Provably Secure Dynamic ID-Based Anonymous Two-Factor Authenticated Key Exchange Protocol With Extended Security Model

Provably Secure Dynamic ID-Based Anonymous Two-Factor Authenticated Key Exchange Protocol With Extended Security Model

Authenticated key exchange (AKE) protocol allows a user and a server to authenticate each other and generate a session key for the subsequent communications. With the rapid development of low-power and highly-efficient networks, such as pervasive and mobile computing network in recent years, many ef...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on information forensics and security 2017-06, Vol.12 (6), p.1382-1392
Hauptverfasser: Qi Xie, Wong, Duncan S., Guilin Wang, Xiao Tan, Kefei Chen, Liming Fang
Format: Artikel
Sprache:eng
Schlagworte:
anonymity
Authentication
Cybersecurity
Dictionaries
dynamic ID
password authentication
Privacy
Protocols
Security
Servers
smart card
Smart cards
Ubiquitous computing
Vulnerability
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 1392
container_issue 6
container_start_page 1382
container_title IEEE transactions on information forensics and security
container_volume 12
creator Qi Xie
Wong, Duncan S.
Guilin Wang
Xiao Tan
Kefei Chen
Liming Fang
description Authenticated key exchange (AKE) protocol allows a user and a server to authenticate each other and generate a session key for the subsequent communications. With the rapid development of low-power and highly-efficient networks, such as pervasive and mobile computing network in recent years, many efficient AKE protocols have been proposed to achieve user privacy and authentication in the communications. Besides secure session key establishment, those AKE protocols offer some other useful functionalities, such as two-factor user authentication and mutual authentication. However, most of them have one or more weaknesses, such as vulnerability against lost-smart-card attack, offline dictionary attack, de-synchronization attack, or the lack of forward secrecy, and user anonymity or untraceability. Furthermore, an AKE scheme under the public key infrastructure may not be suitable for light-weight computational devices, and the security model of AKE does not capture user anonymity and resist lost-smart-card attack. In this paper, we propose a novel dynamic ID-based anonymous two-factor AKE protocol, which addresses all the above issues. Our protocol also supports smart card revocation and password update without centralized storage. Further, we extend the security model of AKE to support user anonymity and resist lost-smart-card attack, and the proposed scheme is provably secure in extended security model. The low-computational and bandwidth cost indicates that our protocol can be deployed for pervasive computing applications and mobile communications in practice.
doi_str_mv 10.1109/TIFS.2017.2659640
format Article
fullrecord <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_proquest_journals_1876614617</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>7835163</ieee_id><sourcerecordid>1876614617</sourcerecordid><originalsourceid>FETCH-LOGICAL-c293t-103550ade89e6a5ccefe012ef58aa3bb606fceeadae47fa20bdcdc2c20cb18a33</originalsourceid><addsrcrecordid>eNo9kE1Lw0AQhhdRsFZ_gHhZ8Jy6s5tskmPthxYrCq14DJvNxKak2brZVPPvTW3paYbhed-Bh5BbYAMAFj8sZ9PFgDMIB1wGsfTZGelBEEhPMg7npx3EJbmq6zVjvg8y6pHduzU7lZYtXaBuLNJxW6lNoels7D2qGjM6rEzVbkxT0-WP8aZKO2PpsHErrFyhleuQF2zp5FevVPWFtCt0RpuSfhZu1Z0dVlnH_NcXrqWvJsPymlzkqqzx5jj75GM6WY6evfnb02w0nHuax8J5wEQQMJVhFKNUgdaYIwOOeRApJdJUMplrRJUp9MNccZZmOtNcc6ZTiJQQfXJ_6N1a891g7ZK1aWzVvUwgCqUEX0LYUXCgtDV1bTFPtrbYKNsmwJK93mSvN9nrTY56u8zdIVMg4okPIxGAFOIPO2x46A</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1876614617</pqid></control><display><type>article</type><title>Provably Secure Dynamic ID-Based Anonymous Two-Factor Authenticated Key Exchange Protocol With Extended Security Model</title><source>IEEE Electronic Library (IEL)</source><creator>Qi Xie ; Wong, Duncan S. ; Guilin Wang ; Xiao Tan ; Kefei Chen ; Liming Fang</creator><creatorcontrib>Qi Xie ; Wong, Duncan S. ; Guilin Wang ; Xiao Tan ; Kefei Chen ; Liming Fang</creatorcontrib><description>Authenticated key exchange (AKE) protocol allows a user and a server to authenticate each other and generate a session key for the subsequent communications. With the rapid development of low-power and highly-efficient networks, such as pervasive and mobile computing network in recent years, many efficient AKE protocols have been proposed to achieve user privacy and authentication in the communications. Besides secure session key establishment, those AKE protocols offer some other useful functionalities, such as two-factor user authentication and mutual authentication. However, most of them have one or more weaknesses, such as vulnerability against lost-smart-card attack, offline dictionary attack, de-synchronization attack, or the lack of forward secrecy, and user anonymity or untraceability. Furthermore, an AKE scheme under the public key infrastructure may not be suitable for light-weight computational devices, and the security model of AKE does not capture user anonymity and resist lost-smart-card attack. In this paper, we propose a novel dynamic ID-based anonymous two-factor AKE protocol, which addresses all the above issues. Our protocol also supports smart card revocation and password update without centralized storage. Further, we extend the security model of AKE to support user anonymity and resist lost-smart-card attack, and the proposed scheme is provably secure in extended security model. The low-computational and bandwidth cost indicates that our protocol can be deployed for pervasive computing applications and mobile communications in practice.</description><identifier>ISSN: 1556-6013</identifier><identifier>EISSN: 1556-6021</identifier><identifier>DOI: 10.1109/TIFS.2017.2659640</identifier><identifier>CODEN: ITIFA6</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>anonymity ; Authentication ; Cybersecurity ; Dictionaries ; dynamic ID ; password authentication ; Privacy ; Protocols ; Security ; Servers ; smart card ; Smart cards ; Ubiquitous computing ; Vulnerability</subject><ispartof>IEEE transactions on information forensics and security, 2017-06, Vol.12 (6), p.1382-1392</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2017</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c293t-103550ade89e6a5ccefe012ef58aa3bb606fceeadae47fa20bdcdc2c20cb18a33</citedby><cites>FETCH-LOGICAL-c293t-103550ade89e6a5ccefe012ef58aa3bb606fceeadae47fa20bdcdc2c20cb18a33</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/7835163$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,796,27924,27925,54758</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/7835163$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Qi Xie</creatorcontrib><creatorcontrib>Wong, Duncan S.</creatorcontrib><creatorcontrib>Guilin Wang</creatorcontrib><creatorcontrib>Xiao Tan</creatorcontrib><creatorcontrib>Kefei Chen</creatorcontrib><creatorcontrib>Liming Fang</creatorcontrib><title>Provably Secure Dynamic ID-Based Anonymous Two-Factor Authenticated Key Exchange Protocol With Extended Security Model</title><title>IEEE transactions on information forensics and security</title><addtitle>TIFS</addtitle><description>Authenticated key exchange (AKE) protocol allows a user and a server to authenticate each other and generate a session key for the subsequent communications. With the rapid development of low-power and highly-efficient networks, such as pervasive and mobile computing network in recent years, many efficient AKE protocols have been proposed to achieve user privacy and authentication in the communications. Besides secure session key establishment, those AKE protocols offer some other useful functionalities, such as two-factor user authentication and mutual authentication. However, most of them have one or more weaknesses, such as vulnerability against lost-smart-card attack, offline dictionary attack, de-synchronization attack, or the lack of forward secrecy, and user anonymity or untraceability. Furthermore, an AKE scheme under the public key infrastructure may not be suitable for light-weight computational devices, and the security model of AKE does not capture user anonymity and resist lost-smart-card attack. In this paper, we propose a novel dynamic ID-based anonymous two-factor AKE protocol, which addresses all the above issues. Our protocol also supports smart card revocation and password update without centralized storage. Further, we extend the security model of AKE to support user anonymity and resist lost-smart-card attack, and the proposed scheme is provably secure in extended security model. The low-computational and bandwidth cost indicates that our protocol can be deployed for pervasive computing applications and mobile communications in practice.</description><subject>anonymity</subject><subject>Authentication</subject><subject>Cybersecurity</subject><subject>Dictionaries</subject><subject>dynamic ID</subject><subject>password authentication</subject><subject>Privacy</subject><subject>Protocols</subject><subject>Security</subject><subject>Servers</subject><subject>smart card</subject><subject>Smart cards</subject><subject>Ubiquitous computing</subject><subject>Vulnerability</subject><issn>1556-6013</issn><issn>1556-6021</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2017</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNo9kE1Lw0AQhhdRsFZ_gHhZ8Jy6s5tskmPthxYrCq14DJvNxKak2brZVPPvTW3paYbhed-Bh5BbYAMAFj8sZ9PFgDMIB1wGsfTZGelBEEhPMg7npx3EJbmq6zVjvg8y6pHduzU7lZYtXaBuLNJxW6lNoels7D2qGjM6rEzVbkxT0-WP8aZKO2PpsHErrFyhleuQF2zp5FevVPWFtCt0RpuSfhZu1Z0dVlnH_NcXrqWvJsPymlzkqqzx5jj75GM6WY6evfnb02w0nHuax8J5wEQQMJVhFKNUgdaYIwOOeRApJdJUMplrRJUp9MNccZZmOtNcc6ZTiJQQfXJ_6N1a891g7ZK1aWzVvUwgCqUEX0LYUXCgtDV1bTFPtrbYKNsmwJK93mSvN9nrTY56u8zdIVMg4okPIxGAFOIPO2x46A</recordid><startdate>20170601</startdate><enddate>20170601</enddate><creator>Qi Xie</creator><creator>Wong, Duncan S.</creator><creator>Guilin Wang</creator><creator>Xiao Tan</creator><creator>Kefei Chen</creator><creator>Liming Fang</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>7TB</scope><scope>8FD</scope><scope>FR3</scope><scope>JQ2</scope><scope>KR7</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>20170601</creationdate><title>Provably Secure Dynamic ID-Based Anonymous Two-Factor Authenticated Key Exchange Protocol With Extended Security Model</title><author>Qi Xie ; Wong, Duncan S. ; Guilin Wang ; Xiao Tan ; Kefei Chen ; Liming Fang</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c293t-103550ade89e6a5ccefe012ef58aa3bb606fceeadae47fa20bdcdc2c20cb18a33</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2017</creationdate><topic>anonymity</topic><topic>Authentication</topic><topic>Cybersecurity</topic><topic>Dictionaries</topic><topic>dynamic ID</topic><topic>password authentication</topic><topic>Privacy</topic><topic>Protocols</topic><topic>Security</topic><topic>Servers</topic><topic>smart card</topic><topic>Smart cards</topic><topic>Ubiquitous computing</topic><topic>Vulnerability</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Qi Xie</creatorcontrib><creatorcontrib>Wong, Duncan S.</creatorcontrib><creatorcontrib>Guilin Wang</creatorcontrib><creatorcontrib>Xiao Tan</creatorcontrib><creatorcontrib>Kefei Chen</creatorcontrib><creatorcontrib>Liming Fang</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Mechanical &amp; Transportation Engineering Abstracts</collection><collection>Technology Research Database</collection><collection>Engineering Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Civil Engineering Abstracts</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on information forensics and security</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Qi Xie</au><au>Wong, Duncan S.</au><au>Guilin Wang</au><au>Xiao Tan</au><au>Kefei Chen</au><au>Liming Fang</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Provably Secure Dynamic ID-Based Anonymous Two-Factor Authenticated Key Exchange Protocol With Extended Security Model</atitle><jtitle>IEEE transactions on information forensics and security</jtitle><stitle>TIFS</stitle><date>2017-06-01</date><risdate>2017</risdate><volume>12</volume><issue>6</issue><spage>1382</spage><epage>1392</epage><pages>1382-1392</pages><issn>1556-6013</issn><eissn>1556-6021</eissn><coden>ITIFA6</coden><abstract>Authenticated key exchange (AKE) protocol allows a user and a server to authenticate each other and generate a session key for the subsequent communications. With the rapid development of low-power and highly-efficient networks, such as pervasive and mobile computing network in recent years, many efficient AKE protocols have been proposed to achieve user privacy and authentication in the communications. Besides secure session key establishment, those AKE protocols offer some other useful functionalities, such as two-factor user authentication and mutual authentication. However, most of them have one or more weaknesses, such as vulnerability against lost-smart-card attack, offline dictionary attack, de-synchronization attack, or the lack of forward secrecy, and user anonymity or untraceability. Furthermore, an AKE scheme under the public key infrastructure may not be suitable for light-weight computational devices, and the security model of AKE does not capture user anonymity and resist lost-smart-card attack. In this paper, we propose a novel dynamic ID-based anonymous two-factor AKE protocol, which addresses all the above issues. Our protocol also supports smart card revocation and password update without centralized storage. Further, we extend the security model of AKE to support user anonymity and resist lost-smart-card attack, and the proposed scheme is provably secure in extended security model. The low-computational and bandwidth cost indicates that our protocol can be deployed for pervasive computing applications and mobile communications in practice.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TIFS.2017.2659640</doi><tpages>11</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 1556-6013
ispartof IEEE transactions on information forensics and security, 2017-06, Vol.12 (6), p.1382-1392
issn 1556-6013
1556-6021
language eng
recordid cdi_proquest_journals_1876614617
source IEEE Electronic Library (IEL)
subjects anonymity
Authentication
Cybersecurity
Dictionaries
dynamic ID
password authentication
Privacy
Protocols
Security
Servers
smart card
Smart cards
Ubiquitous computing
Vulnerability
title Provably Secure Dynamic ID-Based Anonymous Two-Factor Authenticated Key Exchange Protocol With Extended Security Model
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-26T17%3A53%3A54IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Provably%20Secure%20Dynamic%20ID-Based%20Anonymous%20Two-Factor%20Authenticated%20Key%20Exchange%20Protocol%20With%20Extended%20Security%20Model&rft.jtitle=IEEE%20transactions%20on%20information%20forensics%20and%20security&rft.au=Qi%20Xie&rft.date=2017-06-01&rft.volume=12&rft.issue=6&rft.spage=1382&rft.epage=1392&rft.pages=1382-1392&rft.issn=1556-6013&rft.eissn=1556-6021&rft.coden=ITIFA6&rft_id=info:doi/10.1109/TIFS.2017.2659640&rft_dat=%3Cproquest_RIE%3E1876614617%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=1876614617&rft_id=info:pmid/&rft_ieee_id=7835163&rfr_iscdi=true