An improved authentication and key agreement protocol preserving user's privacy using smart cards

An improved authentication and key agreement protocol preserving user's privacy using smart cards

Recently, a privacy enhanced authentication and key agreement protocol was proposed using elliptic curve cryptograph technology. The scheme is insecure, however, against replay attacks within valid period of certificate and loses users' privacy that should be protected. In this paper we propose...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Zhongtian Jia, Yuan Zhang
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Authentication
Elliptic curve cryptography
Elliptic curves
Privacy
Protocols
Servers
Smart cards
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Recently, a privacy enhanced authentication and key agreement protocol was proposed using elliptic curve cryptograph technology. The scheme is insecure, however, against replay attacks within valid period of certificate and loses users' privacy that should be protected. In this paper we propose an improved authentication and key agreement protocol by employing smart card and random number technology. Replay attacks are thus blocked without the need of time synchronization between computers. Moreover, we develop a secure mechanism to protect users' identity privacy and a convenient password change method without the participation of the server. Our protocol is more secure compared with others at similar computation cost in the authentication period.
DOI:10.1109/SOLI.2008.4686463