Authentication and Key Agreement Protocol for Multi-Server Architecture

Wan Tao; Liu Zunxiong; Ma Jianfeng

doi:10.7544/issn1000-1239.2016.20150107

Journal of Computer Research and Development > 2016 > 53(11): 2446-2453. > DOI: 10.7544/issn1000-1239.2016.20150107 CSTR: 32373.14.issn1000-1239.2016.20150107

Wan Tao, Liu Zunxiong, Ma Jianfeng. Authentication and Key Agreement Protocol for Multi-Server Architecture[J]. Journal of Computer Research and Development, 2016, 53(11): 2446-2453. DOI: 10.7544/issn1000-1239.2016.20150107

Citation:

PDF (875 KB)

Authentication and Key Agreement Protocol for Multi-Server Architecture

¹(School of Information Engineering, East China Jiaotong University, Nanchang 330013)
²(School of Computer Science and Technology, Xidian University, Xi’an 710071)

More Information

Published Date: October 31, 2016

Graphical Abstract

Abstract

Abstract

With the rapid growth of Internet applications, the architecture of server providing resources to be accessed over the network often consists of many different servers. Authentication and key agreement protocol play an important role to authenticate remote users for multi-server architecture. In recent years, several authentication and key agreement protocols for multi-server architecture have been developed. Single registration is the most important feature in a multi-server architecture which may help users take desired services without repeating registration to each service provider. Employing a dynamic ID for each login may efficiently preserve privacy. Recently, Chuang et al. presented an anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. They claimed that their protocol not only supported multi-server environments but also achieved many security requirements. A cryptanalysis on Chuang et al.’s scheme shows that their scheme cannot provide the anonymity and is vulnerable to server masquerade attack and smart card loss attack. To overcome these security flaws, an improved protocol is proposed by choosing different secret parameters for each application server. This protocol can be proved to be secure against server masquerade attack, smart card loss attack, impersonation attack, eavesdropping attack, replay attack and so on. Besides, the improved protocol maintains the feature of simple operation.
- authentication,
- key agreement,
- anonymous,
- multi-server,
- biometrics

FullText(HTML)

References (0)

[1]	Liu Yongzhi, Qin Guiyun, Liu Pengtao, Hu Chengyu, Guo Shanqing. Provably Secure Public Key Authenticated Encryption with Keyword Search Based on SGX[J]. Journal of Computer Research and Development, 2023, 60(12): 2709-2724. DOI: 10.7544/issn1000-1239.202220478
[2]	Wang Houzhen, Qin Wanying, Liu Qin, Yu Chunwu, Shen Zhidong. Identity Based Group Key Distribution Scheme[J]. Journal of Computer Research and Development, 2023, 60(10): 2203-2217. DOI: 10.7544/issn1000-1239.202330457
[3]	Li Zichen, Xie Ting, Zhang Juanmei, Xu Ronghua. Post Quantum Authenticated Key Exchange Protocol Based on Ring Learning with Errors Problem[J]. Journal of Computer Research and Development, 2019, 56(12): 2694-2701. DOI: 10.7544/issn1000-1239.2019.20180874
[4]	Yang Yatao, Zhang Yaze, Li Zichen, Zhang Fengjuan, Liu Boya. RAKA: New Authenticated Key Agreement Protocol Based on Ring-LWE[J]. Journal of Computer Research and Development, 2017, 54(10): 2187-2192. DOI: 10.7544/issn1000-1239.2017.20170477
[5]	Yang Xiaoyan, Hou Mengbo, Wei Xiaochao. Verifier-Based Three-Party Password Authenticated Key Exchange Protocol[J]. Journal of Computer Research and Development, 2016, 53(10): 2230-2238. DOI: 10.7544/issn1000-1239.2016.20160463
[6]	Wen Weiqiang, Wang Libin. A Strongly Secure Lattice-Based Key Exchange Protocol[J]. Journal of Computer Research and Development, 2015, 52(10): 2258-2269. DOI: 10.7544/issn1000-1239.2015.20150518
[7]	Sun Yu, Han Qingtong, and Liu Jianwei. Design of Key Exchange Protocol Based on Short Group Signature[J]. Journal of Computer Research and Development, 2012, 49(12): 2619-2622.
[8]	Gao Haiying. Provable Secure ID-Based Authenticated Key Agreement Protocol[J]. Journal of Computer Research and Development, 2012, 49(8): 1685-1689.
[9]	Pan Jiaxin and Wang Libin. A Modular Approach Towards Design and Analysis of Authenticated Key Exchange Protocol Based on Extended Canetti-Krawczyk Model[J]. Journal of Computer Research and Development, 2011, 48(8): 1390-1399.
[10]	Ren Yongjun, Wang Jiandong, Wang Jian, Xu Dazhuan, and Zhuang Yi. Identity-Based Authenticated Key Agreement Protocols in the Standard Model[J]. Journal of Computer Research and Development, 2010, 47(9): 1604-1610.