Loading…

An enhanced approach for three factor remote user authentication in multi - server environment

With the agile development of the Internet era, starting from the message transmission to money transactions, everything is online now. Remote user authentication (RUA) is a mechanism in which a remote server verifies the user’s correctness over the shared or public channel. In this paper, we analyz...

Full description

Saved in:
Bibliographic Details
Published in:Journal of intelligent & fuzzy systems 2020-01, Vol.39 (6), p.8609-8620
Main Authors: Patel, Chintan, Joshi, Dhara, Doshi, Nishant, Veeramuthu, A., Jhaveri, Rutvij
Format: Article
Language:English
Subjects:
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by cdi_FETCH-LOGICAL-c261t-510b89abd8e97f6434b4534ec2586d1bf315dcfb1f3b822c24d7fba60c9d04bd3
cites cdi_FETCH-LOGICAL-c261t-510b89abd8e97f6434b4534ec2586d1bf315dcfb1f3b822c24d7fba60c9d04bd3
container_end_page 8620
container_issue 6
container_start_page 8609
container_title Journal of intelligent & fuzzy systems
container_volume 39
creator Patel, Chintan
Joshi, Dhara
Doshi, Nishant
Veeramuthu, A.
Jhaveri, Rutvij
description With the agile development of the Internet era, starting from the message transmission to money transactions, everything is online now. Remote user authentication (RUA) is a mechanism in which a remote server verifies the user’s correctness over the shared or public channel. In this paper, we analyze an RUA scheme proposed by Chen for the multi-server environment and prove that their scheme is not secured. We also find numerous vulnerabilities such as password guessing attack, replay attack, Registration Center (RC) spoofing attack, session key verification attack, and perfect forward secrecy attack for Chen’s scheme. After performing the cryptanalysis of Chen’s scheme, we propose a biometric-based RUA scheme for the same multi-server environment. We prove that the proposed authentication scheme achieves higher security than Chen’s scheme with the use of informal security analysis as well as formal security analysis. The formal security analysis of the proposed scheme is done using a widely adopted random oracle method.
doi_str_mv 10.3233/JIFS-189177
format article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2467885046</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2467885046</sourcerecordid><originalsourceid>FETCH-LOGICAL-c261t-510b89abd8e97f6434b4534ec2586d1bf315dcfb1f3b822c24d7fba60c9d04bd3</originalsourceid><addsrcrecordid>eNotkE1LAzEQhoMoWKsn_0DAo6zma5PssRRbKwUP6tWQT3ZLN1uz2YL_3pR6mhnmYYb3AeAeoydKKH1-26w-KiwbLMQFmGEp6ko2XFyWHnFWYcL4NbgZxx1CWNQEzcD3IkIfWx2td1AfDmnQtoVhSDC3yXsYtM1lSL4fsofT6BPUU259zJ3VuRsi7CLsp33uYAXL9lgAH49dGmJfoFtwFfR-9Hf_dQ6-Vi-fy9dq-77eLBfbyhKOc1VjZGSjjZO-EYEzygyrKfOW1JI7bALFtbPB4ECNJMQS5kQwmiPbOMSMo3PwcL5bAvxMfsxqN0wplpeqZBZS1ojxQj2eKZuGcUw-qEPqep1-FUbqJFCdBKqzQPoHJqdkQA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2467885046</pqid></control><display><type>article</type><title>An enhanced approach for three factor remote user authentication in multi - server environment</title><source>Business Source Ultimate</source><creator>Patel, Chintan ; Joshi, Dhara ; Doshi, Nishant ; Veeramuthu, A. ; Jhaveri, Rutvij</creator><contributor>Subramaniyaswamy, V. ; Kommers, Piet ; Piuri, Vincenzo ; Varadarajan, Vijayakumar</contributor><creatorcontrib>Patel, Chintan ; Joshi, Dhara ; Doshi, Nishant ; Veeramuthu, A. ; Jhaveri, Rutvij ; Subramaniyaswamy, V. ; Kommers, Piet ; Piuri, Vincenzo ; Varadarajan, Vijayakumar</creatorcontrib><description>With the agile development of the Internet era, starting from the message transmission to money transactions, everything is online now. Remote user authentication (RUA) is a mechanism in which a remote server verifies the user’s correctness over the shared or public channel. In this paper, we analyze an RUA scheme proposed by Chen for the multi-server environment and prove that their scheme is not secured. We also find numerous vulnerabilities such as password guessing attack, replay attack, Registration Center (RC) spoofing attack, session key verification attack, and perfect forward secrecy attack for Chen’s scheme. After performing the cryptanalysis of Chen’s scheme, we propose a biometric-based RUA scheme for the same multi-server environment. We prove that the proposed authentication scheme achieves higher security than Chen’s scheme with the use of informal security analysis as well as formal security analysis. The formal security analysis of the proposed scheme is done using a widely adopted random oracle method.</description><identifier>ISSN: 1064-1246</identifier><identifier>EISSN: 1875-8967</identifier><identifier>DOI: 10.3233/JIFS-189177</identifier><language>eng</language><publisher>Amsterdam: IOS Press BV</publisher><subject>Authentication ; Cryptography ; Security ; Service introduction ; Spoofing</subject><ispartof>Journal of intelligent &amp; fuzzy systems, 2020-01, Vol.39 (6), p.8609-8620</ispartof><rights>Copyright IOS Press BV 2020</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c261t-510b89abd8e97f6434b4534ec2586d1bf315dcfb1f3b822c24d7fba60c9d04bd3</citedby><cites>FETCH-LOGICAL-c261t-510b89abd8e97f6434b4534ec2586d1bf315dcfb1f3b822c24d7fba60c9d04bd3</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,778,782,27907,27908</link.rule.ids></links><search><contributor>Subramaniyaswamy, V.</contributor><contributor>Kommers, Piet</contributor><contributor>Piuri, Vincenzo</contributor><contributor>Varadarajan, Vijayakumar</contributor><creatorcontrib>Patel, Chintan</creatorcontrib><creatorcontrib>Joshi, Dhara</creatorcontrib><creatorcontrib>Doshi, Nishant</creatorcontrib><creatorcontrib>Veeramuthu, A.</creatorcontrib><creatorcontrib>Jhaveri, Rutvij</creatorcontrib><title>An enhanced approach for three factor remote user authentication in multi - server environment</title><title>Journal of intelligent &amp; fuzzy systems</title><description>With the agile development of the Internet era, starting from the message transmission to money transactions, everything is online now. Remote user authentication (RUA) is a mechanism in which a remote server verifies the user’s correctness over the shared or public channel. In this paper, we analyze an RUA scheme proposed by Chen for the multi-server environment and prove that their scheme is not secured. We also find numerous vulnerabilities such as password guessing attack, replay attack, Registration Center (RC) spoofing attack, session key verification attack, and perfect forward secrecy attack for Chen’s scheme. After performing the cryptanalysis of Chen’s scheme, we propose a biometric-based RUA scheme for the same multi-server environment. We prove that the proposed authentication scheme achieves higher security than Chen’s scheme with the use of informal security analysis as well as formal security analysis. The formal security analysis of the proposed scheme is done using a widely adopted random oracle method.</description><subject>Authentication</subject><subject>Cryptography</subject><subject>Security</subject><subject>Service introduction</subject><subject>Spoofing</subject><issn>1064-1246</issn><issn>1875-8967</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2020</creationdate><recordtype>article</recordtype><recordid>eNotkE1LAzEQhoMoWKsn_0DAo6zma5PssRRbKwUP6tWQT3ZLN1uz2YL_3pR6mhnmYYb3AeAeoydKKH1-26w-KiwbLMQFmGEp6ko2XFyWHnFWYcL4NbgZxx1CWNQEzcD3IkIfWx2td1AfDmnQtoVhSDC3yXsYtM1lSL4fsofT6BPUU259zJ3VuRsi7CLsp33uYAXL9lgAH49dGmJfoFtwFfR-9Hf_dQ6-Vi-fy9dq-77eLBfbyhKOc1VjZGSjjZO-EYEzygyrKfOW1JI7bALFtbPB4ECNJMQS5kQwmiPbOMSMo3PwcL5bAvxMfsxqN0wplpeqZBZS1ojxQj2eKZuGcUw-qEPqep1-FUbqJFCdBKqzQPoHJqdkQA</recordid><startdate>20200101</startdate><enddate>20200101</enddate><creator>Patel, Chintan</creator><creator>Joshi, Dhara</creator><creator>Doshi, Nishant</creator><creator>Veeramuthu, A.</creator><creator>Jhaveri, Rutvij</creator><general>IOS Press BV</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>20200101</creationdate><title>An enhanced approach for three factor remote user authentication in multi - server environment</title><author>Patel, Chintan ; Joshi, Dhara ; Doshi, Nishant ; Veeramuthu, A. ; Jhaveri, Rutvij</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c261t-510b89abd8e97f6434b4534ec2586d1bf315dcfb1f3b822c24d7fba60c9d04bd3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2020</creationdate><topic>Authentication</topic><topic>Cryptography</topic><topic>Security</topic><topic>Service introduction</topic><topic>Spoofing</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Patel, Chintan</creatorcontrib><creatorcontrib>Joshi, Dhara</creatorcontrib><creatorcontrib>Doshi, Nishant</creatorcontrib><creatorcontrib>Veeramuthu, A.</creatorcontrib><creatorcontrib>Jhaveri, Rutvij</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>Journal of intelligent &amp; fuzzy systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Patel, Chintan</au><au>Joshi, Dhara</au><au>Doshi, Nishant</au><au>Veeramuthu, A.</au><au>Jhaveri, Rutvij</au><au>Subramaniyaswamy, V.</au><au>Kommers, Piet</au><au>Piuri, Vincenzo</au><au>Varadarajan, Vijayakumar</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>An enhanced approach for three factor remote user authentication in multi - server environment</atitle><jtitle>Journal of intelligent &amp; fuzzy systems</jtitle><date>2020-01-01</date><risdate>2020</risdate><volume>39</volume><issue>6</issue><spage>8609</spage><epage>8620</epage><pages>8609-8620</pages><issn>1064-1246</issn><eissn>1875-8967</eissn><abstract>With the agile development of the Internet era, starting from the message transmission to money transactions, everything is online now. Remote user authentication (RUA) is a mechanism in which a remote server verifies the user’s correctness over the shared or public channel. In this paper, we analyze an RUA scheme proposed by Chen for the multi-server environment and prove that their scheme is not secured. We also find numerous vulnerabilities such as password guessing attack, replay attack, Registration Center (RC) spoofing attack, session key verification attack, and perfect forward secrecy attack for Chen’s scheme. After performing the cryptanalysis of Chen’s scheme, we propose a biometric-based RUA scheme for the same multi-server environment. We prove that the proposed authentication scheme achieves higher security than Chen’s scheme with the use of informal security analysis as well as formal security analysis. The formal security analysis of the proposed scheme is done using a widely adopted random oracle method.</abstract><cop>Amsterdam</cop><pub>IOS Press BV</pub><doi>10.3233/JIFS-189177</doi><tpages>12</tpages></addata></record>
fulltext fulltext
identifier ISSN: 1064-1246
ispartof Journal of intelligent & fuzzy systems, 2020-01, Vol.39 (6), p.8609-8620
issn 1064-1246
1875-8967
language eng
recordid cdi_proquest_journals_2467885046
source Business Source Ultimate
subjects Authentication
Cryptography
Security
Service introduction
Spoofing
title An enhanced approach for three factor remote user authentication in multi - server environment
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-16T10%3A25%3A24IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=An%20enhanced%20approach%20for%20three%20factor%20remote%20user%20authentication%20in%20multi%20-%20server%20environment&rft.jtitle=Journal%20of%20intelligent%20&%20fuzzy%20systems&rft.au=Patel,%20Chintan&rft.date=2020-01-01&rft.volume=39&rft.issue=6&rft.spage=8609&rft.epage=8620&rft.pages=8609-8620&rft.issn=1064-1246&rft.eissn=1875-8967&rft_id=info:doi/10.3233/JIFS-189177&rft_dat=%3Cproquest_cross%3E2467885046%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c261t-510b89abd8e97f6434b4534ec2586d1bf315dcfb1f3b822c24d7fba60c9d04bd3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2467885046&rft_id=info:pmid/&rfr_iscdi=true