List-Free ID-Based Mutual Authentication and Key Agreement Protocol for Multiserver Architectures

A multiserver architecture consisting of multiple servers provides resources and services for clients by way of open channels. Thus, a cryptographic protocol should be offered to ensure the legitimacy of both clients and servers, and to provide communication confidentiality. In the past, a large num...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on emerging topics in computing 2016-01, Vol.4 (1), p.102-112
Main Authors: Tseng, Yuh-Min, Huang, Sen-Shan, Tsai, Tung-Tso, Ke, Jia-Hua
Format: Article
Language:English
Subjects:
Authentication
Computer architecture
Key agreement
Mobile device
Mobile handsets
Protocols
Public key
Revocation
Servers
Citations: Items that this one cites
Items that cite this one
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:A multiserver architecture consisting of multiple servers provides resources and services for clients by way of open channels. Thus, a cryptographic protocol should be offered to ensure the legitimacy of both clients and servers, and to provide communication confidentiality. In the past, a large number of ID-based mutual authentication and key agreement (ID-MAKA) protocols have been proposed regarding this issue. Several circumstances require a revocation mechanism to revoke misbehaving/compromised clients and servers before their intended expiration dates. To do so, the existing ID-MAKA protocols generally adopt a black/white list to revoke/permit clients for access authorization. So far, no work addresses the revocation problem on servers in the sense that clients should be notified to avoid malicious services or applications provided by revoked servers. In this letter, we propose the first list-free ID-MAKA protocol with an efficient revocation mechanism for multiserver architectures. Compared with previously proposed protocols, our protocol possesses three main merits. First, it provides a simple revocation mechanism to solve the management problem of both compromised clients and servers. Second, neither clients nor servers need to keep any black/white list. Finally, it is well suitable for mobile clients by performance analysis and experimental data.
ISSN:2168-6750
2168-6750
DOI:10.1109/TETC.2015.2392380