-factor mutual authentication with key agreement in wireless sensor networks. Sensors 14(4), 6443–6462 (2014)

    Article  Google Scholar 

  16. Nam, J., Choo, K.K.R., Han, S., Kim, M., Paik, J., Won, D.: efficient and anonymous two-factor user authentication in wireless sensor networks: achieving user anonymity with lightweight sensor computation. PLoS ONE 10(4), 1–21 (2015)

    Article  Google Scholar 

Download references

Acknowledgment

This work was supported by Institute for Information and communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (No.R0126-15-1111, The Development of Risk-based Authentication Access Control Platform and Compliance Technique for Cloud Security).

Author information

Authors and Affiliations

  1. College of Information and Communication Engineering, Sungkyunkwan University, 2066 Seobu-ro, Jangan-gu, Suwon-si, Gyeonggi-do, 440-746, Korea

    Qimin Sun, Jongho Moon, Younsung Choi & Dongho Won

Authors
  1. Qimin Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jongho Moon
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Younsung Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Dongho Won
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dongho Won .

Editor information

Editors and Affiliations

  1. Fujian Normal University, Fuzhou, China

    Xinyi Huang

  2. Deakin University, Burwood, Australia

    Yang Xiang

  3. Providence University, Taichung, Taiwan

    Kuan-Ching Li

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Sun, Q., Moon, J., Choi, Y., Won, D. (2016). An Improved Dynamic ID Based Remote User Authentication Scheme for Multi-server Environment. In: Huang, X., Xiang, Y., Li, KC. (eds) Green, Pervasive, and Cloud Computing. Lecture Notes in Computer Science(), vol 9663. Springer, Cham. https://doi.org/10.1007/978-3-319-39077-2_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-39077-2_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-39076-5

  • Online ISBN: 978-3-319-39077-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation