Provably Secure and Efficient Three-Factor Authenticated Key Agreement Scheme with Untraceability
نویسندگان
چکیده
Authentication and key agreement protocol is indispensable for today network applications. Many two-factor authentication and key agreement protocols using smart card and password have been proposed over the last decade. However, many of these schemes are vulnerable to password guessing attack due to low-entropy passwords. In this paper, we show how to mount an offline password guessing attack against a two-factor authentication protocol. To counter against this type of attack we propose a new scheme which employs biometric information as the third authentication factor beside smart card and password. Biometric information has many positive characteristics that can fix the shortcoming of password. The proposed scheme also provides user untraceability, which is a desirable feature for ensuring users’ privacy.
منابع مشابه
Artemia: a family of provably secure authenticated encryption schemes
Authenticated encryption schemes establish both privacy and authenticity. This paper specifies a family of the dedicated authenticated encryption schemes, Artemia. It is an online nonce-based authenticated encryption scheme which supports the associated data. Artemia uses the permutation based mode, JHAE, that is provably secure in the ideal permutation model. The scheme does not require the in...
متن کاملProvably secure and efficient identity-based key agreement protocol for independent PKGs using ECC
Key agreement protocols are essential for secure communications in open and distributed environments. Recently, identity-based key agreement protocols have been increasingly researched because of the simplicity of public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is ...
متن کاملSecure Verifier-Based Three-Party Key Exchange in the Random Oracle Model
A Three Party password Authenticated Key Exchange protocol (3PAKE) facilitates two clients to establish authenticated session keys via the help of a trusted server. This approach enhances the scalability of key agreement issue and facilitates users’ convenience in distributed environments. In this paper, we show the security weaknesses of previous works, and then propose our new scheme, using p...
متن کاملProvably Secure and Repeatable Authenticated Privacy-Protection Scheme Using Chaotic Maps with Distributed Architecture
Nowadays, the distributed password-authenticated key agreement schemes become more and more popular. Compare with the three traditional architectures (client/server, two clients/server and multi-server), the distributed architecture can solve problems of single-point of security, single-point of efficiency and single-point of failure. Moreover, it has the characteristics of scalability, flexibi...
متن کاملPractical Authenticated Key Agreement Using Passwords
Due to the low entropy of human-memorable passwords, it is not easy to conduct password authenticated key agreement in a secure manner. Though there are many protocols achieving this goal, they may require a large amount of computation specifically in the augmented model which was contrived to resist server compromise. Our contribution in this paper is two fold. First, we propose a new practica...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- I. J. Network Security
دوره 18 شماره
صفحات -
تاریخ انتشار 2016